MojeID Jak na Internet Edice Nebojte se Internetu Akademie Dobrá doména CSIRT.

Dobrá doména CSIRT.CZ Turris Omnia Háčky čárky více DNS

Jak funguje

Next Previous Contents

Index 1. Introduction
Support
User's guide 1.6 1.1 What is BIRD
Coder's Doc 1.6 The name `BIRD' is actually an acronym standing for `BIRD Internet Routing Daemon'. Let's take a closer
User's guide 2.0 look at the meaning of the name:
Coder's Doc 2.0
News Archive BIRD: Well, we think we have already explained th at. It's an acronym standing for `BIRD Internet Routing
Daemon', you remember , don't you? :-)
Mailing List
Wiki Internet Routing : It's a program (well, a daemon, as you are going to discover in a moment) which works
Looking Glass as a dynamic router in an Internet type network (that is, in a network running either the IPv4 or the IPv6
protocol). Routers are devices which forward packets between interconnected networks in order to allow
hosts not connected directly to the same local area network to communicate with each other . They also
communicate with the other routers in the Internet to discover the topology of the network which allows
them to find optimal (in terms of some metric) rules for forwarding of packets (which are called routing
Current releases tables) and to adapt themselves to the changing conditions such as outages of network links, building of
Git server access new connections and so on. Most of these routers are costly dedicated devices running obscure firmware
which is hard to configure and not open to any changes (on the other hand, their special hardware design
Git web interface
allows them to keep up with lots of high-speed network interfaces, better than general-purpose computer
does). Fortunately, most operating systems o f the UNIX family allow an ordinary computer to act as a
router and forward packets belonging to the other hosts, but only according to a statically configured table.

Sponsored by A Routing Daemon is in UNIX terminology a non-interactive program running on background which does
the dynamic part of Internet routing, that is it communicates with the other routers, calculates routing
tables and sends them to the OS kernel which does the actual packet forwarding. There already exist
other such routing daemons: routed (RIP only), GateD (non-free), Zebra and MRTD, but their capabilities
are limited and they are relatively hard to configure and maintain.

BIRD is an Internet Routing Daemon designed to avoid all of these shortcomings, to support all the routing
technology used in the today's Internet or planned to be used in near future and to have a clean extensible
architecture allowing new routing protocols to be incorporated easily . Among other features, BIRD
supports:

both IPv4 and IPv6 protocols

multiple routing tables
the Border Gateway Protocol (BGPv4)
the Routing Information Protocol (RIPv2, RIPng)
the Open Shortest Path First protocol (OSPFv2, OSPFv3)
the Babel Routing Protocol
the Router Advertisements for IPv6 hosts
a virtual protocol for exchange of routes between dif ferent routing tables on a single host
a command-line interface allowing on-line control and inspection of status of the daemon
soft reconfiguration (no need to use complex online commands to change the configuration, just
edit the configuration file and notify BIRD to re-read it and it will smoothly switch itself to the new
configuration, not disturbing routing protocols unless they are af fected by the configuration
changes)
a powerful language for route filtering

BIRD has been developed at the Faculty of Math and Physics, Charles University , Prague, Czech
Republic as a student project. It can be freely distributed under the terms of the GNU General Public
License.

BIRD has been designed to work on all UNIX-like systems. It has been developed and tested under Linux
2.0 to 2.6, and then ported to FreeBSD, NetBSD and OpenBSD, porting to other systems (even non-UNIX
ones) should be relatively easy due to its highly modular architecture.

BIRD 1.x supported either IPv4 or IPv6 protocol, but had to be compiled separately for each one. BIRD 2
supports both of them with a possibility of further extension. BIRD 2 supports Linux at least 3.16, FreeBSD
10, NetBSD 7.0, and OpenBSD 5.8. Anyway, it will probably work well also on older systems.

1.2 Installing BIRD

On a recent UNIX system with GNU development tools (GCC, binutils, m4, make) and Perl, installing
BIRD should be as easy as:
 ./configure
make
make install
vi /usr/local/etc/bird.conf
bird

You can use ./configure --helpto get a list of configure options. The most important ones are: --with-
protocols= to produce a slightly smaller BIRD executable by configuring out routing protocols you don't
use, and --prefix= to install BIRD to a place dif ferent from /usr/local.

1.3 Running BIRD

You can pass several command-line options to bird:

-c config name

use given configuration file instead of prefix /etc/bird.conf.

-d

enable debug messages and run bird in foreground.

-D filename of debug log

log debugging information to given file instead of stderr .

-f

run bird in foreground.

-g group

use that group ID, see the next section for details.

-h, --help

display command-line options to bird.

-l

look for a configuration file and a communication socket in the current working directory instead of
in default system locations. However , paths specified by options -c, -s have higher priority.
-p

just parse the config file and exit. Return value is zero if the config file is valid, nonzero if there are
some errors.

-P name of PID file

create a PID file with given filename.

-R

apply graceful restart recovery after start.

-s name of communication socket

use given filename for a socket for communications with the client, default is
prefix /var/run/bird.ctl.

-u user

drop privileges and use that user ID, see the next section for details.
--version

display bird version.

BIRD writes messages about its work to log files or syslog (according to config).

1.4 Privileges

BIRD, as a routing daemon, uses several privileged operations (like setting routing table and using raw
sockets). Traditionally, BIRD is executed and runs with root privileges, which may be prone to security
problems. The recommended way is to use a privilege restriction (options -u, -g). In that case BIRD is
executed with root privileges, but it changes its user and group ID to an unprivileged ones, while using
Linux capabilities to retain just required privileges (capabilities CAP_NET_*). Note that the control socket
is created before the privileges are dropped, but the config file is read after that. The privilege restriction is
not implemented in BSD port of BIRD.

An unprivileged user (as an argument to -u options) may be the user nobody, but it is suggested to use a
new dedicated user account (like bird). The similar considerations apply for the group option, but there is
one more condition -- the users in the same group can use birdc to control BIRD.
Finally, there is a possibility to use external to ols to run BIRD in an environment with restricted privileges.
This may need some configuration, but it is generally easy -- BIRD needs just the standard library ,
privileges to read the config file and create the control socket and the CAP_NET_* capabilities.

Next Previous Contents

Web created by Feela