The RPKI Workshop Demonstration #2: Installation and Setup video leads the viewer through the process of installing the RPKI workshop on a virtual machine. The charts on this page are intended to be used with this video.


  1. It is assumed the user will be running these commands on a Linux system running the QEMU-KVM virtual machine manager.
  2. Most user names are specific to that VM and won't be used in a production environment. Similarly, the IP addresses are what is used during this configuration. Your addresses may vary.
  3. The tasks are broken down into a number of sub-tasks. Each sub-task is then divided into a number of steps. The GUI actions for each step are provided with a "Time Mark" to show where in the video each step takes place.
  4. The Time Marks are approximate. Most will be a couple seconds prior to the actual action taken in each step. This will hopefully provide a little context for the step prior to it actually being performed.
  5. The commands are all run in a web browser that is connected to the RPKI.NET administrative GUI.
  6. The sudo command is used in several places to execute commands as root. Depending upon certain issues (e.g., your system configuration, timing), you may or may not have to enter your password to use use sudo. The times a password is required in the video are noted here, but those times may not correspond to your own use.

Task Sub-Task Time Mark Page in GUI Thing to Click Text to Enter

Initialize VM for RPKI Workshop
Start QEMU/KVM virtual manager 0:30 host terminal window 1 sudo virt-manager
(and enter your password)
Create a new VM 0:52 VMM window "New" button
Choose how to install O/S 0:56 New VM window (step 1 of 4) select "Import existing disk image"
1:04 "Forward" button
Select storage file
(User must select the image file from their machine.)
1:04 New VM window (step 2 of 4) "Browse" button
Choose O/S type 1:45 "OS type" drop-down
1:46 select "Linux"
Choose version 1:47 "Version" drop-down
1:50 select "Ubuntu Trusty Tahir LTS"
1:54 "Forward" button
Leave RAM and CPU settings as is 1:57 New VM window (step 3 of 4) "Forward" button
Set hostname 2:04 New VM window (step 4 of 4) rpki-workshop
Complete VM initialization 2:10 "Finish" button
Set Up Host and RPKI Workshop VM Workshop VM boots 2:12 VM console window
Provide login data for RPKI workshop host 2:20
enter user 2:22 alice
enter password 2:25 rpkiworkshop
Check VM's internet address 2:35 ifconfig | less
Save VM's internet address to the Host O/S 2:55 host terminal window 1 echo " trusty " | tee -a /etc/hosts
Login to workshop VM 4:02 ssh alice@trusty
enter password 4:10 rpkiworkshop
Demonstration of alice's root authority 4:52 sudo echo hi
Update RPKI certificates 5:04 sudo rpkic update_bpki
Connect to a Quagga Router on the Workshop VM Create another host terminal window   host terminal window 2
Login to a workshop Quagga router 5:40 ssh r3@trusty
enter r3's login password 5:53 fnord
Enter Quagga password 6:00 fnord
Get basic Quagga help 6:10 ?
Get help of "show" command 6:13 show ?
Get help of "show ip" command 6:17 show ip ?
Show list of existing prefixes 6:24 show ip bgp
Logout of Quagga router
(Automatic logout from time-out)
Login to GUI interface Enter GUI URL 6:34 browser login https://trusty
enter username 6:53 root
enter password 6:57 rpkiworkshop
Complete the login procedure 7:00 "Login" button
7:01 Handle List
Port Forwarding for Workshop Access Set up port forwarding to allow workshop use from other hosts 7:14 host terminal window 2
Route SSH connections to port 9022 to the workshop VM's port 22 7:30 sudo iptables -t net -I PREROUTING -i enp0s25 -p tcp --dport 9022 -j DNAT --to
(Interface and IP address are specific to the host. The user must determine the proper values for their system.)
Enter user password for sudo access. 8:10 (enter your password)
Route HTTP connections to port 9443 to the workshop VM's port 443 8:13 sudo iptables -t net -I PREROUTING -i enp0s25 -p tcp --dport 9443 -j DNAT --to
(Interface and IP address are specific to the host. The user must determine the proper values for their system.)

This document is prepared under Contract Number HSHQDC-14-C-B0035 for DHS S&T CSD

Copyright © 2016, Parsons, Inc.
All rights reserved.