Secure BGP Prototype Software

Overview

The Secure BGP (S-BGP) software consists of four modules that use several third-party libraries. Newer versions of these libraries are available. In most cases, the newer versions should work with the S-BGP modules. The specific versions that have been tested with the S-BGP modules are identified below.

The S-BGP software has been tested with RedHat Linux 7.3, linux-2.4.18-3. In particular, the OpenSourceCMS software may be OS dependent, as is was written for the secure version of Linux. The other S-BGP modules should compile other similar operating systems.

S-BGP software modules:

  1. S-BGP software for routers (MRT with S-BGP extensions)
  2. the S-BGP NOC tools
  3. a certificate management system (OpenSourceCMS)
  4. the S-BGP Repository
The S-BGP-1.0 source release for these modules, and the BBN ASN compiler, is available for downloaded.

Additional third-party software used by the above:

  1. Merit Multi-threaded Routing Toolkit (MRT) provides the BGP router functionality. Due to the modifications required for S-BGP, it is included with the S-BGP 1.0 release.

  2. Apache provides the web server front end for the S-BGP Repository. The specific version used is 1.3.26; newer versions should work.

  3. ModSSL provides communications security for the S-BGP Repository. The version must be compatible with the version of the Apache server that is used. The specific version used is 2.8.10-1.3.26. Newer versions compatible with the Apache server should work.

  4. OpenSSL provides cryptographic functionality for the S-BGP modules. Version 0.9.7-beta3 is used, but any more recent version should work.

  5. Java is required for the NOC tools. The specific version used is Sun's 1.4.1; older versions lack required functionality. Newer versions should work.

  6. MySQL database is used by the S-BGP NOC Tools. The specific version used is 3.23.49, but any more recent version should work.

  7. PostgreSQL database is used by the S-BGP Repository. The specific version used is 7.1.3, but any more recent version should work.

  8. GPKCS-11 provides the cruptographic API to the OpenSSL provider for the S-BGP certificate management system. The specific version used is 0.7.2.

  9. DigitalNet provides certificate path validation functionality used by the S-BGP NOC Tools. On the web site, go to Knowledge Bank and then SMP. The specific versions used are:
    1. CML 2.0
    2. SFL 2.0
    3. SNACC 13rn7
    Note that a newer API in more recent versions does NOT work with the S-BGP modules.

  10. BBN ASN compiler is used to compile ASN.1 modules for the S-BGP modules. (It is also included in the S-BGP 1.0 release.)

Additional software development tools are required for C, C++, and Java to compile the modules from source.

Copyright and License