BGP Peers discovery - Juniper Switch

Hi,

My Query is regarding BGP peers that are discovered for a juniper device (Juniper JunOS 19.1R3-S2.3) .
I have a case where LibreNMS is discovering 168 peerIdentifiers for a device whereas another tool (VMWare Smarts ) has discovered around 100 PeerIdentifiers for the same device.
When Verified on the difference, I found that Smarts tools is ignoring peers that are having the below oid value as ‘0.0.0.0’
OID : 1.3.6.1.4.1.2636.5.1.1.2.1.1.1.1
‘jnxBgpM2PeerIdentifier’ => ‘0.0.0.0’

Is there a way in LibreNMS either

  1. to ignore the peer that are having ‘jnxBgpM2PeerIdentifier’ => ‘0.0.0.0’ from being discovered
    OR
  2. To storage the value of ‘jnxBgpM2PeerIdentifier’ in a column in DB so that we can filter them using that column in the alert rules.

===========================================

Component Version
LibreNMS 23.11.0 (2023-11-25T19:17:34+00:00)
DB Schema 2023_11_04_125846_packages_increase_name_column_length (273)
PHP 8.1.22
Python 3.10.13
Database MariaDB 10.5.24-MariaDB-1:10.5.24+maria~ubu2004
RRDTool 1.7.2
SNMP 5.9.3

output of Validate Config from UI::

Configuration Ok
Database Ok
Dependencies Ok
Disk Ok
Distributedpoller Ok
Mail Ok
Php Ok
Poller Ok
Programs Warning
WARN: IPv6 is disabled on your server, you will not be able to add IPv6 devices.
Python Ok
Rrd Ok
Rrdcheck Ok
Scheduler Ok
System Ok
Updates Warning
WARN: Non-git install, updates are manual or from package
User Ok
Webserver Failure
FAIL: ServerName is set incorrectly for your webserver, update your webserver config. 10.2.xx.xxx parse failure (/validate/results)
Fix:
ServerName 10.2.xx.xxx

I’m assuming you have 168 bgp sessions configured but only 100 are established? If so, filter on the state in your alert.

Hi laf,

Thanks for your response!
Basically what I’m trying is to get alerts wherever bgpPeerState != established;
Below is my alert rule:
bgpPeers.bgpPeerState != “established” AND macros.device_up = 1 AND bgpPeers.bgpPeerAdminStatus = “running”

Actual problem is Librenms is producing 44 alerts for a device and the same device is producing just 16 alerts on another tool;
When verified on the difference between tools, other tool is not considering the peers where ‘jnxBgpM2PeerIdentifier’ is ‘0.0.0.0’.
Wanted to replicate the same in LibreNMS, I’m trying to ignore the peers where ‘jnxBgpM2PeerIdentifier’ is ‘0.0.0.0’ in LibreNMS. Is there a way to do it?

For More understanding, below are samples of valid and in valid peers (picked from LibreNMS discovery logs).

Valid peer details:
‘jnxBgpM2PeerIdentifier’ => ‘172.26.30.4’,
‘jnxBgpM2PeerState’ => ‘active’,
‘jnxBgpM2PeerStatus’ => ‘running’,

Invalid peer details:
‘jnxBgpM2PeerIdentifier’ => ‘0.0.0.0’,
‘jnxBgpM2PeerState’ => ‘connect’,
‘jnxBgpM2PeerStatus’ => ‘running’,

Can LibreNMS filter out the peers of the pattern mentioned on Invalid peer details (‘jnxBgpM2PeerIdentifier’ => ‘0.0.0.0’)?

Additional details:

Below are the available peer states for the juniper switches configured in our librenms instance
MariaDB [librenms]> select distinct bgpPeerState from bgpPeers;
±-------------+
| bgpPeerState |
±-------------+
| established |
| active |
| idle |
| connect |
±-------------+
4 rows in set (0.013 sec)

You can probably just add bgpPeerIdentifier != ‘0.0.0.0’ to exclude those ones.

