Re: [pmacct-discussion] BMP

Sat, 29 May 2021 12:27:51 -0700 

On Sat, 29 May 2021 14:05:52 +0300
edgar lip <edgarl...@gmail.com> wrote:

> as of the picture that i see right now:
> MX router -> bmp collector ( pmacct /pmbmpd ) -> kafka -> psql -> grafana.

Maybe I can help some with the first half.  Here is a template config
from some MX-204's:

  <https://github.com/jtkristoff/junos/blob/master/bmp.conf>

I used a Debian stable system for the pmacct toolkit for the BMP
collector.  It went roughly like this:

1. sudo useradd -r pmbmpd
2. sudo mkdir -p /mnt/data/bmp/dump
3. sudo chown pmbmpd:pmbmpd /data/bmp/dump
4. In /etc/default/pmbmp put:
   PMBMPD_CONF=/usr/local/etc/pmbmpd.conf
5. In /etc/system/system/pmbmpd.service put:
   [Unit]
   Description=BGP monitoring protocol collector
   After=network.target
   [Service]
   User=pmbmpd
   Group=pmbmpd
   type=simple
   EnvironmentFile=-/etc/default/pmbmp
   ExecStart=/usr/local/sbin/pmbmpd -f ${PMBMPD_CONF} $DAEMON_OPTS
   [Install]
   WantedBy=multi-user.target
6. In /usr/local/etc/pmbmpd.conf put:
   bmp_daemon: true
   bmp_daemon_port: 1790
   bmp_daemon_allow_file: /usr/local/etc/pmbmpd.allow.conf
   ! make sure /var/local directory exists
   bmp_daemon_msglog_file: /var/local/pipe.pmbmpd.msglog
   bmp_dump_file: /data/bmp/dump/$peer_src_ip.%Y%m%d%H%M
   bmp_dump_refresh_time: 3600
7. In /usr/local/etc/pmbmpd.allow put:
   ! your host/prefix allow list here:
   192.0.2.0/24
   2001:db8::1

I like syslog-ng, if you do too, then in /etc/syslog-ng/conf.d/bmp.conf
you can put something like this:
  source s_pipe_pmbmpd_msglog {
      pipe(
          "/var/local/pipe.pmbmpd.msglog"
          flags("no-parse")
          time-zone("UTC")
          # NOTE: create_dirs(() supported on source
          dir-owner(root)
          dir-group(staff)
          dir-perm(0755)
          owner(pmbmpd)
          group(pmbmpd)
          perm(0644)
      );
  };
  template t_msg_only { template("${MSG}\n"); };
  destination d_bmp_msglog {
      file(
          "/data/bmp/msglog/${YEAR}/${MONTH}/bmp.msglog.${YEAR}${MONTH}${DAY}"
          template(t_msg_only)
          create-dirs(yes)
          dir-owner(root)
          dir-group(staff)
          dir-perm(0755)
          owner(root)
          group(staff)
          perm(0644)
      );
  };
  log {
      source(s_pipe_pmbmpd_msglog);
      destination(d_bmp_msglog);
  };

Then:
1. sudo systemctl restart syslog-ng
2. sudo systemctl daemon-reload
3. sudo systemctl enable pmbmpd.service
4. sudo systemctl start pmbmpd.service

This should _mostly_ work.  These are notes from awhile ago.  I may be
missing something or some things may have changed since then.  I also
wrote a script to automatically compress or remove old msglog and dump
data/directories, but I'll leave that as an exercise to the reader.

John

_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists

Reply via email to