Setup BGP Looking Glass on CentOS

The organisation where I’m working didn’t have a BGP looking glass (LG). We, network professionals, know how helpful a looking glass is while troubleshooting any network related issues. Hence, I setup my mind to spare a server so that we can run LG there. I installed CentOS 6.5 there. I followed the steps below to setup LG on my CentOS server.

Step 1: Download lg-1.9 from GitHub.

[root@bdren ~] git clone git://github.com/Cougar/lg.git
[root@bdren ~] cd lg
[root@bdren lg] ll
-rw-r–r– 1 root root 375 Aug 26 15:18 as.txt
-rw-r–r– 1 root root 3308 Aug 26 15:18 CHANGELOG
-rw-r–r– 1 root root 52113 Aug 26 15:18 communities.txt
-rw-r–r– 1 root root 17976 Aug 26 15:18 COPYING
-rw-r–r– 1 root root 1406 Aug 26 15:18 favicon.ico
-rwxr-xr-x 1 root root 40390 Aug 26 15:18 lg.cgi
-rw-r–r– 1 root root 14908 Aug 26 15:18 lg.conf
-rwxr-xr-x 1 root root 4561 Aug 26 15:18 makeaslist.pl
-rwxr-xr-x 1 root root 3718 Aug 26 15:18 makedb.pl
-rw-r–r– 1 root root 6007 Aug 26 15:18 README

Or You can have it from subnets.ru as well and then extract:

[root@bdren ~] wget http://subnets.ru/files/lg-1.9.tar.bz2
[root@bdren ~] tar xvf lg-1.9.tar.bz2
[root@bdren ~] cd lg-1.9
[root@bdren lg-1.9] ll
-rw-r–r– 1 root root 375 Aug 26 15:18 as.txt
-rw-r–r– 1 root root 3308 Aug 26 15:18 CHANGELOG
-rw-r–r– 1 root root 52113 Aug 26 15:18 communities.txt
-rw-r–r– 1 root root 17976 Aug 26 15:18 COPYING
-rw-r–r– 1 root root 1406 Aug 26 15:18 favicon.ico
-rwxr-xr-x 1 root root 40390 Aug 26 15:18 lg.cgi
-rw-r–r– 1 root root 14908 Aug 26 15:18 lg.conf
-rwxr-xr-x 1 root root 4561 Aug 26 15:18 makeaslist.pl
-rwxr-xr-x 1 root root 3718 Aug 26 15:18 makedb.pl
-rw-r–r– 1 root root 6007 Aug 26 15:18 README

Step 2: Install necessary dependencies.

[root@bdren ~] yum install wget perl-Net-Telnet perl-Net-Telnet-Cisco perl-XML-Parser httpd

Step 3: Create LG directory in /var/www/html and copy necessary files with proper permissions.

[root@bdren ~] mkdir /var/www/html/lg
[root@bdren ~] cd /var/www/html/lg
[root@bdren lg]# cp /root/lg-1.9/lg.cgi .
[root@bdren lg]# cp /root/lg-1.9/favicon.ico .
[root@bdren lg]# cp /root/lg-1.9/lg.conf .

All the copied file in /var/www/html/lg must be readable and lg.cgi script must be executable. Hence, change the mode of the files.

[root@bdren lg]# chmod 644 *
[root@bdren lg]# chmod 755 lg.cgi

Step 4: Create index.html file for LG with necessary redirection.

[root@bdren ~]# vim /var/www/html/index.html

If your DNS has records for the Looking Glass server:

<html>
<head>
<meta http-equiv=”refresh” content=”0;url=http://your.url.tld/lg/lg.cgi”>
</head>
</html>

If no DNS records is there for the Looking Glass server:

<html>
<head>
<meta http-equiv=”refresh” content=”0;url=http://IP address of the server/lg/lg.cgi”>
</head>
</html>

Step 5: Modified in the web server by adding the following parameters in httpd.conf file.

