SUMMARY LG is a Looking Glass written in Perl as a CGI script. It can execute almost all BGP-related commands and do ping and traceroute in routers or relay these queries to other looking glasses. It supports both IPv4 and IPv6 commands, and is tested with Cisco, Zebra and Juniper. It can connect to router using either SSH, telnet or rsh protocol. LG is released under GPL licence. Look at COPYING file. SECURITY It is suggested to move configuration file lg.conf outside of webserver direcory. One suitable place for that could be /usr/local/etc. Just move configuration to this directory and add full path to the $configfile variable in the beginning of lg.cgi. The default location of SSH configuration directory .ssh is initialized to the same directory where CGI is running: /usr/local/httpd/htdocs/lg. It is suggested to change $HOME enironment variable in the beginning of lg.cgi script to some other directory accessible by webserver (wwwrun for example) which is outside of default webserver root (in opensuse /var/lib/wwwrun can be used). It is srongly suggested to change this in case you are going to use key based authentication. INSTALL This example assumes that you use Apache webserver and LG will be installed to /usr/local/httpd/htdocs/lg directory. 1. Create directory where you want to keep LG files > mkdir /usr/local/httpd/htdocs/lg 2. Copy lg.cgi, lg.conf and favicon.ico to this directory, make CGI executable > cp lg.cgi lg.conf favicon.ico /usr/local/httpd/htdocs/lg > chmod 644 /usr/local/httpd/htdocs/lg/* > chmod 755 /usr/local/httpd/htdocs/lg/lg.cgi 3. Add these lines to your webserver config (In SuSE it is located at /etc/httpd/httpd.conf or /etc/httpd/suse_include.conf). The order of these lines is VERY IMPORTANT Alias /lg/favicon.ico /usr/local/httpd/htdocs/lg/favicon.ico ScriptAlias /lg /usr/local/httpd/htdocs/lg/lg.cgi 4. Restart webserver > killall -1 httpd 5. DONE! 6. Now you have time to set up AS num and community description files Download as.txt, as-apnic.txt, as-arin.txt, as-ripe.txt, as-jpnic.txt, as-lacnic.txt and communities.txt form http://www.version6.net/lg/db/ . Put all files to LG directory (/usr/local/httpd/htdocs/lg). > wget http://www.version6.net/lg/db/as.txt > wget http://www.version6.net/lg/db/as-apnic.txt > wget http://www.version6.net/lg/db/as-arin.txt > wget http://www.version6.net/lg/db/as-ripe.txt > wget http://www.version6.net/lg/db/as-jpnic.txt > wget http://www.version6.net/lg/db/as-lacnic.txt > wget http://www.version6.net/lg/db/communities.txt 7. If you prefer use Berkeley DB (you should! :-) ), then set up a database file. PS! you can't use community descriptions without using Berkeley DB. 7.1 Create db file yourself by running makedb.pl in LG directory: > ./makedb.pl or 7.2 Download as.db from http://www.version6.net/lg/db/ > wget http://www.version6.net/lg/db/as.db 8. Make sure that all these files are readable for webrserver > chmod a+r /usr/local/httpd/htdocs/lg/*.txt > chmod a+r /usr/local/httpd/htdocs/lg/as.db ADVANCED CONFIURATION You can generate as-*.txt files yourself. Just run Perl script makeaslist.pl and it creates these three files in your current directory. It is recommended to update these files sometimes to get fresh information about new AS numbers. Don't forget to run makedb.pl after that as well. You can also edit as.txt file. These three autogenerated files are included at the beginning of as.txt file. All lines below just overwrites previous ones. This means that you can put any better names for AS numbers to this file and will see it instead of these autogenerated names (which are quite hard to understand some times). Also you have to edit communities.txt file by hand. Don't forget to run makedb.pl after that again. A little bit about lg.conf file. In this example all logins are replaced with "login" and passwords with "password". These lines are also commented out, so you can use this configuration file even without any modification. You can set ASList as as.txt file or as.db database. With my 900 MHz Celeron it takes about 4 sec to load as.txt (and all included files) while using DB takes only 0.2 sec ;-) Use DB if possible! As long as the configuration file is quite simple, I don't give here any help how to configure LG. Just look at lg.conf, all possible ways how to configure it, are shown in this file already ;-) Default logfile is /var/log/lg.log, be sure that your webserver can write it or use any other file (or don't use at all). NOTES Don't try to use LG sites with newer DIGEX code as external LG sites. These will check Referer and therefore deny all outside links. There are also some LG sites which support only POST method and are also unusable. LG can forward browsers to any other address but can't send POST data with it. It is possible to act as proxy for these sites but this is not implemented yet and I'm not sure it is necessary at all. At least at the current moment ;-) When using Zebra you can specify one port for bgpd and another for zebra itself (ping and traceroute commands). All these syntaxes have the same meaning: - telnet://pass@host default ports (2601 and 2605) - telnet://pass@host:2601,2605 user defined ports - telnet://pass@host:2601, user defined zebra port and default bgpd port - telnet://pass@host:,2605 default zebra port and user defined bgpd port but these don't work as you expect (the same port for bgpd and zebra): - telnet://pass@host:2601 - telnet://pass@host:2605 "logical-system" works only with OSType="JunOS" and when using SSH. DOWNLOAD You can get the latest source from http://www.version6.net/ All new releases will be announced in Freshmeat (subscribe!) http://freshmeat.net/projects/lg/ Enjoy! --- Cougar <cougar@random.ee>