![]() ![]() Invalid: /routing/rpki rpki-check group=XGARPKI prefix=2606:4700:7000::/48 origin-as=13335įilters will be used by the router to. Valid (at time of writing): /routing/rpki/ rpki-check group=XGARPKI prefix=2a05:dfc7:1000::/48 origin-as=205531 We can run the command /routing/rpki rpki-check to check the status of a particular route. You can test your connection on the command line: /routing/rpki/session/printĠ group=XGARPKI address=1.2.3.4 port=3323 state=sync version=1 session=49550 serial=207 expires=1h57m5s Testing connection from the router to Routinator ![]() This is used later during set-up of filtering. It's important to include a group name when configuring RPKI! Use the port 3323 unless you changed it earlier. Using your method of choice, configure your router in the /Routing/RPKI options to use the address of your Routinator server. Note: 1.2.3.4 replaces the local IP address I'm using. Testing 2001:4860::/32 with origin AS15169 (a Google subnet and the Google ASN) should pass. If you check the prefix 2606:4700:7000::/48 with origin AS13335, you should see the test fail. When the server is up and running, try to access the web interface. ![]() If you want to see stdout while it prepares, just omit the -d flag. Once this is done, you can run docker-compose up -d routinator to get the container running, it might take a few minutes to get the required files ready. See the Routinator docs for more info (especially on the accepting RPA section) docker run -rm -v ~/docker_data/routinator:/home/routinator/.rpki-cache/tals nlnetlabs/routinator init -f -accept-arin-rpa Once the docker-compose file is created, you can initialise Routinator and accept the ARIN RPA. ![]() The folder needs to have the UID/GID 1012, so run chown -R 1012:1012 routinator/ to change the permissions. Once you create the docker-compose file, we'll need that Routinator folder. This docker-compose file uses the latest Routinator image from docker-hub, allows access to the 3323 port (for RPKI checking) and 9556 (for the web client).Ī volume is also created for the cache files. routinator:/home/routinator/.rpki-cache/tals The docker-compose configuration I use: routinator: I use docker-compose so I can make environments repeatable. I partially followed another guide for the setup, so full credit there. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |