Announce: BGP::Inspect

Manish Karir mkarir at merit.edu
Fri Jan 28 15:38:07 UTC 2005



All,

Merit Network and the University of Maryland would like to announce the
beta release of a BGP update messages research tool that might be of use
to the NANOG community.  The tool is called BGP::Inspect.  The goal is to
make the vast quantities of Routeviews data easily accesible to the
network operator and research community.  This involves not just allowing
people to query and obtain the update messages, but also providing some
simple analysis and statistics on the data which can help in locating
anomalies and problems.

At this point we feel that we could really benefit from some feedback from
the community.  A beta release of our prototype is available at:
http://weasel.merit.edu:9191/
This version has been initialized with a limited amount of data.  It
currently provides information regarding 5 of the 40 routeview peers, and
only contains data for the time period from Dec 20 - Jan 6.

The basic interface has been kept simple.  There are 2 types of queries
that can be run "Summary Queries" and "Raw Data Analysis".  The summary
queries allow users to quickly focus on potential trouble spots(as
observed at the routeview peers).  Basic queries include things like most
active ASes, most active prefixes, as well as prefixes that exhibited the
most number of changes in their OriginAS.

The second type of queries, "Raw Data Analysis" can be used to obtain
information regarding specific ASes or prefixes for a given time range.
A query for a specific AS will return not only the various prefixes
announced by that AS, the times, paths, and communities, but also summary
stats including total number of announcements in that time period and the
number of unique prefixes announced in that time period.  A 7 day summary
graph is also returned which summarized the most recent activity as seen
originating from that AS.
A similar query for a specific prefix will return times,
types(announce/withdraw), aspaths and communities from update messages
as well as summary statistics that indicate the min/max/avg AS path length
as seen over the query time interval, the number of originAS changes as
well as the number of unique ASes that announced that prefix.  A summary
graph indicating the activity of that prefix over the last 7 days is also
displayed.

In a lot of ways this tool complements the Search by AS/Prefix tools from
RIPE, BGP Monitor from MIT, and LinkRank from UCLA.  The more views from
different vantage points the better.  In addition there is a real effort
with BGP::Inspect to provide not simply access to the raw data, but some
simple analysis and summary statistics as well.  The hope is that people
no longer need to write custom parsers to be able to extract the
information they need.

We would appreciate any and all feedback from the NANOG community.  In
particular, it would be instructive to us to learn what are some other
"typical" queries that we could add, in addition to the the "Top 20 most
active ASes/Prefixes" and "Top 20 prefixes which have most number of
origin AS changes."   What are some other basic questions that researchers
and network operators ask when attempting to analyze problems.

Please send feedback offlist to: mkarir at merit.edu

thanks
manish karir
--------------------------------------------





More information about the NANOG mailing list