...
| Code Block | ||
|---|---|---|
| ||
/routing/filter/rule
add chain=bgp_in rule={ rpki-verify=myRpkiGroup }
add chain=bgp_in rule={ if ([rpki invalid]) then={ action reject } else={ action accept } |
Configuration Options
...
/routing/bgp/rpki
| Property | Description |
|---|---|
| address (IPv4/6) mandatory | Address of the RTR server |
| disabled(yes | no; Default: no) | Whether item is ignored. |
| expire-interval (integer [600..172800]; Default: 7200) | Time interval [s] polled data is considered valid in the absence of valid subsequent update. |
| group (string;) mandatory | Name of the group to which database will be assigned. |
| port (integer [0..65535]; Default: 323) | Connection port number |
| preference (integer [0..4294967295]; Default: 0) | If there are multiple RTR sources, preference number indicates which will be more preferred, lesser number more preferred. |
| refresh-interval (integer [1..86400]; Default: 3600) | Time interval [s] to poll newest data from the RPKI server. |
| retry-interval (integer [1..7200]; Default: 600) | Time Interval [s] after failed data poll from the server. |
| vrf(name; Default: main) | Name of the VRF table used to bind connection to. |
...