BGP Monitoring

Ray_Orsini · February 26, 2024, 5:41pm

What tools are you using to monitor BGP announcements and route changes?

Ben_Cox · February 26, 2024, 5:49pm

[Full Disclosure, the bgp.tools guy will of course tell you to use bgp.tools]

Unsure what the etiquette for self promotion is on this mailing list,
but I would happily recommend bgp.tools (the service I run). It
supports the development of the BGP toolkit at the same time.

For myself (since I cannot really monitor myself with myself) I use

Mehmet_Akcin · February 26, 2024, 5:52pm

I love bgp.tools good product

TJ_Trout · February 26, 2024, 6:03pm

bgp.tools

Ian_Chilton · February 26, 2024, 6:03pm

Hi,

jobsnijders · February 26, 2024, 6:12pm

The wonderful BGP.tools already has been mentioned a few times.

Another excellent option is https://Packetvis.com, I find their RPKI
monitoring approach to be very insightful.

Catchpoint might be another option, BGP Monitoring | Catchpoint IPM,
AFAIK by the same people that worked on "Isolario" a few years ago.

Kind regards,

Job

Ben_Cox · February 26, 2024, 6:28pm

I believe PacketVis is Massimo Candela , based on

Alexander_Lyamin · February 26, 2024, 6:40pm

Whoa, its nice to see that Allesandro is still around.
It was sad to see when Isolario.it quietly went offline.

Also I would point out in CAIDA’s general direction https://bgpstream.caida.org/ (should fit OP bill).
CAIDA was first to show how much geeky fun might be had by monitoring (and sometimes storing) BGP updates.

RIPE RIS https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/ is also good, but as Job Snijders pointed me out doesn’t send emails out of the box.

Elmar_K_Bins · February 26, 2024, 6:58pm

It does provide a filterable live feed that we use for leak detection.

Apart from that we're using bgp.tools when we want to dig into stuff.
Oh, and most of the T1s have either routeservers or at least mostly usable
looking glasses.

HTH,
Elmar.

Alexander_Lyamin · February 27, 2024, 6:16am

Ray mentioned precisely that he wants to monitor BGP announcements and route changes.

Leak detection is kind of on a different level. You need a bit more data to effectively detect them. ( I kind of know that).

It makes discussion more colorful to my taste. You can do a lot with colorful bgp data

fearghas · February 27, 2024, 8:18am

It is run by his brother rather than Massimo, but it is his BGPalerter software behind the family business

f

Ben_Cox · February 27, 2024, 9:00am

Aha! That makes sense!

I was struggling to find any kind of public data on who runs it, so I assumed whoever was presenting it probably runs / owned it

Elmar_K_Bins · February 27, 2024, 9:40am

Hi Alex,

la@qrator.net (Alexander Lyamin) wrote:

Ray mentioned precisely that he wants to monitor BGP announcements and
route changes.

Leak detection is kind of on a different level. You need a bit more data
to effectively detect them. ( I kind of know that).

Our use case is extremely simple, so the RIS feed gives us everything we need.
We don't need to qualify the leak, *any* leak from a local node is undesirable,
they tag everything NO_EXPORT. Anybody exporting must thus be dealt with.

But you gave me an idea regarding our datacenter prefixes...

Cheers,
Elmar.