1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
|
.\" $OpenBSD: bgpd.conf.5,v 1.17 2004/02/07 20:40:47 henning Exp $
.\"
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
.\" Copyright (c) 2002 Daniel Hartmeier <dhartmei@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd December 23, 2003
.Dt BGPD.CONF 5
.Os
.Sh NAME
.Nm bgpd.conf
.Nd Border Gateway Protocol daemon configuration file
.Sh DESCRIPTION
The
.Ar bgpd
daemon implements the Border Gateway Protocol version 4 as described
in RFC 1771.
.Sh SECTIONS
The
.Nm
config file is divided into three main sections.
.Bl -tag -width xxxx
.It Cm Macros
User-defined variables may be defined and used later, simplifying the
configuration file.
.It Cm Global configuration
Global settings for the bgpd daemon.
.It Cm Neighbors and Groups
.Ar bgpd
establishes sessions with
.Ar neighbors .
The neighbor definition and properties are set in this section, as well as
grouping neighbors for the ease of configuration.
.El
.Pp
With the exception of
.Cm macros
the sections should be grouped and appear in
.Nm
in the order shown above.
.Sh MACROS
Much like
.Xr cpp 1
or
.Xr m4 1 ,
macros can be defined that will later be expanded in context.
Macro names must start with a letter, and may contain letters, digits
and underscores.
Macro names may not be reserved words (for example
.Ar AS ,
.Ar neighbor ,
.Ar group ) .
Macros are not expanded inside quotes.
.Pp
For example,
.Bd -literal -offset indent
c7206="1.2.3.4"
neighbor $c7206 {
remote-as 65001
}
.Ed
.Sh GLOBAL CONFIGURATION
There are quite a few settings that affect the operation of the
.Ar bgpd
daemon globally.
.Bl -tag -width xxxxxxxx
.It Ar AS
Set the local Autonomous System number.
The AS numbers are assigned by local RIRs, such as
.Bl -tag -width xxxxx -compact
.It Ar RIPE
for Europe,
.It Ar ARIN
for America and
.It Ar APNIC
for the Asian-Pacific region.
.El
.Pp
For example,
.Bd -literal -offset indent
AS 65001
.Ed
.Pp
sets the local
.Ar AS
to 65001.
.It Ar dump
.Ar bgpd
is capable of dumping the
.Em RIB ,
aka the Routing Information Base and all
.Em bgp
messages in
.Em mrt
format.
Dumping the
.Em RIB
is normally an expensive operation but it should not influence the session
handling.
Dumping too often may result in a slow update speed.
.Pp
This will dump all 300 seconds of the
.Em RIB
table to the
.Xr strftime 3
expanded filename.
The timeout is optional.
.Bd -literal -offset indent
dump table "/tmp/rib-dump-%H%M" 300
.Ed
.Pp
Similar to the table dump but this time all
.Em bgp
messages and
.Em state
transitions are dumped to the specified file:
.Bd -literal -offset indent
dump msg all in "/tmp/all-in-%H%M" 300
.Ed
.Pp
As before, but only the filtered
.Em UPDATE
messages are dumped to the file:
.Bd -literal -offset indent
dump msg filtered in "/tmp/filtered-in-%H%M" 300
.Ed
.It Ar fib-update
If set to
.Em no ,
do not update the Forward Information Base aka the kernel
routing table.
The default is
.Em yes .
.It Ar holdtime
Sets the holdtime in seconds.
The holdtime is reset to its initial value every time either a
.Em KEEPALIVE
or an
.Em UPDATE
message is received from the neighbor.
If the holdtime expires the session is dropped.
The default is 90 seconds.
Neighboring systems negotiate the holdtime used when the connection is
established in the
.Em OPEN
messages.
Each neighbor announces its configured holdtime, the smaller one is
then agreed on.
.It Ar holdtime min
The minimal accepted holdtime in seconds.
Must be greater or equal to 3.
.It Ar listen on
Specify the local IP address the
.Ar bgpd
daemon should listen on.
.Bd -literal -offset indent
listen on 127.0.0.1
.Ed
.It Ar log updates
Log received and sent updates.
.It Ar network
Announce the specified network as belonging to our
.Em AS .
.Bd -literal -offset indent
network 192.168.7.0/24
.Ed
.It Ar router-id
Set the router id to the given IP address which must be local to the
machine.
.Bd -literal -offset indent
router-id 10.0.0.1
.Ed
.Pp
If not given the bgp id is determined as the biggest IP address assigned
to the local machine.
.El
.Sh NEIGHBORS AND GROUPS
.Ar bgpd
establishes TCP connections to other BGP speakers, called neighbors.
Each neighbor is specified by a neighbor section, specifying properties for
that neighbor:
.Bd -literal -offset indent
neighbor 10.0.0.2 {
remote-as 65002
descr "a neighbor"
}
.Ed
.Pp
Multiple neighbors can be grouped together by a group section.
Each neighbor statement within the group section inherits all properties
from the group section.
.Bd -literal -offset indent
group "peering AS65002" {
remote-as 65002
neighbor 10.0.0.2 {
descr "AS65002-p1"
}
neighbor 10.0.0.3 {
descr "AS65002-p2"
}
}
.Ed
.Pp
There are several neighbor properties:
.Bl -tag -width xxxxxxxx
.It Ar announce
If set to
.Em none ,
no
.Em UPDATE
messages will be sent to the neighbor.
If set to
.Em all ,
all generated
.Em UPDATE
messages will be sent to the neighbor.
This is normally only necessary for transit
.Em AS's
and
.Em IBGP
peers.
The default value
for
.Em EBGP
peers is
.Em self
which limits the sent
.Em UPDATE
messages to announcements of the local
.Em AS
only.
The default for
.Em IBGP
peers is
.Em all .
.It Ar descr
Add a description.
The description is used when logging neighbor events and in status
reports etc and has no further meaning to
.Ar bgpd .
.It Ar holdtime
Set the holdtime in seconds.
Inherited from the global configuration if not given.
.It Ar holdtime min
Set the minimal acceptable holdtime.
Inherited from the global configuration if not given.
.It Ar local-address
When
.Ar bgpd
initiates the TCP connection to the neighbor system, it normally does not
bind to a specific IP address.
If a local-address is given it binds
to this address before.
.It Ar max-prefix
Limit amount of prefixes received.
The default is unlimited.
.It Ar multihop
Normally neighbors that are not in the same AS as the local
.Ar bgpd
have to be directly connected to the local machine.
If this is not the case the
.Em multihop
statement defines the maximum hops the neighbor is away.
.It Ar passive
Do not attempt to actively open a TCP connection to the neighbor system.
.It Ar remote-as
Set the AS number of the remote system.
.It Ar tcp md5sig
Enable TCP MD5 signatures per RFC 2385.
The shared secret can either be given as a password or hexadecimal key.
.Bd -literal -offset indent
tcp md5sig password mekmidasdigoat
tcp md5sig key deadbeef
.Ed
.El
.Sh FILES
.Bl -tag -width "/etc/bgpd.conf" -compact
.It Pa /etc/bgpd.conf
.Nm
configuration file.
.El
.Sh SEE ALSO
.Xr strftime 3 ,
.Xr tcp 4 ,
.Xr bgpd 8
.Sh HISTORY
The
.Nm
file format first appeared in
.Ox 3.5 .
|