GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → InternetHealthReport → route-origin-validator

InternetHealthReport / route-origin-validator

Licence: GPL-3.0 License
Check Internet route origin using RPKI and IRR databases

Programming Languages

python
139335 projects - #7 most used programming language

Labels

rpkiirrdelegated-databases

Projects that are alternatives of or similar to route-origin-validator

rtrtr
An RPKI Data Proxy
Stars: ✭ 13 (-13.33%)
Mutual labels:  rpki
rpki-rs
An RPKI library for Rust
Stars: ✭ 30 (+100%)
Mutual labels:  rpki
hphr
Halophile Router (a VyOS-based, SaltStack-automated, NetBox-configured router for small provider networks)
Stars: ✭ 39 (+160%)
Mutual labels:  rpki
EduCDM
The Model Zoo of Cognitive Diagnosis Models, including classic Item Response Ranking (IRT), Multidimensional Item Response Ranking (MIRT), Deterministic Input, Noisy "And" model(DINA), and advanced Fuzzy Cognitive Diagnosis Framework (FuzzyCDF), Neural Cognitive Diagnosis Model (NCDM) and Item Response Ranking framework (IRR).
Stars: ✭ 48 (+220%)
Mutual labels:  irr
rpki-client-portable
Portability shim for OpenBSD's rpki-client
Stars: ✭ 33 (+120%)
Mutual labels:  rpki
rtrlib
An open-source C implementation of the RPKI/Router Protocol client
Stars: ✭ 62 (+313.33%)
Mutual labels:  rpki

route-origin-validator

Offline Internet route origin validation using RPKI, IRR, and RIRs delegated databases

This python library is designed for validating a large number of routes in one shot. It downloads IRR, RPKI, and delegated databases to avoid network overhead for each query.

Installation

pip install rov

Usage:

Both the command line and python interfaces return status codes for each data source. For IRR and RPKI the possible status codes are:

  • NotFound
  • Invalid
  • Invalid,more-specific
  • Valid

For delegated we expect globally reachable resources to be 'assigned'. Resources that are 'reserved' and 'available' should be considered as bogons.

Command line

The command line interface should be used only for a few queries, each query will reload all databases.

>> rov 8.8.8.0/24 15169 
{
    "query": {
        "prefix": "8.8.8.0/24",
        "asn": 15169
    },
    "irr": {
        "status": "Valid",
        "prefix": "8.8.8.0/24",
        "descr": "Google",
        "source": "RADB"
    },
    "rpki": {
        "status": "Valid",
        "prefix": "8.8.8.0/24",
        "maxLength": 24,
        "ta": "arin"
    },
    "delegated": {
        "prefix": {
            "status": "assigned",
            "prefix": "8.0.0.0/9",
            "date": "19921201",
            "registry": "arin",
            "country": "US"
        },
        "asn": {
            "status": "assigned",
            "registry": "arin"
        }
    }
}

>> rov 10.1.0.0/16 15169
{
    "query": {
         "prefix": "10.1.0.0/16",
         "asn": "15169"
    },
    "irr": {
        "status": "NotFound"
    },
    "rpki": {
        "status": "NotFound"
    },
    "delegated": {
        "prefix": {
            "status": "reserved",
            "prefix": "10.0.0.0/8",
            "date": "19940301",
            "registry": "iana",
            "country": "ZZ"
        },
        "asn": {
            "status": "assigned",
            "registry": "arin"
        }
    }
}

In python

For large batches use the python library as follows:

import json
from rov import ROV

# list of routes we want to validate
routes = [
    ['1.1.1.0/24', 13335],
    ['2.2.2.0/24', 3215],
    ['3.3.3.0/24', 16509],
    ['4.4.4.0/24', 198949],
    ['5.5.5.0/24', 6805],
    ]
    

rov = ROV()

# optional: download latest databases if needed
rov.download_databases()

# read databases, this may take a minute or so
rov.load_databases()

# this should be super fast
for prefix, asn in routes:
    state = rov.check(prefix, asn)
    print(prefix)
    print(json.dumps(state, indent=4))

#1.1.1.0/24
#{
#    "query": {
#        "prefix": "1.1.1.0/24",
#        "asn": 13335
#    },
#    "irr": {
#        "status": "Valid",
#        "prefix": "1.1.1.0/24",
#        "descr": "APNIC Research and Development\n6 Cordelia St",
#        "source": "APNIC"
#    },
#    "rpki": {
#        "status": "Valid",
#        "prefix": "1.1.1.0/24",
#        "maxLength": 24,
#        "ta": "apnic"
#    },
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "1.1.1.0/24",
#            "date": "20110811",
#            "registry": "apnic",
#            "country": "AU"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "arin"
#        }
#    }
#}
#2.2.2.0/24
#{
#    "query": {
#        "prefix": "2.2.2.0/24",
#        "asn": 3215
#    },
#    "irr": {
#        "status": "Invalid,more-specific",
#        "prefix": "2.2.0.0/16",
#        "descr": "France Telecom Orange",
#        "source": "RIPE"
#    },
#    "rpki": {
#        "status": "Invalid,more-specific",
#        "prefix": "2.0.0.0/12",
#        "maxLength": 17,
#        "ta": "ripe"
#    },
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "2.0.0.0/12",
#            "date": "20100712",
#            "registry": "ripencc",
#            "country": "FR"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}
#3.3.3.0/24
#{
#    "query": {
#        "prefix": "3.3.3.0/24",
#        "asn": 16509
#    },
#    "irr": {
#        "status": "NotFound"
#    },
#    "rpki": {
#        "status": "Valid",
#        "prefix": "3.0.0.0/10",
#        "maxLength": 24,
#        "ta": "arin"
#    },
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "3.0.0.0/9",
#            "date": "20171220",
#            "registry": "arin",
#            "country": "US"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "arin"
#        }
#    }
#}
#4.4.4.0/24
#{
#    "query": {
#        "prefix": "4.4.4.0/24",
#        "asn": 198949
#    },
#    "irr": {
#        "status": "Valid",
#        "prefix": "4.4.4.0/24",
#        "descr": "dima_training",
#        "source": "RADB"
#    },
#    "rpki": {
#        "status": "NotFound"
#    },
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "4.0.0.0/9",
#            "date": "19921201",
#            "registry": "arin",
#            "country": "US"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}
#5.5.5.0/24
#{
#    "query": {
#        "prefix": "5.5.5.0/24",
#        "asn": 6805
#    },
#    "irr": {
#        "status": "Invalid,more-specific",
#        "prefix": "5.4.0.0/14",
#        "descr": "Telefonica Germany GmbH & Co. OHG",
#        "source": "RIPE"
#    },
#    "rpki": {
#        "status": "Invalid,more-specific",
#        "prefix": "5.4.0.0/14",
#        "maxLength": 14,
#        "ta": "ripe"
#    },
#    "delegated": {
#        "prefix": {
#            "status": "assigned",
#            "prefix": "5.4.0.0/14",
#            "date": "20120425",
#            "registry": "ripencc",
#            "country": "DE"
#        },
#        "asn": {
#            "status": "assigned",
#            "registry": "ripencc"
#        }
#    }
#}

Acknowledgements

This project is supported by MANRS/ISOC, thanks!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].