# BIRD Minimal RTR Client Config This folder provides a minimal BIRD setup for black-box interop testing against this repository's RTR server defaults. Server defaults in this repo: - TCP: `0.0.0.0:323` - SSH: `0.0.0.0:22` (when enabled on server) ## Files - `Dockerfile`: builds a minimal BIRD2 runtime image. - `bird.conf.example`: sample `/etc/bird/bird.conf`. - `bird.conf.ssh.example`: sample SSH transport `/etc/bird/bird.conf`. - `entrypoint.sh`: starts BIRD in foreground mode. - `docker-compose.yml`: one-click local TCP test client. - `docker-compose.ssh.yml`: compose override for SSH transport. By default, the container prints periodic RPKI protocol snapshots to logs every 30 seconds. ## Docker quick start From repository root: ```bash docker compose -f deploy/bird/docker-compose.yml up --build ``` Use another terminal to inspect: ```bash docker logs -f bird-rpki-client ``` If protocol state is `up`, the RTR client path is working. Detached mode: ```bash docker compose -f deploy/bird/docker-compose.yml up -d --build docker logs -f bird-rpki-client ``` Stop: ```bash docker compose -f deploy/bird/docker-compose.yml down ``` ## SSH quick start Start server in SSH mode first: ```bash docker compose -f deploy/server/docker-compose.ssh.yml up -d --build ``` Start BIRD client with SSH override: ```bash docker compose \ -f deploy/bird/docker-compose.yml \ -f deploy/bird/docker-compose.ssh.yml \ up --build ``` In detached mode, observe with: ```bash docker logs -f bird-rpki-client ``` ## Notes - This setup targets RTR over TCP (`remote "host.docker.internal" port 323`). - `network_mode: host` expects your RTR server to be reachable at `host.docker.internal:323` from the container. - Observation is controlled by env vars: `OBSERVE_INTERVAL` (seconds, default `30`) and `OBSERVE_PROTO`. - SSH mode mounts `../../certs` into `/config/ssh` and expects: `bird-rtr-client.pem` and `ssh_host_rsa_key.pub`. - Entrypoint auto-generates `/run/bird/known_hosts` from `/config/ssh/ssh_host_rsa_key.pub` for BIRD SSH host-key verification. - If your environment does not support Docker host networking, switch to a bridge network and replace `remote` addresses accordingly.