Blog
New version BGPmon.net
Since NANOG45 I was filled with inspiration for new features in BGPmon.net. Many of you have sent me your feedback and whenever possible I implemented the smaller feature request and bug fixes. Today the newest version went live; this version contains some of bigger changes and improvements. In this Blog post I will go over […]
Read MoreHow accurate are the Internet Route Registries (IRR)
Many service providers use an IRR to register their routes and to create BGP filters. These filters define what they will accept from customers or peers. This is considered a good practice, as it will prevent accidental leaks. However, using an IRR to build your filters is only useful if the registries are complete. You […]
Read MoreLong AS paths causing commotion
Last Monday long AS paths caused quite some commotion. A good technical explanation can be found at the Renesys and arbornetworks blog
Read MoreBack from Nanog45
last week I came back from the Dominican republic where I visited the Nanog45 conference. It was quite an interesting conference with lots of interesting people. I enjoyed many of the presentations and I’m happy to see that the subject of BGP security and especially hijacks are receiving more and more attention from the operators […]
Read MoreBGPmon at Nanog45
Tomorrow I’ll be leaving for Nanog45 in Santo Domingo! It’s my first Nanog conference and I’m looking forward to it! I will also be presenting about BGPmon and Prefix Hijacking during the Hijacking and Tools BOF on Sunday. I look forward to meet others from the Nanog community and some of the BGPmon users! See […]
Read MoreWho is operating IPv6 tunnel services?
In order to migrate to IPv6 different methods are available, one of them is using IPv6 in IPv4 tunnels. These tunnels come in different flavors, static tunnel or dynamic tunnels. Dynamic tunneling protocols such as 6to4 and teredo use anycast technology. A number of organizations have employed 6to4 or teredo relays and it’s not always […]
Read MoreBGPmon.net is looking for your feedback
A few months ago BGPmon.net became available for all network operators looking for a tool to monitor there BGP announcements and prefixes. Now 3 month later I’m looking for feedback from you so that I can get a better understanding of how people are using this, what works and what doesn’t. Particularly I’m interested in: […]
Read MoreBGPmon now has full IPv6 support!
I am happy to announce that BGPmon now has full IPv6 support! This means that you can now monitor your IPv6 prefixes just as you are monitoring your IPv4 prefixes. All the codes, alarm messages etc are they same as for IPv4. It took a while because I had to write a few new libraries […]
Read MoreMinimum peer threshold support
Last week’s incident triggered a small thread about the different prefix hijack detection tools available on the Nanog mailing list. The incident was also discussed on a number of blogs [1], [2], [3]. In general the reviews for BGPmon were very good! One suggestion for improvement though was support for a threshold before sending out […]
Read MorePrefix hijack by AS16735
Many BGPmon.net users received a notification email regarding a possible prefix hijack. I just went over the data files manually and verified the leak. For those interested, let me share with you what I saw in the raw data. Between 01:55 UTC and 02:15 267947 distinct prefixes were originated from AS16735 (Companhia de Telecomunicacoes […]
Read MoreIPv6 bogons
BGPmon is gradually being extended with IPv6 support, the newest IPv6 feature is IPv6 bogon detection comparable to the already existing IPv4 bogon detection page. IPv6 bogons are defined as IPv6 prefixes which are not allocated by the RIRs. All IPv6 bgp updates are compared to a list of known valid prefixes. If the update […]
Read MoreHow to monitor for the “non existence” of an AS in the ASpath
How do I monitor the “non existence” of an AS in the ASpath Sometimes you have a prefix which is being announced from different AS’s and each of these have different upstream AS’s. Some of these are propagated all over the Internet and some of them are supposed to stay in a certain region or […]
Read Moremonitoring for multiple origin AS’s
The majority of the emails I receive with feedback and questions are things which can be solved with a regex. Today I would like to go over 1 common example: How do I monitor prefixes that originate from multiple origin AS’s Some people mailed me with a feature request for the ability to specify multiple […]
Read MoreNew version of BGP update analyzer active
This is just a heads up, I just deployed a new version of the BGP update analyzer (back-end parser). It has some new functionality (mainly IPv6) related and some bug fixes. The bug fixes have are mainly regarding prefixes which are monitored by multiple users. It will require some more time to make new IPv6 […]
Read MoreThanks for your feedback
The last week I received a lot of feedback from many of you by email. This was very useful! I hope to implement your feature requests and solve those bugs as soon as possible. Many of them have been solved right away. Many features requests were regarding the webinterface, especially the “my prefixes” page where […]
Read MoreInteresting IPv6 prefix
As you probably already found out, BGPmon tries to detect IPv4 bogon announcement and publishes them on the BGPmon.net website. For this I am using the list published by team cymru (great resource!). Quite some bogons are detected every day, although most of them are “just” RFC1918 space. And luckily most of them don’t seem […]
Read MoreAuto detect a regular expression for your prefixes
BGPmon offers different ways to monitor your prefixes. One of the tools is using a Regex for your ASpaths. Basically what it does is, compare every BGP update for your prefix with the ASpaths regex you submitted. If the Regex doesn’t match the ASpath in this particular update an alarm (code41) is generated. ASregex are […]
Read MoreWelcome to BGPmon.net
For the last 3 weeks I’ve been dedicating my spare time to my “new” project, BGPmon.net. BGPmon has a a collection of ‘features’, but was specifically written to monitor your prefixes. BGPmon monitors BGP updates and if the update is different then a predefined filter it will generate an alarm. It will help network administrators […]
Read More