[root@bdren ~]# vim /etc/httpd/conf/httpd.conf

Alias /lg/favicon.ico “/var/www/html/lg/favicon.ico”
ScriptAlias /lg “/var/www/html/lg/lg.cgi”

 

Now, you should be able to get the basic LG webpage. Try http://<IP Address or Your domain>/lg and the page should be visible, something like below.

Step 6: Add routers to the looking glass. LG supports Cisco, Juniper and Linux Quagga routers. All routers are added to /var/www/html/lg/lg.conf. You can use ssh, telnet or rsh for your LG to collect output from router. The supported schemes and routers are shown under <Router_List>.

<Router_List>
<!–
URL: <scheme>://[[login][:pass]@]<host>[:[port][,[port2]]]
known schemes:
telnet
ssh
rsh
–>
<!–
<Separator>Examples</Separator>
<Router Name=”JunOS SSH1 IPv4″ Default = “yes” OSType = “JunOS”>
<URL>ssh://login:password@10.0.0.1</URL>
</Router>
<Router Name=”JunOS SSH1 pubkey IPv4″ OSType = “JunOS”>
<URL>ssh://login@juniper</URL>
</Router>
<Router Name=”JunOS telnet” OSType = “JunOS”>
<URL>telnet://login:password@10.0.0.1</URL>
</Router>
<Router Name=”zebra” OSType = “Zebra”>
<URL>telnet://pasword@zebraserver:2601,2605</URL>
</Router>
<Router Name=”zebra IPv6″ EnableIPv6=”Yes”>
<URL>telnet://password@zebraserver6</URL>
</Router>
<Router Name=”Cisco telnet”>
<URL>telnet://login:password@cisco.router</URL>
</Router>
<Router Name=”Cisco rsh”>
<URL>rsh://10.0.0.1</URL>
</Router>
–>

Configure your router with a username and a password. Accordingly modify your lg.conf script. Remember that the router password required here is the remote login password, and NOT the privileged EXEC (enable mode) password.

Step 7: To enable IPv6 in your LG, replace ipv4enabled– with ipv4enabled++ in lg.cgi file.

[root@bdren ~]# vim /var/www/html/lg/lg.cgi
$piv4enabled++

Accordingly, configure your IPv6 enabled router with EnableIPv6=”Yes” in lg.conf as shown in the sample router section in Step 6.

Step 8: To upload your logo in LG, store the logo in /var/www/html/images directory. Create the directory if you don’t have it already.

[root@bdren ~]# mkdir /var/www/html/images
[root@bdren ~]# cp logo.png /var/www/html/images/logo.png

Now, edit your lg.conf script showing the image path. It’s under the <LG_Conf_File> section.

<LogoImage Align=”center” Link=”http://www.bdren.net.bd/”>/image/bdrenlogo.png</LogoImage>

You can put the external link of an image instead of its local directory like I did here in my case:

<LogoImage Align=”center” Link=”http://www.bdren.net.bd/”>http://www.bdren.net.bd/images/bdrenlogo.png</LogoImage>

Step 9: In the same file change the header of the page with information of your organisation.

<HTMLTitle>BdREN (AS63961) Looking Glass</HTMLTitle>
<ContactMail>helpdesk@bdren.net.bd</ContactMail>

Step 10: Create the log file.

[root@bdren ~]# touch /var/log/lg.log
[root@bdren ~]# chown apache:apache /var/log/lg.log

Modify <LG_Conf_File> section of the lg.conf file accordingly if required.

<LogFile>/var/log/lg.log</LogFile>

All set now and the looking glass should be ready with a good professional look.

5 Replies to “Setup BGP Looking Glass on CentOS

  1. Hello,

    I receive this error:: Global symbol “$configfile” requires explicit package name at /var/www/cgi-bin/lg.cgi line 26.

  2. Hi, i get a forbidden error when i try to open url, even after setting proper permissions.
    What am i doing wrong?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.