BGP Monitoring protocol (BMP).

What Is BMP?

BGP Monitoring Protocol (BMP) is a protocol used for monitoring BGP sessions. Prior to BMP, network operators used router’s CLI to collect info about BGP sessions. It could negatively impact the CPU of router in case of large queries. In addition, network operators had to keep a persistent connection to a router.

BMP represents an automated approach to this challenge. BMP client (monitored router) typically peers with several BGP speaking routers (BGP peers). The BMP client establishes a monitoring session to one or more BMP collectors (monitoring stations). The client encapsulates BGP messages from one or more BGP peers into a single TCP stream to one or more BMP collectors. BMP collectors store data in a database thus automated programs or scripts can access the database and process this data.

BMP provides an ongoing access to the Adjacent Routing Information Base – Incoming (Adj-RIBs-In) of the BMP client. The Adj-RIBs-In stores unprocessed routing information received from BGP peers. Network operator then has the unedited access to the routing information sent from BGP peers to the BMP client. BMP also provides a periodic dump of statistics that can be used for further analysis.

Why Do We Need BMP?

Without BMP, it is not possible to access Local-RIB content of devices or the view of the protocol updates being received using a standard protocol mechanism. Instead, the BGP running status of devices can only be queried manually, which is inefficient. As a network monitoring protocol, BMP eliminates the need for manual query and provides the following benefits:

1. More detailed routing information: BMP provides detailed routing information and event notifications in real time, helping network administrators better understand and control the network status. By monitoring all routing information sent from neighboring routers to the local router, BMP can provide comprehensive and accurate information about the routing table.
2. Lower impact of network faults: BMP can promptly detect and report various errors and abnormal events, such as connection interruption and retransmission failure. This information helps network administrators quickly identify and handle problems, thereby reducing the impact of network faults on services.
3. Higher network performance and security: By analyzing routing information and events, BMP helps network administrators enhance network design and optimize routing policies, improving network performance and security.
4. Enhanced network scalability: BMP supports multiple router models and vendors, enhancing network scalability and interoperability.

BMP, which runs between a device and the server that monitors it, continuously provides access to the Adj-RIB-In of a peer and periodically dumps a variety of information that is further analyzed by the monitoring server. Such information includes router and peer information, BGP messages, routing information, statistics on errors and abnormal events, historical BMP session records, and trace data of routers. BMP can provide detailed and accurate information about the entire BGP route processing trajectory, helping network administrators better understand the routing information exchange process between BGP routers on the network, identify potential problems and exceptions, and perform adjustment and optimization promptly. This is significant for ensuring efficient network operation and data forwarding. The information includes:

1. Route selection process: BMP can record how each BGP router selects the optimal path and updates the routing table, including the BGP prefix, AS number, and path attributes.
2. Routing policy verification: BMP can check and verify the correctness and consistency of routing policies, helping network administrators better manage and optimize the network status.
3. Route decision analysis: BMP can compare and analyze the route processing trajectory between different BGP routers to find bottlenecks and problems, improving network stability and reliability.

From a high level perspective, BMP can be considered the result of multiplexing messages received over various monitored BGP sessions. In essence, this provides a more convenient method for monitoring the BGP routing protocol information. BMP helps network administrators better manage and control the network status, improve network performance and availability, and reduce network fault and security risks. As the scale and complexity of networks increase, BMP will become more valuable and have greater application prospects.

How Does BMP Work?

Here's how a BMP server works:

1. Initialization: A BMP client (typically a BGP-enabled router) sends an Initiation message to the BMP server. This message contains information about the client's hostname and system software, allowing the server to establish context about the client it will be monitoring.
2. Route Monitoring: Once initialized, the BMP server continuously receives updates from the BMP client. These updates include BGP routing information, which the server processes and stores for analysis. This real-time monitoring enables network administrators to track the routing decisions and changes happening within the network.
3. Adj-RIB Access: The BMP server has access to the Adj-RIB-In: Adjacency-Routing Information Base-In, which is the information base that stores the routing information received by the local BGP speaker and Adj-RIB-Out: Adjacency-Routing Information Base-Out, which is the information base that stores the routing information sent by the local BGP speaker to its peers.. This access provides a comprehensive view of all routes received, which can be crucial for troubleshooting and performance analysis.
4. Multiple Server Configuration: BMP allows the configuration of multiple servers to function actively and independently of each other. This redundancy ensures that there is no single point of failure in the monitoring system and enhances the reliability of the network monitoring process.
5. Data Collection and Analysis: The BMP server collects various statistics and routing information from the BGP routers. It can generate reports and alerts based on this data, allowing network administrators to detect anomalies, performance issues, or potential security threats in real-time.

BMP Message Types

A BMP session involves Initiation, Peer Up Notification (PU), Route Monitoring (RM), Peer Down Notification (PD), Stats Reports (SR), Termination, and Route Policy and Attribute Trace (ROFT) messages, which are sent in packets. Note that BMP sessions are unidirectional. That is, a monitored device reports messages to the monitoring server but ignores any messages from the monitoring server. The functions of these messages are as follows:

• Initiation message: reports to the monitoring server such information as the device vendor and software version.
• PU message: notifies the monitoring server that a BGP peer relationship has been established.
• RM message: reports all routes received from BGP peers to the monitoring server and notifies the server of route addition or deletion in real time.
• PD message: notifies the monitoring server that a BGP peer has been disconnected.
• SR message: reports router running statistics to the monitoring server.
• Termination message: reports to the monitoring server the cause of BMP session closure.
• ROFT message: reports the route processing trajectory to the monitoring server in real time.

