dn42-roagen/README.md

82 lines
2.3 KiB
Markdown
Raw Permalink Normal View History

2019-01-04 10:31:16 +00:00
## dn42-roagen
This ROA generator honors the following principles:
- All routes listed with origin AS0 is per [RFC 6483 section 4][0] set with max-length
to /128 (v6) or /32 (v4). This is done intentionally to fail ROA validaton and thereby
avoid the prefix being routed inside DN42. This is desible if a prefix is e.g. only
intended for use with eBGP direct peering.
- This ROA generator is compliant with max-length value in route(6) objects present in
the registry. If no max-length is set for a given route(6) object. The legacy max-length
is used. This is /28 (v4) or /64 (v6).
### Requirements for running
1. Verify curl, git, bash, and php is installed.
2. `mkdir -p ~/dn42/`.
3. `cd ~/dn42/`.
2020-07-23 20:02:40 +00:00
4. `git clone https://git.dn42.dev/as4242420144/roagen.git`.
5. `git clone https://git.dn42.dev/dn42/registry.git`.
2018-12-27 22:44:32 +00:00
6. `git -C registry/ remote rename origin upstream && git -C registry/ fetch --all`
2019-01-04 10:51:48 +00:00
7. Verify everything work by running `cd ~/dn42/roagen/ && ./update.sh`.
2019-01-04 10:56:54 +00:00
8. In $USER crontab file put `@daily cd ~/dn42/roagen/ && ./update.sh`. Finetune
time between runs to your liking.
2019-01-04 10:56:54 +00:00
NB: The roagen.php script is written with the paths to the dn42 registry
folder being both git repositories reside in the same parent folder.
2018-12-19 12:28:05 +00:00
```
2019-01-04 10:25:46 +00:00
$ tree -L 3 ~/dn42/
/home/$USER/dn42/
2018-12-19 12:28:05 +00:00
|-- registry
2019-01-04 10:25:46 +00:00
| |-- README.md
| |-- check-my-stuff
| |-- check-pol
| |-- check-remote
| |-- data
| | |-- as-block
| | |-- as-set
| | |-- aut-num
| | |-- dns
| | |-- filter.txt
| | |-- filter6.txt
| | |-- inet6num
| | |-- inetnum
| | |-- key-cert
| | |-- mntner
| | |-- organisation
| | |-- person
| | |-- registry
| | |-- role
| | |-- route
| | |-- route-set
| | |-- route6
| | |-- schema
| | |-- tinc-key
| | `-- tinc-keyset
| |-- fmt-my-stuff
| |-- install-commit-hook
| `-- utils
| `-- schema-check
2019-01-04 10:31:16 +00:00
`-- roagen
2019-01-04 10:25:46 +00:00
|-- README.md
|-- lib
| |-- define.php
| `-- functions.php
|-- rfc8416.php
|-- roa
| |-- README.md
| |-- bird4_roa_dn42.conf
| |-- bird4_route_dn42.conf
| |-- bird6_roa_dn42.conf
| |-- bird6_route_dn42.conf
| |-- bird_roa_dn42.conf
| |-- bird_route_dn42.conf
| |-- export_dn42.json
| `-- export_rfc8416_dn42.json
|-- roagen.php
`-- update.sh
2018-12-19 12:28:05 +00:00
```
[0]: https://tools.ietf.org/html/rfc6483#section-4