Jump to content

OpenBGPD

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 145.52.79.14 (talk) at 11:56, 8 September 2016 (Added reason daemon runs as root). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

OpenBGPD
Developer(s)The OpenBSD Project
Stable release
6.0 / 1 September 2016; 8 years ago (2016-09-01)
Repository
Written inC
Operating systemOpenBSD, FreeBSD
Standard(s)RFC 1997, RFC 2385, RFC 2545, RFC 2918, RFC 3765, RFC 4271, RFC 4360, RFC 4364, RFC 4456, RFC 4486, RFC 4760, RFC 4893, RFC 5082, RFC 5492, draft-ietf-idr-optional-transitive-00, draft-ietf-grow-mrt-17, RFC 6608
TypeBorder Gateway Protocol daemon
LicenseISC
Websitewww.openbgpd.org
As ofAugust 2016

OpenBGPD is a server software program that allows general purpose computers to be used as routers. It is a Unix system daemon that provides a free, open-source implementation of the Border Gateway Protocol version 4. This allows a machine to exchange routes with other systems that speak BGP.

OpenBGPD is developed by Henning Brauer and Claudio Jeker as part of the OpenBSD project. OpenOSPFD, developed by Esben Nørby, is a companion daemon of OpenBGPD that implements the Open Shortest Path First protocol. The suite was developed as an alternative to packages such as Quagga, a Linux-focused routing suite which is licensed under the GPL and does not meet the project's requirements and quality standards.[1]

Goals

The design goals of OpenBGPD include being secure (non-exploitable), reliable, and lean enough for most users, both in size and memory usage. The configuration language should be both powerful and easy to use. It must also be able to quickly handle hundreds of thousands of table entries in a memory-efficient way.

Design

OpenBGPD consists of a parent process, and two child processes: the Route Decision Engine (RDE), and the Session Engine (SE). The parent process is the only part that doesn't drop privileges; the others do, in the interest of non-exploitability. The parent process cannot drop privileges, because it needs to update the routing table and it has to run on a root port.

See also

References