[FROG] RPKI, this is getting a bit frustrating
Willy Manga
mangawilly at gmail.com
Fri Sep 29 05:30:26 UTC 2023
Hi Chris,
On 28/09/2023 20:38, frog-request at lists.frrouting.org wrote:
> [...]
> My RPKI config:
> rpki
> rpki cache 172.65.0.2 8282 preference 1
> rpki cache 172.65.0.2 8283 preference 2
[...]
Is there a reason to use the same validator on two different ports ? Why
not use another one? (by the way I was not even aware of port 8283 on
that validator)
In my setup running FRRouting 9.0.1 (bdr2) on Linux(6.1.0-12-amd64),
debian 12.
I have 3 validators
- 2 from Cloudflare (IPv4 and IPv6)
- another one on IPv6
We perform route origin validation without any issue.
Config
b# sh rpki cache-connection
Connected to group 2
rpki tcp cache rp.my.domain 323 pref 5
rpki tcp cache 2606:4700:60::2 8282 pref 2 (connected)
rpki tcp cache 172.65.0.2 8282 pref 3
sh memory bgpd --> http://paste.debian.net/1293467/
--
Willy Manga
@ongolaboy
https://ongola.blogspot.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20230929/8748c81d/attachment.sig>
More information about the frog
mailing list