RPKI AS0 Slurm file generator for bogons
Project description
rpki-as0-bogons
SLURM file generator for bogons with AS0 as origin.
This script generates a JSON file compatible with RFC8416 to be used for a local validator.
The script takes bogon files from the Team Cymru Bogon Reference or builds a list of all the networks not assigned according to the official NRO Delegated Statistics file, and turns them into a SLURM file. All the networks are added to the SLURM file with origin: AS0 and with a default MaxPrefix of 32 for IPv4 and 128 for IPv6.
Once loaded in a validator, this file will suggest the validating software to create "fake" ROAs for these networks. If your network performs origin validation and applies "Invalid: Reject" policies, any BGP announcement of these networks coming from your peers or upstreams should be discarded.
Installation
You can find the software on PyPi, so you can install it easily via pip.
# pip3 install rpki-as0-bogons
Usage
usage: rpki-as0-bogons [-h] [-f DEST_FILE] [-P] (-N | -C)
A script to generate a SLURM file for all bogons with origin AS0
optional arguments:
-h, --help show this help message and exit
-f DEST_FILE File to be created with all the SLURM content (default is
/usr/local/etc/slurm.json)
-P Include the list of IXP LANs from PeeringDB. While some of
them already have AS0 ROAs, not all of them do. Overlapping
ROAs are fine, so it will be okay to generate them anyway
-N Use the NRO delegated stats
-C Use the Team Cymru's bogons list
Version 0.3.1
You have to specify if you want to use the Team Cymru lists (-C) or the NRO delegated stats (-N). For bogons only, use the Team Cymru lists, but if you want to include any network that's not assigned or allocated at the moment, it's better to use the NRO file.
Using it with a validator
Routinator
You should start routinator with the -x switch, providing the path to the file (the file is saved by the tool into /usr/local/etc/slurm.json)
RIPE NCC Validator 3
You can use curl to supply the file to the validator:
/usr/local/bin/curl -X POST -F "file=@slurm.json" localhost:8080/api/slurm/upload
Forth
Use the --slurm option when running the software.
Recommendations
Since the bogon files are updated daily, a daily run via cron is suggested for this tool.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file rpki-as0-bogons-0.3.2.tar.gz.
File metadata
- Download URL: rpki-as0-bogons-0.3.2.tar.gz
- Upload date:
- Size: 5.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6d2c98bc7081eb5acb737018a085393aab1dd3c99ed5b25fdf81b39fe6995d72 |
|
| MD5 | 3cd3099799627d294143e77e04ce2fc4 |
|
| BLAKE2b-256 | fff748b88a615be38d85236473fad1d0c4c8b4f661adcc484592611e0e2b1c6e |
