git.ipfire.org Git - thirdparty/bird.git/commit

author	Pavel Tvrdík <pawel.tvrdik@gmail.com>
	Thu, 17 Sep 2015 15:15:30 +0000 (17:15 +0200)
committer	Jan Moskyto Matejka <mq@ucw.cz>
	Wed, 7 Dec 2016 08:35:24 +0000 (09:35 +0100)
commit	65d2a88dd2aaef7344cfa62918e3ddf4c72ca50a
tree	26da08ceb1c12c4b5fd37d9a4fd51cfc5b70b301	tree \| snapshot
parent	2706747f66ab0e7a7f2b8acc6bd7fbd376647258	commit \| diff

RPKI protocol with one cache server per protocol

The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...

Makefile.in		diff \| blob \| blame \| history
configure.in		diff \| blob \| blame \| history
doc/bird.sgml		diff \| blob \| blame \| history
filter/filter.c		diff \| blob \| blame \| history
lib/Makefile		diff \| blob \| blame \| history
lib/libssh.c	[new file with mode: 0644]	blob
lib/libssh.h	[new file with mode: 0644]	blob
lib/resource.c		diff \| blob \| blame \| history
lib/resource.h		diff \| blob \| blame \| history
lib/socket.h		diff \| blob \| blame \| history
nest/proto.c		diff \| blob \| blame \| history
nest/protocol.h		diff \| blob \| blame \| history
nest/route.h		diff \| blob \| blame \| history
nest/rt-table.c		diff \| blob \| blame \| history
proto/Doc		diff \| blob \| blame \| history
proto/rpki/Doc	[new file with mode: 0644]	blob
proto/rpki/Makefile	[new file with mode: 0644]	blob
proto/rpki/config.Y	[new file with mode: 0644]	blob
proto/rpki/packets.c	[new file with mode: 0644]	blob
proto/rpki/packets.h	[new file with mode: 0644]	blob
proto/rpki/rpki.c	[new file with mode: 0644]	blob
proto/rpki/rpki.h	[new file with mode: 0644]	blob
proto/rpki/ssh_transport.c	[new file with mode: 0644]	blob
proto/rpki/tcp_transport.c	[new file with mode: 0644]	blob
proto/rpki/transport.c	[new file with mode: 0644]	blob
proto/rpki/transport.h	[new file with mode: 0644]	blob
sysdep/autoconf.h.in		diff \| blob \| blame \| history
sysdep/unix/io.c		diff \| blob \| blame \| history