bgplgd — a bgpctl
FastCGI server
bgplgd |
[-d] [-p
path] [-S
socket] [-s
socket] [-U
user] |
bgplgd is a server which implements the
FastCGI Protocol to execute bgpctl(8) commands.
bgplgd is a simple server that implements a simple
web API to query bgpd(8).
bgplgd opens a socket at
/run/bgplgd.sock, owned by www-data:www-data, with
permissions 0660. It will then drop privileges to user "_bgplgd",
unveil(2) the bgpctl(8) binary and
restrict itself with pledge(2).
The options are as follows:
-d- Do not daemonize. If this option is specified,
bgplgd will run in the foreground and log to
stderr.
-p
path- Use path instead of bgpctl(8) to
query bgpd(8).
-S
socket- Use socket instead of the default
/run/openbgpd/bgpd.sock to communicate with
bgpd(8).
-s
socket- Create and bind to alternative local socket at
socket.
-U
user- Change the owner of /run/bgplgd.sock to
user and its primary group instead of the default
www:www.
bgplgd provides the following API
endpoints. Unless further specified the endpoints do not take any
parameters:
- /interfaces
- Show the interface states.
- /memory
- Show RIB memory statistics.
- /neighbors
- Show detailed neighbors information. The output can be limited with the
following parameters:
neighbor=peer- Show information for a specific neighbor. peer
may be the neighbor's address or description.
group=name- Show only entries from the specified peer group.
- /nexthops
- Show the list of BGP nexthops and the result of their validity check.
- /rib
- Show routes from the bgpd(8) Routing Information Base. The following
parameters can be used to filter the output:
neighbor=peer- Show information for a specific neighbor. peer
may be the neighbor's address or description.
group=name- Show only entries from the specified peer group.
as=number- Show only entries with the specified source AS number.
-
-
- Show only entries that match the specified community.
af=(ipv4
| ipv6 | vpnv4 |
vpnv6)- Show only entries that match the specified address family.
rib=name- Show only entries from the RIB with name
name.
ovs=(valid
| not-found |
invalid)- Show only prefixes that match the specified Origin Validation
State.
best=1- Show only selected routes.
error=1- Show only prefixes which are marked invalid and were treated as
withdrawn.
prefix=addr- Show only entries that match prefix either as the best matching route
or show the entry for this CIDR prefix.
all=1- Show all entries in the specified prefix range.
or-shorter=1- Show all entries covering and including the specified prefix.
- /rtr
- Show a list of all RTR sessions.
- /sets
- Show a list summarizing all roa-set, as-set, prefix-set, and origin-set
tables.
- /summary
- Show a list of all neighbors, including information about the session
state and message counters.
An example setup in httpd(8) is:
location "/bgplgd/*" {
fastcgi socket "/run/bgplgd.sock"
request strip 1
}
The bgplgd server first appeared in
OpenBSD 7.2.