From aservin at lacnic.net Mon Nov 22 06:23:58 2010 From: aservin at lacnic.net (Arturo Servin) Date: Mon, 22 Nov 2010 12:23:58 -0200 Subject: [Xorp-hackers] RPKI and XORP Message-ID: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> Hello, My name is Arturo Servin and I am working in LACNIC (one of the 5 Regional Internet Registries). In the RIR we are working in developing the software for RPKI (Resource PKI) that will certify Internet Resources (IPs and ASs). Our software will create and sign certificates that will be used by routers to verify the origin of the route. I do not want to extend too much on the topic but you can check the IETF work on: https://datatracker.ietf.org/wg/sidr/ Now, there are not many implementations in router vendors to use RPKI (We are only aware of some Cisco software). We think that it would be very interesting to see RPKI routing protocol (rtr https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/) working in Open Source implementations, we have recently contacted Quagga and BIRD dev teams (not very successfully) and now we are contacting you. Unfortunately we do not have many resources (in LACNIC) to work ourselves on a developing RPKI for an OpenSource implementation in a full time basis, but we would really like to work with some of you sharing our expertise in RPKI and to contribute some code too (at least a bit). Are you interested in developing RPKI in XORP? Any comments? Regards, -Arturo Servin -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-hackers/attachments/20101122/6b01921f/attachment.html From greearb at candelatech.com Mon Nov 22 09:50:07 2010 From: greearb at candelatech.com (Ben Greear) Date: Mon, 22 Nov 2010 09:50:07 -0800 Subject: [Xorp-hackers] RPKI and XORP In-Reply-To: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> References: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> Message-ID: <4CEAAD4F.40403@candelatech.com> On 11/22/2010 06:23 AM, Arturo Servin wrote: > Hello, > > My name is Arturo Servin and I am working in LACNIC (one of the 5 > Regional Internet Registries). > > In the RIR we are working in developing the software for RPKI (Resource > PKI) that will certify Internet Resources (IPs and ASs). Our software > will create and sign certificates that will be used by routers to verify > the origin of the route. I do not want to extend too much on the topic > but you can check the IETF work on: > > https://datatracker.ietf.org/wg/sidr/ > > Now, there are not many implementations in router vendors to use RPKI > (We are only aware of some Cisco software). We think that it would be > very interesting to see RPKI routing protocol (rtr > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/) working in > Open Source implementations, we have recently contacted Quagga and BIRD > dev teams (not very successfully) and now we are contacting you. > Unfortunately we do not have many resources (in LACNIC) to work > ourselves on a developing RPKI for an OpenSource implementation in a > full time basis, but we would really like to work with some of you > sharing our expertise in RPKI and to contribute some code too (at least > a bit). > > Are you interested in developing RPKI in XORP? I cannot speak for others, but I don't have time to work on this in any detail. I will be happy to accept patches and at least do enough testing to make sure they don't break existing features. Thanks, Ben > > Any comments? > > Regards, > -Arturo Servin > > > > _______________________________________________ > Xorp-hackers mailing list > Xorp-hackers at icir.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers -- Ben Greear Candela Technologies Inc http://www.candelatech.com From fred at fredbauer.com Mon Nov 22 10:39:36 2010 From: fred at fredbauer.com (Fred Bauer) Date: Mon, 22 Nov 2010 10:39:36 -0800 Subject: [Xorp-hackers] RPKI and XORP In-Reply-To: <4CEAAD4F.40403@candelatech.com> References: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> <4CEAAD4F.40403@candelatech.com> Message-ID: Likewise. And since I'm at Cisco now, there would probably be a conflict-of-interest. Is there someone else on the list that can take this on? Fred On Mon, Nov 22, 2010 at 9:50 AM, Ben Greear wrote: > On 11/22/2010 06:23 AM, Arturo Servin wrote: > > Hello, > > > > My name is Arturo Servin and I am working in LACNIC (one of the 5 > > Regional Internet Registries). > > > > In the RIR we are working in developing the software for RPKI (Resource > > PKI) that will certify Internet Resources (IPs and ASs). Our software > > will create and sign certificates that will be used by routers to verify > > the origin of the route. I do not want to extend too much on the topic > > but you can check the IETF work on: > > > > https://datatracker.ietf.org/wg/sidr/ > > > > Now, there are not many implementations