-
Notifications
You must be signed in to change notification settings - Fork 459
architecture overview
Thomas Mangin edited this page Nov 10, 2025
·
1 revision
Purpose: Technical reference for understanding ExaBGP's internal architecture Audience: Documentation writers, contributors, advanced users Last Updated: 2025-11-09
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β External Process β
β (Python/Shell/Any Language Script) β
β β
β Reads STDIN ββββ Writes STDOUT (Commands) β
ββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββ
β STDIN/STDOUT Pipes
ββββββββββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββ
β ExaBGP Core β
β β
β ββββββββββββββββ ββββββββββββββ ββββββββββββββββββββββ β
β β Process β β Parser β β BGP Protocol β β
β β Manager β β (Commands)β β State Machine β β
β ββββββββββββββββ ββββββββββββββ ββββββββββββββββββββββ β
β β
β ββββββββββββββββ ββββββββββββββ ββββββββββββββββββββββ β
β β Encoder β β Message β β Neighbor β β
β β (JSON/Text) β β Builder β β Management β β
β ββββββββββββββββ ββββββββββββββ ββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββ
β TCP/BGP
ββββββββββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββ
β BGP Neighbor (Router) β
β β
β Receives/Sends BGP Protocol Messages β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ExaBGP is a pure BGP protocol implementation:
- Does NOT maintain routing tables (RIB)
- Does NOT modify kernel routing tables (FIB)
- Does NOT forward packets
- ONLY speaks the BGP protocol
Rationale: Separation of concerns - ExaBGP handles protocol, external processes handle routing decisions.
Everything is controlled via API:
- Configuration defines neighbors and processes
- External processes send commands via STDOUT
- ExaBGP sends BGP messages via STDIN
- Simple, language-agnostic integration
Business logic lives outside ExaBGP:
- Health checks β Python/Shell scripts
- Route decisions β Application logic
- Integration β Any programming language
- ExaBGP β BGP protocol only
Responsibilities:
- Launch configured external processes
- Monitor process health
- Manage STDIN/STDOUT pipes
- Handle process restarts on failure
Configuration:
process healthcheck {
run /usr/local/bin/healthcheck.py;
encoder json;
}Process Lifecycle:
- ExaBGP reads configuration
- Forks external process
- Establishes STDIN/STDOUT pipes
- Monitors process (restarts on crash)
- Cleans up on ExaBGP shutdown
Responsibilities:
- Read STDOUT from external processes
- Parse text/JSON commands
- Validate command syntax
- Queue commands for execution
Supported Command Formats:
# Text format
announce route 203.0.113.0/24 next-hop self
# JSON format (future)
{"exabgp": "4.0", "type": "announce", "route": {...}}
Command Types:
- Route announcements (
announce route) - Route withdrawals (
withdraw route) - FlowSpec rules (
announce flow) - Control commands (
shutdown,reload,restart) - Information queries (
show adj-rib out)
Responsibilities:
- Implement BGP FSM (RFC 4271)
- Handle BGP session establishment
- Process BGP messages (OPEN, UPDATE, KEEPALIVE, NOTIFICATION)
- Manage timers (hold time, keepalive)
- Validate BGP protocol correctness
BGP States:
Idle β Connect β OpenSent β OpenConfirm β Established
Message Types:
- OPEN: Session establishment, capability negotiation
- UPDATE: Route announcements/withdrawals
- NOTIFICATION: Error reporting, session termination
- KEEPALIVE: Session maintenance
- ROUTE-REFRESH: Request route re-advertisement
Responsibilities:
- Construct BGP UPDATE messages from commands
- Encode BGP attributes correctly
- Support IPv4, IPv6, FlowSpec, VPN, etc.
