Comments (9)
Interesting. I didn’t expect any routers to already support ASPA.
I want 0.14.0 to come out fairly soon, but there are still quite a few items on the milestone – and RTRTR should really have a release first. We’ll discuss internally if we should shift some of these items and release with only the important ones left.
from routinator.
Thank you for testing!
Please leave the issue open – I need to test the version downgrade against rtrdump and this is a good reminder.
from routinator.
Not sure what exactly is wrong, but to quickly answer you last question before I can find the time to do some testing: You can try rtrlib‘s rtrclient
. This should also be available in Debian’s rtr-tools package.
from routinator.
Hi partim,
Thanks for the rtrclient
suggestion!
Using $ rtrclient tcp -k -p 192.168.x.x 3323
command, it is able to retrieve ROAs as shown below.
The interesting thing is that rtrdump
works for rpki-client
+ stayrtr
(ingesting rpki.json file) but not for routinator
. I am going to see if I am able to get more information on why this is happening by setting routinator logs to DEBUG.
from routinator.
Thank you for the confirmation. Phew! ;)
I will have a look myself. My hunch would be that rtrdump and Routinator disagree about how to downgrade to a lower protocol version, ie. #919 which was fixed but will only be in the next release.
from routinator.
Hi Partim,
Yeap looks like your hunch is correct with Routinator and rtrdump disagreeing on the downgrade.
Forcing rtrdump
to use version 1 (by default it uses version 2), works fine! Command in question:
sudo docker run -it --rm rpki/rtrdump -connect 192.168.x.x:3323 -file "" -rtr.version 1
I think this is also the reason why our router running Extreme Network SLX-OS is unable to sync with Routinator but able to with rpki-client + stayrtr due to the RTR version and not being able to downgrade to version 1 properly.
Would you happen to know when the next release will come out?
from routinator.
That's the weird thing, reading through the documentation for the SLX-OS, it doesn't support ASPA (for now).
I'll do some tcpdumps tomorrow to check what the SLX is doing when interacting with routinator.
from routinator.
I’ve updated the unstable tag in Docker Hub. Perhaps you can try that image against the router and see if the issues go away before having to make sense of tcpdumps …
from routinator.
Hi Partim,
Thanks for the unstable tag release for the Routinator image! I did test it with rtrdump
again and still issues with downgrading to from RTR version 2 to version 1.
Also, I was able to determine the issue regarding the SLX-OS not being able to connect. I can confirm it is not due to the downgrade process as I originally thought; it was due to implicit deny on the ACL affecting transit traffic between the VXLAN tunnel endpoint on our routers and the RPKI validators.
In this case, should I close the issue, or should it be left open, pertaining to the downgrade of RTR protocol versions between rtrdump
and Routinator?
Thanks for your help!
from routinator.
Related Issues (20)
- Header/footer lines of EC TLS key files HOT 1
- Prefer highest numbered, valid, complete manifest HOT 7
- routinator dump not working HOT 14
- Don’t log rsync output all in one go. HOT 1
- Initial version negotiation is broken because of bad error PDU version HOT 8
- JSON response for too short prefix
- Multiplexing validation requests
- Cisco IOS XE documentation HOT 3
- jsonext does not seem to include EE/crl/manifest expiry time HOT 1
- --rrdp-keep-responses does not keep responses for repository that uses redirects HOT 1
- Routinator Doesn't Listen On IPv6 By Default HOT 2
- routinator_serial_info metric is sparse HOT 1
- Largest possible manifest number is not supported HOT 3
- Review rsync options.
- Grafana Dashboard Angular deprecated HOT 13
- can not add testbed tal HOT 8
- Print the config file used upon startup
- Unable to use repo with Red Hat Satellite: Katello::Errors::Pulp3Error: Treeinfo file should have INI format HOT 2
- routinator exiting HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from routinator.