in router vendors to use RPKI > > (We are only aware of some Cisco software). We think that it would be > > very interesting to see RPKI routing protocol (rtr > > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/) working in > > Open Source implementations, we have recently contacted Quagga and BIRD > > dev teams (not very successfully) and now we are contacting you. > > Unfortunately we do not have many resources (in LACNIC) to work > > ourselves on a developing RPKI for an OpenSource implementation in a > > full time basis, but we would really like to work with some of you > > sharing our expertise in RPKI and to contribute some code too (at least > > a bit). > > > > Are you interested in developing RPKI in XORP? > > I cannot speak for others, but I don't have time to work on this > in any detail. > > I will be happy to accept patches and at least do enough testing > to make sure they don't break existing features. > > Thanks, > Ben > > > > > Any comments? > > > > Regards, > > -Arturo Servin > > > > > > > > _______________________________________________ > > Xorp-hackers mailing list > > Xorp-hackers at icir.org > > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers > > > -- > Ben Greear > Candela Technologies Inc http://www.candelatech.com > > _______________________________________________ > Xorp-hackers mailing list > Xorp-hackers at icir.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-hackers/attachments/20101122/fe6c4e50/attachment.html From Uri.Yanai at ngsoft.com Thu Nov 25 05:39:43 2010 From: Uri.Yanai at ngsoft.com (Uri Yanai) Date: Thu, 25 Nov 2010 15:39:43 +0200 Subject: [Xorp-hackers] %update command not always being called Message-ID: Hi I am A new XORP (using a git clone from Fri Oct 29 2010) user and trying to write my own target module I have noticed that the %update command (in my case replace_rule(...)) isn't always called. When I modify param1 and also one of params2-4 and then call commit XORP sometimes ignores the %update command. For example it will call set_rule_param2(...) activate_rule(...) And not set_rule_param2(...) replace_rule(...) The followings is the template file I am using something_ something { rule @: u32 { param1: u32; param2: txt; param3: ipv4; param4: u32; } } packet_classif { %help: short "N/A"; %modinfo: provides something; %modinfo: default_targetname "something"; rule @: u32 { %help: short "N/A"; %mandatory: $(@.param1); %create: xrl "something/something/0.1/add_rule?rule:u32=$(@)¶m1:u32=$(@.param1)"; %update: xrl "something/something/0.1/replace_rule?rule:u32=$(@)¶m1:u32=$(@.param1)"; %activate: xrl "something/something/0.1/activate_rule?rule:u32=$(@)"; %delete: xrl "something/something/0.1/delete_rule?rule:u32=$(@)"; param1 { %help: short "N/A"; %allow-range: $(@) "0" "64" %help: "N/A"; } param2 { %help: short "N/A"; %set: xrl "something/something/0.1/set_rule_param2?rule:u32=$(rule.@)¶m2:txt=$(@)"; } param3 { %help: short "N/A"; %set: xrl "something/something/0.1/set_rule_param3?rule:u32=$(rule.@)¶m3:ipv4=$(@)"; } param4 { %help: short "N/A"; %allow-range: $(@) "0" "32" %help: "N/A"; %set: xrl "something/something/0.1/set_rule_param4?rule:u32=$(rule.@)¶m4:u32=$(@)"; } } What Am I doing wrong ? Any help will be appreciated Thanks Uri -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-hackers/attachments/20101125/c38ad00a/attachment.html From aservin at lacnic.net Mon Nov 29 03:34:56 2010 From: aservin at lacnic.net (Arturo Servin) Date: Mon, 29 Nov 2010 09:34:56 -0200 Subject: [Xorp-hackers] RPKI and XORP In-Reply-To: References: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> <4CEAAD4F.40403@candelatech.com> Message-ID: <8F786B18-BDF3-44D3-9489-A7A667EB3C33@lacnic.net> Myself or one of the developers that work with me could do some work on this, but definitely we would need some support from the community to learn about the APIs and the architecture of XORP. Best wishes, -as On 22 Nov 2010, at 16:39, Fred Bauer wrote: > Likewise. And since I'm at Cisco now, there would probably be a conflict-of-interest. Is there someone else on the list that can take this on? > > Fred > > On Mon, Nov 22, 2010 at 9:50 AM, Ben Greear wrote: > On 11/22/2010 06:23 AM, Arturo Servin wrote: > > Hello, > > > > My name is Arturo Servin and I am working in LACNIC (one of the 5 > > Regional Internet Registries). > > > > In the RIR we are working in developing the software for RPKI (Resource > > PKI) that will certify Internet Resources (IPs and ASs). Our software > > will create and sign certificates that will be used by routers to verify > > the origin of the route. I do not want to extend too much on the topic > > but you can check the IETF work on: > > > > https://datatracker.ietf.org/wg/sidr/ > > > > Now, there are not many implementations in router vendors to use RPKI > > (We