From c32b569437a747c44f224147ec080e40e3a76780 Mon Sep 17 00:00:00 2001 From: Alexandre Snarskii Date: Tue, 23 Jun 2015 15:30:57 +0300 Subject: [PATCH] update CHANGES, README, .spec... --- CHANGES | 7 ++ README.md | 15 +-- bgpq3.html | 331 +++++++++++++++++++++++++-------------------------- bgpq3.spec | 7 +- configure | 18 +-- configure.in | 2 +- 6 files changed, 191 insertions(+), 189 deletions(-) diff --git a/CHANGES b/CHANGES index 6de9b9e..f9787a9 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,10 @@ +0.1.31 (2015-06-23) + - pipelining mode now counts buffered requests and issues dequeue + when new request can overflow allocated buffer. So, bgpq3 shall no + more require TCP tuning (it is still recomended, though). + - tcp tuning parameters decreased in README (sx_maxsockbuf will not + allow to grow buffer over 2Mb anyway). + 0.1.30 (2015-06-16) - bugfix: private asns with number > 2^31 were printed as negative integers. Thanks to Henrik Thostrup Jensen. diff --git a/README.md b/README.md index 388bb79..66fc140 100644 --- a/README.md +++ b/README.md @@ -250,19 +250,20 @@ program exits with non-zero status. NOTES ON ULTRA-LARGE PREFIX-LISTS --------------------------------- -When using `bgpq3` to expand extra-large AS-SETs, `bgpq3` may stuck -due to lacking tcp buffer size. To avoid this, tune your OS. +To improve `bgpq3` performance when expanding extra-large AS-SETs you +shall tune OS settings to enlarge TCP send buffer. + FreeBSD can be tuned in the following way: - sysctl -w net.inet.tcp.sendbuf_max=16777216 + sysctl -w net.inet.tcp.sendbuf_max=2097152 Linux can be tuned in the following way: sysctl -w net.ipv4.tcp_window_scaling=1 - sysctl -w net.core.rmem_max=33554432 - sysctl -w net.core.wmem_max=33554432 - sysctl -w net.ipv4.tcp_rmem="4096 87380 33554432" - sysctl -w net.ipv4.tcp_wmem="4096 65536 33554432" + sysctl -w net.core.rmem_max=2097152 + sysctl -w net.core.wmem_max=2097152 + sysctl -w net.ipv4.tcp_rmem="4096 87380 2097152" + sysctl -w net.ipv4.tcp_wmem="4096 65536 2097152" Please note that generated prefix-lists may not fit your router's limitations. For example, JunOS supports only 85,325 prefixes in diff --git a/bgpq3.html b/bgpq3.html index 6319d90..bd92858 100644 --- a/bgpq3.html +++ b/bgpq3.html @@ -1,5 +1,5 @@ - +


+

NAME

+

bgpq3 - bgp filtering automation for Cisco and Juniper routers

+

SYNOPSIS

-
bgpq3 [-h host] [-S sources] [-EP] [-f asn | -G asn] [-346AbDdJjX] [-r len] [-R len] [-m max] OBJECTS [...]
-
+ +

+ bgpq3 [-h host] [-S sources] [-EP] [-f asn | -G asn] [-2346AbDdJjpX] [-r len] [-R len] [-m max] [-W len] OBJECTS [...] +

+

DESCRIPTION

+

The bgpq3 utility used to generate Cisco and Juniper prefix-lists, extended access-lists, policy-statement terms and as-path lists based on RADB data.

+

The options are as follows:

- -

OBJECTS means networks (in prefix format), autonomous systems, as-sets -and route-sets.

+ +

-f AS number

+ +

Generate input as-path access-list for adjacent as AS number.

+ +

-G number

+ +

Generate output as-path access-list.

+ +

-h host

+ +

Host running IRRD database (default: whois.radb.net).

+ +

-J

+ +

Generate config for Juniper (default: Cisco).

+ +

-j

+ +

Generate output in JSON format (default: Cisco).

+ +

-m length

+ +

Maximum length of accepted prefixes (default: 32 for IPv4, 128 for IPv6).

+ +

-M match

+ +

Extra match conditions for Juniper route-filters. See the examples section.

+ +

-l name

+ +

Name of generated configuration stanza.

+ +

-p

+ +

Enable use of private ASNs and ASNs used for documentation purpose only +(default: disabled).

+ +

-P

+ +

Generate prefix-list (default behaviour, flag added for backward compatibility +only).

