API Documentation

rtrlib-python - a cffi based rtrlib wrapper

license:MIT, see LICENSE for more details.

rtrlib.rtr_manager

class rtrlib.rtr_manager.RTRManager(host, port, refresh_interval=3600, expire_interval=7200, retry_interval=600, status_callback=None, status_callback_data=None)[source]

Wrapper around rtr_manager.

Parameters:
  • host (str) – Hostname or IP of rpki cache server
  • port (int) – Port number
  • refresh_interval (int) – Interval in seconds between serial queries that are sent to the server. Must be >= 1 and <= 86400s (one day).
  • expire_interval (int) – Stored validation records will be deleted if cache was unable to refresh data for this period. The value should be twice the refresh_interval. The value must be >= 600s (ten minutes) and <= 172800s (two days).
  • retry_interval (int) – This parameter specifies how long to wait (in seconds) before retrying a failed Query. The value must be >= 1s and <= 7200s (two hours).
  • status_callback (function) – status callback, called on status changes of the rtr manager
  • status_callback_data (object) – arbitrary data object passed to the callback.
Raises:

RTRInitError
for_each_ipv4_record(callback, data)[source]

Iterate over all ipv4 records of the pfx table.

callback must take two arguments, the pfx_record and the data object.

For a more pythonic alternative see ipv4_records()

Parameters:
  • callback (callable) – called for every record in the pfx table
  • data (object) – arbitrary data object that is passed to the callback function
for_each_ipv6_record(callback, data)[source]

Iterate over all ipv6 records of the pfx table.

callback must take two arguments, the pfx_record and the data object.

For a more pythonic alternative see ipv6_records()

Parameters:
  • callback (callable) – called for every record in the pfx table
  • data (object) – arbitrary data object that is passed to the callback function
ipv4_records()[source]

Return iterator over all ipv4 records in the pfx table.

This iterator utilises threads to execute retrieve the records. If that is a problem for you take a look at for_each_ipv4_record().

Return type:Iterator
ipv6_records()[source]

Return iterator over all ipv6 records in the pfx table.

This iterator utilises threads to execute retrieve the records. If that is a problem for you take a look at for_each_ipv6_record().

Return type:Iterator
is_synced()[source]

Check if RTRManager is fully synchronized.

Return type:bool
start(wait=True, timeout=5)[source]

Start RTRManager.

Parameters:
  • wait (bool) – Wait for the manager to finish sync
  • timeout (int) –
Raises:

SyncTimeout – Raised if timeout is reached, this does not mean that the sync failed, only that it did not finish in time.
stop()[source]

Stop RTRManager.

validate(asn, prefix, mask_len)[source]

Validate BGP prefix and returns state as PfxvState enum.

Parameters:
  • asn (int) – autonomous system number
  • prefix (str) – ip address
  • mask_len (int) – length of the subnet mask
Return type:

ValidationResult
wait_for_sync(timeout=5)[source]

Wait until RTRManager is synchronized.

Parameters:timeout (int) –
Raises:SyncTimeout – Raise if timeout is reached, this does not mean that the sync failed, only that it did not finish in time.
class rtrlib.rtr_manager.PfxvState[source]

Wrapper for the pfxv_state enum.

invalid = <class 'sphinx.ext.autodoc.BGP_PFXV_STATE_INVALID'>

One or more records that match the input prefix exists in the pfx_table, but the prefix max_len or ASN doesn’t match.

not_found = <class 'sphinx.ext.autodoc.BGP_PFXV_STATE_NOT_FOUND'>

No certificate for the route exists

valid = <class 'sphinx.ext.autodoc.BGP_PFXV_STATE_VALID'>

A valid certificate for the pfx_record exists

class rtrlib.rtr_manager.ValidationResult(prefix, prefix_length, asn, state, reason_records=None, reason_len=0)[source]

Wrapper class for validation result.

Parameters:
  • prefix (str) – The prefix that was validated
  • prefix_length (int) – The length of the prefix
  • asn – The ASN the prefix is supposed to be in.
  • asn – int
  • state (enum pfxv_state *) – Validation state
  • reason_records (struct pfx_record **) – Array of PFXRecords the decision is based on
  • reason_len (int) – Length of reason_records
as_invalid

True if at least one matching record has a different as number and state is invalid.

as_valid

True if any one matching record has been found.

is_invalid

Return true if prefix is invalid.

is_valid

True if prefix is valid.

length_invalid

True if at least one matching record has a miss matching prefix length and state is invalid.

length_valid

True if any one matching record was found

not_found

True if prefix could not be found.

reason

List of Reason .

state

Validation state.

class rtrlib.rtr_manager.Reason(prefix_length, asn, record)[source]

A Reason upon which a validation decision was made.

