Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Phil D
    @philodavies
    I have not been able to figure out why just yet. I've been busy on other projects this week and may not be able to get back to this for another week on top of that.
    Hopefully Tim will be back to respond to these questions while I work on other things. If not, I will dig some more to try and understand what is missing or why it isn't displaying the rpki data.
    Tim Evens
    @TimEvens
    @emlcao_twitter , @philodavies , @dgedia , FYI - I'm in the process of migrating MySQL/MariaDB to PostgreSQL/TimescaleDB. As part of this migration, I'm updating the cron scripts (whois) and RPKI. The above issues should be resolved with the postgres version. I'm migrating this because of the following:
    • MySQL/MariaDB has no real implementation for time series, TimescaleDB addresses this.
    • MySQL/MariaDB is very hard to recover when disk space runs out, Postgres addresses this.
    • MySQL/MariaDB does not support array, uuid/hash, and inet data types natively. Postgres does.
    • For this type of routing data and time series, Postgres/TimescaleDB outperforms InfluxDB, ElastichSearch, Cassandra, Mongo, and MySQL/MariaDB.
    Tim Evens
    @TimEvens
    @/all , check out https://gitter.im/snas/alerts. This room has live internet monitoring alerts.
    kjeojfeofjgeofkjodfioejo
    @jkldgoefgkljefogeg
    How does bmp monitoring station detect liveness of BMP speaker?
    kjeojfeofjgeofkjodfioejo
    @jkldgoefgkljefogeg
    It seems tcp keepalive is necessary, but not mentioned in RFC7854
    ayalaalex
    @ayalaalex
    It is controlled by TCP. Depending on the implementation of the active party BMP Client, you maybe have tcp keepalives. But that is not dependent on BMP. With BMP the active party sends request to establish connection, then it just starts sending messages until either party closes the connection. I did notice though that if active party shuts the port or simply crashes before it can send TCP RST to openBMP, openBMP won't know that it has gone down. There may be some cleanup or configuration on openBMP that I haven't played with. I saw something about heartbeat but I never got it to work. So to answer your question, BMP as an application doesn't have keepalives, but an implementation of BMP client might make use tcp keepalives.
    Tim Evens
    @TimEvens
    The TCP stack implements tcp keepalives. The application requests to enable them. TCP keepalive settings, such as idle timeout, interval, ... can be set with sysctl or /proc. The openbmp collector does enable keepalives but you have to tune that via host system settings. TCP keepalives are unidirectional. This means it should be enabled on both sides of the connection. IOS XR supports this in 6.3 and later
    kjeojfeofjgeofkjodfioejo
    @jkldgoefgkljefogeg
    in the case where TCP socket not getting properly torn down, the session might stay down while collector still thinks the socket is open. imo it's worth a note in the RFC. Some router BMP implementation doesn't support keepalive and things might break when router is configured to run BMP passive
    dgedia
    @dgedia
    I had a quick question if you know by chance. I am not able to peer with more than one route-views server at the same time from the same VM. Have you guys experienced the same? To peer with multiple route-views server does it require separate VMs?
    Tim Evens
    @TimEvens
    You need to edit the openbmpd.conf file and set enable_pat to true. This will allow the same source address to be used for more than one router connection.
    #pat_enabled value is a boolean:
    #    false (the default) - MD5 of (connection source address, collector hash)
    #
    #    true                - MD5 of one of the following:
    #
    #                 If INIT_BGP_ID (type=65531) is present:
    #                (bgp_router_id, collector_hash)  
    #
    #                        If INIT doesn't include the BGP_ID, then:
    #                (name, collector_hash)
    #
    #                 If INIT doesn't include either bgp_id or name, then it uses:
    #                (connection source address, collector hash)
    pat_enabled: false
    Kris Lloyd
    @KrisLloyd

    Hey guys! I have SNAS and PNDA both deployed in Openstack, and I'm not quite sure how I should get them working together. I read up on the 'integrating openBMP' steps in the docs on http://pnda.io/guide , but that just left me confused. Anyone ever get this up and running? Appreciate any steps you can provide to point me in the right direction. Both services are up and running with no errors, but I don't know how to link them. PNDA is an Openstack Pico deployment.

