Ondrej Zajicek (work)
|
4278abfe27
|
Check validity of dest w.r.t. net_type
Allow to define static roa/flow routes without dest.
|
2017-04-18 13:56:40 +02:00 |
|
Jan Moskyto Matejka
|
c609d03986
|
Merge branch 'int-new' into nexthop-merged
|
2017-02-22 11:58:04 +01:00 |
|
Ondrej Zajicek (work)
|
62e64905b7
|
Several minor fixes
|
2017-02-20 02:26:45 +01:00 |
|
Jan Moskyto Matejka
|
5b208e296f
|
Removing (struct rta)->cast. Never used.
|
2016-12-22 13:09:59 +01:00 |
|
Ondrej Zajicek (work)
|
eeba61ccd5
|
Minor cleanups
|
2016-12-13 20:18:11 +01:00 |
|
Jan Moskyto Matejka
|
b94e5e58db
|
RPKI: fixed some of the extended warnings
|
2016-12-07 15:35:35 +01:00 |
|
Jan Moskyto Matejka
|
af62c0f9f1
|
LibSSH may be switched off together with RPKI
|
2016-12-07 14:15:35 +01:00 |
|
Pavel Tvrdík
|
65d2a88dd2
|
RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
|
2016-12-07 09:35:24 +01:00 |
|