Add ROAs for RPKI

This commit is contained in:
sump pump 2020-05-21 20:10:45 +00:00
parent 04b4a53ae4
commit 01c3b41a5e
3 changed files with 65 additions and 1 deletions

View File

@ -40,7 +40,6 @@ roa4 table r4; # ROA RPKI
# expire keep ${bgp_rpki_expire:-172800};
# # Enable SSH transport, disable TCP transport (insecure)
# port 22;
# transport ssh {
# remote public key "${bgp_rpki_known_hosts:-/etc/bird/rpki/known_hosts}";
# user "lixonet";

View File

@ -27,4 +27,11 @@ find bird -type f | xargs -I '{}' cp --verbose {} /etc/{}
find /etc/bird/ -type f -name '*.tmpl' -exec sh -c 'sigil -f {} -p $(cat /etc/lixonet/lixonet.conf | tr "\\n" " ") > "$(dirname {})/$(basename {} .tmpl)"' {} \;
find /etc/bird/ -type f -name '*.tmpl' | xargs -I '{}' rm -f {}
# GoRTR
# Remove existing configuration
rm -v -rf /etc/gortr/*
# Copy all gortr default files to /etc/(gortr)
find gortr -type d | xargs -I '{}' mkdir --verbose -p /etc/{}
find gortr -type f | xargs -I '{}' cp --verbose {} /etc/{}
docker-compose up -d --build

58
gortr/roas.json Normal file
View File

@ -0,0 +1,58 @@
{
"roas": [
{
"comment": "denco.mane.lixo",
"asn": "AS4206969008",
"prefix": "172.31.8.0/21",
"maxLength": 21
},
{
"comment": "lkwco.mane.lixo",
"asn": "AS4206969016",
"prefix": "172.31.16.0/21",
"maxLength": 21
},
{
"comment": "inwwv.nurd.lixo",
"asn": "AS4206969200",
"prefix": "172.31.200.0/21",
"maxLength": 21
},
{
"comment": "manva.nurd.lixo",
"asn": "AS4206969208",
"prefix": "172.31.208.0/22",
"maxLength": 22
},
{
"comment": "daltx.nurd.lixo",
"asn": "AS4206969212",
"prefix": "172.31.212.0/22",
"maxLength": 22
},
{
"comment": "phxaz.nurd.lixo",
"asn": "AS4206969216",
"prefix": "172.31.216.0/21",
"maxLength": 21
},
{
"comment": "anycast denco.mane.lixo",
"asn": "AS4206969008",
"prefix": "172.31.254.0/24",
"maxLength": 24
},
{
"comment": "anycast manva.nurd.lixo",
"asn": "AS4206969208",
"prefix": "172.31.254.0/24",
"maxLength": 24
},
{
"comment": "anycast phxaz.nurd.lixo",
"asn": "AS4206969216",
"prefix": "172.31.254.0/24",
"maxLength": 24
}
]
}