+ +

-r length

+ +

Allow more-specific routes with masklen starting with specified length.

+ +

-R length

+ +

Allow more-specific routes up to specified masklen too. (Please, note: objects +with prefix-length greater than specified length will be always allowed.)

+ +

-S sources

+ +

Use specified sources only (default: RADB,RIPE,APNIC).

+ +

-T

+ +

Disable pipelining. (not recommended)

+ +

-W length

+ +

Generate as-path strings of a given length maximum (0 for infinity).

+ +

-X

+ +

Generate config for Cisco IOS XR devices (plain IOS by default).

+ +

OBJECTS

+ +

OBJECTS means networks (in prefix format), autonomous systems, as-sets and +route-sets. If multiple objects are specified they will be merged.

+

EXAMPLES

+

Generating named Juniper prefix-filter for AS20597:

+ 
 user@host:~>bgpq3 -Jl eltel AS20597
  policy-options {
  replace:
@@ -198,8 +159,10 @@ and route-sets. 

   }
  }
+

For Cisco we can use aggregation (-A) flag to make this prefix-filter more compact:

+ 
 user@host:~>bgpq3 -Al eltel AS20597
  no ip prefix-list eltel
  ip prefix-list eltel permit 81.9.0.0/20
@@ -214,13 +177,17 @@ more compact:

  ip prefix-list eltel permit 89.112.64.0/19
  ip prefix-list eltel permit 217.170.64.0/19 ge 20 le 20
+

and, as you see, prefixes 89.112.0.0/19 and 89.112.32.0/19 now aggregated into single entry

+ 
ip prefix-list eltel permit 89.112.0.0/18 ge 19 le 19.
+

Well, for Juniper we can generate even more interesting policy-statement, using -M <extra match conditions>, -r <len>, -R <len> and hierarchical names:

+ 
 user@host:~>bgpq3 -AJEl eltel/specifics -r 29 -R 32 -M "community blackhole" AS20597
 policy-options {
  policy-statement eltel {
@@ -242,17 +209,22 @@ replace:
  }
 }
+

generated policy-option term now allows more-specific routes in range /29 - /32 for eltel networks if they marked with community 'blackhole' (defined elsewhere in configuration).

+

Of course, bgpq3 supports IPv6 (-6):

+ 
 user@host:~>bgpq3 -6l as-retn-6 AS-RETN6
  no ipv6 prefix-list as-retn-6
  ipv6 prefix-list as-retn-6 permit 2001:7fb:fe00::/48
  ipv6 prefix-list as-retn-6 permit 2001:7fb:fe01::/48
  [....]
+

and ASN32

+ 
 user@host:~>bgpq3 -J3f 112 AS-SPACENET
  policy-options {
  replace:
@@ -264,9 +236,12 @@ replace:
   }
  }
+

see AS196611 in the end of the list ? That's AS3.3 in 'asplain' notation.

+

If your router does not support ASN32 (yet) you should not use switch -3, and the result will be next:

+ 
 user@host:~>bgpq3 -f 112 AS-SPACENET
  no ip as-path access-list NN
  ip as-path access-list NN permit ^112( 112)*$
@@ -276,38 +251,54 @@ and the result will be next:

  ip as-path access-list NN permit ^112( [0-9]+)* (25152|31529|34127|34906)$
  ip as-path access-list NN permit ^112( [0-9]+)* (35052|41720|43628|44450)$
+

AS196611 is no more in the list, however, AS23456 (transition AS) would have been added to list if it were not present.

+

DIAGNOSTICS

+

When everything is OK, bgpq3 generates result to standard output and exits with status == 0. In case of errors they are printed to stderr and program exits with non-zero status.

+

NOTES ON ULTRA-LARGE PREFIX-LISTS

-

When using bgpq3 to expand extra-large AS-SETs, bgpq3 may stuck -due to lacking tcp buffer size. To avoid this, tune your OS. -FreeBSD can be tuned in the following way:

-
sysctl -w net.inet.tcp.sendbuf_max=16777216
+
+
To improve bgpq3 performance when expanding extra-large AS-SETs you
+shall tune OS settings to enlarge TCP send buffer.

