Philip Smith's Internet Development Site

User Tools

Site Tools

Trace: single_upstream workshops rpki single_upstream_ixp subject-index peering-bcp physical_connectivity
hints:rpki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
hints:rpki [2025/04/14 19:28] – [Building rpki-client] philiphints:rpki [2025/10/21 23:41] (current) – [RPKI-client] philip
Line 86: Line 86:
 ===== FORT ===== ===== FORT =====
  
-FORT is the validator developed by NIC Mexico. More about it is on the [[https://fortproject.net/en/validator|Project page]]. At time of writing, version 1.6.has been released and fixes many issues present in previous versions. However from version 1.6.3, FORT requires Ubuntu 24.04 as it requires libjansson4 (>= 2.14). Ubuntu 22.04 only comes with libjansson4 2.13.1-1.1build3 will only support FORT version 1.6.2.+FORT is the validator developed by NIC Mexico. More about it is on the [[https://fortproject.net/en/validator|Project page]]. At time of writing, version 1.6.has been released and fixes many issues present in previous versions. However from version 1.6.3, FORT requires Ubuntu 24.04 as it requires libjansson4 (>= 2.14). Ubuntu 22.04 only comes with libjansson4 2.13.1-1.1build3 will only support FORT version 1.6.2.
  
 FORT is available as part of Ubuntu 22.04 packaging, but it is an older version (1.5.3-1). Likewise for Ubuntu 24.04, the FORT shipped is version 1.6.1-1build3. For this reason we use the latest NIC Mexico produced package. FORT is available as part of Ubuntu 22.04 packaging, but it is an older version (1.5.3-1). Likewise for Ubuntu 24.04, the FORT shipped is version 1.6.1-1build3. For this reason we use the latest NIC Mexico produced package.
Line 95: Line 95:
  
 <code> <code>
-wget https://github.com/NICMx/FORT-validator/releases/download/1.6.6/fort_1.6.6-1_amd64.deb+wget https://github.com/NICMx/FORT-validator/releases/download/1.6.7/fort_1.6.7-1_amd64.deb
 </code> </code>
 and then install it: and then install it:
 <code> <code>
-sudo apt install ./fort_1.6.6-1_amd64.deb+sudo apt install ./fort_1.6.7-1_amd64.deb
 </code> </code>
  
Line 190: Line 190:
 **rpki-client** is just a validator - it does not have the functionality to accept connections from a router. We'll come to that later on (we'll need to use [[rpki#stayrtr|StayRTR]], which is a fork of Cloudflare's now unmaintained GoRTR). **rpki-client** is just a validator - it does not have the functionality to accept connections from a router. We'll come to that later on (we'll need to use [[rpki#stayrtr|StayRTR]], which is a fork of Cloudflare's now unmaintained GoRTR).
  
-**rpki-client** has now been packaged and is available as part of the Ubuntu 22.04 distribution. However, the packaged version is old (version 7.6). At the time of writing, the current release of **rpki-client** is version 8.7.+**rpki-client** has now been packaged and is available across most mainstream Linux/Unix-based platforms. Including as part of the Ubuntu 22.04 and later distributions. However, the packaged version in Ubuntu is old (version 7.6 on 22.04, 9.0 on 24.04). At the time of writing, the current release of **rpki-client** is version 9.6. There is a version of **rpki-client** on the Ubuntu Snap Store, but it is unclear which version of **rpki-client** this is. 
 + 
 +So to stay up to date on Ubuntu, we have to build it ourselves. A pity that the **rpki-client** maintainers don't build their own deb package, or pre-build packages like NLnetLabs do with Routinator, given that Ubuntu maintainers seem to be unable to keep the software current. Oh well. 
  
-So for this reason, and to stay up to date, at least on Ubuntu, we have to build it ourselves. A pity that the **rpki-client** maintainers don't build their own deb package, or pre-build packages like NLnetLabs do with Routinator. Oh well. 
  
 ==== Initial Preparation ==== ==== Initial Preparation ====
Line 279: Line 281:
 </code> </code>
 and that's it. Every hour, cron will run **rpki-client** which will produce JSON output of all the VRPs it has collected. As noted above, JSON output is what is used by StayRTR and GoRTR as their input sources. Make sure that the **/etc/cron.hourly/rpki-client** is executable, otherwise it will not run. and that's it. Every hour, cron will run **rpki-client** which will produce JSON output of all the VRPs it has collected. As noted above, JSON output is what is used by StayRTR and GoRTR as their input sources. Make sure that the **/etc/cron.hourly/rpki-client** is executable, otherwise it will not run.
 +
 +If you would like to include the [[https://bgp4all.com/pfs/hints/rpki#as0_tals|AS0 TALs]] from APNIC and LACNIC it is not sufficient to just place them in your chosen TAL directory. You will also need to include the **-0** option in the command line, like this:
 +<code>
 +/usr/local/sbin/rpki-client -0j > /tmp/rpki-client.log 2>&1
 +</code>
  
 It's a good idea to check the log file in case **rpki-client** reports issues trying to write local files etc. But mostly what you'll see there are all the transactions with the various CAs, and the problems encountered (there will be lots, unfortunately). It's a good idea to check the log file in case **rpki-client** reports issues trying to write local files etc. But mostly what you'll see there are all the transactions with the various CAs, and the problems encountered (there will be lots, unfortunately).
Line 295: Line 302:
 First you will need a working Go environment. Full instructions are at [[https://go.dev/doc/install|https://go.dev/doc/install]], and I've reproduced the key pieces here to make it easy for installers. First you will need a working Go environment. Full instructions are at [[https://go.dev/doc/install|https://go.dev/doc/install]], and I've reproduced the key pieces here to make it easy for installers.
  
-First off, download the latest Go package (1.24.at time of writing):+First off, download the latest Go package (1.24.at time of writing):
 <code> <code>
-wget https://go.dev/dl/go1.24.1.linux-amd64.tar.gz+wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz
 </code> </code>
 If you have an existing Go environment, perhaps save it in case something goes wrong with the new version: If you have an existing Go environment, perhaps save it in case something goes wrong with the new version:
Line 307: Line 314:
 cd /usr/local cd /usr/local
 sudo chmod 777 . sudo chmod 777 .
-tar xzf ~/go1.24.1.linux-amd64.tar.gz+tar xzf ~/go1.24.4.linux-amd64.tar.gz
 sudo chmod 755 . sudo chmod 755 .
 </code> </code>
hints/rpki.1744658928.txt.gz · Last modified: by philip