Our ISP had maintenance couple of nights ago and failed to tell us. That maintenace resulted in 2 out of 4 our BGP neighbors going down. That event did not trigger monitor alarms because physical links stayed up. So, I needed to be able to receive information about BGP session state without logging into Cisco router and running "show ip bgp summary
" command. Here is the output of this command:
router2#sho ip bgp summary
BGP router identifier 10.0.0.1, local AS number 64512
BGP table version is 14738877, main routing table version 14738877
185644 network entries using 18750044 bytes of memory
556906 path entries using 26731488 bytes of memory
67493 BGP path attribute entries using 3779888 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
30185 BGP AS-PATH entries using 774560 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
3 BGP filter-list cache entries using 36 bytes of memory
BGP using 50036064 total bytes of memory
BGP activity 870972/685328 prefixes, 6757346/6200440 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 64512 3358195 3465622 14738877 0 0 11w2d 185628
10.0.0.3 4 64512 114502 114499 14738877 0 0 11w2d 3
192.168.1.1 4 65535 3005050 110420 14738846 0 0 13:02:41 185636
172.16.1.1 4 65535 2987510 114513 14738846 0 0 10w3d 185636
Note, that I replaced AS numbers and IP addresses with fake ones.
I wanted to see state of BPG neighbors only. At first I wanted to write expect script to log into routers and run show ip bgp summary
, but there are obvious security implications. I needed to store password somewhere. Another solutions is to wrap snmpwalk command into shell script and parse the output. I decided to shake off some rust of my perl skills and do it in perl.
nas-server:~$ ./bgpmonitor.pl router2
Router: router2 AS 64512
Neighbor: 10.0.0.2 Status: established
Neighbor: 10.0.0.3 Status: active
Neighbor: 192.168.1.1 Status: established
Neighbor: 172.16.1.1 Status: established
Next version of the script will send alarms whenever neighbor status is not "establised" and bgp session is not administratively down.
Thank O'Reilly book
for helping me figuring out hash dereferencing.