The name `BIRD' is actually an acronym standing for `BIRD Internet Routing Daemon'. Let's take a closer look at the meaning of the name:
BIRD: Well, we think we have already explained that. It's an acronym standing for `BIRD Internet Routing Daemon', you remember, don't you? :-)
Internet Routing: It's a program (well, a daemon, as you are going to discover in a moment) which works as a dynamic router in an Internet type network (that is, in a network running either the IPv4 or the IPv6 protocol). Routers are devices which forward packets between interconnected networks in order to allow hosts not connected directly to the same local area network to communicate with each other. They also communicate with the other routers in the Internet to discover the topology of the network which allows them to find optimal (in terms of some metric) rules for forwarding of packets (which are called routing tables) and to adapt themselves to the changing conditions such as outages of network links, building of new connections and so on. Most of these routers are costly dedicated devices running obscure firmware which is hard to configure and not open to any changes (on the other hand, their special hardware design allows them to keep up with lots of high-speed network interfaces, better than general-purpose computer does). Fortunately, most operating systems of the UNIX family allow an ordinary computer to act as a router and forward packets belonging to the other hosts, but only according to a statically configured table.
A Routing Daemon is in UNIX terminology a non-interactive program running on background which does the dynamic part of Internet routing, that is it communicates with the other routers, calculates routing tables and sends them to the OS kernel which does the actual packet forwarding. There already exist other such routing daemons: routed (RIP only), GateD (non-free), Zebra http://www.zebra.org and MRTD http://sourceforge.net/projects/mrt, but their capabilities are limited and they are relatively hard to configure and maintain.
BIRD is an Internet Routing Daemon designed to avoid all of these shortcomings, to support all the routing technology used in the today's Internet or planned to be used in near future and to have a clean extensible architecture allowing new routing protocols to be incorporated easily. Among other features, BIRD supports:
BIRD has been developed at the Faculty of Math and Physics, Charles University, Prague, Czech Republic as a student project. It can be freely distributed under the terms of the GNU General Public License.
BIRD has been designed to work on all UNIX-like systems. It has been developed and tested under Linux 2.0 to 2.6, and then ported to FreeBSD, NetBSD and OpenBSD, porting to other systems (even non-UNIX ones) should be relatively easy due to its highly modular architecture.
BIRD supports either IPv4 or IPv6 protocol, but have to be compiled separately for each one. Therefore, a dualstack router would run two instances of BIRD (one for IPv4 and one for IPv6), with completely separate setups (configuration files, tools ...).
On a recent UNIX system with GNU development tools (GCC, binutils, m4, make) and Perl, installing BIRD should be as easy as:
./configure
make
make install
vi /usr/local/etc/bird.conf
bird
You can use ./configure --help to get a list of configure
options. The most important ones are:
--enable-ipv6 which enables building of an IPv6 version of BIRD,
--with-protocols= to produce a slightly smaller BIRD executable by configuring out routing protocols you don't use, and
--prefix= to install BIRD to a place different from.
/usr/local.
You can pass several command-line options to bird:
-c config nameuse given configuration file instead of prefix/etc/bird.conf.
-denable debug messages and run bird in foreground.
-D filename of debug loglog debugging information to given file instead of stderr.
-pjust parse the config file and exit. Return value is zero if the config file is valid, nonzero if there are some errors.
-s name of communication socketuse given filename for a socket for communications with the client, default is prefix/var/run/bird.ctl.
-u userdrop privileges and use that user ID, see the next section for details.
-g groupuse that group ID, see the next section for details.
BIRD writes messages about its work to log files or syslog (according to config).
BIRD, as a routing daemon, uses several privileged operations (like
setting routing table and using raw sockets). Traditionally, BIRD is
executed and runs with root privileges, which may be prone to security
problems. The recommended way is to use a privilege restriction
(options -u, -g). In that case BIRD is executed with root
privileges, but it changes its user and group ID to an unprivileged
ones, while using Linux capabilities to retain just required
privileges (capabilities CAP_NET_*). Note that the control socket is
created before the privileges are dropped, but the config file is read
after that. The privilege restriction is not implemented in BSD port
of BIRD.
A nonprivileged user (as an argument to -u options) may be the
user nobody, but it is suggested to use a new dedicated user
account (like bird). The similar considerations apply for
the group option, but there is one more condition -- the users
in the same group can use birdc to control BIRD.
Finally, there is a possibility to use external tools to run BIRD in an environment with restricted privileges. This may need some configuration, but it is generally easy -- BIRD needs just the standard library, privileges to read the config file and create the control socket and the CAP_NET_* capabilities.