    Thanks for your help!
    -K

    Tim Evens
    @TimEvens
    Hey @KrisLloyd , PNDA integration only stores/archives the raw parsed messages. you could do the same thing with a cheap instance in elastic, influx, or file. The app that was presented was an in-memory iPython script that could only handle about three peers. What use-case are you looking to address? I’m confident you can solve your use case(s) with the new postgres backend. Btw, I will be creating a new repo for grafana that interacts with postgres. It would be great if you and others contribute to the dashboards so everyone can benefit from the visualizations. Check out http://demo-rv.snas.io:3000 for an example of the latest dashboards. Regarding alerting... check out gitter.im/snas/alerts. This is an example showing how you can alert intelligently realtime.
    @jkldgoefgkljefogeg , I agree this does need to be documented. We have talked about doing a new draft on implementations, both senders and receivers. The network setup/design also is something that needs to be documented. For example, where to monitor and which knobs to enable to meet the desired use-cases.
    Phil D
    @philodavies
    Hey @TimEvens, the desired use-case of the SNAS/PNDA integration is to have an analytics engine similar to the example video which is essentially a recap of the features you implemented in the PNDA example at NANOG70.
    Tim Evens
    @TimEvens

    PostgreSQL with TimescaleDB, RPKI, and IRR integration is available now via openbmp/postgres container

    The openbmp/collector and openbmp/kafka containers should be used wtih the openbmp/postgres containers to
    provide an end-to-end BGP monitoring and analytics.

    Grafana is the preferred visualization tool. Grafana enables collabration with dashboards and plugins without requiring
    much development experience. We encourge everyone to contribute new or updated dashboards and plugins via
    github pull requests. You can start using Grafana today with openbmp/postgres container by following the
    OpenBMP Grafana instructions.

    NOTE:

    At this time there is full support for IPv4, IPv6 unicast and labeled unicast address families.
    Soon to come will be L3VPN, Link-State, and EVPN.

    Please Join the chat on Gitter
    to collaborate with others interactively.

    edoboker
    @edoboker
    Hi all,
    I've been trying to get started with SNAS.io on my laptop as the beginning of a large network PoC, currently getting stuck after running the aio container and the ui container (just copy-paste the commands from the guide in the project's website). When I try to log in to the webpage (using any username and password) I get an error saying "authentication service is unreachable". Any thoughts? has anyone encountered that?
    Tim Evens
    @TimEvens
    @edoboker , is your laptop running Linux? The problem with Mac and windows is that docker has to run a Linux vm. This introduces some tricky network setup for container to container connectivity. Which address families are you going to poc and how many routers/peers/nlris?
    edoboker
    @edoboker
    I'm running on Ubuntu 18.04
    Everything configured to localhost, of course (that's the default settings in the website)
    Victor Liu
    @packerliu
    I have successfully enabled SNAS-aio and SNAS-UI, but still working on postgres part with collector. @edoboker , to hookup postgres with Grafana you need to use docker0 or host IP instead of localhost
    Lorenzo
    @lollo93_gitlab
    Hi everybody, I'm trying to build a custom kafka consumer for parsing the raw data (BGP Updates mainly). Is there any link or doc I can read to binary parse your header? I can read without any problem the internal message (BGP Update) but there is a header of about 127 bytes I'm not able to understand
    Tim Evens
    @TimEvens

    @lollo93_gitlab , you mean you are reading the "bmp_raw" topic? The message structure is documented Message Bus API. Jump to the bottom of that doc, or search for BMP RAW Data.

    The message has two parts... First part is the header and the second part is the RAW binary BMP message (actual BMP message, headers and all). The two parts are split by a double newline \n\n.. BMP (and BGP) route monitor messages do not convey the router that the message came from. You'll need to parse the HEADER field R_HASH_ID for that. The R_HASH_ID links the the hash id in the openbmp.parsed.routers topic.