However, can you share the output of select bgpPeerState, bgpPeerAdminStatus from bgpPeers where bgpPeerIdentifier = '0.0.0.0'\G

So we can see

Hi laf, PFB output of sql command
MariaDB [librenms]> select bgpPeerState, bgpPeerAdminStatus from bgpPeers where bgpPeerIdentifier = ‘0.0.0.0’;
Empty set (0.001 sec)

Unfortunately bgpPeerIdentifier != ‘0.0.0.0’ doesn’t work beacuse LibreNMS is not storing the jnxBgpM2PeerIdentifier oid at all in the DB.
bgpPeerIdentifier is different from jnxBgpM2PeerIdentifier;

bgpPeerIdentifier column is populated from function “build_bgp_peers($device, $data, $peer2)” available in functions.inc.php in LibreNMS
As far as I understand, currently there is no possible way in LibreNMS to ignore the peers where jnxBgpM2PeerIdentifier oid having values ‘0.0.0.0’. Need for your confirmation as well.

Hence in my initial request, i was looking on below options:

  1. Either to ignore the peers that are having ‘jnxBgpM2PeerIdentifier’ => ‘0.0.0.0’ from being discovered during discovery process.
    OR
  2. To store the value of ‘jnxBgpM2PeerIdentifier’ in a new column in DB so that we can filter them using that column in the alert rules.

That still goes back to my point in the image I shared. 0.0.0.0 is valid for states where the bgp session aren’t established.

You’ll need to look at the data in the bgpPeers to figure out what you can use to only alert on bgp states you want.

Maybe I shouldn’t have used the word invalid. Apologies for the confusion.

I agree 0.0.0.0 is valid for states where bgp sessions aren’t established. But None of the devices in my instance of LibreNMS has bgpPeerIdentifier as 0.0.0.0 in DB even though the oid is giving 0.0.0.0 from the network. So I’m unable to filter the cases where jnxBgpM2PeerIdentifier is 0.0.0.0

Librenms is not taking values from jnxBgpM2PeerIdentifier oid for “bgpPeerIdentifier” column.
Instead it is calculated in a different way (function “build_bgp_peers($device, $data, $peer2)” available in functions.inc.php).

Sharing output from Network and LibreNMS DB below for sample peers of the device (masking few details for security reasons):::::::::

LibreNMS DB::
MariaDB [librenms]> select bgpPeerIdentifier, bgpPeerState, bgpPeerAdminStatus from bgpPeers where device_id=194;
±------------------------±-------------±-------------------+
| bgpPeerIdentifier | bgpPeerState | bgpPeerAdminStatus |
±------------------------±-------------±-------------------+
| 100.127.X.65 | idle | halted |
| 100.127.X.2 | established | running |
| 100.127.X.15 | active | running |
| 17x.26.X.132 | active | running |

snmpbulkwalk ran from librenms container::

/opt/librenms # ‘/usr/bin/snmpbulkwalk’ ‘-Cr50’ ‘-v3’ ‘-l’ ‘authPriv’ ‘-n’ “” ‘-a’ ‘MD5’ ‘-A’ ‘’ ‘-u’
'
’ ‘-x’ ‘AES’ ‘-X’ ‘**********’ ‘-OQUs’ ‘-m’ ‘BGP4-V2-MIB-JUNIPER’ ‘-M’ ‘/opt/librenms/mibs:/opt/lib
renms/mibs/junos’ ‘udp:brbnc02XXXXXXXXXXXX:161’ ‘jnxBgpM2PeerIdentifier’

jnxBgpM2PeerIdentifier.0.ipv4.“”.unknown.“”.0.1.100.127.x.65 = 0.0.0.0
jnxBgpM2PeerIdentifier.0.ipv4.100.127.x.1.1.100.127.x.2 = 100.127.x.2
jnxBgpM2PeerIdentifier.0.ipv4.100.127.x.1.1.100.127.x.15 = 0.0.0.0
jnxBgpM2PeerIdentifier.17.ipv4.17x.26.x.2.1.172.26.x.132 = 17x.26.x.132

From the above example of 4 peers, I’m looking to alert on the cases like last one only and wanted to ignore 1 and 3 from being alerted.

Surely this is a bug in junos then? If you have two bgp peers both saying they are active and running but one has an identifier of 0.0.0.0 then their must be a reason?

I’m not sure of the reason though I’ll try to get it checked with network team.

But I’m curious to know why Librenms is not using jnxBgpM2PeerIdentifier oid to populate bgpPeerIdentifier column?

Because no one has added support to do that.