Scroll to navigation

BGPCTL(8) System Manager's Manual BGPCTL(8)

NAME

bgpctlcontrol the BGP routing daemon

SYNOPSIS

bgpctl [-jnV] [-s socket] command [argument ...]

DESCRIPTION

The bgpctl program controls the bgpd(8) daemon. Commands may be abbreviated to the minimum unambiguous prefix; for example, s su for show summary.

The options are as follows:

Create output as JSON object.
Show neighbors' IP addresses instead of their description.
socket
Use socket to communicate with bgpd(8) instead of the default /run/openbgpd/bgpd.sock.<rdomain> where <rdomain> is the routing domain bgpctl is running in. To administer bgpd(8) in a different routing domain, run bgpctl in said routing domain.
Show the version and exit.

The commands are as follows:

[table number] couple
Insert the learned routes into the specified Forwarding Information Base a.k.a. the kernel routing table.
[table number] decouple
Remove the learned routes from the specified Forwarding Information Base a.k.a. the kernel routing table.
family rule [set argument ...]
Add the specified flowspec rule to the list of announced rules. Currently family can be either inet or inet6. It is possible to set various path attributes with additional arguments. Adding a rule will replace an existing equal rule, including rules loaded from the configuration. See bgpd.conf(5) for information on how to write a flowspec rule.
family rule
Remove the specified flowspec rule from the list of announced rules.
Remove all dynamically added (i.e. with bgpctl flowspec add) flowspec rules from the list of announced rules.
family
Show all announced flowspec rules. family, if given, limits the output to the given address family. The supported families are inet and inet6.
Disable verbose debug logging.
Enable verbose debug logging.
peer clear [reason]
Stop and restart the BGP session to the specified neighbor. If a reason is provided, the reason is sent as Administrative Shutdown Communication to the neighbor. peer may be the neighbor's address, description or the word group followed by a group description.
peer destroy
Destroy a previously cloned peer. The peer must be down before calling this function. peer may be the neighbor's address, description or the word group followed by a group description.
peer down [reason]
Take the BGP session to the specified neighbor down. If a reason is provided, the reason is sent as Administrative Shutdown Communication to the neighbor. peer may be the neighbor's address, description or the word group followed by a group description.
peer refresh
Request the neighbor to re-send all routes. Note that the neighbor is not obliged to re-send all routes, or any routes at all, even if it announced the route refresh capability. peer may be the neighbor's address, description or the word group followed by a group description.
peer up
Bring the BGP session to the specified neighbor up. peer may be the neighbor's address, description or the word group followed by a group description.
prefix [argument ...]
Add the specified prefix to the list of announced networks. It is possible to set various path attributes with additional arguments. Adding a prefix will replace an existing equal prefix, including prefixes loaded from the configuration.
[argument ...]
Bulk add specified prefixes to the list of announced networks. Prefixes should be sent via stdin. It is possible to set various path attributes with additional arguments.
Bulk remove the specified prefixes from the list of announced networks. Prefixes should be sent via stdin.
prefix
Remove the specified prefix from the list of announced networks.
Remove all dynamically added (i.e. with bgpctl network add) prefixes from the list of announced networks.
file filter
Import networks from an MRT table dump for debugging purposes. filter can be specified similarly to the show mrt command. Only networks matching the filter will be imported.
family
Show all announced networks. family, if given, limits the output to the given address family. The supported families are inet and inet6.
[reason]
Reload the configuration file. Changes to the following neighbor options in bgpd.conf(5) only take effect when the session is reset: ipsec and tcp md5sig.
filter
Show routes from bgpd(8)'s view of the Forwarding Information Base. filter can be an IP address, in which case the route to this address is shown, or a flag:

Show only routes originating from bgpd(8) itself.
Show only connected routes.
Show only IPv4 routes.
Show only IPv6 routes.
Show only routes required to reach a BGP nexthop.
Show only static routes.
number
Show the routing table with ID number instead of the default routing table with ID 0.
Show the interface states.
Dump various BGP statistics in OpenMetrics format.
[options] filter
Show routes from an MRT table dump file. filter can be an IP address, a CIDR prefix, an AS filter, a combination or nothing:

address
Show best matching route for address.
address/len
Show RIB entry for this CIDR prefix.
address/len all
Show all entries in the specified range.
address/len or-shorter
Show all entries covering and including the specified prefix.
as
Show all entries with as anywhere in the AS path.
Show all entries that are internal routes with no AS's in the AS path.
ip
Show only entries from the specified peer.
as
Show all entries with as as leftmost AS.
as
Show all entries with as as rightmost AS.
as
Show all entries with as anywhere but rightmost.

