Following a BGP advertisement hiccup experience last week, we had to explain why it took up to 10 minutes before the situation came back to normal as some part of the internet were unable to reach our services. Looking at the logs and traffic pattern, we were able to determine and validate that the traffic has swing to the alternate links but were unable to explain why it took so long for the whole Internet to converge. since looking at BGP looking glass is showing the actual state of the BGP table, this tool is useless when it is time to review and do a post mortem (Especially when you were not involve when the problem occurred and have to explain what went wrong)
The following are some tools that we put in place to monitor our Internet presence and hopefully get an history of the state of our advertisement.
BGPMON (www.bgpmon.com). This tool allow to validate the prefix advertise by your AS and to validate the upstream AS, This is useful to validate that your prefix are not advertised by anyone else than the autorised source.
THOUSANDEYES (www.thousandeyes.com). Thousand eyes monitor your prefix from point of presence spread across the globe and report the path and keep historical data (YEAH). In case of longer prefix advertisement, the historical data is kept for 24 hours after the last advertisement. This give time to take some screen shot for post mortem but I would have like the historical data to be kept for longer. Thousand offer also the reverse option as you can bgp peer with them and you can see how you can reach the Internet we have not tried this option yet.
Both site offer a limited free edition and of course you can subscribe to a monthly fee that allow to perform more test.
For more detail on BGPMON, go on their website where you can create free test for up to 5 prefix.
Disclaimer, I did not get any advantage from both company, I have just set them up and find both useful and hope to save other the pain I went thorough to figure out what happened.