mirror/bgp-stayrtr
1
0
Fork 0
mirror of https://github.com/bgp/stayrtr.git synced 2024-05-06 15:54:54 +00:00
Code Issues
5 Commits 27 Branches 9 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Louis Poinsignon a2cf651a9d Added Dockerfile, bugfix
2018-08-07 11:09:50 -07:00
lib
Added Dockerfile, bugfix
2018-08-07 11:09:50 -07:00
vendor
Init
2018-08-06 16:08:24 -07:00
Dockerfile
Added Dockerfile, bugfix
2018-08-07 11:09:50 -07:00
Gopkg.lock
Init
2018-08-06 16:08:24 -07:00
Gopkg.toml
Init
2018-08-06 16:08:24 -07:00
gortr.go
Added Dockerfile, bugfix
2018-08-07 11:09:50 -07:00
LICENSE.txt
Added license
2018-08-06 16:13:17 -07:00
README.md
Update README.md
2018-08-06 16:49:29 -07:00

README.md

GoRTR

Go implementation of a RPKI to Router protocol.

  • /lib contains a library to create your own server and client.
  • gortr.go is a simple implementation that fetches a list and offers it to a router.

Features of the server

  • Refreshes a JSON list of prefixes (from either Cloudflare or a RIPE Validator)
  • Prometheus metrics
  • Lightweight
  • TLS

Features of the API

Run it

$ ./gortr -bind 127.0.0.1:8282 -cache datasource

Data sources

Use your own validator, as long as the JSON source follows the following schema:

{
  "roas": [
    {
      "prefix": "10.0.0.0/24",
      "maxLength": 24,
      "asn": "AS65001"
    },
    ...
  ]
}

Configure on Juniper

Configure a session to the RTR server

louis@router> show configuration routing-options validation
group TEST-RPKI {
    session 192.168.1.100 {
        port 8282;
    }
}

Add policies to validate or invalidate prefixes

louis@router> show configuration policy-options policy-statement STATEMENT-EXAMPLE
term RPKI-TEST-VAL {
    from {
        protocol bgp;
        validation-database valid;
    }
    then {
        validation-state valid;
        next term;
    }
}
term RPKI-TEST-INV {
    from {
        protocol bgp;
        validation-database invalid;
    }
    then {
        validation-state invalid;
        reject;
    }
}

Display status of the session to the RTR server.

louis@router> show validation session 192.168.1.100 detail
Session 192.168.1.100, State: up, Session index: 1
  Group: TEST-RPKI, Preference: 100
  Port: 8282
  Refresh time: 300s
  Hold time: 600s
  Record Life time: 3600s
  Serial (Full Update): 1
  Serial (Incremental Update): 1
    Session flaps: 2
    Session uptime: 00:25:07
    Last PDU received: 00:04:50
    IPv4 prefix count: 46478
    IPv6 prefix count: 8216

Show content of the database

louis@router> show validation database brief
RV database for instance master

Prefix                 Origin-AS Session                                 State   Mismatch
1.0.0.0/24-24              13335 192.168.1.100                           valid
1.1.1.0/24-24              13335 192.168.1.100                           valid

License

Licensed under the BSD 3 License.

Description
No description provided
Readme 9.6 MiB
Languages
Go 97.2%
Makefile 1.9%
Dockerfile 0.8%