A single place for information relating to the deployment and usage of RPKI
Hello All, When it comes to RPKI, its deployment and usage, there is a fair bit of information available on the Internet. Each RIR has their own guides for creating ROAs, each router vendor and developer has their own guides for deploying route object validation on their devices and software, each Relying Party software developer has their own how-to guide on installing/configuring/maintaining the software, among others. What I haven’t been able to find thus far is a place where all of this information is altogether, in one place, for simplicity and ease of comparison to find the best solution for a network operator’s needs. This is where the RPKI Deployment Hub comes in. The RPKI Deployment Hub is the start of a documentation site that is designed to compile all of this information in one place. For new network operators this may prove to be an invaluable tool to find the best method of operating their own RP software, for students this may be a source of information to help further their studies, or for long-standing network operators it may be a resource for them to keep up-to-date with the latest methods. It is presently being hosted on GitHub pages, where each commit to the underlying repository updating the site live. The site itself is located at https://rpkihub.au<https://rpkihub.au/>, with the GitHub repository located at https://github.com/thesysadmindev/rpkihub. Unfortunately, I can only do so much, and this is where I need to ask for contributors to help work on this site. As we all know, there are a large number of router vendors on the market, each with their own way of implementing RPKI. Cisco, Juniper, MikroTik, Nokia, Arista, and the like all do things differently. It would be a wonderful world if they all worked the exact same way with the same commands. It’d make life a lot easier for us. What I’m calling out to the community for, is for assistance with building this site as it is impossible for me to look at every major hardware vendor and model. We need information such as router configurations relating to RPKI and the commands used, along with the vendor names, hardware models and software versions. The idea to this is that people can look at a guide, find their router model and it’ll tell them how to configure route object validation. As for creating ROAs, it’ll tell them how to do so with their respective RIRs. I understand that the best source of information for this is from the RIR itself and will always be the case; this is simply designed to provide everything in one central location. If there are any members from the other four RIRs (as I have already put together a guide for creating ROAs within MyAPNIC) who are willing to work with me to develop a guide with screenshots it would be greatly appreciated It could even be as simple as sending me an email with the steps listed and a few screenshot attachments and I can work on creating the guide otherwise you’re welcome to submit a pull request on the repository. I would also like to hear about people’s experiences with deploying RPKI across their networks, why you chose to and for those who haven’t or won’t, why that is the case. This sort of information would be valuable to help shape the site. If you would like to contribute to this project, you can do so via any number of ways: 1. Open a pull request against the repository on GitHub. 2. Click on the “Edit This Page” button on any page on the site to take you straight to its source on GitHub where you can make changes and open a PR directly from the GitHub site. 3. Send me an email to chris@thesysadmin.au<mailto:chris@thesysadmin.au>. 4. Drop me a direct message on Discord (Username: thesysadmin). The site itself is licensed under GPLv3, so feel free to tear it apart, share it and work together. If you also have any other recommendations as to how it can be improved or if you feel there is anything missing, do let me know. Regards, Christopher Hawker
On Mon, Jul 29, 2024 at 04:32:40AM +0000, Christopher Hawker wrote:
When it comes to RPKI, its deployment and usage, there is a fair bit of information available on the Internet. Each RIR has their own guides for creating ROAs, each router vendor and developer has their own guides for deploying route object validation on their devices and software, each Relying Party software developer has their own how-to guide on installing/configuring/maintaining the software, among others. What I haven’t been able to find thus far is a place where all of this information is altogether, in one place, for simplicity and ease of comparison to find the best solution for a network operator’s needs.
Some of it may be covered here: https://bgpfilterguide.nlnog.net/guides/reject_invalids/ Kind regards, Job
participants (2)
-
Christopher Hawker
-
Job Snijders