NAME¶

bgplgd — a bgpctl FastCGI server

SYNOPSIS¶

bgplgd [-d] [-p path] [-S socket] [-s socket] [-U user]

DESCRIPTION¶

bgplgd is a server which implements the FastCGI Protocol to execute bgpctl(8) commands. bgplgd is a simple server that implements a simple web API to query bgpd(8).

bgplgd opens a socket at /run/bgplgd.sock, owned by www-data:www-data, with permissions 0660. It will then drop privileges to user "_bgplgd", unveil(2) the bgpctl(8) binary and restrict itself with pledge(2).

The options are as follows:

-d: Do not daemonize. If this option is specified, bgplgd will run in the foreground and log to stderr.
-p path: Use path instead of bgpctl(8) to query bgpd(8).
-S socket: Use socket instead of the default /run/openbgpd/bgpd.sock to communicate with bgpd(8).
-s socket: Create and bind to alternative local socket at socket.
-U user: Change the owner of /run/bgplgd.sock to user and its primary group instead of the default www:www.

bgplgd provides the following API endpoints. Unless further specified the endpoints do not take any parameters:

/interfaces

Show the interface states.

/memory

Show RIB memory statistics.

/neighbors

Show detailed neighbors information. The output can be limited with the following parameters:

neighbor=peer: Show information for a specific neighbor. peer may be the neighbor's address or description.
group=name: Show only entries from the specified peer group.

/nexthops

Show the list of BGP nexthops and the result of their validity check.

/rib

Show routes from the bgpd(8) Routing Information Base. The following parameters can be used to filter the output:

neighbor=peer: Show information for a specific neighbor. peer may be the neighbor's address or description.
group=name: Show only entries from the specified peer group.
as=number: Show only entries with the specified source AS number.
community=string
ext-community=string
large-community=string: Show only entries that match the specified community.
af=(ipv4 | ipv6 | vpnv4 | vpnv6): Show only entries that match the specified address family.
rib=name: Show only entries from the RIB with name name.
ovs=(valid | not-found | invalid): Show only prefixes that match the specified Origin Validation State.
best=1: Show only selected routes.
error=1: Show only prefixes which are marked invalid and were treated as withdrawn.
prefix=addr: Show only entries that match prefix either as the best matching route or show the entry for this CIDR prefix.
all=1: Show all entries in the specified prefix range.
or-shorter=1: Show all entries covering and including the specified prefix.

/rtr

Show a list of all RTR sessions.

/sets

Show a list summarizing all roa-set, as-set, prefix-set, and origin-set tables.

/summary

Show a list of all neighbors, including information about the session state and message counters.

EXAMPLES¶

An example setup in httpd(8) is:

        location "/bgplgd/*" {
                fastcgi socket "/run/bgplgd.sock"
                request strip 1
        }

HISTORY¶

The bgplgd server first appeared in OpenBSD 7.2.

AUTHORS¶

Claudio Jeker <claudio@openbsd.org>

July 17, 2022

Debian

Source file:	bgplgd.8.en.gz (from openbgpd 7.7-2)
Source last updated:	2022-12-10T01:00:49Z
Converted to HTML:	2024-12-22T03:12:46Z