sam/obmp-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
obmp-docker/exabgp/scenarios/__init__.py
sam 233dadbb41 Add ExaBGP route injector, Grafana dashboards, and full documentation 
- Add exabgp/ container: ExaBGP 5.x + Flask REST API for on-demand BGP
  route injection into CML IOS-XR lab (AS 65020 via eBGP from AS 65100)
- Add 6 injection scenarios: internet_sample, churn, blackhole, anycast,
  full_table, lab_prefixes
- Add inject.py CLI wrapper for the ExaBGP API
- Add iosxr_bgp_config.md with IOS-XR neighbor config and NETCONF script
- Add obmp-grafana/ dashboards and provisioning (17 dashboards)
- Update docker-compose.yml: add exabgp service, fix Kafka external
  listener IP, extend log retention from 90min to 720min
- Add DOCS.md: full project documentation including architecture, setup,
  user guide, sanity checks, troubleshooting, and command reference
- Update .gitignore: exclude .env and .claude/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-05 14:46:37 -07:00

316 lines
12 KiB
Python
Raw Blame History

"""
BGP Route Injection Scenarios
Each scenario is a dict with:
description: str
routes: list of route dicts
Route dict keys:
prefix (required) e.g. "1.1.1.0/24"
next_hop default "self"
as_path list of ASNs, e.g. [65100, 1299, 15169]
communities list of strings, e.g. ["65100:100"]
med int, optional
local_pref int, optional
Well-known transit ASNs used in AS paths:
174 Cogent
701 Verizon / MCI
1299 Telia
2914 NTT
3257 GTT
3356 Lumen / Level3
6461 Zayo
6762 Sparkle / Telecom Italia
7018 AT&T
"""
# ---------------------------------------------------------------------------
# Helper to build route dicts quickly
# ---------------------------------------------------------------------------
def _r(prefix, as_path, communities=None, med=None, local_pref=None):
return {
'prefix': prefix,
'next_hop': 'self',
'as_path': as_path,
'communities': communities or [],
'med': med,
'local_pref': local_pref,
}
# ---------------------------------------------------------------------------
# Scenario: internet_sample
# Partial internet table — realistic mix of prefix lengths and AS paths.
# Prefixes are real public ranges with synthetic (but plausible) AS paths.
# ---------------------------------------------------------------------------
_INTERNET_V4 = [
# Cloudflare
_r('1.1.1.0/24', [65100, 174, 13335]),
_r('1.0.0.1/32', [65100, 3356, 13335]),
_r('104.16.0.0/13', [65100, 1299, 13335]),
_r('104.24.0.0/14', [65100, 6461, 13335]),
_r('162.158.0.0/15', [65100, 7018, 13335]),
_r('172.64.0.0/13', [65100, 2914, 13335]),
_r('198.41.128.0/17', [65100, 3257, 13335]),
# Google / Alphabet
_r('8.8.8.0/24', [65100, 3356, 15169]),
_r('8.8.4.0/24', [65100, 1299, 15169]),
_r('8.34.208.0/20', [65100, 6762, 15169]),
_r('34.0.0.0/15', [65100, 701, 15169]),
_r('35.190.0.0/17', [65100, 2914, 15169]),
_r('64.233.160.0/19', [65100, 3356, 15169]),
_r('66.102.0.0/20', [65100, 7018, 15169]),
_r('74.125.0.0/16', [65100, 174, 15169]),
_r('142.250.0.0/15', [65100, 3257, 15169]),
_r('172.217.0.0/16', [65100, 6461, 15169]),
_r('216.58.192.0/19', [65100, 1299, 15169]),
# Amazon AWS
_r('3.0.0.0/15', [65100, 3356, 16509]),
_r('13.32.0.0/15', [65100, 1299, 16509]),
_r('52.0.0.0/14', [65100, 6461, 16509]),
_r('52.84.0.0/15', [65100, 2914, 16509]),
_r('54.64.0.0/13', [65100, 701, 16509]),
_r('54.144.0.0/12', [65100, 174, 16509]),
_r('54.160.0.0/13', [65100, 3257, 16509]),
_r('99.77.128.0/18', [65100, 7018, 16509]),
_r('205.251.192.0/18',[65100, 3356, 16509]),
# Microsoft Azure
_r('13.64.0.0/11', [65100, 1299, 8075]),
_r('20.0.0.0/14', [65100, 6762, 8075]),
_r('20.33.0.0/16', [65100, 3356, 8075]),
_r('40.64.0.0/10', [65100, 2914, 8075]),
_r('52.224.0.0/11', [65100, 701, 8075]),
_r('104.40.0.0/13', [65100, 174, 8075]),
_r('168.61.0.0/16', [65100, 7018, 8075]),
# Akamai
_r('23.0.0.0/12', [65100, 3356, 20940]),
