OpenBGPD 7.5

OpenBGPD is a free implementation of the Border Gateway Protocol (BGP), Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. The portable version (e.g. for Linux) does not have the means to influence kernel routing tables. It is only suitable for route servers/collectors.

Tags openbgpd bgp routing
License ISC
State stable

Recent Releases

7.505 Aug 2022 01:50 minor feature: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP. Include bgplgd(8) - a fastcgi server providing a REST API of bgpctl. Built by default but can be excluded with --disable-bgplgd. Add FIB and TCP MD5 support for FreeBSD. Disable Linux FIB support by default, add an --enable-netlink configure option to enable it for testing and development. Improve bgpd FIB code, make it more portable and properly handle IPv6 scoped addresses.
7.414 Jun 2022 21:09 minor feature: Implement max-communities filter to limit the number of allowed communities, ext-communities and large-communities. Fix TCP-MD5 support on Linux systems. The TCP-MD5 keys were not correctly loaded on the listening sockets, which allowed unprotected connections in. Fix insertion of additional non-transitive extended communities when sending out prefixes. Relax IP address limitation by allowing prefixes in 240/4.
7.313 Apr 2022 20:29 major feature: Macro expansion in the config file is improved. It is now possible to expand 'set large-community myAS: location: transit'. Add initial FIB support for Linux. Routes can be added and removed. Nexthop tracking and dynamic interface detection are not yet implemented. Major refactoring in the RIB codebase to add multipath support in an upcoming release.
7.223 Sep 2021 22:54 major feature: Support for RFC 9072 - Extended Optional Parameters Length for BGP OPEN Message. Support for RFC 8050 - MRT Format with BGP Additional Path Extensions. Implement receive side of RFC 7911 - Advertisement of Multiple Paths in BGP. OpenBGPD is currently not able to send multiple paths out. Improve checks of VRPs loaded via RTR or from the roa-set table. Allow to optionally specify an expiry time for roa-set entries to mitigate BGP route decision making based on outdated RPKI data. OpenBGPD's companion rpki-client(8) produces roa-sets with the new 'expires' property.
7.125 Jun 2021 19:45 minor bugfix: OpenBSD 6.9 errata 009: During bgpd(8) config reloads prefixes of the wrong address family could leak to peers resulting in session resets. Support for RFC 7313 - Enhanced Route Refresh: Disabled by default, to enable use 'announce enhanced refresh yes'. Improve output of Adj-RIB-Out by updating nexthop and ASPATH before adding the prefix to the RIB. This improves 'bgpctl show rib out' output. Add command line option to show the version.
7.005 Jun 2021 11:34 major feature: Stop processing queued UPDATES when the max-prefix limit was reached. Improve negotiation for route refresh, graceful restart and multi-protocol capabilities. Correctly track 'rde evaluate all' and 'export' settings during reload. Properly withdraw prefixes when 'rde evaluate all' is used. Fix MRT handling on initial startup for message dump types. Fix and use non-blocking connect for RTR sessions. Fully implement RFC 6286 by checking for BGP ID collisions. Adjust the 4-byte AS number handling to RFC 6793 by changing error behaviour from prefix witdraw to attribute discard. In bgpctl print out both the sent "Neighbor capabilities" and the "Negotiated capabilities" for a session. Print timestamps both as a formatted and a pure time in seconds filed in various JSON objects.
6.9p001 May 2021 11:54 major feature: Introduced bgpd(8) 'rde evaluate all' to reduce path hiding in IXP route-server environments. Added RTR support to OpenBGPD. Added bgpctl(8) 'show rtr' to display basic information about RTR sessions. Added bgpctl(8) 'show sets' to display information about the roa-set, as-sets and prefix-sets loaded into bgpd(8). Properly implemented 'rde med compare strict' in bgpd(8) and ensured that the order of prefixes is always correct. Introduced the bgpd.conf(5) per neighbor and global config option 'reject as-set yes/no' to allow rejection of received UPDATES with AS_SET segments. These rejected prefixes can be viewed with 'bgpctl show rib in error'. No longer allow configuration of the same neighbor multiple times. Introduced a send hold timer in bgpd(8) to detect stalls on the sending side of a TCP connection, acting as a last resort to detect faulty peers. pf(4) tables track now prefixes correctly even when received by multiple sessions.
6.8p105 Nov 2020 23:51 major bugfix: Include OpenBSD 6.8 errata 001: In bgpd, the roa-set parser could leak memory.
6.8p020 Oct 2020 21:35 major feature: In bgpctl(8), the 'reload' command now takes a 'reason' argument to use as Administrative Shutdown Communication to its neighbors. Added bgpctl(8) support for VPNv6 in the family option of the 'show rib' command. Added bgpctl(8) support for JSON formatted output in various 'show' commands. Support to build OpenBGPD on Alpine Linux added.