Parameters:
  • prefix_length (int) – Length of the validated prefix
  • asn (As number of the validated prefix) – As number of the validated prefix
  • record (PFXRecord) – PFXRecord
as_invalid

True is as is invalid.

as_valid

True if as is valid.

length_invalid

True if prefix length is invalid.

length_valid

True if prefix length is valid.

rtrlib.rtr_socket

class rtrlib.rtr_socket.RTRSocket(socket)[source]

Wrapper around the rtr_socket struct

Parameters:socket (cdata) – rtr_socket struct
expire_interval

Time period in seconds. Received records are deleted if the client was unable to refresh data for this time period. If 0 is specified, the expire_interval is twice the refresh_interval.

has_recieved_pdus

True, if this socket has already received PDUs

last_update

Timestamp of the last validation record update. Is 0 if the pfx_table doesn’t stores any validation records from this rtr_socket.

refresh_interval

Time period in seconds. Tells the router how long to wait before next attempting to poll the cache, using a Serial Query or Reset Query PDU.

retry_interval

Time period in seconds between a failed query and the next attempt.

state

Current state of the socket.

version

Protocol version used by this socket

class rtrlib.rtr_socket.RTRSocketList(sockets, length)[source]

List of RTRSockets. Can be accessed like any other list.

Read Only.

class rtrlib.rtr_socket.RTRSocketState[source]

States of the RTR socket

CONNECTING = <class 'sphinx.ext.autodoc.RTR_CONNECTING'>

Socket is establishing the transport connection

ERROR_FATAL = <class 'sphinx.ext.autodoc.RTR_ERROR_FATAL'>

Fatal protocol error occurred

ERROR_NO_DATA_AVAILABLE = <class 'sphinx.ext.autodoc.RTR_ERROR_NO_DATA_AVAIL'>

No validation records are available on the RTR server

ERROR_NO_INCREMENTAL_UPDATE_AVAILABLE = <class 'sphinx.ext.autodoc.RTR_ERROR_NO_INCR_UPDATE_AVAIL'>

Server was unable to answer the last serial or reset query

ERROR_TRANSPORT = <class 'sphinx.ext.autodoc.RTR_ERROR_TRANSPORT'>

Error on the transport socket occurred

ESTABLISHED = <class 'sphinx.ext.autodoc.RTR_ESTABLISHED'>

Connection is established and socket is waiting for a Serial Notify or expiration of the refresh_interval timer.

FAST_RECONNECT = <class 'sphinx.ext.autodoc.RTR_FAST_RECONNECT'>

Reconnect without any waiting period

RESET = <class 'sphinx.ext.autodoc.RTR_RESET'>

Resetting RTR connection

SHUTDOWN = <class 'sphinx.ext.autodoc.RTR_SHUTDOWN'>

RTR Socket is stopped

SYNC = <class 'sphinx.ext.autodoc.RTR_SYNC'>

Receiving validation records from the RTR server

rtrlib.records

Collection of wrappers for *record structs of rtrlib

class rtrlib.records.PFXRecord(record)[source]

Wrapper around the pfx_record struct.

asn

Origin AS number.

max_len

Maximum prefix length.

min_len

Minimum prefix length.

prefix

IP prefix.

socket

RTRSocket this record was received in.

class rtrlib.records.SPKIRecord(record)[source]

Wrapper around the spki_record struct.

asn

Origin AS number.

ski

Subject Key Identifier.

socket

RTRSocket this record was received in.

spki

Subject public key info.

rtrlib.records.copy_pfx_record(record)[source]

Copy a pfx record.

Parameters:record (PFXRecord) – The record that should be copied
Return type:PFXRecord

rtrlib.manager_group

class rtrlib.manager_group.ManagerGroup(group)[source]

Wrapper around the rtr_mgr_group struct

Parameters:group (cdata) – A rtr_mgr_group struct
preference

The preference value of the group

sockets

The socket list as RTRSocketList

sockets_len

The sockets_len value of the group

status

The group status as enum34

class rtrlib.manager_group.ManagerGroupStatus[source]

Wrapper around the C enum rtr_mgr_status.

CLOSED = <class 'sphinx.ext.autodoc.RTR_MGR_CLOSED'>

RTR sockets are disconnected

CONNECTING = <class 'sphinx.ext.autodoc.RTR_MGR_CONNECTING'>

RTR sockets trying to establish a connection

ERROR = <class 'sphinx.ext.autodoc.RTR_MGR_ERROR'>

Error occured on at least one RTR socket

ESTABLISHED = <class 'sphinx.ext.autodoc.RTR_MGR_ESTABLISHED'>

All RTR sockets of the group are synchronized with the rtr servers

rtrlib.exceptions

Module for all custom exceptions

exception rtrlib.exceptions.IpConversionException[source]

An Error during str to address conversion or the reverse occurred.

exception rtrlib.exceptions.PFXException[source]

An error during validation occurred.

exception rtrlib.exceptions.RTRInitError[source]

An error during initialization of the RTR manager occurred.

exception rtrlib.exceptions.RTRlibException[source]

rtrlib exception base class.

exception rtrlib.exceptions.SyncTimeout[source]

The timeout was reached while waiting for sync.