- Validate message format before sending
BGP UPDATE Structure:
+-----------------------------------------------+
| Withdrawn Routes Length (2 octets) |
+-----------------------------------------------+
| Withdrawn Routes (variable) |
+-----------------------------------------------+
| Total Path Attribute Length (2 octets) |
+-----------------------------------------------+
| Path Attributes (variable) |
+-----------------------------------------------+
| Network Layer Reachability Info (variable) |
+-----------------------------------------------+
Supported Attributes:
- ORIGIN (Type 1)
- AS_PATH (Type 2)
- NEXT_HOP (Type 3)
- MULTI_EXIT_DISC (Type 4)
- LOCAL_PREF (Type 5)
- COMMUNITIES (Type 8)
- MP_REACH_NLRI (Type 14) - IPv6, FlowSpec, VPN
- MP_UNREACH_NLRI (Type 15)
- EXTENDED_COMMUNITIES (Type 16)
- LARGE_COMMUNITIES (Type 32)
Responsibilities:
- Format received BGP messages for external processes
- Support text and JSON output formats
- Send formatted messages to process STDIN
Text Format Example:
neighbor 192.0.2.1 192.0.2.2 received update route 203.0.113.0/24 \
next-hop 192.0.2.1 origin igp as-path [65001 65002] med 100
JSON Format Example:
{
"exabgp": "4.0.0",
"time": 1234567890,
"type": "update",
"neighbor": {
"address": {"local": "192.0.2.2", "peer": "192.0.2.1"},
"asn": {"local": 65000, "peer": 65001}
},
"message": {
"update": {
"announce": {
"ipv4 unicast": {
"192.0.2.1": [{
"nlri": "203.0.113.0/24",
"attribute": {
"origin": "igp",
"as-path": [65001, 65002],
"med": 100
}
}]
}
}
}
}
}Responsibilities:
- Maintain neighbor configurations
- Manage TCP connections to peers
- Track neighbor state
- Apply per-neighbor policies
- Handle BGP capabilities negotiation
Neighbor Configuration:
neighbor 192.0.2.1 {
router-id 10.0.0.1;
local-address 192.0.2.2;
local-as 65000;
peer-as 65001;
family {
ipv4 unicast;
ipv6 unicast;
ipv4 flow;
}
capability {
graceful-restart;
add-path receive;
extended-message receive;
}
api {
processes [healthcheck];
receive {
parsed;
update;
notification;
}
}
}1. External Process
ββ> STDOUT: "announce route 203.0.113.0/24 next-hop self"
2. Process Manager
ββ> Reads STDOUT, forwards to Parser
3. Command Parser
ββ> Parses command, extracts route details
4. Message Builder
ββ> Constructs BGP UPDATE message
ββ> Adds attributes (ORIGIN, AS_PATH, NEXT_HOP, etc.)
5. BGP Protocol
ββ> Sends UPDATE message to neighbor via TCP
6. Router (Neighbor)
ββ> Receives UPDATE, installs route
1. Router (Neighbor)
ββ> Sends BGP UPDATE message via TCP
2. BGP Protocol
ββ> Receives UPDATE, validates message
3. Encoder
ββ> Formats message as JSON/Text
4. Process Manager
ββ> Writes to process STDIN
5. External Process
ββ> Reads STDIN, processes received route
ββ> Makes routing decisions, sends commands via STDOUT
# Process definitions
process <name> {
run <command>;
encoder <json|text>;
}
# Global template (optional)
template {
neighbor <ip> {
# Shared neighbor configuration
}
}
# Neighbor definitions
neighbor <ip> {
router-id <id>;
local-address <ip>;
local-as <asn>;
peer-as <asn>;
family {
ipv4 unicast;
ipv6 unicast;
ipv4 flow;
l2vpn vpls;
}
capability {
graceful-restart;
add-path receive;
}
api {
processes [<name>];
receive {
parsed;
update;
}
}
# Static routes (optional)
static {
route 203.0.113.0/24 next-hop self;
}
}1. ExaBGP starts
ββ> Loads configuration file
2. Validates syntax
ββ> Checks neighbor parameters
ββ> Validates process definitions
3. Applies templates
ββ> Merges template with neighbor configs
4. Initializes components
ββ> Creates neighbor objects
ββ> Forks external processes
5. Establishes BGP sessions
ββ> Connects to neighbors
ββ> Negotiates capabilities
- Traditional IPv4 routing
- Most common use case
- IPv6 routing
- Uses MP_REACH_NLRI attribute
- Traffic filtering rules
- DDoS mitigation
- ExaBGP is only open-source implementation
- L3VPN over MPLS
- Route distinguisher support
- Virtual Private LAN Service
- Layer 2 VPN support
- Link-State distribution
- SDN integration
- Route Target filtering
- VPN route optimization
Core Protocol:
- RFC 4271: BGP-4
- RFC 4760: Multiprotocol Extensions for BGP-4
- RFC 5492: Capabilities Advertisement
Route Refresh:
- RFC 2918: Route Refresh Capability
Communities:
- RFC 1997: BGP Communities Attribute
- RFC 4360: BGP Extended Communities
- RFC 8092: BGP Large Communities
FlowSpec:
- RFC 5575: Dissemination of Flow Specification Rules
- RFC 8955: Dissemination of Flow Specification Rules (updated)
Graceful Restart:
- RFC 4724: Graceful Restart Mechanism for BGP
Add-Path:
- RFC 7911: Advertisement of Multiple Paths in BGP
See RFC-SUPPORT.md and RFC-Information.md for complete list
During OPEN message exchange, ExaBGP negotiates:
- Multiprotocol Extensions (IPv6, FlowSpec, VPN)
- Route Refresh
- Graceful Restart
- 4-byte AS numbers
- Add-Path
- Extended Message (for large UPDATEs)
ExaBGP uses single-threaded architecture:
- Main event loop handles all I/O
- Non-blocking sockets for BGP sessions
- Select/poll for process STDOUT monitoring
- Timer management for BGP keepalives
Advantages:
- Simple, no race conditions
- Low overhead
- Predictable behavior
Considerations:
- External processes must not block
- Long-running health checks should use separate processes
- Python GIL not a concern (no threading)
TCP MD5 Authentication (RFC 2385):
neighbor 192.0.2.1 {
md5-password "secret";
}- External processes run as separate OS processes
- Limited privilege escalation risk
- Process crashes don't affect ExaBGP core
- STDOUT/STDIN are isolated pipes
- All BGP messages validated against RFCs
- Command parser validates syntax
- Attribute validation before message construction
- Protection against malformed BGP messages
- Memory: 20-50MB typical, scales with routes
- CPU: Minimal, event-driven I/O
- Network: TCP keepalives every 60s (configurable)
- Routes: 100K+ routes per instance
- Neighbors: 100+ simultaneous neighbors
- Processes: Multiple external processes supported
- Speakers: 450+ speakers simulated from single host
- Python GIL for CPU-intensive tasks
- Network I/O bounded by TCP
- External process performance dependent on implementation
[ExaBGP + Health Check] ----BGP----> [Router]
Simple, single service announcement.
