![]() Invalid: /routing/rpki rpki-check group=XGARPKI prefix=2606:4700:7000::/48 origin-as=13335įilters will be used by the router to. Valid (at time of writing): /routing/rpki/ rpki-check group=XGARPKI prefix=2a05:dfc7:1000::/48 origin-as=205531 We can run the command /routing/rpki rpki-check to check the status of a particular route. You can test your connection on the command line: /routing/rpki/session/printĠ group=XGARPKI address=1.2.3.4 port=3323 state=sync version=1 session=49550 serial=207 expires=1h57m5s Testing connection from the router to Routinator This is used later during set-up of filtering. It's important to include a group name when configuring RPKI! Use the port 3323 unless you changed it earlier. Using your method of choice, configure your router in the /Routing/RPKI options to use the address of your Routinator server. Note: 1.2.3.4 replaces the local IP address I'm using. Testing 2001:4860::/32 with origin AS15169 (a Google subnet and the Google ASN) should pass. If you check the prefix 2606:4700:7000::/48 with origin AS13335, you should see the test fail. When the server is up and running, try to access the web interface. If you want to see stdout while it prepares, just omit the -d flag. Once this is done, you can run docker-compose up -d routinator to get the container running, it might take a few minutes to get the required files ready. See the Routinator docs for more info (especially on the accepting RPA section) docker run -rm -v ~/docker_data/routinator:/home/routinator/.rpki-cache/tals nlnetlabs/routinator init -f -accept-arin-rpa ![]() Once the docker-compose file is created, you can initialise Routinator and accept the ARIN RPA. The folder needs to have the UID/GID 1012, so run chown -R 1012:1012 routinator/ to change the permissions. Once you create the docker-compose file, we'll need that Routinator folder. This docker-compose file uses the latest Routinator image from docker-hub, allows access to the 3323 port (for RPKI checking) and 9556 (for the web client).Ī volume is also created for the cache files. ![]() routinator:/home/routinator/.rpki-cache/tals The docker-compose configuration I use: routinator: I use docker-compose so I can make environments repeatable. I partially followed another guide for the setup, so full credit there.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |