FastNetMon and ExaBGP integration

FastNetMon could enable/disable announce of blackholed IPs (/32) to BGP core router (Cisco, Juniper, Quagga, Bird, Extreme, Brocade). This feature implemented with ExaBGP toolkit.

If you want to use this capability, please set following params in /etc/fastnetmon.conf and tune they to values suitable in your network:

exabgp = on
exabgp_command_pipe = /var/run/exabgp.cmd
exabgp_community = 65001:666
exabgp_next_hop =
exabgp_announce_host = on

Secondly, you should install, configure and run ExaBGP toolkit.

Install ExaBGP 3:

pip install exabgp==3.4.20

All our instructions suitable only for ExaBGP 3.

Install socat (if you do not have socat for your platform, please check this manual):

apt-get install -y socat
yum install -y socat

Create example configuration:

vim /etc/exabgp_blackhole.conf

Example here (please fix this configuration to your network):

group Core_v4 {
    hold-time 180;
    # local AS number
    local-as 65001;
    # Remote AS number
    peer-as 1234;
    # ID for this ExaBGP router
    graceful-restart 1200;

    # Remote peer
    neighbor {
        # Local IP addess which used for connections to this peer
        description "Quagga";

    # Add this line for process management
    process service-dynamic {
        run /usr/bin/socat stdout pipe:/var/run/exabgp.cmd;

Run ExaBGP:

env exabgp.daemon.user=root exabgp.daemon.daemonize=true exabgp.daemon.pid=/var/run/exabgp.pid exabgp.log.destination=/var/log/exabgp.log exabgp /etc/exabgp_blackhole.conf

Don’t be puzzled by ExaBGP’s output like this one:

exabgp: 1363   configuration environment file missing
exabgp: 1363   configuration generate it using "exabgp --fi > /usr/local/etc/exabgp/exabgp.env"

It just warning, not an error message. ExaBGP will start in background.

You can get more details about it from log file:

cat /var/log/exabgp.log

You could read my articles about ExaBGP configuration too: first and second