mailing list archives
SUMMARY: BGP Analytics
From: Timothy Brown <tim () tux org>
Date: Tue, 3 Jun 2003 22:09:13 -0400
I want to thank everyone for the volume of responses I received on this
I was already aware of the work the Akamai and Sockeye keiretsus were
doing with BGP analysis, but thanks for the pointers. I was also familiar
with CAIDA's efforts.
Nick Feamster and Dave Andersen (lcs.mit.edu) had input on a system they
are involved with at http://bgp.lcs.mit.edu/. Zebra is used, with dumps
of BGP data in MRTd format. This data is collected and stuffed into a
database, which can be plotted or viewed as appropriate. This was, by
far, the most common solution presented (with only minor variations).
There appear to be several already prebuilt tools designed for dealing
with data in MRTd format, both by lcs as well as other groups.
Tim Rand (ohsu.edu) suggested Juniper's source- and
destination-class-utilization features as effective methods for traffic
coming from specific autonomous system paths. Our network isn't
Juniper-based, but this is good information.
Andre Gironda (eBay) suggested a dump of the BGP update messages using a
tool like tcpdump, then replaying them to zebra, presumably to avoid zebra
interaction directly with the core network.
Several papers were suggested indirectly or directly discussing BGP
For those with questions about what I sought to do, I was looking to
perform some arbitrary plots of regular expressions over time; show me
paths that look like ^AS(x)_AS(y)$ [that are defined as best path] as
opposed to ^AS(y)$ [that are not defined as best path] and graph the
acceptance of those paths based on other factors (local preference, etc).
For instance, if I was choosing transit via AS(x) for destination AS(y),
even though I was directly connected to AS(y), i'd want to know for how
many paths I was doing that for. In an ideal world, this data would be
available via SNMP (for easy integration with existing toolsets). There
are, of course, a ton of other analyses people want to do with BGP (some
of which are even getting done).
I've decided to build my own toolset for these purposes, building on the
work of the concepts presented above. If you are an interested developer
or would like to contribute some time to developing such an open-source
toolset, please contact me off-list.
Thanks again for all the input.
- SUMMARY: BGP Analytics Timothy Brown (Jun 04)