netbox-rpki 0.1.3

NetBox plugin for BGP RPKI support.

NetBox RPKI Plugin

Netbox plugin for adding BGP RPKI elements.

• Free software: Apache-2.0
• Documentation
• Repository
• Python Package

Features

Implements data models and forms for Resource Public Key Infrastructure (RPKI) items.

Models

Organization

• A customer/consumer of Regional Internet Registrar (RIR) services such as RPKI (and IP address and ASN allocations)
• Fields
  • org-id, name, ext_url, parent_rir (foreign key to IPAM ASN)

Resource Certificate

• The X.509 certificate used to sign a customer's ROAs
• May be either self-hosted/managed/published (managed by customer) or managed by the RIR (as part of a "managed" RPKI service)
• Fields
  • name, issuer, subject, serial, valid_from, valid_to, auto_renews, public_key, private_key, publication_url, ca_repository, self_hosted, rpki_org (foreign key to rpki organization)

Route Origination Authorization (ROA)

• A statement that a specific AS number is authorized to originate a specific set of IP prefices.
• Each ROA has a child->parent relationship to a single RPKI ROA object
• Fields
  • name, origin_as (foreign key to IPAM ASN model), valid_from, valid_to, auto_renews, signed_by (foreign key to rpki customer certificate)

ROA prefix

• A specific prefix that is included in the scope of a specific ROA
• Fields
  • prefix (foreign key to IPAM Prefix model), max_length, roa_name (foreing key to rpki roa)

Screencaps

RPKI Organizations/Certificates/Resources

RPKI ROAs

Compatibility

netbox-plugin.yaml

Installing

For adding to a NetBox Docker setup see the general instructions for using netbox-docker with plugins.

Install using pip:

pip install netbox_rpki

or by adding to your local_requirements.txt or plugin_requirements.txt (netbox-docker):

netbox_rpki

Enable the plugin in /opt/netbox/netbox/netbox/configuration.py, or if you use netbox-docker, your /configuration/plugins.py file :

PLUGINS = [
    'netbox_rpki'
]

PLUGINS_CONFIG = {
    "netbox_rpki": {'top_level_menu': False},
}

Run python -m manage.py migrate from the .../netbox/netbox/ directory in your netbox installation. (or include the manag.py migrate command in Dockerfile-Plugins if using netbox-docker.)