are only aware of some Cisco software). We think that it would be > > very interesting to see RPKI routing protocol (rtr > > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/) working in > > Open Source implementations, we have recently contacted Quagga and BIRD > > dev teams (not very successfully) and now we are contacting you. > > Unfortunately we do not have many resources (in LACNIC) to work > > ourselves on a developing RPKI for an OpenSource implementation in a > > full time basis, but we would really like to work with some of you > > sharing our expertise in RPKI and to contribute some code too (at least > > a bit). > > > > Are you interested in developing RPKI in XORP? > > I cannot speak for others, but I don't have time to work on this > in any detail. > > I will be happy to accept patches and at least do enough testing > to make sure they don't break existing features. > > Thanks, > Ben > > > > > Any comments? > > > > Regards, > > -Arturo Servin > > > > > > > > _______________________________________________ > > Xorp-hackers mailing list > > Xorp-hackers at icir.org > > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers > > > -- > Ben Greear > Candela Technologies Inc http://www.candelatech.com > > _______________________________________________ > Xorp-hackers mailing list > Xorp-hackers at icir.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-hackers/attachments/20101129/5c35a98a/attachment.html From greearb at candelatech.com Mon Nov 29 09:09:56 2010 From: greearb at candelatech.com (Ben Greear) Date: Mon, 29 Nov 2010 09:09:56 -0800 Subject: [Xorp-hackers] RPKI and XORP In-Reply-To: <8F786B18-BDF3-44D3-9489-A7A667EB3C33@lacnic.net> References: <7F4F9890-1AE9-48C7-A548-9F4A8F1C635C@lacnic.net> <4CEAAD4F.40403@candelatech.com> <8F786B18-BDF3-44D3-9489-A7A667EB3C33@lacnic.net> Message-ID: <4CF3DE64.3020501@candelatech.com> On 11/29/2010 03:34 AM, Arturo Servin wrote: > > Myself or one of the developers that work with me could do some work on this, but definitely we would need some support from the community to learn about the > APIs and the architecture of XORP. I should be able to help with that. I plan to start some work on xorp this week if all goes well (making it easier to (re)load configuration files), so hopefully I'll start remembering the code a bit more :) Thanks, Ben > > Best wishes, > -as > > > On 22 Nov 2010, at 16:39, Fred Bauer wrote: > >> Likewise. And since I'm at Cisco now, there would probably be a conflict-of-interest. Is there someone else on the list that can take this on? >> >> Fred >> >> On Mon, Nov 22, 2010 at 9:50 AM, Ben Greear > wrote: >> >> On 11/22/2010 06:23 AM, Arturo Servin wrote: >> > Hello, >> > >> > My name is Arturo Servin and I am working in LACNIC (one of the 5 >> > Regional Internet Registries). >> > >> > In the RIR we are working in developing the software for RPKI (Resource >> > PKI) that will certify Internet Resources (IPs and ASs). Our software >> > will create and sign certificates that will be used by routers to verify >> > the origin of the route. I do not want to extend too much on the topic >> > but you can check the IETF work on: >> > >> > https://datatracker.ietf.org/wg/sidr/ >> > >> > Now, there are not many implementations in router vendors to use RPKI >> > (We are only aware of some Cisco software). We think that it would be >> > very interesting to see RPKI routing protocol (rtr >> > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-rtr/) working in >> > Open Source implementations, we have recently contacted Quagga and BIRD >> > dev teams (not very successfully) and now we are contacting you. >> > Unfortunately we do not have many resources (in LACNIC) to work >> > ourselves on a developing RPKI for an OpenSource implementation in a >> > full time basis, but we would really like to work with some of you >> > sharing our expertise in RPKI and to contribute some code too (at least >> > a bit). >> > >> > Are you interested in developing RPKI in XORP? >> >> I cannot speak for others, but I don't have time to work on this >> in any detail. >> >> I will be happy to accept patches and at least do enough testing >> to make sure they don't break existing features. >> >> Thanks, >> Ben >> >> > >> > Any comments? >> > >> > Regards, >> > -Arturo Servin >> > >> > >> > >> > _______________________________________________ >> > Xorp-hackers mailing list >> > Xorp-hackers at icir.org >> > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers >> >> >> -- >> Ben Greear > >> Candela Technologies Inc http://www.candelatech.com >> >> _______________________________________________ >> Xorp-hackers mailing list >> Xorp-hackers at icir.org >> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-hackers >> >> > -- Ben Greear Candela Technologies Inc http://www.candelatech.com