|
Thread Index [isp-bgp] BGP configuration checking tool
In my previous message, I mentioned a configuration checking tool called rcc. Attached below is a message from Nick Feamster (who created the tool) describing the tool; please contact him directly at feamster@... if you are interested in running the tool. -- Jen ------- Start of forwarded message ------- The folks on this list may be interested in a BGP configuration checking tool I have developed called "rcc" (router configuration checker). The tool performs static analysis over a collection of configuration files from a single AS and reports a wide variety of potential errors (everything from undefined references to possible partitions in iBGP). I strongly encourage everyone to check it out: http://nms.lcs.mit.edu/bgp/rcc/ Part of our motivation for developing this tool is to get a better understanding of errors and anomalies that turn up in real configuration files. A couple of very kind, generous folks at some larger ISPs have given me some initial assistance by letting me run the tool on some of their configuration files, and, in some cases, our checks have allowed operators (and me) to see some interesting things. (read: you might find some things you didn't expect) Nevertheless, our study (and the tool) will benefit tremendously by exposure to configurations from a much wider variety of ASes. (The more, the better.) If you could help me in any of the following ways, I would be extremely grateful: 1. Run the tool on your configuration and let me know what types of errors you find. This will help me in our analysis as far as figuring out what types of problems are most common, etc. If you're feeling extremely helpful, you could let me run the tool on your configuration files for you. This would probably save you time; of course, I'd discuss with you what I found in your configs. (Yes, I am asking to look at your configs; I'm amenable to nondisclosure arrangements regarding keeping keeping your configuration data private, if you like.) 2. Suggest new tests that you would like to see incorporated into the tool. I am eager to provide the tool for you to try on your configuration files. I'm also more than willing to help you set it up in a way that works well for you. In return, I would hope that you would help me better understand the errors/anomalies that the tool turns up or at least give me some suggestions on how to improve the tool (e.g., what types of checks you would like to see added to the tool, personal experience, etc.). Please let me know if you are interested in helping out. Thanks! Nick > ------- Start of forwarded message ------- > Date: Sat, 7 Aug 2004 08:35:57 -0400 (EDT) > From: Jennifer Rexford <jrex@...> > To: salamat@rp.lip6.fr > Cc: isp-bgp@isp-bgp.com > Subject: Re: [isp-bgp] BGP routing loop ! > Content-Type: text > Content-Length: 1936 > > Hi Kave, > > > I have a practical BGP question. I am receiving the following AS > > paths: 2200 5511 702 8342 29651 25515 29369 25515 > > > > With the AS 25515 repeated two times with the AS 29369 in the middle. > > Is it normal? > > On the surface, BGP's loop detection mechanism would make such an AS > path impossible. In practice, though, most existing routers check for > AS loops only by looking for their own AS number in the AS path, rather > than checking for all possible loops. So, for example, AS 8342 would > not discard the advertisement upon seeing the path "29651 24414 25515 > 29369 25515" despite the apparent loop in the path. The bigger question > is how did the apparent loop get there in the first place. One possibility > is AS prepending. Perhaps AS 29651 and AS 25515 are owned by the same > company -- I did a > > whois -h whois.ripe.net as29651 > whois -h whois.ripe.net as25515 > whois -h whois.ripe.net as29369 > > and they all seem to be owned by CenterTelecom Service. My guess > is that a router in 29369 was configured to do AS prepending using > the AS number 25515, e.g., in Cisco IOS > > set as-path prepend 25515 > > Perhaps this was done mistakenly -- e.g., because this router used to > be part of AS 25515 and nobody changed the line of configuration when > switching ASes. > > Another way the apparent loops arise is through typographical mistakes > in AS prepending. Imagine that a router in AS 7081 receives a route > with the path "1239 7018 46", with AS 7018 in the path. If this router > has been mistakenly configured with > > set as-path prepend 7018 <---- note, 7018 appears rather than 7081 > > then you'd end up with a path that appears to loop through AS 7018. > > See the discussion of AS prepending in Section 3.2.3 and Section 5.2.4 of > > http://nms.lcs.mit.edu/bgp/rcc/rcc-tr.html > > which describes a tool that checks router configuration for this anomaly > and other kinds of mistakes and inconsistencies... > > -- Jen > ------- End of forwarded message ------- ------- End of forwarded message ------- ************************************************ ISPCON FALL 2004 - Santa Clara Convention Center ************************************************ New Keynote Speakers just announced: Jeff Pulver, President & CEO of Pulver.com Nigel Ballard, Wireless Director, Matrix Networks Use discount code EBF04 now and pay only $350! REGISTER TODAY at www.ispcon.com To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. <- Previous Message | Next Message -> Thread Index |
|