Additionally, the following options are defined:

Show more detailed output for matching routes.
family
Limit the output to the given address family.
name
Read the MRT dump from file name instead of using stdin.
Print the neighbor table of MRT TABLE_DUMP_V2 dumps. Using this on other table dumps will only show the neighbor of the first entry.

Multiple options and filters can be used at the same time.

peer modifier
Show detailed information about the neighbor identified by peer, according to the given modifier:

Show statistics about sent and received BGP messages.
Show statistics in an easily parseable terse format. The printed numbers are the sent and received open, sent and received notifications, sent and received updates, sent and received keepalives, and sent and received route refresh messages plus the current and maximum prefix count, the number of sent and received updates, sent and received withdraws, the neighbor's address (or subnet, for a template), AS number, and finally description.
Show the BGP timers.
peer may be the neighbor's address, description or the word group followed by a group description.
Show the list of BGP nexthops and the result of their validity check.
[options] filter
Show routes from the bgpd(8) Routing Information Base. filter can be an IP address, a CIDR prefix, an AS filter or nothing:

address
Show best matching route for address.
address/len
Show RIB entry for this CIDR prefix.
address/len all
Show all entries in the specified range.
address/len or-shorter
Show all entries covering and including the specified prefix.
as
Show all entries with as anywhere in the AS path.
(valid | unknown | invalid)
Show all entries with matching ASAP Validation State (AVS).
community
Show all entries with community community.
Show all entries that are internal routes with no AS's in the AS path.
large-community
Show all entries with large-community large-community.
Show RIB memory statistics.
peer
Show only entries from the specified peer.
description
Show only entries from the specified peer group.
(valid | not-found | invalid)
Show all entries with matching Origin Validation State (OVS).
pathid
Show only entries which match the specified pathid. Must be used together with either neighbor or out.
as
Show all entries with as as leftmost AS.
as
Show all entries with as as rightmost AS.
This is the same as the show summary command.
rib
Show only entries from the specified RIB table.
as
Show all entries with as anywhere but rightmost.

Additionally, the following options are defined:

Alias for selected.
Show more detailed output for matching routes.
Show only routes which are not eligible.
Show only prefixes which are marked invalid and were treated as withdrawn.
family
Limit the output to the given address family.
Show only routes which were filtered out. Requires rde rib Loc-RIB include filtered to be set in the config.
Show routes from the unfiltered Adj-RIB-In. The neighbor needs to be specified.
Show only routes where a route leak was detected.
Show the filtered routes sent to a neighbor. The neighbor needs to be specified.
Show only selected routes.
Show each RIB entry as a single line, with fields separated by semicolons. Only works if detail is specified.

Options are silently ignored when used together with summary or memory. Multiple options can be used at the same time and the neighbor filter can be combined with other filters.

Show a list of all sessions, including information about the session state.
Show a list summarizing all , , , and tables.
Show a list of all neighbors, including information about the session state and message counters:

Neighbor
Description of the neighbor.
AS
Autonomous system number.
MsgRcvd
Number of messages received from the neighbor.
MsgSent
Number of messages sent to the neighbor.
OutQ
Number of outgoing messages queued.
Up/Down
Number of days and hours that the session has been up.
State/PrfRcvd
State of the session / Number of routes received. The session is up if there is no information for the State column (Established is not displayed).
Show a list of all neighbors, including information about the session state, in a terse format.
Show a list of all currently loaded fib routing tables.

FILES

/etc/bgpd.conf
default bgpd(8) configuration file
/run/openbgpd/bgpd.sock
default bgpd(8) control socket

SEE ALSO

bgpd.conf(5), bgpd(8), bgplg(8), bgplgsh(8)

HISTORY

The bgpctl program first appeared in OpenBSD 3.5.

August 14, 2024 Debian