Resource Public Key Infrastructure (RPKI) was well explained by APNIC here. MIX are running more than one software on multiple hosts for diversity and redundancy. Member can access to the caches via ‘rpki-rtr’ with below Internet address:
Name | IP address | Protocol(Port) - Software |
---|---|---|
rpki1.mekongix.net | IPv4: 202.57.209.11 IPv6: 2001:df2:a980:1::3 | rpki-rtr (tcp:4323) - Routinator rpki-rtr (tcp:3323) - GoRTR rpki-rtr (tcp:8323) - RIPE Validator |
rpki2.mekongix.net | IPv4: 202.57.209.12 IPv6: 2001:df2:a980:1::4 | rpki-rtr (tcp:4323) - Routinator rpki-rtr (tcp:3323) - GoRTR rpki-rtr (tcp:8323) - RIPE Validator |
Below are the sample Cisco IOS configuration:
router bgp (your AS)
bgp rpki server tcp 202.57.209.11 port 3323 refresh 60
!
address-family ipv4
bgp bestpath prefix-validate allow-invalid #Allow invalid routes to be considered for bestpath
no bgp bestpath prefix-validate disable #Enable Origin Validation process
exit-address-family
!
address-family ipv6
bgp bestpath prefix-validate allow-invalid #Allow invalid routes to be considered for bestpath
no bgp bestpath prefix-validate disable #Enable Origin Validation process
exit-address-family
!