+
+
FreeBSD can be tuned in the following way:

+
+
sysctl -w net.inet.tcp.sendbuf_max=2097152
 

+
 
Linux can be tuned in the following way:

+
 
sysctl -w net.ipv4.tcp_window_scaling=1
-sysctl -w net.core.rmem_max=16777216
-sysctl -w net.core.wmem_max=16777216
-sysctl -w net.ipv4.tcp_rmem="4096 87380 16777216"
-sysctl -w net.ipv4.tcp_wmem="4096 65536 16777216"
+sysctl -w net.core.rmem_max=2097152
+sysctl -w net.core.wmem_max=2097152
+sysctl -w net.ipv4.tcp_rmem="4096 87380 2097152"
+sysctl -w net.ipv4.tcp_wmem="4096 65536 2097152"
 

+
 
Please note that generated prefix-lists may not fit your router's
 limitations. For example, JunOS supports only 85,325 prefixes in 
 each prefix-list 4. 

+
 
SEE ALSO

+
 
    
 
  1. Routing Arbiter
    2. 
 
  2. draft-michaelson-4byte-as-representation-05.txt
-     for information on 'asdot' and 'asplain' notations.
    3. 
+ for information on 'asdot' and 'asplain' notations.
 
  3. Cisco documentation
-     for information on Cisco implementation of ASN32.
    4. 
+ for information on Cisco implementation of ASN32.
 
  4. JunOS prefix-lists limitation
    5. 
 

+
 
AUTHOR

+
 
Alexandre Snarskii snar@snar.spb.ru

+
 
Program Homepage

-
http://snar.spb.ru/prog/bgpq3/

\ No newline at end of file
+
+
http://snar.spb.ru/prog/bgpq3/

diff --git a/bgpq3.spec b/bgpq3.spec
index 39d4a0e..ba1e0c4 100644
--- a/bgpq3.spec
+++ b/bgpq3.spec
@@ -1,12 +1,12 @@
 Name:           bgpq3
-Version:        0.1.28
+Version:        0.1.31
 Release:        0%{?dist}
 
 Group:          System/Utilities
 Summary:        Automate BGP filter generation based on routing database information
 URL:            http://snar.spb.ru/prog/bgpq3/
 License:        BSD
-Source0:        http://snar.spb.ru/prog/bgpq3/bgpq3-0.1.28.tgz
+Source0:        http://snar.spb.ru/prog/bgpq3/bgpq3-0.1.31.tgz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %description
@@ -35,6 +35,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Tue Jun 23 Alexandre Snarskii  0.1.31
+- Version updated
+
 * Tue Mar 10 Alexandre Snarskii  0.1.28
 - Version updated
 
diff --git a/configure b/configure
index b2fae1f..b45b45d 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for bgpq3 0.1.30.
+# Generated by GNU Autoconf 2.69 for bgpq3 0.1.31.
 #
 # Report bugs to .
 #
@@ -579,8 +579,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='bgpq3'
 PACKAGE_TARNAME='bgpq3'
-PACKAGE_VERSION='0.1.30'
-PACKAGE_STRING='bgpq3 0.1.30'
+PACKAGE_VERSION='0.1.31'
+PACKAGE_STRING='bgpq3 0.1.31'
 PACKAGE_BUGREPORT='snar@snar.spb.ru'
 PACKAGE_URL=''
 
@@ -1187,7 +1187,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures bgpq3 0.1.30 to adapt to many kinds of systems.
+\`configure' configures bgpq3 0.1.31 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1248,7 +1248,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of bgpq3 0.1.30:";;
+     short | recursive ) echo "Configuration of bgpq3 0.1.31:";;
    esac
   cat <<\_ACEOF
 
@@ -1327,7 +1327,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-bgpq3 configure 0.1.30
+bgpq3 configure 0.1.31
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1495,7 +1495,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by bgpq3 $as_me 0.1.30, which was
+It was created by bgpq3 $as_me 0.1.31, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3413,7 +3413,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by bgpq3 $as_me 0.1.30, which was
+This file was extended by bgpq3 $as_me 0.1.31, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -3475,7 +3475,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-bgpq3 config.status 0.1.30
+bgpq3 config.status 0.1.31
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/configure.in b/configure.in
index ea6e7cb..8343c61 100644
--- a/configure.in
+++ b/configure.in
@@ -1,4 +1,4 @@
-AC_INIT(bgpq3,0.1.30,snar@snar.spb.ru)
+AC_INIT(bgpq3,0.1.31,snar@snar.spb.ru)
 AC_CONFIG_HEADER(config.h)
 AC_PROG_CC
 AC_PROG_INSTALL