From a3836c5eb670d7ffef63d9252deb02cb7a4740b6 Mon Sep 17 00:00:00 2001 From: rebortg Date: Fri, 27 Jan 2023 13:18:08 +0100 Subject: rpki: sync branches --- docs/configuration/protocols/rpki.rst | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/docs/configuration/protocols/rpki.rst b/docs/configuration/protocols/rpki.rst index cae66044..294a91f8 100644 --- a/docs/configuration/protocols/rpki.rst +++ b/docs/configuration/protocols/rpki.rst @@ -58,8 +58,7 @@ Imported prefixes during the validation may have values: notfound No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ - (default-free zone)` at the start of 2020 (see more detail in - NLnet Labs' `RPKI analytics`_). + (default-free zone)` at the start of 2020 .. note:: If you are responsible for the global addresses assigned to your @@ -104,20 +103,20 @@ In a nutshell, the current implementation provides the following features: Configuration ************* -.. cfgcmd:: protocols rpki polling-period <1-86400> +.. cfgcmd:: set protocols rpki polling-period <1-86400> Define the time interval to update the local cache The default value is 300 seconds. -.. cfgcmd:: protocols rpki cache
port +.. cfgcmd:: set protocols rpki cache
port Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used. This is a mandatory setting. -.. cfgcmd:: protocols rpki cache
preference +.. cfgcmd:: set protocols rpki cache
preference Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used. @@ -133,19 +132,19 @@ first need to create yoursels an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection. -.. cfgcmd:: protocols rpki cache
ssh username +.. cfgcmd:: set protocols rpki cache
ssh username SSH username to establish an SSH connection to the cache server. -.. cfgcmd:: protocols rpki cache
ssh known-hosts-file +.. cfgcmd:: set protocols rpki cache
ssh known-hosts-file Local path that includes the known hosts file. -.. cfgcmd:: protocols rpki cache
ssh private-key-file +.. cfgcmd:: set protocols rpki cache
ssh private-key-file Local path that includes the private key file of the router. -.. cfgcmd:: protocols rpki cache
ssh public-key-file ssh public-key-file Local path that includes the public key file of the router. @@ -191,10 +190,9 @@ Test`_ experimental tool. .. _Routinator: https://www.nlnetlabs.nl/projects/rpki/routinator/ .. _GoRTR: https://github.com/cloudflare/gortr .. _OctoRPKI: https://github.com/cloudflare/cfrpki#octorpki -.. _Validator: https://www.ripe.net/manage-ips-and-asns/resource-management/certification/tools-and-resources +.. _Validator: https://www.ripe.net/manage-ips-and-asns/resource-management/rpki/tools-and-resources .. _some instructions: https://labs.ripe.net/Members/tashi_phuntsho_3/how-to-install-an-rpki-validator .. _Krill: https://www.nlnetlabs.nl/projects/rpki/krill/ -.. _RPKI analytics: https://www.nlnetlabs.nl/projects/rpki/rpki-analytics/ .. _RIPE Labs RPKI Test: https://sg-pub.ripe.net/jasper/rpki-web-test/ .. _excellent guide to RPKI: https://rpki.readthedocs.io/ .. _help and operational guidance: https://rpki.readthedocs.io/en/latest/about/help.html -- cgit v1.2.3