[ExaBGP + Multiple Processes] ----BGP----> [Router]
Multiple health checks, multiple service IPs.
[ExaBGP Nodes] ----BGP----> [Route Server] ----BGP----> [Edge Routers]
Scalable, with route server for path selection.
[ExaBGP Primary] ----BGP----> [Router]
[ExaBGP Secondary] ----BGP----> [Router]
High availability for ExaBGP itself.
[ExaBGP Node 1] ----BGP----> [Router 1]
[ExaBGP Node 2] ----BGP----> [Router 2]
[ExaBGP Node 3] ----BGP----> [Router 3]
Geographic distribution, anycast.
-
CRITICAL: Fatal errors -
ERROR: Errors (session failures, etc.) -
WARNING: Warnings (retries, etc.) -
INFO: Informational (route changes) -
DEBUG: Detailed debugging
-
stdout: Console output -
stderr: Error output - File: Specified log file path
- Syslog: System logger
[exabgp.log]
all = true
destination = /var/log/exabgp.log
level = DEBUG
[exabgp.api]
ack = true
encoder = json| Feature | ExaBGP | Quagga/FRR | BIRD |
|---|---|---|---|
| RIB | No | Yes | Yes |
| FIB | No | Yes | Yes |
| API | Full | Limited | Limited |
| Language | Python | C | C |
| FlowSpec | Full | Partial | Partial |
| Programmability | High | Low | Medium |
| Resource Usage | Low | Medium | Low |
| Primary Use Case | API Control | Router Daemon | Router Daemon |
exabgp/
βββ application/ # CLI and main application
βββ bgp/ # BGP protocol implementation
β βββ message/ # BGP message types
β βββ neighbor/ # Neighbor management
β βββ peer.py # BGP peer state machine
βββ configuration/ # Configuration parsing
βββ network/ # Network I/O
βββ reactor/ # Event loop
βββ rib/ # Adj-RIB-Out (not RIB!)
βββ version.py # Version info
Note: Despite rib/ directory name, ExaBGP only maintains Adj-RIB-Out (routes sent to neighbors), not a full RIB.
Add new output formats for external processes.
Support new BGP attributes via message builder.
Add new address family support.
Unlimited flexibility via external processes.
Language-specific libraries for ExaBGP interaction.
ExaBGP's architecture is designed for:
- Simplicity: External process model, STDIN/STDOUT API
- Correctness: Pure BGP protocol implementation (55+ RFCs)
- Flexibility: Language-agnostic integration
- Separation: Protocol (ExaBGP) vs. Logic (external processes)
- Scalability: Lightweight, event-driven, single-threaded
Key Insight: By separating BGP protocol from routing logic, ExaBGP enables application-layer network control without requiring BGP expertise or router access.
For Documentation Writers: Use this architecture overview to:
- Explain how ExaBGP works internally
- Justify design decisions in documentation
- Help users understand the process model
- Clarify the "no RIB/FIB" principle
- Reference when explaining advanced features
π Home
π Getting Started
π§ API
π‘οΈ Use Cases
π Address Families
βοΈ Configuration
π Operations
π Reference
- Architecture
- BGP State Machine
- Communities (RFC)
- Extended Communities
- BGP Ecosystem
- Capabilities (AFI/SAFI)
- RFC Support
π Migration
π Community
π External
- GitHub Repo β
- Slack β
- Issues β
π» Ghost written by Claude (Anthropic AI)