• Pavel Tvrdík's avatar
    RPKI protocol with one cache server per protocol · 46610354
    Pavel Tvrdík authored
    The RPKI protocol (RFC 6810) using the RTRLib
    (http://rpki.realmv6.org/) that is integrated inside
    the BIRD's code.
    
    Implemeted transports are:
     - unprotected transport over TCP
     - secure transport over SSHv2
    
    Example configuration of bird.conf:
      ...
      roa4 table r4;
      roa6 table r6;
    
      protocol rpki {
        debug all;
    
        # Import both IPv4 and IPv6 ROAs
        roa4 { table r4; };
        roa6 { table r6; };
    
        # Set cache server (validator) address,
        # overwrite default port 323
        remote "rpki-validator.realmv6.org" port 8282;
    
        # Overwrite default time intervals
        retry   10;         # Default 600 seconds
        refresh 60;         # Default 3600 seconds
        expire 600;         # Default 7200 seconds
      }
    
      protocol rpki {
        debug all;
    
        # Import only IPv4 routes
        roa4 { table r4; };
    
        # Set cache server address to localhost,
        # use default ports tcp => 323 or ssh => 22
        remote 127.0.0.1;
    
        # Use SSH transport instead of unprotected...
    46610354