[157004] in North American Network Operators' Group
RE: Internet routing table "completeness" monitoring?
daemon@ATHENA.MIT.EDU (William F. Maton Sotomayor)
Wed Oct 3 10:24:03 2012
Date: Wed, 3 Oct 2012 10:16:48 -0400 (EDT)
From: "William F. Maton Sotomayor" <wmaton@ottix.net>
To: Joseph Jackson <jjackson@aninetworks.net>
In-Reply-To: <6D497FE8AFD83E49AFADD9114C569F8F0C97E72D2B@EXMBX10.exchhosting.com>
Cc: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 3 Oct 2012, Joseph Jackson wrote:
> I have cacti graph the amount of prefixes announced and withdrawn from a BGP peer on each BGP router.
+1
Note that not all router OSs support fetching data like that via SNMP.
We use a custom built thing internally that does this two, which we then
tack on an alert threshold for. So if a downstream peer sends us less
than that, we get an alert. Handy for those times when they call and ask
us what we did to their network. :-)
Prior to that, we had a script which whould login, munge the 'show ip bgp
summary' table output, figure out the deltas and graph or report as
needed on a particularly troublesome peer.
>
>
>
> -----Original Message-----
> From: ML [mailto:ml@kenweb.org]
> Sent: Tuesday, October 02, 2012 11:43 PM
> To: North American Networking and Offtopic Gripes List
> Subject: Internet routing table "completeness" monitoring?
>
> Has anyone put in place a method to identify if one their BGP peers suddenly withdraws X% of their prefixes?
>
> e.g I should expect ~420k prefixes in a "complete"[1] routing table from a transit peer today. If suddenly I'm only getting 390k prefixes I'd guess a major network was depeered or similiar.
>
> If so how are people doing this? SNMP MIB, screen scrape?
>
>
>
> [1] Varying levels of completeless apply.
>
>
>
wfms