    Lorenzo
    @lollo93_gitlab
    Hi @TimEvens , yes the bmp_raw topic. I'm reading the message in binary so the double newline how can I find it? which charset/encoding are you using?
    Tim Evens
    @TimEvens
    UTF-8, but you should be using the kafka byte deserializer
    Which language are you using?
    Lorenzo
    @lollo93_gitlab
    C#
    Lorenzo
    @lollo93_gitlab
    According to this (https://i.stack.imgur.com/berx0.png) newline is encoded with 0x0A but before the BMP Message I find "00-00-00-01" and not "0A-0A"
    Mondhund
    @Mondhund
    Hi, I had a running installation and had to migrate it to another machine. With the new docker images, I get from the psql-container an error message pq: could not access file "timescaledb-0.11.0": No such file or directory when adding the data source in grafana
    I then went back to the old container version build-9 and this works
    Tim Evens
    @TimEvens
    @Mondhund , looks to be a bug with the timescale upgrade. I’ll fix shortly
    Tim Evens
    @TimEvens
    @Mondhund , looks like what's missing is the extension upgrade. Can you try:
    docker exec openbmp_psql bash -c ". /usr/local/openbmp/pg_profile && psql -X -c 'ALTER EXTENSION timescaledb UPDATE;'"
    it should be harmless to run this if the extension is already at the current level.
    Mondhund
    @Mondhund
    thanks - looks good now. Btw - great work :)
    Mondhund
    @Mondhund
    Hi - I have a lot of router.state down entries after router-reboots in the postgres-db although all nodes are up and running. The field term_reason_text gives "(2) Connection closed". How is this state determined and why isn't it updated?
    bmp-sessions are all up and running as well
    727digital
    @727digital
    Good day! I was installed docker container AIO (dockerpull). I have a qustion. Is this container have UI? I checked url http://ip:port/db_rest/v1/routers and have json information. But when i try use http://ip:port/ i have apache tomcat http status 404
    727digital
    @727digital
    fix. container dont have ui. need install other container. tnhx
    Michael Jamieson
    @michaeljamieson_twitter
    Hi, Is there a way to remove the SNAS DEMO from the login page and replace it with something else? I deployed SNAS using the docker solution.
    Michael Jamieson
    @michaeljamieson_twitter
    I have the docker containers setup and I am seeing traffic on port 5000 and connection are being established in the collector container but I am getting no data in the gui
    Is there logs I can check?
    Mihir Mehta
    @mmihir82
    hello everyone, was wondering if the openbmp docker can be update with using grafana?
    Michael Jamieson
    @michaeljamieson_twitter
    Has any one been able get the dockers version to work, I have them installed and followed the instructions but it does not seem to store the data. I can see port 5000 coming in on my server and there is connections being established in the collector,but nothing seems to get written to the sql server. The weird thing is I can't log into the sql server on the container which makes me think there is a configuration issue somewhere.
    Mihir Mehta
    @mmihir82
    try docker exec openbmp_aio tail -f /var/log/openbmpd.log
    Michael Jamieson
    @michaeljamieson_twitter
    Thanks, I was looking at the file but I am seeing nothing. I am not running the AIO, I installed each docker container
    Mihir Mehta
    @mmihir82
    not sure, if you have tried this docker exec openbmp_mysql tail -f /var/log/*.log
    ayalaalex
    @ayalaalex
    Does the docker version support large communities?
    Mihir Mehta
    @mmihir82

    Hello, I'm getting this error when bring up the grafana docker:

    [root@telemetry01 ~]# docker run -d -p 3000:3000     -e "GF_SECURITY_ADMIN_PASSWORD=test123"     --name grafana -h grafana     grafana/grafana:latest
    3d5891c0ee7906b4a60aa87dbd0cf828a041b3a498e46b26a90b72a4ada05af4
    docker: Error response from daemon: driver failed programming external connectivity on endpoint grafana (14150c679adecf454768dce34d9b829a7781126c7e607292de3a1d63df63ff9b):  (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 3000 -j DNAT --to-destination 172.17.0.5:3000 ! -i docker0: iptables: No chain/target/match by that name.
     (exit status 1)).

    I have flused iptables and turned off the firewalld... not able to bring up the docker

    Mihir Mehta
    @mmihir82
    I was able to resolve it but flushing and the restart the docker service.
    Srinivas Mortha
    @morthasrinivas
    Hello, I have setup SNAS All-in_one docker container and planning to use Openbmp UI to get the stats.