BGPLGD(8) - System Manager's Manual

BGPLGD(8) - System Manager’s Manual #

BGPLGD(8) - System Manager’s Manual

NAME #

bgplgd - a bgpctl FastCGI server

SYNOPSIS #

bgplgd [-d] [-p path] [-S socket] [-s socket] [-U user] [-V]

DESCRIPTION #

bgplgd is a server which implements the FastCGI Protocol to execute bgpctl(8) commands. bgplgd is a simple server that implements a simple web API to query bgpd(8).

bgplgd opens a socket at /var/www/run/bgplgd.sock, owned by www:www, with permissions 0660. It will then drop privileges to user “_bgplgd”, unveil(2) the bgpctl(8) binary and restrict itself with pledge(2).

The options are as follows:

-d

Do not daemonize. If this option is specified, bgplgd will run in the foreground and log to stderr.

-p path

Use path instead of bgpctl(8) to query bgpd(8).

-S socket

Use socket instead of the default /var/run/bgpd.rsock to communicate with bgpd(8).

-s socket

Create and bind to alternative local socket at socket.

-U user

Change the owner of /var/www/run/bgplgd.sock to user and its primary group instead of the default www:www.

-V

Show the version and exit.

bgplgd provides the following API endpoints. Unless further specified the endpoints do not take any parameters:

/interfaces

Show the interface states.

/memory

Show RIB memory statistics.

/metrics

Output various statistics in OpenMetrics format.

/neighbors

Show detailed neighbors information. The output can be limited with the following parameters:

neighbor=peer

Show information for a specific neighbor. peer may be the neighbor’s address or description.

group=name

Show only entries from the specified peer group.

/nexthops

Show the list of BGP nexthops and the result of their validity check.

/rib

Show routes from the bgpd(8) Routing Information Base. The following parameters can be used to filter the output:

neighbor=peer

Show information for a specific neighbor. peer may be the neighbor’s address or description.

group=name

Show only entries from the specified peer group.

as=number

Show only entries with the specified source AS number.

community=string

ext-community=string

large-community=string

Show only entries that match the specified community.

af=(ipv4 | ipv6 | vpnv4 | vpnv6)

Show only entries that match the specified address family.

rib=name

Show only entries from the RIB with name name.

ovs=(valid | not-found | invalid)

Show only prefixes that match the specified Origin Validation State.

avs=(valid | invalid | unknown)

Show only prefixes that match the specified ASPA Validation State.

best=1

Show only selected routes.

error=1

Show only prefixes which are marked invalid and were treated as withdrawn.

invalid=1

Show only prefixes which are not eligible.

leaked=1

Show only prefixes where a route leak was detected.

prefix=addr

Show only entries that match prefix either as the best matching route or show the entry for this CIDR prefix.

all=1

Show all entries in the specified prefix range.

or-shorter=1

Show all entries covering and including the specified prefix.

/rtr

Show a list of all RTR sessions.

/sets

Show a list summarizing all roa-set, as-set, prefix-set, and origin-set tables.

/summary

Show a list of all neighbors, including information about the session state and message counters.

EXAMPLES #

An example setup in httpd(8) is:

        location "/bgplgd/*" {
                fastcgi socket "/run/bgplgd.sock"
                request strip 1
        }

SEE ALSO #

bgpctl(8), bgpd(8), httpd(8)

HISTORY #

The bgplgd server first appeared in OpenBSD 7.2.

AUTHORS #

Claudio Jeker <claudio@openbsd.org>

OpenBSD 7.5 - January 26, 2024