Tools

Since BGP data is raw and can't be read without a tool to process and convert the information to human readable format, there are some tools which are capable of doing it. If my goal is to perform analyses of BGP then it is important to try out and understand these tools and their limitations. Quagga which is a routing suite software and some other routing suit softwares today use the MRT format to represent these raw data in readable form. MRT is basically, Multi-threaded Routing Toolkit which was developed to encapsulate,export, and archive routing information in a standardized data representation.

More about MRT can be followed here.

bgpdump:

This is a tool used created by RIPE network coordination center that converts BGP data to readable formats. This tool was written in C and uses the libbgpdump C library which was written by Dan Ardelean and later adopted by RIPE. After the installation of this software on my Ubuntu system,

i was presented with the main menu as such below after running the bgpdump command.

bgpdump version 1.4.99.14

Usage: bgpdump [-m|-M] [-t dump|-t change] [-O <output-file>] <input-file>

bgpdump translates binary MRT files (possibly compressed) into readable output

Output mode:

    -H         multi-line, human-readable (the default)

    -m         one-line per entry with unix timestamps

    -M         one-line per entry with human readable timestamps

    (there are other differences between -m and -M)

Common options:

    -O <file>  output to <file> instead of STDOUT

    -s         log to syslog (the default)

    -v         log to STDERR

Options for -m and -M modes:

    -t dump    timestamps for RIB dumps reflect the time of the dump (the default)

    -t change  timestamps for RIB dumps reflect the last route modification

Special options:

    -T         run unit tests and exit

So looking at the command line , it is possible to translate BGP data. I loaded sample BGP data for the Athens mobile community network which yielded the following output :

TIME: 07/24/13 19:00:00

TYPE: TABLE_DUMP_V2/IPV4_UNICAST

PREFIX: 10.0.10.0/24

SEQUENCE: 0

FROM: 10.255.9.4 AS172193

ORIGINATED: 07/24/13 14:39:56

ORIGIN: IGP

ASPATH: 172193 19601 14835 1286 18242

NEXT_HOP: 10.255.9.126

TIME: 07/24/13 19:00:00

TYPE: TABLE_DUMP_V2/IPV4_UNICAST

PREFIX: 10.0.11.0/24

SEQUENCE: 1

FROM: 10.255.9.4 AS172193

ORIGINATED: 07/24/13 15:05:08

ORIGIN: IGP

ASPATH: 172193 19601 14835 4758 15731 3341

NEXT_HOP: 10.255.9.126

TIME: 07/24/13 19:00:00

TYPE: TABLE_DUMP_V2/IPV4_UNICAST

PREFIX: 10.2.1.0/24

SEQUENCE: 2

FROM: 10.255.9.4 AS172193

ORIGINATED: 07/24/13 14:39:56

ORIGIN: IGP

ASPATH: 172193 19601 14835 1286 9533 16924

NEXT_HOP: 10.255.9.126

NB:This is just a fraction of the output.

So, looking at this output one can be able to deduce information like the Prefix, Originating AS, Timestamps, ASPATH and NEXT_HOP. Yet, to further analyse this information to fulfill my goals, this tool isn't complete. Could've been better if there was an interface to export this files to a database like mysql.

BGPtools

This is a very old tool that was created by the MIT in 2003 to part MRT -formatted BGP update dumps and provide a real-time analysis of BGP update data. This tool looked very promising and upon many tire of installing it into my Ubuntu 13.04, i was stuck at the ./configure phase since, it couldn't generate the make file for mysql++ which is a prerequisite . Upon going through many forums for answers, i just found of handful of people with the same problem while others solved it, same trick didn't apply to me. I hope to go deeper but for now i will look into other tools.

BGPlay

BGPlay is a java application that displays animated graphs of the routing activity of a certain prefix within a specified time interval.  This application is GUI in nature and its goal is to make the user understand the flow of BGP updates and it's effect of routing for a particular prefix. BGP gets it's data from Route Views project archive. 

LinkRank

Link-Rank is a large scale BGP tool meant for the visualization of BGP routing changes. Link-Rank gets it's BGP data from the Oregon Routeview project. This tool is no longer maintained as of 2011. The current release is 2.0 beta. This tool was written in java. After downloading the .jar file, i proceeded in trying to set it up without any documentations found and couldn't succeed. The issue is, in other to start using it, i needed to set the remote server path. I couldn't figure out how this works, and exactly what type of link was required there (the data format etc) because, i presented an online url to bgp ribs which didn't affect any changes in the tool. There isn't sufficient documentation of its use.

IBGPlay

Just like BGPlay, IBGPlay is a graphical tool that displays/animates BGP routing data which helps in diagnosing routing problems and anomalies. This tool can be good in identifying routes flapping, i haven't tested it yet since it requires me to do certain configurations which i don't yet have access to the devices.

BGP:Inspect

The goal of this project is to analyse BGP data from the RAW format to readable format and get very important information of it by pre-processing, indexing the data, removing redundancy and an interface for easy manipulation. This tool fetches for BGP raw data from the preset server and processes. BGP-inspect has it's own custom database which is known as BGPdb which is the core of the BGP-inspect sytem. It represents pre-processed database which is queries by the BGP-inspect interface. The BGPdb uses B-Tree indices for fast query performance, and does remove redundancy from BGP datasets like ASPATH, COMMUNITY, UPDATE messages which are often repeated.