Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "how to build a RPKI server". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

RPKI (Resource Public Key Infrastructure) is mainly used in networking where there are RPKI servers and need to verify whether the origin of BGP routing is correct. The routing result is controlled by verifying that the BGP routes received from neighbors are legitimate, thus ensuring that hosts in the domain can safely access external services. It is necessary to configure the basic information of the RPKI session on the client and enable the origin of BGP routing AS verification results to affect BGP routing in order to complete the configuration of the entire client RPKI.

Install the RPKI server:

1. Environment: a UNIX-like OS server with more than 2 GB of memory, install JAVA 8 or 9, and enable rsync

2. Download the installation package:

3. Decompress the compressed package

[root@i-uiiyw0xz tmp] # tar zxvf rpki-validator-app-2.23-dist.tar.gz

4. Run the installation script

[root@i-uiiyw0xz rpki-validator-app-2.23] #. / rpki-validator.sh start [warn] JAVA_HOME is not set, will try to find java on path. [info] Starting rpki-validator... [info] writing logs under log directory [info] Web user interface is available on port 8080 [info] Routers can connect on port 8282 [info] Writing PID 7688 to validator.pid [root@i-uiiyw0xz rpki-validator-app-2.23] # echo $? 0

5. Check

[root@i-uiiyw0xz rpki-validator-app-2.23] # ps aux | grep 7688root 7688 32.826.5 4206136 1041544 pts/1 Sl 13:42 1:37 / usr/bin/java-Dapp.name=rpki-validator-Dconfig.file=conf/rpki-validator.conf-Xms512m-Xmx1536m-Dapp.name=rpki-validator-Dconfig.file=conf/rpki-validator.conf-classpath: lib/* net.ripe.rpki.validator.config.Mainroot 8034 0.0 103244 1041544 pts/1 S + 13:47 0:00 grep 7688 [root@i-uiiyw0xz rpki-validator-app-2.23] # netstat-lnptActive Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 00 0.0.0.0 only servers 22 0.0.0.0 only servers * LISTEN 963/sshd tcp 00: 8080 : * LISTEN 7688/java tcp 0 0:: 22:: * LISTEN 963/sshd

6. Open the web page

Local authentication:

[root@i-uiiyw0xz rpki-validator-app-2.23] # curl http://localhost:8080-IHTTP/1.1 200 OKDate: Wed, 16 Aug 2017 01:45:50 GMTSet-Cookie: JSESSIONID=4ek3wa1gmbtkmrrrmlgjk2e0;Path=/Expires: Thu, 01 Jan 1970 00:00:00 GMTContent-Type: text/html; charset=UTF-8Content-Length: 13977Server: Jetty (9.2.17.v20160517)

Remote authentication:

This is the end of "how to set up a RPKI server". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.