The connect-interface command specifies a source interface to send RPKI messages and a source IP address to set up a RPKI session.
The undo connect-interface command restores the default configuration.
By default, no source interface is specified to send RPKI messages.
connect-interface { interface-name | localIpv6Addr | interface-type interface-number | interface-name localIpv6Addr | interface-type interface-number localIpv6Addr }
undo connect-interface { interface-name | localIpv6Addr | interface-type interface-number | interface-name localIpv6Addr | interface-type interface-number localIpv6Addr }
| Parameter | Description | Value |
|---|---|---|
| interface-name |
Specifies an interface name. |
The value is a string of 1 to 63 case-sensitive characters. It cannot contain spaces. |
| localIpv6Addr |
Specifies a source IPv6 address to set up a RPKI session. |
The value is a 32-digit hexadecimal number, in the format of X:X:X:X:X:X:X:X. |
| interface-type |
Specifies an interface type and number. |
- |
| interface-number |
Specifies an interface type and number. |
The value is a string of 1 to 63 case-sensitive characters, spaces not supported. |
Usage Scenario
By default, the device uses the source address automatically selected by the system to establish a connection with the RPKI server. However, when the connection flaps, the source address changes. If security measures such as the whitelist are configured on the server, the server verifies the source address. If the source address is not in the whitelist, the server rejects the connection. Therefore, if a device frequently changes its source address in connection flapping scenarios, the device may fail to establish a connection with the RPKI server. To solve this problem, you can run this command to specify the source address for sending RPKI packets.
Precautions
Running this command will re-establish the RPKI session. Exercise caution when running this command.