Hundreds of vantage points worldwide
Once a prefix is in our system it will be monitored from over a hundred vantage points worldwide, allowing regional events to be detected that might otherwise not be detected by single vantage point monitoring systems.
This happens when another network announces your prefix, this could result in all your traffic being redirected to this other network. Where it can be inspected, altered, used for Man in the Middle attacks or simple be discarded and thrown away. A well-known example is the YouTube incident of 2008, when youtube traffic was being redirected to Pakistan and dropped, resulting in a significant outage for youtube.com. Receiving an alert notifying the network operator of such in event, including all relevant details is a significant help in reducing the resolution time.
This happens when an announcement for your prefix is different than you intended it to be. For example, you’re announcing a more specifi a prefix. Or your prefix is now visible via an unwanted upstream provider (blog DNS root).
Policy violations typically result in unexpected routing paths and often results in degraded performance.
BGPmon provides a set of features to monitor for events like this. For example it allows the user to define a list of allowed peers, and upstream providers as well as regular expressions that should match the ASpaths in the announcements.
Network reachability and instability
Once your network is in our system we will start to monitor the reachability of your prefixes. It does this by looking at BGP withdrawal messages. Our software will alert you when your network is unreachable, either globally or in a specific geographical region. Threshold settings allow you to fine-tune the alerting frequency. This feature allows network operators to quickly identify regional instability, which might otherwise not be detected by traditional single vantage point monitoring systems.
ROA validation failures
Route origin Authorization is part of the Resource Public Key Infrastructure (RPKI) framework. It allows network operators to cryptographically define who is allowed to announce your prefixes.
If you enable RPKI monitoring, the BGPmon software will alert the user if there’s an ROA validation failure. Either because of an invalid announcement (prefix, length, or origin AS) or because the ROA signature is about to expire.
BGPmon the only monitoring system today that has support for RPKI. Read this blog post for more information about RPKI and ROA.
Flexible notifications features
It provides flexible alerting features, such as thresholds and pager and SMS formatted alerts.
Alert details and geographical impact
The BGPmon web interface allows the user to zoom in to each alert. The alert details show all the individual BGP (announcement and withdrawal) messages. It will also plot map highlighting the affected countries, giving the user a quick overview of the geographical impact for each alert.
Copyright © 2017 BGPmon Network Solutions Inc. All rights reserved.