[adrotate banner=”5″]
Happy New Year and welcome to the VM you can punish your routers with 🙂
Hello from stubarea51.net and Happy New Year! We are back from the holidays and recharged with lots of new stuff in the world of network engineering. If you ever thought it would be cool to put a full BGP table into a lab router, GNS3 or other virtualized router, you’re not alone.
A while back, I tackled this post and got everything up and running:
http://evilrouters.net/2009/08/21/getting-bgp-routes-into-dynamips-with-video/
First of all, thanks to evilrouters.net for figuring out the hard parts so we could build this into a VM. After basking for a while in the high geek factor of this project, it gave me an idea to build a VM that could be distributed among network engineers and IT professionals. The idea is to easily spin up one or more full BGP tables to test a particular network design or convergence speed, playing with BGP attributes, etc. After a few months of tweaking it and getting the VM ready for distribution, we finally are ready to put it out for everyone to use.
Network Diagram
Here is an overview of the topology we used for testing our full BGP table. This can be done a number of different ways and you can use just about any combination of Hypervisors including VM Ware and VirtualBox which are the two downloads included in this post. In this setup, we are using a MikroTik x86 VM to peer into the Ubuntu VM that has copies of the global table. It established an EBGP peering over 10.254.253.0/24 and takes in a full table.
Getting started
First you need to download either the VM Ware or VirtualBox OVA files and import them into your hypervisor. The setup and installation of VM Ware ESXi or VirtualBox is beyond the scope of this post, so please google it if you need help.
Downloads
Powering up the VM
Once you have successfully imported the VM, you will get a screen that looks like this:
Credentials
Here are the credentials which you can change if needed.
username: bgpuser
password: bgpuser
sudo password: bgpuser
Bridging the VM NIC to your lab network
In order to have IP connectivity to another router (physical or virtual) you will need to setup the VM NIC to connect to the network you want to test on. There are a number of different ways to connect VMs into a virtual or physical network.
VM Ware – we connected the VM to the default VM management network (which is a physical server NIC) so it could reach other VMs and physical lab routers
VirtualBox – we bridged the VM to the NIC of the desktop we are running VirtualBox on so it could reach other VMs and physical lab routers
BGP Feeds that are used in this VM
The BGP feeds that are available come from the RIPE RIS Raw Data page and were archived in January 2016. We included 6 different tables from 4 continents so you can have up to 6 unique BGP tables to use in your lab testing. See the next section for the syntax to use for one of these files.
| RIPE RRC | File Name |
|---|---|
| rrc00.ripe.net | ISP1-Europe-Amsterdam-Jan-2016 |
| rrc01.ripe.net | ISP2-Europe-London-Jan-2016 |
| rrc06.ripe.net | ISP3-Asia-Tokyo-Jan-2016 |
| rrc15.ripe.net | ISP4-SouthAmerica-SaoPaulo-Jan-2016 |
| rrc11.ripe.net | ISP5-NorthAmerica-NewYork-Jan-2016 |
| rrc14.ripe.net | ISP6-NorthAmerica-PaloAlto-Jan-2016 |
Important Note !!!! – Using this VM does not provide connectivity to the Internet and will likely cause an outage when connected to a production network with live BGP peerings. This VM is intended to simulate an upstream peering for testing and lab development.
Setting up a BGP peering – BGP VM
Once you have IP connectivity and can ping the router you want to peer with, you can set up a peering on the VM. Here is the command syntax – first change to the bgp directory and issue the command below (with edits for your IPs and AS numbers)
bgpuser@Full-BGP-Global-Table-VM:~$ cd bgp bgpuser@Full-BGP-Global-Table-VM:~/bgp$ sudo ./bgp_simple.pl -myas 65000 -myip 10.254.253.112 -peerip 10.254.253.75 -peeras 65051 -p ISP1-Europe-Amsterdam-Jan-2016
Options for the BGP Peering (using the program bgp_simple ver 0.12)
bgpuser@Full-BGP-Global-Table-VM:~/bgp$ ./bgp_simple.pl
Please provide -myas, -myip, -peerip and -peeras!
bgp_simple.pl: Simple BGP peering and route injection script.
Version v0.12, 22-Jan-2011.
usage:
bgp_simple.pl:
-myas ASNUMBER # (mandatory) our AS number
-myip IP address # (mandatory) our IP address to source the sesion from
-peerip IP address # (mandatory) peer IP address
-peeras ASNUMBER # (mandatory) peer AS number
[-holdtime] Seconds # (optional) BGP hold time duration in seconds (default 60s)
[-keepalive] Seconds # (optional) BGP KeepAlive timer duration in seconds (default 20s)
[-nolisten] # (optional) dont listen at $myip, tcp/179
[-v] # (optional) provide verbose output to STDOUT, use twice to get debugs
[-p file] # (optional) prefixes to advertise (bgpdump formatted)
[-o file] # (optional) write all sent and received UPDATE messages to file
[-m number] # (optional) maximum number of prefixes to advertise
[-n IP address] # (optional) next hop self, overrides original value
[-l number] # (optional) set default value for LOCAL_PREF
[-dry] # (optional) dry run; dont build adjacency, but check prefix file (requires -p)
[-f KEY=REGEX] # (optional) filter on input prefixes (requires -p), repeat for multiple filters
KEY is one of the following attributes (CaSE insensitive):
NEIG originating neighbor
NLRI NLRI/prefix(es)
ASPT AS_PATH
ORIG ORIGIN
NXHP NEXT_HOP
LOCP LOCAL_PREF
MED MULTI_EXIT_DISC
COMM COMMUNITY
ATOM ATOMIC_AGGREGATE
AGG AGGREGATOR
REGEX is a perl regular expression to be expected in a
match statement (m/REGEX/)
Without any prefix file to import, only an adjacency is established and the received NLRIs, including their attributes, are logged.Setting up a BGP peering – Your peering router
We used a MikroTik x86 VM in ESXi for this test, but any brand of virtual or physical router that supports BGP can be used.
