Man page - bgplgd(8)
Packages contains this manual
Manual
BGPLGD (8) System Managerâs Manual BGPLGD (8)
NAME
bgplgd â a bgpctl FastCGI server
SYNOPSIS
bgplgd [ -d ] [ -p path ] [ -S socket ] [ -s socket ] [ -U user ] [ -V ]
DESCRIPTION
bgplgd is a server which implements the FastCGI Protocol to execute bgpctl (8) commands. bgplgd is a simple server that implements a simple web API to query bgpd (8).
bgplgd opens a socket at /run/bgplgd.sock , owned by www-data, with permissions 0660. It will then drop privileges to user "_bgplgd", unveil (2) the bgpctl (8) binary and restrict itself with pledge (2).
The options are as follows:
-d
Do not daemonize. If this option is specified, bgplgd will run in the foreground and log to stderr.
-p path
Use path instead of bgpctl (8) to query bgpd (8).
-S socket
Use socket instead of the default /run/openbgpd/bgpd.rsock to communicate with bgpd (8).
-s socket
Create and bind to alternative local socket at socket .
-U user
Change the owner of /run/bgplgd.sock to user and its primary group instead of the default www-data.
-V
Show the version and exit.
bgplgd provides the following API endpoints. Unless further specified the endpoints do not take any parameters:
/interfaces
Show the interface states.
/memory
Show RIB memory statistics.
/metrics
Output various statistics in OpenMetrics format.
/neighbors
Show detailed neighbors information. The output can be limited with the following parameters:
neighbor = peer
Show information for a specific neighbor. peer may be the neighborâs address or description.
group = name
Show only entries from the specified peer group.
/nexthops
Show the list of BGP nexthops and the result of their validity check.
/rib
/rib/in
/rib/out
Show routes from the bgpd(8) Routing Information Base. For /rib/in the Adj-RIB-In will be queried and for /rib/out the Adj-RIB-out . The following parameters can be used to filter the output:
neighbor = peer
Show information for a specific neighbor. peer may be the neighborâs address or description.
group = name
Show only entries from the specified peer group.
as = number
Show only entries with the specified source AS number.
community
=
string
ext-community
=
string
large-community
=
string
Show only entries that match the specified community.
af =( ipv4 | ipv6 | vpnv4 | vpnv6 )
Show only entries that match the specified address family.
rib = name
Show only entries from the RIB with name name . Can only be used with the /rib endpoint.
ovs =( valid | not-found | invalid )
Show only prefixes that match the specified Origin Validation State.
avs =( valid | invalid | unknown )
Show only prefixes that match the specified ASPA Validation State.
best =1
Show only selected routes.
error =1
Show only prefixes which are marked invalid and were treated as withdrawn.
filtered =1
Show only prefixes which are marked filtered by the input filter.
invalid =1
Show only prefixes which are not eligible.
leaked =1
Show only prefixes where a route leak was detected.
prefix = addr
Show only entries that match prefix either as the best matching route or show the entry for this CIDR prefix.
all =1
Show all entries in the specified prefix range.
or-shorter =1
Show all entries covering and including the specified prefix.
/rtr
Show a list of all RTR sessions.
/sets
Show a list summarizing all roa-set, as-set, prefix-set, and origin-set tables.
/summary
Show a list of all neighbors, including information about the session state and message counters.
EXAMPLES
Add the following to /etc/bgpd.conf to have bgpd (8) open a second, restricted, control socket:
socket "/run/openbgpd/bgpd.rsock" restricted
An example setup in httpd (8) is:
location
"/bgplgd/*" {
fastcgi socket "/run/bgplgd.sock"
request strip 1
}
SEE ALSO
bgpctl (8), bgpd (8), httpd (8)
HISTORY
The bgplgd server first appeared in OpenBSDÂ 7.2.
AUTHORS
Claudio Jeker < claudio@openbsd.org > Debian December 3, 2024 BGPLGD (8)