On Fri, Jan 15, 2010 at 05:23:48PM +0300, Mikhail A. Grishin wrote:

Hi, Ondrej

BIRD at production server is still stable and VERY fast (comparing with Quagga).

We have some questions about BIRD and may be some bugs. Hope you could help us with these issues.

1. Is it possible to run daemon not as root, but as some unpriveleged user (like quagga does)? This is very important for security reasons. (binding to 179/tcp port with root priveleges, other tasks without root)

It is not possible. I have this feature in TODO list, but it is pretty big change. OTOH, for just the route server case (just BGP without kernel routing table sync) that might be an easy.

2. Is it possible to organise birdc interface to work in "read only" mode, with limited set of commands, like "show ...", "help" and "exit"? This is for duty staff, and for looking glass access. (Also there are many security reasons in this question)

3. Is it possible to implement option in config file, that specify permissions for sock file (bird.ctl) ? This is for access to birdc console from non-root rights (until 2. is unresolved).

No, it is not implemented. A workaround might be to use chmod/chown on bird.ctl in start script, or define sudo commands for appropriate tasks.

4. How you apply automatic cron reconfiguration of bird? How could we say "reconfigure" from birdc interface inside some scripts? Do you have working examples? We plan to do it from remote machine via ssh.

echo configure | birdc

5. Lack of text output filters. If we need to view some very big output (10000+ routes from some peer), we want to apply search filters to text output (like "| grep", "| grep -v", "| begin" (this is from cisco) )

You can use integrated filters: show route where ... or redirect output echo show route | birdc | grep ...

6. Lack of text output redirection to external file. If we want to save large output into text file for further analysis, we want to do something like: "show route all > file.txt"

echo show route all | birdc > file.txt

7. How could we turn off paging(more) inside birdc console ?

It is turned off if output is redirected to file/pipe.

8. (Bug?) On test Bird installation, with 3 peers only, at 11am today(15Jan) I saw that session with some peer is up since "15:36" (and no date). I understood, that is means 15:36 14Jan. After 12:30, (90 minules later) the same session shows "Jan14" (there is no more 15:36). Why so?

Limit is 20 hours. Afer that, just a day is shown. Rather strange behavior, i acknowledge.

9. (addition to 8.)In general, we want to see time and date output for every session, every route. Is it possible? This is VERY important for looking glass tasks.

There is no config option for it, but it could be done by simple change in the source code. I could send you a patch, if you want. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."