search

oxidecomputer / maghemite

A routing stack written in Rust.
Mozilla Public License 2.0
31 stars 2 forks source link

BGP: Expose deeper neighbor information #387

Open taspelund opened 1 day ago

taspelund commented 1 day ago

This issue tracks a request to expand the information exposed about a given BGP neighbor.

For example, it's useful to expose some L3/L4 information like the local and remote IP addresses and TCP port numbers so that a constrained packet capture can be done elsewhere in the network. Other useful info would be things like MSS, ttl-security of the session / whether or not the neighbor is multi-hop, what the keepalive/holdtime timers are (both configured and negotiated), per-message counters, negotiated capabilities (including address-families), configured inbound/outbound policy, etc.

A good example of what info we would want is the info that can be collected from FRR:

debbie# show ip bgp neighbors 
BGP neighbor is 174.27.32.105, remote AS 65000, local AS 65001, external link
  Local Role: undefined
  Remote Role: undefined
  BGP version 4, remote router ID 0.0.0.0, local router ID 172.30.0.5
  BGP state = Active (passive)
  Last read 17:52:09, Last write never
  Hold time is 180 seconds, keepalive interval is 60 seconds
  Configured hold time is 180 seconds, keepalive interval is 60 seconds
  Configured tcp-mss is 1000, synced tcp-mss is 0
  Configured conditional advertisements interval is 60 seconds
  Graceful restart information:
    Local GR Mode: Helper*
    Remote GR Mode: NotApplicable
    R bit: False
    N bit: False
    Timers:
      Configured Restart Time(sec): 120
      Received Restart Time(sec): 0
      Configured LLGR Stale Path Time(sec): 0
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  0          0
    Notifications:          0          0
    Updates:                0          0
    Keepalives:             0          0
    Route Refresh:          0          0
    Capability:             0          0
    Total:                  0          0
  Minimum time between advertisement runs is 0 seconds

 For address family: IPv4 Unicast
  Not part of any update group
  Community attribute sent to this neighbor(all)
  Inbound updates discarded due to missing policy
  Outbound updates discarded due to missing policy
  0 accepted prefixes

  Connections established 0; dropped 0
  Last reset 17:52:09,  No path to specified Neighbor (n/a)
  External BGP neighbor may be up to 1 hops away.
BGP Connect Retry Timer in Seconds: 120
Read thread: off  Write thread: off  FD used: -1

Not all of the info above is relevant to us (e.g. BGP Roles, BGP version, conditional advertisement), but we should strive to expose similar levels of operational info.

rcgoodfellow commented 1 day ago

Note that some of this is available already through the mgd API. For example, you can see configured/negotiated hold and keepalive timers.

$ mgadm bgp status neigh $ASN
Peer Address  Peer ASN     State        State Duration          Hold   Keepalive
172.20.15.51  Some(64601)  Established  1day 17h 56m 50s 584ms  6s/6s  2s/2s

and as-configured info is also available through the API.

$ mgadm bgp config neigh list $ASN
[
    Neighbor {
        allow_export: Allow(
            [
                V4(
                    Prefix4 {
                        length: 24,
                        value: 172.20.26.0,
                    },
                ),
            ],
        ),
        allow_import: NoFiltering,
        asn: 65002,
        communities: [],
        connect_retry: 3,
        delay_open: 3,
        enforce_first_as: false,
        group: "qsfp18",
        hold_time: 6,
        host: "172.20.15.51:179",
        idle_hold_time: 3,
        keepalive: 2,
        local_pref: None,
        md5_auth_key: None,
        min_ttl: None,
        multi_exit_discriminator: None,
        name: "172.20.15.51",
        passive: false,
        remote_asn: None,
        resolution: 100,
        vlan_id: None,
    },
]