OpenBSD developers released several days ago the launch of a new portable version of the routing package OpenBGPD 6.7 which is characterized by being able to be used in operating systems other than OpenBSD and that Allows you to use a general purpose computer as a router.
OpenBGPD it's a Unix daemon that implements, through free software, version 4 of Border Gateway Protocol and thanks to this a machine can exchange routes with other systems using BGP. To ensure portability, parts of the code from the OpenNTPD, OpenSSH and LibreSSL projects were used. In addition to OpenBSD, it declared support for Linux and FreeBSD.
About OpenBGPD
This suite was developed as an alternative to packages like Quagga, a GPL licensed Linux-based routing suite that does not meet the project's requirements and quality standards.
Design goals for OpenBGPD include being secure, reliable, and light enough for most users, both in size and memory usage.
The configuration language should be powerful and easy to use. It must also be able to quickly handle hundreds of thousands of table entries in a memory efficient way.
The development of OpenBGPD is backed by the regional Internet registrar RIPE NCC, who is interested in making the OpenBGPD functionality suitable for use on servers for routing at inter-carrier exchange points (IXPs) and in creating a complete alternative to the BIRD package (from other open alternatives with the implementation of the protocol BGP mention FRRouting, GoBGP, ExaBGP and Bio-Routing projects).
When developing OpenBGPD, the goal is to ensure the highest level of security and reliability. For protection, strict verification of the correctness of all parameters is used, means of monitoring compliance with buffer limits, separation of privileges and restriction of access to system calls.
Among the advantages is also the convenient syntax of the configuration language, andl High performance and memory efficiency (for example, OpenBGPD can work with routing tables that include hundreds of thousands of entries).
The project supports most of the BGP 4 specifications and complies with the requirements of RFC8212, but does not try to accept the vastness and mainly supports the most popular and common functions.
What's new in OpenBGPD 6.7?
In this new version it is provided initial support for JSON output to the bgpctl utility, besides that in bgpctl, the 'show neighbor' command expands showing counters of received and set prefixes, as well as the limit value "max-prefix out".
Another change is that the correct aggregation of ROA tables (Path source authorization) with prefix / source pairs as in an element with the longest value 'maxlen', while in bgpd.conf IPv4 and IPv6 addresses can be configured simultaneously in the local address directive in blocks "group".
Of the other changes:
- The "max-prefix {NUM} out" property has been added to bgpd.conf to limit the number of advertised prefixes to avoid leaking entire tables;
- The notifications include information about the cause of the nested errors. The "bgpctl show neighbor" command provides an output of the cause of the last error received;
- For correct "graceful reload" operation, obsolete prefixes are marked in the Adj-RIB-Out table, which stores information about the routes chosen by the local BGP router to advertise optimal routes to peers;
- Added the ability to build OpenBGPD using the bison parser package without the presence of byacc;
- Added option "–runstatedir", through which you can determine the path to bgpctl.sock;
- The setup script has been cleaned up to improve portability.
Finally, for those who are interested in this version, they should know that It has already been tested on Debian 9, Ubuntu 14.04+, and FreeBSD 12.
If you want to get the packages or learn more about it, you can check its official website. The link is this.