Annotation of embedaddon/bird/doc/bird-1.html, revision 1.1.1.1
1.1 misho 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
2: <HTML>
3: <HEAD>
4: <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 1.0.9">
5: <TITLE>BIRD User's Guide: Introduction</TITLE>
6: <LINK HREF="bird-2.html" REL=next>
7:
8: <LINK HREF="bird.html#toc1" REL=contents>
9: </HEAD>
10: <BODY>
11: <A HREF="bird-2.html">Next</A>
12: Previous
13: <A HREF="bird.html#toc1">Contents</A>
14: <HR>
15: <H2><A NAME="intro"></A> <A NAME="s1">1.</A> <A HREF="bird.html#toc1">Introduction</A></H2>
16:
17: <H2><A NAME="what-is-bird"></A> <A NAME="ss1.1">1.1</A> <A HREF="bird.html#toc1.1">What is BIRD</A>
18: </H2>
19:
20: <P>The name `BIRD' is actually an acronym standing for `BIRD Internet Routing
21: Daemon'. Let's take a closer look at the meaning of the name:
22: <P>
23: <P><EM>BIRD</EM>: Well, we think we have already explained that. It's an acronym
24: standing for `BIRD Internet Routing Daemon', you remember, don't you? :-)
25: <P>
26: <P><EM>Internet Routing</EM>: It's a program (well, a daemon, as you are going to
27: discover in a moment) which works as a dynamic router in an Internet type
28: network (that is, in a network running either the IPv4 or the IPv6 protocol).
29: Routers are devices which forward packets between interconnected networks in
30: order to allow hosts not connected directly to the same local area network to
31: communicate with each other. They also communicate with the other routers in the
32: Internet to discover the topology of the network which allows them to find
33: optimal (in terms of some metric) rules for forwarding of packets (which are
34: called routing tables) and to adapt themselves to the changing conditions such
35: as outages of network links, building of new connections and so on. Most of
36: these routers are costly dedicated devices running obscure firmware which is
37: hard to configure and not open to any changes (on the other hand, their special
38: hardware design allows them to keep up with lots of high-speed network
39: interfaces, better than general-purpose computer does). Fortunately, most
40: operating systems of the UNIX family allow an ordinary computer to act as a
41: router and forward packets belonging to the other hosts, but only according to a
42: statically configured table.
43: <P>
44: <P>A <EM>Routing Daemon</EM> is in UNIX terminology a non-interactive program
45: running on background which does the dynamic part of Internet routing, that is
46: it communicates with the other routers, calculates routing tables and sends them
47: to the OS kernel which does the actual packet forwarding. There already exist
48: other such routing daemons: routed (RIP only), GateD (non-free),
49: <A HREF="http://www.zebra.org">Zebra</A> and
50: <A HREF="http://sourceforge.net/projects/mrt">MRTD</A>,
51: but their capabilities are limited and they are relatively hard to configure
52: and maintain.
53: <P>
54: <P>BIRD is an Internet Routing Daemon designed to avoid all of these shortcomings,
55: to support all the routing technology used in the today's Internet or planned to
56: be used in near future and to have a clean extensible architecture allowing new
57: routing protocols to be incorporated easily. Among other features, BIRD
58: supports:
59: <P>
60: <UL>
61: <LI>both IPv4 and IPv6 protocols</LI>
62: <LI>multiple routing tables</LI>
63: <LI>the Border Gateway Protocol (BGPv4)</LI>
64: <LI>the Routing Information Protocol (RIPv2)</LI>
65: <LI>the Open Shortest Path First protocol (OSPFv2, OSPFv3)</LI>
66: <LI>the Router Advertisements for IPv6 hosts</LI>
67: <LI>a virtual protocol for exchange of routes between different
68: routing tables on a single host</LI>
69: <LI>a command-line interface allowing on-line control and inspection
70: of status of the daemon</LI>
71: <LI>soft reconfiguration (no need to use complex online commands to
72: change the configuration, just edit the configuration file and
73: notify BIRD to re-read it and it will smoothly switch itself to
74: the new configuration, not disturbing routing protocols unless
75: they are affected by the configuration changes)</LI>
76: <LI>a powerful language for route filtering</LI>
77: </UL>
78: <P>
79: <P>BIRD has been developed at the Faculty of Math and Physics, Charles
80: University, Prague, Czech Republic as a student project. It can be freely
81: distributed under the terms of the GNU General Public License.
82: <P>
83: <P>BIRD has been designed to work on all UNIX-like systems. It has been
84: developed and tested under Linux 2.0 to 2.6, and then ported to FreeBSD, NetBSD
85: and OpenBSD, porting to other systems (even non-UNIX ones) should be relatively
86: easy due to its highly modular architecture.
87: <P>
88: <P>BIRD supports either IPv4 or IPv6 protocol, but have to be compiled separately
89: for each one. Therefore, a dualstack router would run two instances of BIRD (one
90: for IPv4 and one for IPv6), with completely separate setups (configuration
91: files, tools ...).
