Skip to content
This repository has been archived by the owner on Feb 29, 2024. It is now read-only.

rtr.rpki.cloudflare.com public server: "transport error" #89

Open
jranma opened this issue Dec 18, 2020 · 6 comments
Open

rtr.rpki.cloudflare.com public server: "transport error" #89

jranma opened this issue Dec 18, 2020 · 6 comments

Comments

@jranma
Copy link

jranma commented Dec 18, 2020

Hello,

I have configured my BIRD 2.0.7 router to use rtr.rpki.cloudflare.com public server on port 8282.

Here is the config of bird:

ROA

roa6 table r6;
protocol rpki validator {
roa6 { table r6; };
remote "rtr.rpki.cloudflare.com" port 8282;
retry keep 90;
refresh keep 900;
expire keep 172800;

}

It works for some time but after a while (a few hours or days) the connection is lost, with this error message in bird:

Name Proto Table State Since Info
validator RPKI --- start 10:06:02.441 Transport-Error

have you ever had this problem?
@lukastribus
Copy link

Cloudflare is a public validator on anycast servers. I assume Cloudflare will keep updating server software and when that happens, you will see the TCP connection drop.

BIRD should just reconnect.

However what you should do instead is use two different, geographically diverse validator instances on your own, as opposed to a single, public anycast server.

@jranma
Copy link
Author

jranma commented Dec 18, 2020

Cloudflare is a public validator on anycast servers. I assume Cloudflare will keep updating server software and when that happens, you will see the TCP connection drop.

BIRD should just reconnect.

However what you should do instead is use two different, geographically diverse validator instances on your own, as opposed to a single, public anycast server.

yes, for some reason bird doesnt reconnect, but it's more a bird-related problem I guess.
You're right about installing my own validators. I am familiarising myself with this technology before that.

@lspgn
Copy link
Contributor

lspgn commented Dec 18, 2020

@jranma I can look into the logs for TCP failures but it might be a Bird issue.
rtr.rpki.cloudflare.com is load-balanced, like Lukas said, if we redeploy or do operations on a machine, connection will break.

@jranma
Copy link
Author

jranma commented Dec 18, 2020

@jranma I can look into the logs for TCP failures but it might be a Bird issue.
rtr.rpki.cloudflare.com is load-balanced, like Lukas said, if we redeploy or do operations on a machine, connection will break.

It's not a big deal, but if you can look in the logs, that's fine.
My IP: 91.134.140.163 and 2a0c:b641:270::1

@lspgn
Copy link
Contributor

lspgn commented Dec 18, 2020

it seems to be preferring ipv4

2020-11-27 13:19:19 ipv4 up
2020-12-06 12:19:42 ipv4 down
2020-12-17 11:04:28 ipv6 up
2020-12-17 11:04:30 ipv6 down
2020-12-17 11:08:43 ipv4 up
2020-12-17 12:32:42 ipv4 down
2020-12-18 09:26:35 ipv4 up
2020-12-18 10:56:08 ipv4 down

last event match a crash of a GoRTR instance but system is still available.

@jranma
Copy link
Author

jranma commented Dec 18, 2020

thanks @lspgn
my concern is not the disconnection but the fact that bird doesn't reconnect automatically. But this is not the right place to discuss it I think :)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lukastribus @lspgn @jranma