IRRd 2.3.6 on Fedora 13
Install Fedora 13 fresh, and use a “minimal/minimum install”
Once Fedora has installed, log in as root, and configure and turn up the network interface
Install the fastest mirror plugin for yum, gcc, flex, make, byacc, and wget, mlocate, telnet, bison, xinetd, mailx, jwhois, and man, then update everything.
yum install yum-plugin-fastestmirror -y yum install gcc flex make byacc wget mlocate telnet bison xinetd mailx jwhois man -y yum update -y
download and un tar/gunzip the irr daemon to root’s home dir
cd ~ wget http://www.irrd.net/irrd2.3.9.tgz tar -zxf irrd2.3.9.tgz
configure, make, and install the irr daemon
cd irrd2.3.9/src ./configure make make install
copy the irrd.conf.sample to /etc/irrd.conf and open it for editing
uncomment the “password” line and change the password (default is foo, this is a cleartext value)
! password testpass123 uii_port 5673 !
comment out the radb mirroring
! !irr_database radb mirror whois.radb.net 43 !
change the default db to something more attractive
! irr_database switchnap authoritative !
save the config
edit /etc/services and add the following lines
# IRRd Service Port
irrd 5673/tcp
create a pgp directory somewhere
mkdir /var/spool/irr_database/.pgp
add the following line to /etc/irrd.conf
pgp_dir /var/spool/irr_database/.pgp
using the ~/irrd2.3.6/src/irr_util/crypt_gen program, generate an encrypted override password
~/irrd2.3.6/src/irr_util/crypt_gen test (where test is the password you want to use) encrypted passwd is "pfHKv25Fdk7bA"
now add the following line to the end of your /etc/irrd.conf
override_cryptpw pfHKv25Fdk7bA
finally add the dbadmin’s email to the /etc/irrd.conf
db_admin db-admin@yourdomain.com
start the irrd daemon
/usr/local/sbin/irrd
add the following line to /etc/aliases
# IRRd Auto Submit auto-dbm: "|/usr/local/sbin/irr_rpsl_submit"
then save and close the file, and run the following command
[root@irrd irr_util]# newaliases /etc/aliases: 77 aliases, longest 65 bytes, 838 bytes total
create /etc/xinetd.d/irr_rpsl_submit-stream and populate it with the following:
service irr_rpsl_submit
{
# This is for quick on or off of the service
disable = no
# The next attributes are mandatory for all services
id = irr_rpsl_submit-stream
type = UNLISTED
wait = no
socket_type = stream
# protocol = socket type is usually enough
# External services must fill out the following
user = root
# group =
server = /usr/local/sbin/irr_rpsl_submit
server_args = -D
# External services not listed in /etc/services must fill out the next one
port = 8888
# RPC based services must fill out these
# rpc_version =
# rpc_number =
# Logging options
# log_type =
# log_on_success =
# log_on_failure =
# Networking options
# flags =
# bind =
# redirect =
# v6only =
# Access restrictions
# only_from =
# no_access =
# access_times =
# cps = 50 10
# instances = UNLIMITED
# per_source = UNLIMITED
# max_load = 0
# deny_time = 120
# mdns = yes
# Environmental options
# env =
# passenv =
# nice = 0
# umask = 022
# groups = yes
# rlimit_as =
# rlimit_cpu =
# rlimit_data =
# rlimit_rss =
# rlimit_stack =
# Banner options. (Banners aren't normally used)
# banner =
# banner_success =
# banner_fail =
}
then restart xinetd
service xinetd restart
now we have to add irr_rpsl_submit to the allowed sendmail programs
cd /etc/smrsh ln -s /path/to/irr_rpsl_submit service sendmail restart
now test, it should function!
09/28/2010
Phil Pillera <ppillera [ a t ] gmail [ d o t ] com>