[RPKI-Deployers] Run your validator on your router!
Job Snijders
job at ntt.net
Fri Jul 10 11:40:49 EDT 2020
On Thu, Jul 09, 2020 at 10:28:28PM -0400, Chris Morrow via RPKI-Deployers wrote:
> There's probably enough ram/storage on your average NCS to do this,
> but wow, that'd be A TON more load on the overall global system to do
> things in this manner ;)
I maintain that for some type of (small) deployments it is a valid
strategy. If you run just 2 or 4 routers in total (like IETF meeting),
why not run separate validation processes, each tied to the router they
are serving?
There are plenty of organisations where spinning up a vm or physical
server is a path of torture to get it done and assign responsbilities.
On OpenBSD routers you can enable rpki validation by enabling the
crontab entry in root's crontab. (doas crontab -e; uncomment 1 line)
If the two IXP route servers each run their own validation process on
their own system, why not? :-)
Kind regards,
Job
More information about the RPKI-Deployers
mailing list