[[email protected]] > routing bgp export # jan/21/2016 10:34:43 by RouterOS 6.30.1 # software id = KC33-08AQ # /routing bgp instance set default as=65001 /routing bgp peer add hold-time=30m keepalive-time=4m15s name=BGP-VM remote-address=10.254.253.112 remote-as=65000 ttl=default
Sit back and watch hundreds of thousands of prefixes torture the CPU of your router
Needs the IPv6 tables.
Unfortunately the program bgpsimple does not have an IPv6 version and development stopped in 2011.
Sudo password on the VMware image isn’t working. I tried all iterations of ‘bgpuser’ and none of them worked. Any ideas? Thanks for the VMs by the way, it’s going to be awesome once I can get it set up and talking to my home lab. Then it’s time to watch the smoke pour out of my ancient Cisco routers!
Nevermind I’m an idiot who doesn’t know how to use Linux.
Nice way simulating the Internet in your LAB environment, Kevin.
Of course there’s many ways of doing the same thing, I have done something similar some time ago by creating +500K prefixes, attaching them to BGP and advertising to other BGP speakers, in this way simulating the Internet table.
All of this by using some simple Python scripting as below:
https://ccie49534.com/2014/11/15/generating-dummy-static-ip-prefixes-with-python/
Cheers,
Leo
Thanks Leo and thanks for sharing your work…I’ll be sure to check it out!
Got it to work nicely in the lab. Only problem is that loading the full table into an adjacent Cisco ASR takes > 2 hours.. Is that a consequence of displaying all updates in the VMs console or any other insights?
I probably should post an update with some tips that I’ve discovered after working with this VM for a while. You are correct that if you SSH into the VM and issue the commands in a terminal session versus running it in the VM console window, the table usually loads in 15 to 20 minutes instead of hours. This appears to be exactly as you described – a consequence of displaying over 500,000 prefixes in the console window. Also, be sure to set your BGP peering timers to 600 keepalive and 1800 hold to avoid the peering going down unexpectedly. If you want to be able to test how quickly a router can take a full table in, I typically peer a VM or another physical router to the BGP Table VM and then peer the router that i want to test to the intermediate peering point to get more accurate results for speed of convergence.
If I want to import 2.5 million routing tables, do I need to establish 5 EBGP?
link download VM off
wao , such a nice tool.
I have faced an error regarding the advertisment of BGP updates :
bind() failed at /usr/local/share/perl/5.18.2/Net/BGP/process.pm line 220
at ./bgp_simple.pl line 246
Nothing is advertised.
Please advise on this
You need put command “sudo” before.
Thank you so much for the great work Kevin , just tested it in Lab ..great to have such a tool to see the real capacities of your internet edge devices , before you actually expose them to full internet BGP RIB…
You’re welcome Akshay! Glad it was helpful for you
very useful even! worked perfectly.
misconfig: -peeras 65051 should be 65001 in Linux bgp box if you set RouterOS BGP AS as 65000
I create a a few shell scripts to load some usual options with one command.
vi bgp_LAB1.sh (bgp_LAB2.sh etc)
————-
#!/bin/bash
echo “Starting the service”
cd bgp
./bgp_simple.pl -myas 1234 -myip 3.3.3.1 -peerip 3.3.3.2 -peeras 4321 -p ISP5-NorthAmerica-NewYork-Jan-2016
————-
Make it executable.
#chmod u+x bgp_LAB1.sh &1
Run it and send the process to the background. I needed to disown and exit to keep it from jumping back to my screen. Don’t know why it kept doing that for me.
#./bgp_LAB1.sh &1
#disown -h
#exit
I bet someone with real perl knowledge could figure out making it multi-core.
http://stackoverflow.com/questions/1961682/how-can-i-make-my-perl-script-use-multiple-cores-for-child-processes
I wish all of those IP addresses are ping-able 😀
Probably someone could make the python script for returning ping, or even tracert, in the soon future..
Very nice tool. Gave me some experience tinker with BGP. Any plans to put together an updated VM? Seems it’s lacking a few features… IPV6 and 32bit ASN support for certain.
nice work. Was trying to get something similar on my linux box, but get issues with BGP:Net and bgpsimple… here it works as a charm – even it is easy to download a new updated RIB
wget data.ris.ripe.net/rrc00/latest-bview.gz
Hi Poyozon.
It means using your command “wget data.ris.ripe.net/rrc00/latest-bview.gz” can make this .ova update with latest routing table?
Thanks
Hi everyone, it’s amazing.
Congratulations to all involved in that project.
I have 5 openwrt on VirtualBox and 2 IPv4-BGP-Global-Internet-Table-VM-v1 running different tables, all working like a charm.
I’m learning a lot, thank you for great help to community.
Regards from Brazil.
I would like to add a second nic, I would prefer to keep mgmt and the vm nic on separate vswitches. Is this possible?
I was able to add second nic in the int file in networks. All works well – Thank You!
How did add the second nic ?
Vmware Link broken. Please help?
Hi Kevin, it´s a great tool but I installed it in a VM, the peer with my lab is established, but when the BGP peer reaches around 510k of prefixes advertised, it drops the BGP peer. How can keep up the BGP peer with unlimited time? Is necessary some configure additional attributes?
best regards!
TWR