[117203] in North American Network Operators' Group
Re: Route table prefix monitoring
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Fri Sep 4 17:07:36 2009
In-Reply-To: <6cd462c00909041359l740a279fsbdcfbbadcadd6fa@mail.gmail.com>
Date: Fri, 4 Sep 2009 17:06:38 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Paul Ferguson <fergdawgster@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Sep 4, 2009 at 4:59 PM, Paul Ferguson<fergdawgster@gmail.com> wrote:
> On Fri, Sep 4, 2009 at 1:48 PM, Matthew Walster<matthew@walster.org> wrote:
>
>> 2009/9/4 Olsen, Jason <jolsen@devry.com>:
>>> Are there any tools
>>> that people are using to track when/what prefixes are added/withdrawn
>>> from their routing tables,
>>
>> Could you use something like BGPMon?
>>
>> http://bgpmon.com/
>>
>
> There's also:
>
> MyASN:
> http://www.ripe.net/info/faq/projects/myasn.html
>
> PHAS:
> http://phas.netsec.colostate.edu/stat.html
I think the OP wanted something for 'internal route monitoring' ...
since he's from DeVry I suspect it's to monitor things on DeVry's
internal WAN which probably don't show in the global table.
That said, you COULD have rancid (or abuse rancid) pull rib-dumps each
'period' and index those into something that alerted on large diff's
(or alerted if some critical bits were missing). Or have a quagga box
peer with some number of internal devices, log update messages, alert
on withdrawal of critical bits.
-chris
(I don't know of any COTS tools that do this, sorry)