_r('23.32.0.0/11', [65100, 1299, 20940]),
_r('23.192.0.0/11', [65100, 6461, 20940]),
_r('92.122.0.0/15', [65100, 2914, 20940]),
_r('95.100.0.0/15', [65100, 3257, 20940]),
_r('184.24.0.0/13', [65100, 7018, 20940]),
# Fastly CDN
_r('23.235.32.0/20', [65100, 174, 54113]),
_r('103.244.50.0/24', [65100, 3356, 54113]),
_r('151.101.0.0/16', [65100, 1299, 54113]),
_r('157.52.192.0/18', [65100, 6461, 54113]),
_r('185.31.16.0/22', [65100, 2914, 54113]),
_r('199.27.72.0/21', [65100, 701, 54113]),
# Twitter / X
_r('104.244.42.0/24', [65100, 3356, 13414]),
_r('192.133.76.0/22', [65100, 1299, 13414]),
# Meta / Facebook
_r('31.13.24.0/21', [65100, 174, 32934]),
_r('31.13.64.0/18', [65100, 6762, 32934]),
_r('66.220.144.0/20', [65100, 7018, 32934]),
_r('69.63.176.0/20', [65100, 2914, 32934]),
_r('69.171.224.0/19', [65100, 3257, 32934]),
_r('157.240.0.0/17', [65100, 3356, 32934]),
_r('185.89.218.0/23', [65100, 701, 32934]),
_r('204.15.20.0/22', [65100, 1299, 32934]),
# Apple
_r('17.0.0.0/8', [65100, 1299, 714]),
_r('17.172.224.0/19', [65100, 6461, 714]),
_r('17.178.96.0/19', [65100, 2914, 714]),
_r('192.35.50.0/24', [65100, 3356, 714]),
# Comcast
_r('50.18.0.0/16', [65100, 7018, 7922]),
_r('73.0.0.0/8', [65100, 174, 7922]),
_r('96.0.0.0/11', [65100, 3257, 7922]),
# Verizon
_r('70.0.0.0/11', [65100, 3356, 701]),
_r('98.0.0.0/10', [65100, 1299, 701]),
_r('174.0.0.0/12', [65100, 6461, 701]),
# Generic transit destinations for AS path variety
_r('5.0.0.0/16', [65100, 1299, 6762, 34984]),
_r('45.86.0.0/16', [65100, 3257, 9002, 51847]),
_r('80.64.0.0/18', [65100, 174, 1239, 34224]),
_r('82.112.0.0/15', [65100, 6461, 5400, 12322]),
_r('89.0.0.0/17', [65100, 2914, 3491, 8551]),
_r('91.108.4.0/22', [65100, 701, 9002, 42831]),
_r('141.0.0.0/16', [65100, 7018, 1239, 6830]),
_r('185.0.0.0/22', [65100, 3356, 5400, 44946]),
_r('195.0.0.0/21', [65100, 1299, 3491, 30781]),
_r('212.0.0.0/16', [65100, 6762, 9002, 3301]),
_r('217.0.0.0/20', [65100, 174, 1239, 25160]),
]
_INTERNET_V6 = [
_r('2001:4860::/32', [65100, 3356, 15169]), # Google
_r('2001:4860:4860::/48', [65100, 1299, 15169]),
_r('2606:4700::/32', [65100, 174, 13335]), # Cloudflare
_r('2606:4700:4700::/48', [65100, 3356, 13335]),
_r('2400:cb00::/32', [65100, 2914, 13335]),
_r('2620:0:2d0::/48', [65100, 701, 2906]), # Netflix
_r('2600::/23', [65100, 6461, 16509]), # Amazon
_r('2a00:1450::/32', [65100, 1299, 15169]), # Google EU
_r('2001:8d8::/32', [65100, 3257, 20940]), # Akamai
_r('2620:1ec::/36', [65100, 7018, 8075]), # Microsoft
_r('2a03:2880::/32', [65100, 3356, 32934]), # Meta
_r('2001:df0::/32', [65100, 2914, 4837]), # China Unicom
_r('2001:500::/30', [65100, 174, 3356]), # ARIN
_r('2001:db8::/32', [65100, 1299, 65001]), # Documentation (RFC 3849)
]
# ---------------------------------------------------------------------------
# Scenario: churn
# 30 prefixes designed to be announced then withdrawn repeatedly.
# Load with /scenario/churn, withdraw with DELETE /scenario/churn.
# Run announce→withdraw→announce cycles to populate ip_rib_log.
# ---------------------------------------------------------------------------
_CHURN_PREFIXES = [
'198.51.100.0/24', # RFC 5737 documentation space
'198.51.101.0/24',
'198.51.102.0/24',
'198.51.103.0/24',
'198.51.104.0/24',
'198.51.105.0/24',
'198.51.106.0/24',
'198.51.107.0/24',
'198.51.108.0/24',
'198.51.109.0/24',
'203.0.113.0/24', # RFC 5737 documentation space
'203.0.113.1/32',
'203.0.113.2/32',
'203.0.113.3/32',
'203.0.113.4/32',
'100.64.0.0/24', # RFC 6598 shared address space
'100.64.1.0/24',
'100.64.2.0/24',
'100.64.3.0/24',
'100.64.4.0/24',
'192.0.2.0/24', # RFC 5737
'192.0.2.128/25',
'192.0.2.0/25',
'192.0.3.0/24',
'192.0.4.0/24',
'192.0.5.0/24',
'192.0.6.0/24',
'192.0.7.0/24',
'192.0.8.0/24',
'192.0.9.0/24',
]
_CHURN_ROUTES = [
_r(p, [65100, 65200], communities=['65100:200'])
for p in _CHURN_PREFIXES
]