92: <P>
93: <P>
94: <H2><A NAME="install"></A> <A NAME="ss1.2">1.2</A> <A HREF="bird.html#toc1.2">Installing BIRD</A>
95: </H2>
96:
97: <P>On a recent UNIX system with GNU development tools (GCC, binutils, m4, make)
98: and Perl, installing BIRD should be as easy as:
99: <P>
100: <HR>
101: <PRE>
102: ./configure
103: make
104: make install
105: vi /usr/local/etc/bird.conf
106: bird
107: </PRE>
108: <HR>
109: <P>
110: <P>You can use <CODE>./configure --help</CODE> to get a list of configure
111: options. The most important ones are: <CODE>--enable-ipv6</CODE> which enables building
112: of an IPv6 version of BIRD, <CODE>--with-protocols=</CODE> to produce a slightly smaller
113: BIRD executable by configuring out routing protocols you don't use, and
114: <CODE>--prefix=</CODE> to install BIRD to a place different from <CODE>/usr/local</CODE>.
115: <P>
116: <P>
117: <H2><A NAME="argv"></A> <A NAME="ss1.3">1.3</A> <A HREF="bird.html#toc1.3">Running BIRD</A>
118: </H2>
119:
120: <P>You can pass several command-line options to bird:
121: <P>
122: <DL>
123: <DT><CODE>
124: <A NAME="argv-config"></A> -c <I>config name</I></CODE><DD><P>use given configuration file instead of <I>prefix</I><CODE>/etc/bird.conf</CODE>.
125: <P>
126: <DT><CODE>
127: <A NAME="argv-debug"></A> -d</CODE><DD><P>enable debug messages and run bird in foreground.
128: <P>
129: <DT><CODE>
130: <A NAME="argv-log-file"></A> -D <I>filename of debug log</I></CODE><DD><P>log debugging information to given file instead of stderr.
131: <P>
132: <DT><CODE>
133: <A NAME="argv-foreground"></A> -f</CODE><DD><P>run bird in foreground.
134: <P>
135: <DT><CODE>
136: <A NAME="argv-group"></A> -g <I>group</I></CODE><DD><P>use that group ID, see the next section for details.
137: <P>
138: <DT><CODE>
139: <A NAME="argv-help"></A> -h, --help</CODE><DD><P>display command-line options to bird.
140: <P>
141: <DT><CODE>
142: <A NAME="argv-local"></A> -l</CODE><DD><P>look for a configuration file and a communication socket in the current
143: working directory instead of in default system locations. However, paths
144: specified by options <CODE>-c</CODE>, <CODE>-s</CODE> have higher priority.
145: <P>
146: <DT><CODE>
147: <A NAME="argv-parse"></A> -p</CODE><DD><P>just parse the config file and exit. Return value is zero if the config
148: file is valid, nonzero if there are some errors.
149: <P>
150: <DT><CODE>
151: <A NAME="argv-pid"></A> -P <I>name of PID file</I></CODE><DD><P>create a PID file with given filename.
152: <P>
153: <DT><CODE>
154: <A NAME="argv-recovery"></A> -R</CODE><DD><P>apply graceful restart recovery after start.
155: <P>
156: <DT><CODE>
157: <A NAME="argv-socket"></A> -s <I>name of communication socket</I></CODE><DD><P>use given filename for a socket for communications with the client,
158: default is <I>prefix</I><CODE>/var/run/bird.ctl</CODE>.
159: <P>
160: <DT><CODE>
161: <A NAME="argv-user"></A> -u <I>user</I></CODE><DD><P>drop privileges and use that user ID, see the next section for details.
162: <P>
163: <DT><CODE>
164: <A NAME="argv-version"></A> --version</CODE><DD><P>display bird version.
165: </DL>
166: <P>
167: <P>BIRD writes messages about its work to log files or syslog (according to config).
168: <P>
169: <P>
170: <H2><A NAME="privileges"></A> <A NAME="ss1.4">1.4</A> <A HREF="bird.html#toc1.4">Privileges</A>
171: </H2>
172:
173: <P>BIRD, as a routing daemon, uses several privileged operations (like setting
174: routing table and using raw sockets). Traditionally, BIRD is executed and runs
175: with root privileges, which may be prone to security problems. The recommended
176: way is to use a privilege restriction (options <CODE>-u</CODE>, <CODE>-g</CODE>). In that case
177: BIRD is executed with root privileges, but it changes its user and group ID to
178: an unprivileged ones, while using Linux capabilities to retain just required
179: privileges (capabilities CAP_NET_*). Note that the control socket is created
180: before the privileges are dropped, but the config file is read after that. The
181: privilege restriction is not implemented in BSD port of BIRD.
182: <P>
183: <P>An unprivileged user (as an argument to <CODE>-u</CODE> options) may be the user
184: <CODE>nobody</CODE>, but it is suggested to use a new dedicated user account (like
185: <CODE>bird</CODE>). The similar considerations apply for the group option, but there is
186: one more condition -- the users in the same group can use <CODE>birdc</CODE> to
187: control BIRD.
188: <P>
189: <P>Finally, there is a possibility to use external tools to run BIRD in an
190: environment with restricted privileges. This may need some configuration, but it
191: is generally easy -- BIRD needs just the standard library, privileges to read
192: the config file and create the control socket and the CAP_NET_* capabilities.
193: <P>
194: <P>
195: <HR>
196: <A HREF="bird-2.html">Next</A>
197: Previous
198: <A HREF="bird.html#toc1">Contents</A>
199: </BODY>
200: </HTML>
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to bird-1.html CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / bird / doc