Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD Project Announces OpenBGPD

Posted by timothy on from the it's-a-border-not-a-barrier dept.

44BSD writes "As noted at undeadly, the OpenBSD Project has announced an BSD-licensed implementation of the Border Gateway Protocol, BGP. Project details, design goals, documentation, and more are at the project web site. BGP is documented in RFC 1771. Lucky for Cisco, BSD is dying..."

11 of 241 comments (clear)

  1. Doesn't compile on Linux by quigonn · · Score: 3, Informative

    Yesterday, I tried to compile OpenBGPD on Linux. Unfortunately, there is no "portable version" available (unlike OpenSSH), and the source code contains a lot of #includes and library function that are specific to (Open)BSD. That obviously doesn't help portability, and I'm a bit sad that the OpenBSD project doesn't go the portable way and makes its userland as easily compilable on other Unices as possible.

    --
    A monkey is doing the real work for me.
    1. Re:Doesn't compile on Linux by dmiller · · Score: 4, Informative

      Interfacing with the kernel routing table is highly platform-dependant, there is not avoiding that. Beyond this, if someone wants to make a port, most of the necessary glue can be lifted from OpenSSH's libopenbsd-compat or Darren Tucker's OpenNTPd port - someone just needs to do the work :)

    2. Re:Doesn't compile on Linux by Anonymous Coward · · Score: 5, Informative

      unfortunately the interfacce to the kernel routing table is not standardized, so this is highly platform dependent by the nature of the problem beeing solved.

      Moreover, seeing BGP as a pure userland task ist far off reality. While that is technically speaking mostly true, you need a lot of kernel support. In fact, we did modify our kernel routing table structures to linder kvm pressure and thus fit a full-mesh table (> 140000 enties) into an GENERIC kernel. You need network stack modifications for tcp md5. The ipsec integration required changes to the IPsec kernel implementation as well as isakmpd - and there's more...

      So, while strictly speaking bgpd is a userland thing, you need more than that for a BGP router. OpenBSD and OpenBGPD offer this.

      That said, I am in no way opposed to a portable version. Just like for OpenNTPD I won't do it tho ;) If anybody steps up and makes one, why not?

      henning

    3. Re:Doesn't compile on Linux by ripleymj · · Score: 3, Informative

      Not only the routing table, but I believe OpenBGPd has hooks into pf. Henning mentioned being able to filter and/or queue in the future based on labels assigned to packets in OpenBGPd. You might be able to strip that away for a portable version, but it certainly won't drop nicely into IPTables.

  2. OpenBSD projects by pchan- · · Score: 5, Informative

    the openbsd team has branched off quite a few projects where they saw the security and/or license was insufficient and needed to be redone.

    OpenSSH, who's box doesn't have this?
    OpenNTPD, a network time protocol daemon and server, recently released.
    OpenBGPD, the border gateway protocol daemon.
    They were pioneers in the use of stack protection software on the i386 platform (kernel and compiler), as well as privilage seperated daemons (it's in your sshd now), and randomized library linking locations.
    (i think i'm missing a few, anyone care to fill them in?)

    they have implemented (a far better implementation over the old one that they didn't write) their i.p. filter, PF (which has now made it into netbsd, freebsd, and hopefully linux soon enough). this includes INSANE amounts of configurability options, with integrated routing and traffic shaping.

    many people grumble about how the project is run and its priorities. but we all benefit from their efforts. i think i'm going to buy a cd even though i am not an openbsd user. these sales help keep these projects going.

  3. Re:For a broader knowledge see also this by Anonymous Coward · · Score: 3, Informative

    Hasn't Zebra been succeeded by Quagga? [quagga.net]

    I ask out of curiosity more than anything else - Debian unstable and testing use Quagga instead of Zebra...

  4. Re:BSD License by Anonymous Coward · · Score: 5, Informative

    GPL people are welcome to import BSD code: actually, they really should do it.
    Of course, provided they learn to give proper credits.

  5. Re:BSD License by OttoM · · Score: 4, Informative
    In "open source" world you would probably have had N fixes from X different people, each claiming that theirs is the best. If you want to see a real open source mess, check out Zaurus - just as an example there is a large number of libSDL ports, each different, each having different problems, each compatible with different games, none fully usable.

    This is not how OpenBSD works. There's only one place for official errata, and these patches are published only after carefull scrutiny.

    While you may be right for some Open Source projects, the OpenBSD team applies sound engineering techniques.

  6. Cisco routers use PCI bus by puzzled · · Score: 4, Informative



    The Cisco 3600 series *does* use PCI for its bus. Those two or four or six slots on a 36xx series are good ol' PCI, they're just in a Cisco form factor, not the Wintel PCI form factor you're used to seeing. I do believe this means every NM form factor slot is a PCI - 26xx, 28xx, 36xx, 37xx, 38xx, and some other stuff all use it.

    Cisco uses PCI because its a fast, competent bus, with lots of inexpensive parts due to PC volume driving chipset costs. They get more out of an 80MHz MIPS processor in a 3620 than you get out of a 1GHz Athlon because the hardware is tuned to do nothing but move packets from point A to point B.

    --
    I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
  7. Re:Throughput, Expansion Slots, Network Size, Mark by arivanov · · Score: 3, Informative
    The only justification for the project existence are exchange points and load balancing. The reason is that neither of these requires any IGP.

    BGP by itself is meaningless. You need at least OSPF for a small network and ISIS for a large one to be able to use it and you need them in a form where the BGP knows everything about an OSPF or ISIS route.

    --
    Baker's Law: Misery no longer loves company. Nowadays it insists on it
    http://www.sigsegv.cx/
  8. Re:Throughput, Expansion Slots, Network Size, Mark by PDXRedcat · · Score: 4, Informative
    Unfortuantely, even the fanciest boxes running BSD can't complete on a pure throughput basis with good Cisco routers. An twenty-four port gigabit Cisco router has a 48 Gbps backplane, but a PC running BSD will be limited by its bus--the fastest servers have a 64 bit 133 MHz bus with PCI-X. That's 8 Gbps. And you can't put more than a handful of network cards in even the largest BSD-capable server--there simply aren't the expansion slots. So this really couldn't be used for core Internet routers.
    I think you may be confusing switches with routers. Cisco has some nice switches like the 3550-48. These switches contain basic routing capabilities. The Cisco switches work well with BSD routers, and OpenBGPD fits in here. If you are talking about Cisco 10000, and 12000 models, then it's a totally different ballgame. These things when fully loaded cost more than most houses. They're generally limited to full-on service providers, not medium sized businesses with 500 employees.