Or you can use PBR for destination/source address /port/protocol

Hello @Viacheslav

Just so I understand you correctly, you mean:

A: It would be better to control the connection using policy-based routing.

or

B: It would be good with the source parameter, because then you can create a policy-based routing rule based on this specified IP.

@Loremo I think this contribution would be valuable. Have you made any progress with your PR?

Thanks!

Yes and no. Even before I created this ticket, I tried a small test locally. Unfortunately, I was not able to get the tests to run (even without my changes).

Since I only know VyOS as a user in my private lab and nothing of the internals, I was then unsure after @Viacheslav 's comment whether this makes sense at all and didn't try any further.

But if the change is desired, I can invest more time.

For me personally this change makes sense: a router has multiple interfaces, the Source IP is selected in different ways, and especially for RPKI servers outside the network (public ones), this could even break connectivity. Vendors like Juniper had this issue and eventually added the option, which means probably VyOS will benefit too, especially since "it's just setting a value in FRR's config"™ (famous last words ;).

I am happy to work on this together, if you feel there's a benefit, and since I can't see your contact details on Phabricator, you can find mine on daknob.net -- Just e-mail me :)

It is easy to add
In FRR it looks like:

r4(config-rpki)# rpki cache 192.0.2.1 8888 
  SSH_UNAME   SSH user name
  preference  Preference of the cache server
  source      Configure source IP address of RPKI connection

Needs to add source check to the template https://github.com/vyos/vyos-1x/blob/ca15e16f3f1b5174dc7ee2efa531aa974d3e97db/data/templates/frr/rpki.frr.j2#L8-L10
And add XML source option for configuration https://github.com/vyos/vyos-1x/blob/current/interface-definitions/protocols_rpki.xml.in