BirdVector UI for pfSense: A Comprehensive Guide to Installing and Using Bird BGP Daemon, Pathvector, and BGPQ4 on pfSense

3 min readMay 27, 2024

What is BirdVector?

BirdVector is a powerful pfSense package that directly integrates the Bird BGP daemon, Pathvector, and BGPQ4 into the pfSense environment. This package allows you to manage these tools conveniently through the pfSense WebUI, providing complete control over your network routing configurations.

Installation

To install BirdVector, follow these steps to ensure all dependencies are met, and the package is correctly set up. The installation process differs slightly depending on whether you are running pfSense 2.6 (FreeBSD-12) or pfSense 2.7 (FreeBSD-14).

Step 1: Install Dependencies

First, you need to install the required dependencies. Open your pfSense terminal and execute the following commands:

pkg install libssh
pkg install pfSense-pkg-Cron
pkg add https://pkg.freebsd.org/FreeBSD:14:amd64/latest/All/bgpq4-1.12.pkg
pkg add https://pkg.freebsd.org/FreeBSD:14:amd64/latest/All/bird2-2.15.1.pkg

Step 2: Download and Install the BirdVector Package

Next, download and install the latest version of the BirdVector package. Ensure you select the appropriate version for your pfSense installation.

For pfSense 2.7:

echo "IGNORE_OSVERSION=yes" >> /usr/local/etc/pkg.conf
echo "net.inet.tcp.sendbuf_max=2097152" >> /etc/sysctl.conf
pkg add https://github.com/zappiehost/pfSense-pkg-birdvector/releases/latest/download/pfSense-pkg-BirdVector.pkg

For pfSense 2.6:

echo "IGNORE_OSVERSION=yes" >> /usr/local/etc/pkg.conf
echo "net.inet.tcp.sendbuf_max=2097152" >> /etc/sysctl.conf
pkg add https://github.com/zappiehost/pfSense-pkg-birdvector/releases/latest/download/pfSense-pkg-BirdVector-2.6.pkg

Step 3: Schedule Regular Updates for Pathvector

It is recommended that Pathvector be run every 12 hours to update IRR prefix lists and PeeringDB prefix limits. Adding the following to your crontab will update the filters at 12 AM and PM every day:

0 */12 * * * /usr/local/bin/pathvector -c /usr/local/etc/pathvector.yaml generate

Step 4: Verify Installation

After installation, verify that BirdVector and its dependencies are correctly installed and functioning. You can access the BIRD interface via the pfSense WebUI by navigating to Services -> BIRD or System -> Packages -> Installed Packages.

Guide to Setting Up BIRD with Pathvector on pfSense

This guide provides instructions for configuring BIRD with Pathvector on pfSense. Replace placeholders with actual values.

Configuration Files and Commands

Pathvector Configuration

asn: <YOUR_ASN>
router-id: <YOUR_ROUTER_ID>
bgpq-args: -S RIPE,APNIC,ARIN,LACNIC,AFRINIC
irr-server: whois.radb.net
rtr-server: rtr.rpki.cloudflare.com:8282


prefixes:
  - <YOUR_IPV4_PREFIX>/24
  - <YOUR_IPV6_PREFIX>/48

templates:
  upstream:
    allow-local-as: true
    import-limit6: 300000
    announce: ["<YOUR_ASN>:0:15"]
    remove-all-communities: <YOUR_ASN>
    local-pref: 80
    add-on-import: ["<YOUR_ASN>:0:12"]

  routeserver:
    filter-transit-asns: true
    auto-import-limits: true
    enforce-peer-nexthop: false
    enforce-first-as: false
    announce: ["<YOUR_ASN>:0:15"]
    remove-all-communities: <YOUR_ASN>
    local-pref: 90
    add-on-import: ["<YOUR_ASN>:0:13"]

  peer:
    filter-irr: true
    filter-transit-asns: true
    auto-import-limits: true
    auto-as-set: true
    announce: ["<YOUR_ASN>:0:15"]
    remove-all-communities: <YOUR_ASN>
    local-pref: 100
    add-on-import: ["<YOUR_ASN>:0:14"]

  downstream:
    filter-irr: true
    allow-blackhole-community: true
    filter-transit-asns: true
    auto-import-limits: true
    auto-as-set: true
    announce: ["<YOUR_ASN>:0:15"]
    announce-default: true
    remove-all-communities: <YOUR_ASN>
    local-pref: 200
    add-on-import: ["<YOUR_ASN>:0:15"]

peers:
  ExamplePeer:
    asn: <PEER_ASN>
    template: upstream
    neighbors:
      - <PEER_IPV4_ADDRESS>
      - <PEER_IPV6_ADDRESS>

Replace the placeholders YOUR_ASN, YOUR_ROUTER_ID, YOUR_IPV4_PREFIX, YOUR_IPV6_PREFIX, PEER_ASN_IPV4, PEER_IPV4_ADDRESS, PEER_ASN_IPV6, and PEER_IPV6_ADDRESS with actual values.

Generating BIRD Configuration

/usr/local/bin/pathvector -c /usr/local/etc/pathvector.yaml generate

BIRD Service Management

Ensure BIRD starts on boot:

echo "bird_enable=YES" >> /etc/rc.conf

Start or restart BIRD:

service bird onestart
service bird onerestart

Monitoring BIRD Protocols

Check the status of all protocols:

birdc show protocols

Show exported routes:

birdc show route export IPV4_PEER_NAME
birdc show route export IPV6_PEER_NAME

Show imported routes:

birdc show route import IPV4_PEER_NAME
birdc show route import IPV6_PEER_NAME

Show detailed protocol information:

birdc show protocol all IPV4_PEER_NAME
birdc show protocol all IPV6_PEER_NAME

Replace IPV4_PEER_NAME and IPV6_PEER_NAME with the actual protocol names defined in your BIRD configuration.

Uninstalling BirdVector

If you need to uninstall BirdVector, follow these simple steps:

pkg delete pfSense-pkg-BirdVector

This command will remove the BirdVector package from your pfSense system.

Conclusion

BirdVector offers a streamlined way to manage BGP configurations through pfSense’s WebUI, integrating powerful tools like Bird BGP daemon, Pathvector, and BGPQ4. Following the installation steps, you can easily set up and manage BirdVector on your pfSense system. If you encounter any issues or need further assistance, consult the pfSense community forums or documentation for additional support.

Credit

https://github.com/zappiehost/pfSense-pkg-birdvector