I have kept e-mail account @netscape.net to read several newsletters. I know, I know: RSS, Web2.0... But old habits die hard. Anyway, AOL migrated Netscape users to AOL mail. Old Netscape Mail interface sucked, it did not have many now considered standard e-mail features, but replacement is not much better. The new login screen greets me with ""We are sorry, but you will need to enable cookies and Javascript to use your Screen Name with this site."Even though both cookies and Javascript are enabled in my Firefox. And AOL agrees, that they are, indeed, enabled after I click on "Click here to try again after you have enabled cookies and Javascript in". After logging in, I do not get access to my Inbox. That would be too easy. I get advertizing screen. How is that for "improved" service? Next disappointment is everything is in pop-up windows. I mean EVERYTHING. I guess, it is AOL's AJAX replacement :). So, I've had it enough. Good bye Netscape.
If you think I am complaining too much, check out comments on AOL/AIM Web Suite Product Insider Blog.

gslb protocol
gslb policy
 metric-order set health-check weighted-site preference
 weighted-site
 preference
 dns active-only
 dns best-only
 dns override
 dns cname-detect


gslb-host-policy testwww
 metric-order set health-check weighted-site preference
 weighted-site
 preference
 dns active-only
 dns best-only


gslb site sanjose                                                 
 weight 100
 si vsj-lb1 10.60.0.66 0
gslb site newark
 si nwklb01-a 10.50.30.208 250


gslb dns zone jabodo.com
 host-info www http
 host-info www gslb-policy testwww






gslb log-dns

I converted the script I wrote to monitor BGP on Cisco routers via SNMP into Nagios plugin. I did not like check_bgp plugin which comes with Nagios, because it requires username and password to access a router to be stored in plain text.

Here is how to configure Nagios to use my plugin:
copy check_bgp_snmp.pl into nagios/libexec directory. Then, add the following to Nagios config

define command{       
      command_name    check_bgp_snmp
      command_line    $USER1$/check_bgp_snmp.pl -r $HOSTADDRESS$ -c $ARG1$
      }






define service{
      host_name               router1

      service_description     BGP CHECK
      check_command           check_bgp_snmp!public

      max_check_attempts      2
      normal_check_interval   5
      retry_check_interval    2
      check_period            24x7
      notification_interval   10
      notification_period     24x7
      notification_options    w,u,c,r
      notifications_enabled   0
      contact_groups          admins
}

Download check_bgp_snmp.pl

I added "send alarm" feautre and changed the way it checks router. First, it checks if BGP session with neighbor is established. If not, it proceeds to verify that neighbor is not administratively down and sends e-mail. But if BGP session is established, it checks whether router receives prefixes from that neighbor.
Let me know if you find any bugs.

Download bgpmonitor.pl

I made some changes to the script. The output format is different and it also retreives number of prefixes received from neighbors.

nas-server:~$ ./bgpmonitor.pl router1


=============================
Router: router1  AS  64512
Neighbor                Status          PfxRcd
192.168.1.1           established     2841107
172.16.1.1            established     3445788
10.0.0.2              established     2886739
10.0.0.3              established     3

Download bgpmonitor.pl

Our ISP had maintenance couple of nights ago and failed to tell us. That maintenace resulted in 2 out of 4 our BGP neighbors going down. That event did not trigger monitor alarms because physical links stayed up. So, I needed to be able to receive information about BGP session state without logging into Cisco router and running "show ip bgp summary" command. Here is the output of this command:
router2#sho ip bgp summary

BGP router identifier 10.0.0.1, local AS number 64512
BGP table version is 14738877, main routing table version 14738877
185644 network entries using 18750044 bytes of memory
556906 path entries using 26731488 bytes of memory
67493 BGP path attribute entries using 3779888 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
30185 BGP AS-PATH entries using 774560 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
3 BGP filter-list cache entries using 36 bytes of memory
BGP using 50036064 total bytes of memory
BGP activity 870972/685328 prefixes, 6757346/6200440 paths, scan interval 60 secs


Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.0.0.2        4 64512 3358195 3465622 14738877    0    0 11w2d      185628
10.0.0.3        4 64512  114502  114499 14738877    0    0 11w2d           3
192.168.1.1     4 65535 3005050  110420 14738846    0    0 13:02:41   185636
172.16.1.1      4 65535 2987510  114513 14738846    0    0 10w3d      185636

Note, that I replaced AS numbers and IP addresses with fake ones.
I wanted to see state of BPG neighbors only. At first I wanted to write expect script to log into routers and run show ip bgp summary, but there are obvious security implications. I needed to store password somewhere. Another solutions is to wrap snmpwalk command into shell script and parse the output. I decided to shake off some rust of my perl skills and do it in perl.
Download bpgmonitor.pl

Usage example


nas-server:~$ ./bgpmonitor.pl router2


=============================
Router: router2  AS 64512 
Neighbor:       10.0.0.2       Status:        established
Neighbor:       10.0.0.3       Status:        active
Neighbor:       192.168.1.1    Status:        established
Neighbor:       172.16.1.1     Status:        established

Next version of the script will send alarms whenever neighbor status is not "establised" and bgp session is not administratively down.
Thank O'Reilly book for helping me figuring out hash derefencing.