sales@fastnetmon.com

Support

Free Trial
FastNetMon - Comprehensive Solution For DDoS Security

Subnet collection from BGP peering session

Home FastNetMon Advanced Technical Documentation Subnet collection from BGP peering session
Contents

FastNetMon relies on list of prefixes operated by your network to detect direction of traffic. However, in a dynamic environment with a large number of peers and frequent changes, it may be complicated to maintain a list of monitored networks up to date manually

Starting from release 2.0.379 provide an option to read all required networks from BGP

To enable this feature, please redistribute all networks which belong to your company. Please do not redistribute the full BGP table because it will overload FastNetMon's BGP daemon.

To use this facility, you need to establish a BGP peering session between FastNetMon and your routers as documented here.

We offer command which can return all networks received from the BGP session directly:

sudo fcli show bgp_announces_incoming peer_name

peer_name you can get from your BGP configuration:

sudo fcli show bgp | grep name

Then you need to enable BGP network configuration:

sudo fcli set main load_networks_from_bgp true
sudo fcli commit

Optionally you need to set list of communities which need to be handled by FastNetMon, by default it loads all networks from BGP session:

sudo fcli set main load_networks_from_bgp_filter_communities 65535:123
sudo fcli set main load_networks_from_bgp_filter_communities 65535:321
sudo fcli commit

Then you need to enable network collection for particular BGP peer:

sudo fcli set bgp peer1 subnet_learning true
sudo fcli commit

After that you need to run this command to load all networks from BGP this way. Please note that this command does not restart FastNetMon to apply configuration and applies all changes for running daemon:

sudo fcli set reload_networks

After that please check /var/log/fastnetmon/fastnetmon.log for entries like this which confirms successful network loading:

2026-06-15 12:19:44,422 [INFO] Loading networks from BGP peer peer1
2026-06-15 12:20:08,026 [INFO] IPv4 ListPath read loop took 23.6036 seconds
2026-06-15 12:20:08,077 [INFO] IPv6 ListPath read loop took 0.00366753 seconds
2026-06-15 12:20:08,078 [INFO] We loaded 98258 IPv4 and 0 IPv6 networks from BGP peers
2026-06-15 12:20:08,135 [INFO] Loading 194143 IPv4 and 0 IPv6 subnets
2026-06-15 12:20:08,485 [INFO] Total size of all IPv4 networks: 491277889
2026-06-15 12:20:08,485 [INFO] load_our_networks_list took 24150 ms

Then create following cron configuration file to configure soft reload of networks list every hour (or more often if needed): /etc/cron.d/network_learning:

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
1 * * * *  root    /opt/fastnetmon/app/bin/fcli set reload_networks

It will sync networks list on FastNetMon side with list of prefixes received from BGP