The RPKI Workshop Demonstration #5: Creating Users and Allocating New Resources video shows how to use the RPKI.NET graphical interface to perform a number of administrative actions to manage the RPKI.NET system. These charts on this page are intended to be used with this video.

Notes:

  1. It is assumed the user will be running these commands on a local copy of the RPKI Workshop virtual machine. Instructions for downloading and setting up the RPKI Workshop VM may be found in the Workshop Demonstration #2 video, Installation and Setup.
  2. Most user names in this video are specific to the RPKI Workshop VM and won't be used in a production environment. Similarly, the address ranges are purely for the sake of example.
  3. The tasks are broken down into a number of sub-tasks. Each sub-task is then divided into a number of steps. The GUI actions for each step are provided with a "Time Mark" to show where in the video each step takes place.
  4. The Time Marks are approximate. Most will be a couple seconds prior to the actual action taken in each step. This will hopefully provide a little context for the step prior to it actually being performed.
  5. The video is demonstrating how to use the GUI. Consequently, there will be some steps that are repetitive and won't necessarily be needed every time the sub-task or task is performed.
  6. The RPKI.NET GUI users are distinct from the Quagga users.
  7. Many of the commands are run in a web browser that is connected to the RPKI.NET administrative GUI. It is assumed the user has logged in to the GUI as the labuser08 user. Alternatively, the user may have logged in to the GUI as the root user, but selected the labuser08 identity.
  8. Other commands are run in a terminal window. There are entries in the "Thing to Click" column that say "Display Terminal Window" and "Hide Terminal Window". These are not specific controls in the RPKI.NET GUI; rather, they are actions that must be taken that depend upon the system and the user's environment. It is beyond the scope of this guide to provide details of these two actions.


Task Sub-Task Time Mark Page in GUI Thing to Click Text to Enter
Quagga Interface Get state of Quagga's routing tables 0:13 terminal window    
Login to router 0:16   ssh r4@trusty
enter login password 0:21   fnord
enter Quagga password 0:22   fnord
Show BGP tables 0:25   show ip bgp
  0:35 Scroll to entries for 192.168.8.0  
65533 and 65534 routers
(b0 and b1 routers)
0:50    
Return to RPKI.NET GUI 1:12 Hide terminal window  
Create a ROA   1:32 labuser08's dashboard "Create" button in ROAs section  
Entry fields are empty 1:35 Create ROAs    
Return to dashboard 1:43 browser's "back" button  
  1:50 labuser08's dashboard "ROA" button in Unallocated Resources section  
Prefix entry filled out;
Fill out remainder of entries:
1:51 Create ROAs    
enter maximum length for ROA's address block 1:59   24
enter router's ASN 2:25   65533
Preview new ROA 2:31 "Preview" button  
Create the ROA 2:38 Confirm ROA Requests "Create" button  
ROA section now has a ROA;
Unallocated Resources section is empty
2:45 labuser08's dashboard    
ROA Propagation Return to Quagga terminal 3:02 terminal window Display terminal window  
Show BGP tables 3:06   show ip bgp
New ROA information has not propagated yet;
(waiting a short time...)
3:14 Scroll to entries for 192.168.8.0  
Show BGP tables 3:43   show ip bgp
New ROA information has propagated 3:48 Scroll to entries for 192.168.8.0  
65533 and 65534 routers have new data 3:52    
Discussion about effect of publishing one ROA on valid and invalid routes 4:00 Hide terminal window  
Add ROA to Validate an Invalid Route Explanation of loop button in ROAs section 4:35 labuser08's dashboard    
  4:56 loop button in ROAs section  
Prefix entry filled out;
Fill out remainder of entries:
4:59 Create ROAs    
enter maximum length for ROA's address block 5:01   24
enter ASN of other router 5:05   65534
Preview new ROA 5:09 "Preview" button  
  5:12 Confirm ROA Requests "Create" button  
Create Ghostbusters Record Create a new Ghostbusters record 5:18 labuser08's dashboard "Create" button in "Ghostbusters" section  
Fill in fields for new Ghostbuster record: 5:28 New Ghostbuster Request Select a parent from Parent drop-down menu  
enter Full name 5:35   Joe Smith
enter Email address 5:37   joe@superisp.com
enter Organization 5:45   Super ISP
Save Ghostbuster record 5:52 "Save" button  
View new Ghostbuster record 5:56 labuser08's dashboard Display terminal window  
Check validity of ROAs Show BGP tables 6:10 terminal window   show ip bgp
6:14 Scroll to entries for 192.168.8.0  
New ROA information has propagated -- 65533 and 65534 routers have valid data 6:15 Hide terminal window  
Remove an authorization Remove authorization for a ROA 6:28 labuser08's dashboard Trashcan icon for AS 65534 in ROAs section  
Delete selected ROA 6:34 Delete ROA Request "Delete" button  
  6:40 labuser08's dashboard Display terminal window  
Verify ROA removal 6:45 terminal window   show ip bgp
Show new ROA information has propagated 6:49 Scroll to entries for 192.168.8.0  
65533 is valid; 65534 is invalid 6:50    



This document is prepared under Contract Number HSHQDC-14-C-B0035 for DHS S&T CSD

Copyright © 2016, Parsons, Inc.
All rights reserved.