BGPKIT Blog

Command-line Routing Stats with Monocle and Cloudflare Radar API

Command-line Routing Stats with Monocle and Cloudflare Radar API

Mingwei Zhang's photo
Mingwei Zhang
·

4 min read

BGPKIT monocle is a command-line utility program that helps users quickly pull Internet routing-related information from publicly available sources.

https://github.com/bgpkit/monocle

In BGPKIT monocle version V0.5, we add support for querying Cloudflare Radar's new BGP routing statistics and prefix-to-origin mapping APIs, the same APIs that power the Cloudflare Radar routing section. monocle users can now quickly glance overview of routing stats for any given ASN, country, or the whole Internet. Users can also quickly look up prefix origins and examine their RPKI validation status as well as prefix visibility on the global routing tables.

Using monocle radar

We added a new monocle radar command group in V0.5, which contains the following to subcommands:

  • monocle radar stats [QUERY]: get routing stats (like prefix count, rpki invalid count) for a given country or ASN.

  • monocle radar pfx2as [QUERY] [--rpki-status valid|invalid|unknown]: get prefix to origin mapping for a given prefix or ASN

mingwei@terrier ~ % monocle radar
Cloudflare Radar API lookup (set CF_API_TOKEN to enable)

Usage: monocle radar <COMMAND>

Commands:
  stats   get routing stats
  pfx2as  look up prefix to origin mapping on the most recent global routing table snapshot
  help    Print this message or the help of the given subcommand(s)

Options:
  -h, --help     Print help
  -V, --version  Print version

Cloudflare API token needed

Since the monocle radar command relies on querying data using Cloudflare Radar public API, we also need to specify a user API token as the environment variable CF_API_TOKEN. Obtaining an API token is free and only needs a Cloudflare account. Interested users can follow their official tutorial to obtain a token. The environment variable can be set in a .env file in the current directory, or set in ~/.bashrc or ~/.profile etc.

monocle radar stats

Users can query the routing statistics for a given country or ASN. For example, monocle radar stats us returns the routing stats for the United States, while monocle radar stats 174 returns the stats for Cogent (AS174).

The displayed table is further divided into three rows, one for overall counting, and one for IPv4 and IPv6-specific counting. For each row, we show the following fields:

  • origins: the number of origins ASes registered in the given country

  • prefixes: the number of prefixes originated by the given ASN or ASes registered in the given country

  • rpki_valid/invalid/unknown: the number of RPKI valid/invalid/unknown prefix routes (prefix-origin mapping) on the global routing table and their percentage of the overall routes.

monocle radar pfx2as

Users can query the prefix-to-origin API to get the mapping of origin ASes and their originated prefixes on the global routing table.

In the following example, monocle radar pfx2as 174 --rpki-status invalid, we ask for all the prefixes originated by AS174 with the RPKI validation status to be invalid. This command returns us the list of RPKI invalid prefixes originated by AS174 at the time of generating the dataset.

Questions it can answer now (more in the future)

Here is a selected list of questions that monocle radar command can answer you:

  • How many ASes are there on the Internet that announce at least one prefix? (81,770)

  • How many of these ASes announce only IPv6 prefixes? (6,853)

  • How many prefixes are there on the global routing table? (1,205,218)

  • How many prefixes do AS400644 announce? (1)

  • Which AS(es) originates 1.1.1.0/24? (AS13335)

  • How many prefixes originated by AS174 are NOT covered by some RPKI ROA? (a lot, 94%+)

  • How about the RPKI valid ratio for the Philippines? (77%, nice!)

Powered by Cloudflare Radar free API

Cloudflare Radar is a hub that showcases global Internet traffic, attack, and technology trends and insights.

What Cloudflare Radar shines is its data openness. Everything you see on the Cloudflare Radar website is powered by their free publicly available APIs. It's a treasure trove there, and all users need is a free API token to access everything.

At BGPKIT, we think we can further improve the usability of the API by exposing them as a proper Rust SDK: radar-rs. This is our (unofficial) effort on bringing the Cloudflare Radar's rich data to Rust developers. For example, monocle radar is powered by this SDK.

bgpcloudflarerouting