OpenBMP | a new way to look at BGP data

"Serpil Bayraktar (serpil)" <> Wed, 16 November 2016 20:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0E37912984C for <>; Wed, 16 Nov 2016 12:02:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -16.017
X-Spam-Status: No, score=-16.017 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id zNtV025vfi5M for <>; Wed, 16 Nov 2016 12:02:11 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0ACB0129842 for <>; Wed, 16 Nov 2016 12:01:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=13590; q=dns/txt; s=iport; t=1479326519; x=1480536119; h=from:to:cc:subject:date:message-id:mime-version; bh=JzQxYNWaEv3UB76PoAy1IZgeGZT/ZbSZB4WkFTuNLYs=; b=Da2wzV0a9s4/lb6vHZDzvV44kZx24yAZ0pS+cdxzOsgQ3jk9Z9sXooHl /y3+jF/bd7wc9B59nE+omXHB1855fAgQ6bRVPTfycRVO7xrBfR07574Dt QiKN/QiWVOQoETx6HNqXOGTi1S3bM/TGiToG6PN1nnLtBjFO3lWcWgWFA U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CzAQB1uixY/40NJK1eGwEBAQMBAQEJA?= =?us-ascii?q?QEBgnNEAQEBAQEfWIEAB403plWFG4IHKIV5HIF2PxQBAgEBAQEBAQFiHQuEbyN?= =?us-ascii?q?WEgEsGwMCBDAUEwQOBYhsDrJlgikvizUBAQEBAQEBAQEBAQEBAQEBAQEBAQEci?= =?us-ascii?q?DkIh1yCDjgtgjAFmkIBhj2KKoFwT4QniT2HQooUAR43RkGFOXKGXoEMAQEB?=
X-IronPort-AV: E=Sophos;i="5.31,649,1473120000"; d="scan'208,217";a="170186877"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-SHA; 16 Nov 2016 20:01:58 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id uAGK1v7m012256 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 16 Nov 2016 20:01:58 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 16 Nov 2016 14:01:57 -0600
Received: from ([]) by ([]) with mapi id 15.00.1210.000; Wed, 16 Nov 2016 14:01:57 -0600
From: "Serpil Bayraktar (serpil)" <>
To: "" <>
Subject: OpenBMP | a new way to look at BGP data
Thread-Topic: OpenBMP | a new way to look at BGP data
Thread-Index: AQHSQERJH6DUY+89Zk69ZgsYHe8piA==
Date: Wed, 16 Nov 2016 20:01:57 +0000
Message-ID: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/f.1b.0.161010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_7D37A46EA9B84792B752CC5CBBAB28B9ciscocom_"
MIME-Version: 1.0
Archived-At: <>
Cc: "Tim Evens \(tievens\)" <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Routing Area General mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 16 Nov 2016 20:02:13 -0000

Hi folks,

We'd like to introduce OpenBMP, an open source project that enables you to collect and easily consume real time routing data. Collection is based on BGP Monitoring Protocol (BMP - RFC 7854). For those of you are not familiar, a router with the BMP configuration streams BGP data (all address families) from all of its BGP peers to a BMP collector. In this project we provide a high performance, low footprint collector that can handle Internet scale and speeds.

With BMP, you can stream both pre-policy (unmodified updates as received before an import policy is applied to the peer or the router dropped the update due to error) and post-policy data (after import policy is applied, i.e. what is accepted by the router) which opens up some interesting analysis for security.

The collector produces both raw and parsed BGP data to Kafka using the topic structure specified in:!docs/

Consumers subscribe to the topics of their interest on the bus to receive and use bgp data that is of interest. Parsed BGP messages allow consumers to focus on the BGP data itself instead of unpacking and decoding BGP NLRIs.

We have a collection of consumers including a UI. UI is a consumer of the data and makes REST calls to the database. The API spec can be found here (we are in the process of updating the API):

You can find all the information about the project in<> and the code in

The easiest way to start is by installing two docker containers from here:

aio container includes everything except ui (kafka, database, consumer, collector)
ui container (if you want a ui)

I am sorry that we are not attending IETF this time but please let us know if you have any questions or interested in further discussions.

Serpil Bayraktar (<>
Tim Evens (<>