Implementation

After a BMP session is established, the monitored device starts to send BMP messages to the monitoring server. The process is as follows:

1. A BMP session starts when the monitored device sends an Initiation message.
2. The monitored device reports PU and RM messages.
3. After the initial table is dumped, the monitored device sends incremental updates encapsulated in RM messages and periodically sends SR messages as configured. It also sends PU or PD messages if a new monitored BGP peer relationship is established or if such a BGP peer relationship exits the established state, respectively.
4. The monitored device sends a ROFT message through the BMP session as configured.
5. When the TCP session is closed for any reason, the BMP session over the TCP session exits. Before the TCP session is closed, the monitored device can also send a Termination message for proactive disconnection.

Configuration Examples for BGP Monitoring Protocol on Cisco IOS

There are two levels of configuration required for the BGP Monitoring Protocol (BMP) to function as designed. You must enable BMP monitoring on each BGP neighbor (also called BMP client) to which several peers are connected in a network, and establish connectivity between the BMPservers and clients. Then, configure each BMPserver in BMPserver configuration mode for a specific server with the parameters required for monitoring the associated BMP clients.

The following example shows how to activate BMP on a neighbor with IP address 30.1.1.1, which is monitored by BMP servers server 1:

Device> enable

Device# configure terminal

Device> enable

Device# configure terminal

Device(config)# router bgp 65000

Device(config-router)# neighbor 30.1.1.1 bmp-activate server 1

Device(config-router)# end

The following example shows how to configure initial refresh delay of 30 secondsfor BGPneighbors on which BMP is activated using the neighbor bmp-activate command:

Device> enable

Device# configure terminal

Device(config)# router bgp 65000

Device(config-router)# bmp initial-refresh delay 30

Device(config-router)# bmp buffer-size 2048

Device(config-router)# end

The following example show how to enter BMP server configuration mode and initiate connection between a specific BMP server with the BGP BMP neighbors. In this example, connection to clients is initiated from BMP servers 1 along with configuration of the monitoring parameters:

Device> enable

Device# configure terminal

Device(config)# router bgp 65000

Device(config-router)# bmp server 1

Device(config-router-bmpsrvr)# activate

Device(config-router-bmpsrvr)# address 10.1.1.1 port-number 8000

Device(config-router-bmpsrvr)# description LINE SERVER1

Device(config-router-bmpsrvr)# failure-retry-delay 40

Device(config-router-bmpsrvr)# flapping-delay 120

Device(config-router-bmpsrvr)# initial-delay 20

Device(config-router-bmpsrvr)# set ip dscp 5

Device(config-router-bmpsrvr)# stats-reporting-period 30

Device(config-router-bmpsrvr)# update-source ethernet 0/0

Verifying BGP Monitoring Protocol

The attributes displayed are configured in the BMP server configuration mode:

Device# show ip bgp bmp server 1

Print detailed info for 1 server number 1.

bmp server 1

address: 10.1.1.1 port 8000

description SERVER1

up time 00:06:22

session-startup route-refresh

initial-delay 20

failure-retry-delay 40

flapping-delay 120

activated

The following is sample output from the show ip bgp bmp server summary command after

deactivating the BMP server 1 and 2 connections:

Device# show ip bgp bmp server summary

Number of BMP servers configured: 2

Number of BMP neighbors configured: 10

Number of neighbors on TransitionQ: 0, MonitoringQ: 0, ConfigQ: 0

Number of BMP servers on StatsQ: 0

BMP Refresh not in progress, refresh not scheduled

Initial Refresh Delay configured, refresh value 30s

BMP buffer size configured, buffer size 2048 MB, buffer size bytes used 0 MB

The following is sample output from the show ip bgp bmp server summary command after

deactivating the BMP server 1 and 2 connections:

Device# show ip bgp bmp server summary

Number of BMP servers configured: 2

Number of BMP neighbors configured: 10

Number of neighbors on TransitionQ: 0, MonitoringQ: 0, ConfigQ: 0

Number of BMP servers on StatsQ: 0

BMP Refresh not in progress, refresh not scheduled

Initial Refresh Delay configured, refresh value 30s

BMP buffer size configured, buffer size 2048 MB, buffer size bytes used 0 MB

Sources

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-6/configuration_guide/rtng/b_176_rtng_9600_cg/m9_176_rt_bgp_monitoring_protocol_cg.pdf

https://datatracker.ietf.org/doc/html/rfc7854

https://info.support.huawei.com/info-finder/encyclopedia/en/BMP.html

https://www.noction.com/blog/bgp-monitoring-protocol

https://infocenter.nokia.com/public/7750SR222R1A/index.jsp?topic=%2Fcom.nokia.Unicast_Guide%2Fbgp_monitoring_-ai9exj5yjy.html