Skip to content

This release adds actual RPKI origin validation to Routinator itself.
An address prefix and AS number can now be checked for its RPKI status
on the command line via the new validate command or via the HTTP server.
The latter is done provided in a way compatible with the
API provided by the RIPE NCC RPKI Validator.

The release also includes some breaking changes to the Prometheus metrics.
Back when we introduced those, we chose names for the metrics that didn’t
start with a prefix allowing to identify them as being from Routinator.
This is now corrected and all metrics start with routinator_.
While at it, we added new metrics for the rsync commands being run by
Routinator, showing both their exit status codes and how long they took.

In addition, there has been quite a few internal plumbing changes. One more
visible change is that Routinator will now delete the data for rsync modules
that aren’t referenced anymore, keeping the local repository clean and small.


Breaking Changes

  • Prometheus metrics are now prefixed with routinator_. (#162 by
    @momorientes)
  • Added --timeout option to rsync call. This seems to be available on
    most rsync versions in use. Should that not be the case, you can use
    the rsync-args config file option to define your own set of rsync
    arguments, overriding this behaviour. ([#176])

New

  • The local copy of the repository is now cleaned up after each validation
    run, removing directories and files that weren’t referenced during the
    run. This can be disabled with the new --dirty command line and
    dirty config file options. (#180)
  • You can now check pairs of address prefix and AS number for their RPKI
    origin validation status either via the HTTP interface or the new validate
    command. The HTTP API is the same as that used by the RIPE NCC RPKI
    Validator for easy migration. (#173)
  • Output format summary which will print a summary of the content of the
    RPKI repository. (#167)
  • The ARIN TAL can now be skipped during init with the --decline-arin-rpa
    option. (#169)
  • Various commands have received a --complete option that causes them to
    exit with status code 2 if any of the rsync commands fails. ([#177)]
  • Additional metrics showing the status and duration of rsync commands.
    (#178)

Bug Fixes

  • Fix Prometheus metrics output – Prometheus insists on a line break at the
    end of the last line. (#156)
  • Fix Prometheus metrics definitions. (#161 by @momorientes)
  • The HTTP server can now deal with unreasonably large requests. It has
    been switched to using hyper. (#171)
Assets 2
You can’t perform that action at this time.