Documentation
¶
Overview ¶
Package rpki implements an RPKI data cache for BGP route validation.
The Cache holds VRPs for Route Origin Validation (RFC 6811) and ASPA records for AS_PATH verification (draft-ietf-sidrops-aspa-verification). Writers stage changes in a pending set (AddVRP, AddASPA, Parse) and publish them atomically with Apply; readers validate against immutable snapshots without taking locks.
Data can be fed from an RTR client (see the rtr package), or parsed from Routinator/rpki-client JSON or CSV files (see Parse).
Index ¶
- Constants
- func Hop(aspa ASPA, cas, pas uint32) int
- func ValidateOrigin(v4, v6 VRPs, p netip.Prefix, origin uint32) int
- func VerifyPath(aspa ASPA, path []uint32, downstream bool) (result int, failCAS, failPAS uint32)
- type ASPA
- type Cache
- func (c *Cache) ASPAs() ASPA
- func (c *Cache) AddASPA(add bool, cas uint32, providers []uint32)
- func (c *Cache) AddVRP(add bool, prefix netip.Prefix, maxLen uint8, asn uint32)
- func (c *Cache) Apply()
- func (c *Cache) Flush()
- func (c *Cache) Parse(data []byte) error
- func (c *Cache) ParseCSV(data []byte) error
- func (c *Cache) ParseJSON(data []byte) error
- func (c *Cache) Ready() <-chan struct{}
- func (c *Cache) Sizes() (vrps4, vrps6, aspas int)
- func (c *Cache) VRPs() (v4, v6 VRPs)
- func (c *Cache) ValidateOrigin(p netip.Prefix, origin uint32) int
- func (c *Cache) VerifyPath(path []uint32, downstream bool) (result int, failCAS, failPAS uint32)
- func (c *Cache) WaitReady(ctx context.Context) error
- type VRP
- type VRPs
Constants ¶
const ( HOP_NO_ATTESTATION = iota // CAS has no ASPA record HOP_PROVIDER // PAS is listed as a provider of CAS HOP_NOT_PROVIDER // CAS has an ASPA record that does not list PAS )
Hop authorization results (draft-ietf-sidrops-aspa-verification §5)
const ( ROV_VALID = iota // prefix+origin covered by a valid VRP ROV_INVALID // prefix+origin conflicts with a VRP ROV_NOT_FOUND // no VRP covers the prefix )
ROV validation results (RFC 6811)
const ( ASPA_VALID = iota // path is valley-free and fully attested ASPA_UNKNOWN // insufficient attestation ASPA_INVALID // proven route leak )
ASPA path verification results (draft-ietf-sidrops-aspa-verification)
const ( MIN_VRP_V4 = 8 // no VRPs shorter than /8 for IPv4 MIN_VRP_V6 = 12 // no VRPs shorter than /12 for IPv6 )
minimum VRP prefix lengths checked by ValidateOrigin
Variables ¶
This section is empty.
Functions ¶
func Hop ¶
Hop checks ASPA authorization for a CAS→PAS hop. NB: provider lists must be sorted (see Cache.AddASPA).
func ValidateOrigin ¶
ValidateOrigin performs Route Origin Validation (RFC 6811) of prefix p announced by the origin ASN, against VRP snapshots v4 and v6 (see Cache.VRPs). Returns ROV_VALID, ROV_INVALID, or ROV_NOT_FOUND. NB: origin 0 (eg. unknown) never validates.
func VerifyPath ¶
VerifyPath verifies the flat AS_PATH against ASPA records (see Cache.ASPAs).
path[0] is the most-recently-traversed AS (direct peer), path[N-1] is the origin AS. Returns ASPA_VALID, ASPA_UNKNOWN, or ASPA_INVALID. On ASPA_INVALID, failCAS and failPAS identify the hop where CAS has an ASPA record that does not list PAS as a provider. Both are 0 for other results.
downstream=true when received from a provider or RS (downstream direction). downstream=false when received from a customer, peer, or RS-client (upstream).
NB: does not check path[0] == neighbor AS (draft §5.4/5.5 step 2). The caller must do that check, skipping it for RS peers (RFC 7947).
Types ¶
type Cache ¶
Cache is an RPKI data cache for ROV and ASPA validation.
Writers stage changes in a pending set and publish them with Apply. Readers obtain immutable snapshots (VRPs, ASPAs) — the published maps must never be modified, so reads are lock-free.
func (*Cache) ASPAs ¶
ASPAs returns the current ASPA snapshot. The returned map is immutable and must not be modified.
func (*Cache) AddASPA ¶
AddASPA adds (add=true) or removes (add=false) an ASPA record in the pending set. Providers are normalized: zeros removed, deduplicated, sorted.
func (*Cache) AddVRP ¶
AddVRP adds (add=true) or removes (add=false) a VRP in the pending set. Entries with invalid maxLen are dropped with a warning.
func (*Cache) Apply ¶
func (c *Cache) Apply()
Apply atomically publishes the pending set as the current snapshot. The next pending set starts as a lazy clone of the snapshot, so that subsequent incremental updates continue from the published state.
func (*Cache) Flush ¶
func (c *Cache) Flush()
Flush drops all pending changes, restarting from an empty pending set. The current snapshot is not affected until the next Apply.
func (*Cache) Parse ¶
Parse parses RPKI data in JSON or CSV format (auto-detected) into the pending set. Call Flush first to start from scratch, and Apply after to publish the result.
func (*Cache) ParseCSV ¶
ParseCSV parses CSV VRP data (prefix,maxLength,asn) into the pending set. The Routinator column order (asn,prefix,maxLength[,trustAnchor]) is auto-detected per line. Invalid lines are skipped with a warning.
func (*Cache) ParseJSON ¶
ParseJSON parses Routinator/rpki-client JSON with VRPs and ASPA records into the pending set. Malformed JSON or unexpected field types (eg. a string customer_asid) return an error; well-typed entries with invalid values (bad prefix, out-of-range maxLength/ASN) are skipped with a warning.
func (*Cache) Ready ¶
func (c *Cache) Ready() <-chan struct{}
Ready returns a channel that is closed after the first Apply.
func (*Cache) VRPs ¶
VRPs returns the current IPv4 and IPv6 VRP snapshots. The returned maps are immutable and must not be modified.
func (*Cache) ValidateOrigin ¶
ValidateOrigin performs ROV against the current cache snapshot. See the package-level ValidateOrigin.
func (*Cache) VerifyPath ¶
VerifyPath verifies path against the current cache snapshot. See the package-level VerifyPath.
Source Files