# ---------------------------------------------------------------------------
# Scenario: blackhole
# Prefixes with RTBH (Remotely Triggered Black Hole) community.
# Community 65100:666 signals black-hole intent.
# Also includes the well-known BLACKHOLE community (65535:666).
# ---------------------------------------------------------------------------
_BLACKHOLE_ROUTES = [
_r('192.0.2.1/32', [65100], communities=['65100:666', '65535:666']),
_r('192.0.2.2/32', [65100], communities=['65100:666', '65535:666']),
_r('192.0.2.3/32', [65100], communities=['65100:666', '65535:666']),
_r('198.51.100.1/32',[65100], communities=['65100:666', '65535:666']),
_r('198.51.100.2/32',[65100], communities=['65100:666', '65535:666']),
]
# ---------------------------------------------------------------------------
# Scenario: anycast
# Same three prefixes announced with different AS paths and MEDs —
# simulates anycast competition (best-path selection testing).
# ---------------------------------------------------------------------------
_ANYCAST_ROUTES = [
# Anycast prefix 1 — two paths, different MED
_r('192.0.2.0/24', [65100, 65300], med=100),
# Anycast prefix 2 — longer AS path
_r('198.51.100.0/24', [65100, 65300, 65400], med=200),
# Anycast prefix 3 — shorter AS path, preferred
_r('203.0.113.0/24', [65100, 65200], med=50),
]
# ---------------------------------------------------------------------------
# Scenario: full_table
# 500+ prefixes simulating a large partial internet table.
# Built by expanding internet_sample with synthetic /24s.
# ---------------------------------------------------------------------------
def _gen_full_table():
routes = list(_INTERNET_V4) + list(_INTERNET_V6)
# Add synthetic /24 blocks from 100.x.x.0/24 space (RFC 6598)
transit_paths = [
[65100, 1299, 7922],
[65100, 3356, 16509],
[65100, 174, 15169],
[65100, 6461, 32934],
[65100, 2914, 8075],
[65100, 7018, 20940],
[65100, 1299, 54113],
[65100, 3356, 13335],
]
for i in range(100, 200):
for j in range(0, 256, 8):
path = transit_paths[((i - 100) + (j // 8)) % len(transit_paths)]
origin = 64512 + ((i * 32 + j // 8) % 1023)
routes.append(_r(f'100.{i}.{j}.0/24', path + [origin]))
return routes
# ---------------------------------------------------------------------------
# Scenario: lab_prefixes
# Mimics realistic enterprise/SP routes your lab routers would see.
# Useful for testing policy: communities, local-pref, AS path filtering.
# ---------------------------------------------------------------------------
_LAB_ROUTES = [
# Customer routes (shorter AS path, higher local-pref via community)
_r('10.200.0.0/24', [65100, 65500], communities=['65100:100'], local_pref=200),
_r('10.200.1.0/24', [65100, 65500], communities=['65100:100'], local_pref=200),
_r('10.200.2.0/24', [65100, 65500], communities=['65100:100'], local_pref=200),
# Peer routes (medium preference)
_r('10.201.0.0/22', [65100, 65600], communities=['65100:200'], local_pref=150),
_r('10.201.4.0/22', [65100, 65600], communities=['65100:200'], local_pref=150),
# Transit routes (longer path, lower preference)
_r('10.202.0.0/20', [65100, 1299, 65700], communities=['65100:300'], local_pref=100),
_r('10.202.16.0/20', [65100, 3356, 65700], communities=['65100:300'], local_pref=100),
# Default route
_r('0.0.0.0/0', [65100, 3356], communities=['65100:400']),
]
# ---------------------------------------------------------------------------
# Registry
# ---------------------------------------------------------------------------
SCENARIOS = {
'internet_sample': {
'description': 'Partial internet table (~80 IPv4 + 14 IPv6 prefixes with realistic AS paths)',
'routes': _INTERNET_V4 + _INTERNET_V6,
},
'churn': {
'description': '30 RFC documentation prefixes for announce/withdraw churn testing',
'routes': _CHURN_ROUTES,
},
'blackhole': {
'description': '5 /32 prefixes with RTBH community (65100:666 + 65535:666)',
'routes': _BLACKHOLE_ROUTES,
},
'anycast': {
'description': '3 prefixes with varying AS paths and MEDs for best-path testing',
'routes': _ANYCAST_ROUTES,
},
'full_table': {
'description': '500+ prefixes simulating a large partial internet table',
'routes': _gen_full_table(),
},
'lab_prefixes': {
'description': 'Enterprise/SP-style routes with communities and local-pref for policy testing',
'routes': _LAB_ROUTES,
},
}
Reference in New Issue View Git Blame Copy Permalink