invalidroutesreporter 0.2.0

An ExaBGP process to elaborate and report/log invalid routes received by route servers.

This script is intended to be used as an ExaBGP process to elaborate and report/log invalid routes that have been tagged with meaningful dedicated BGP communities by route servers.

Invalid routes are those routes that, for some reason, didn’t pass the route server’s validation process (invalid/private ASNs in the AS_PATH, bogon prefixes, invalid NEXT_HOP, IRRDBs data mismatch, …). Route servers, instead of discarding them, can keep these routes and tag them with a BGP community that describes the reason for which they have been considered as invalid.

A session with an ExaBGP-based route collector can be used to announce these invalid routes to this script, that finally processes them, extracts the reject reason and uses this information to log a record or to send an email alert to the involved networks.

If deployed in conjunction with ARouteServer, the “tag” reject policy option can be used to easily setup the route server to work together with this script.

For more information: https://invalidroutesreporter.readthedocs.io

Author

Pier Carlo Chiodi - https://pierky.com

Blog: https://blog.pierky.com Twitter: @pierky

Change log

v0.2.0

• New: --rejected-route-announced-by-pattern argument, to track a BGP community set with the peer that actually announced the invalid route.

• New: --peer-asn-only option, to send alerts only to the peers that announced invalid routes.

v0.1.0

First release as a standalone repository.

• New: make the reject reason BGP community optional and track also routes tagged with a reject BGP community only.

• New: optional external file containing the reason-code/description matrix.

• Fix: extended BGP communities processing.

• Improvement: min_wait and max_wait timers handling.