Releases · NLnetLabs/routinator

27 Mar 11:31

partim

v0.3.2

1af32f3

This is a bugfix release resolving two issues:

When we moved reading of the TALs to be done only at the start in the last
release, we accidentally made all error messages related to them invisible.
This resulted in Routinator quietly terminating if the TALs were broken.

Additionally, Github user matsm got stung by our RPSL output not being
quite correct. Now IPv6 prefixes are properly provided via a route6:
statement and all lines have Unix-style endings.

Bug Fixes

Print errors when reading the trust anchor locators to standard error
instead of logging them since logging isn’t set up yet at that point.
(#89)
Use route6: fields in RPSL output for IPv6 prefixes. (#96, reported
by @matsm)
Use LF as line endings in RPSL output. Seems that’s what whois uses in
practice, too. (#97, reported by @matsm)

Assets 2

06 Mar 14:06

partim

v0.3.1

f65bd57

0.3.1 ‘More Intensity’

This release ties up some loose ends before some big improvements planned
for the next version. Most importantly, we added a timeout to rsync runs
after a hanging rsync got the entire Routinator RTR daemon stuck. Trust
anchor locators are now only read once when Routinator starts. While this
will make Routinator more robust against accidental file system changes, you
will need now need to restart it if you changed the TALs on purpose.

We fixed a bug where a missing tcp-listen option in the config file would
make Routinator crash in rtrd mode – it will now use the default listen
address 127.0.0.1:3323 as expected.

Finally, we added some more details to the Prometheus metrics introduced in
the last version. These are now given per trust anchor and include not only
the number of VRPs but also of ROAs.

New

TAL files will only be read once when Routinator starts. This
improves robustness at the cost of having to restart Routinator when the
TALs change. (#74)
New option --rsync-timeout setting the maximum number of seconds any
rsync command is allowed to run. This prevents hanging rsync from
blocking Routinator. (#76)
Additional Prometheus metric valid_roas reporting the number of
verified ROAs. Additionally, both metrics are now reported separately
for each TAL. (#78)
Compare RTR serial numbers according to RFC 1932. (#81)

Bug Fixes

A missing tcp-listen option in the config file caused Routinator to
crash in rtrd mode instead of using the default socket. (#80)
Decoding manifest and ROAs now checks that the content type field in the
signed object has the correct object identifier. (rpki-rs #27)

Assets 2

21 Feb 14:24

partim

v0.3.0

7b56f02

0.3.0 ‘It‘s More Fun at the Zoo’

This release implements
RFC 8360 which proposes an
alternative mode for dealing with overclaimed resources in
certificates. It promises to make it easier to deal with resources
being transfered away from a holder.

We have also added an HTTP service to rtrd mode. It is intended
primarily for monitoring - it already supports the metrics endpoint for
Prometheus –, but it also allows you to fetch the list of VRPs via your
browser. We will add more extensive monitoring metrics in future
releases.

Finally, we fixed a bug where some serial numbers in RTR were all wrong.

Breaking Changes

Several API and organizational changes in the Routinator library crate
for the various improvements below.

New

New output format csvext that mimics the output format of the Original
RIPE NCC Validator. (#59)
Support for alternative resource extensions and validation defined in
[RFC 8360]. (The accompanying changes made it quite a bit faster, too.)
(#63)
Support for cargo-deb-based Debian packaging. Thanks to David
Monosov. (#62)
Log warnings for stale manifests and CRLs.
Optional HTTP service in rtrd mode. This can be enabled via the
--listen-http command line option and the listen-http config option.
This is only the beginning of more extensive monitoring support. (#68)

Bug Fixes

Converts the endianess of the serial number in the SerialNotify RTR PDU.
Reported by Massimiliano Stucchi. (#60)

Dependencies

Docker build updated to Rust 1.32 and Alpine Linux 3.9. Thanks to David
Monosov. (#61)

Housekeeping

Included Clippy in Travis runs for better code quality. (#65)

Assets 2

21 Feb 14:25

partim

v0.2.1

f3d5a94

0.2.1 ‘Rated R’

New

The config command now prints the configuration in TOML format and
can be used to create a configuration file for the current
configuration. (#54)
Routinator now builds and runs on Windows. Given that Windows is a Rust
tier 1 platform, we wanted to see how difficult it is to get this
going. Note that you will need the rsync executable that comes with
Cygwin. (#55)

Bug Fixes

Actually use $HOME/.routinator.conf as the default config file as
promised by the documentation. (#49)
Fix a compile time error on 32 bit systems.

Assets 2

21 Feb 14:27

partim

v0.2.0

26084e1

0.2.0 ‘Instant Gezellig’

Breaking Changes

The command line arguments have been restructured to use commands to
determine the mode of operation rather than options. In the course of
that, some options changed, too. (#35)
Add trust anchor information to the CSV, JSON, and RPSL output. (#21)

New

Add a configuration file for all standard options and the options for
the RTR server mode. (#35)
Add a Dockerfile for building and deploying through Docker. Thanks to
David Monosov. (#23)
Output from the rsync runs is now send to the logger and will be handled
according to log settings. Output to stderr is logged with log level
warn, stdout is logged with info. (#27)
New options for daemon mode: pid-file, working-dir, and chroot.
Options to change the user and group in daemon mode are coming soon.
(#42)
In daemon mode, forking now happens after the TALs are checked so that
you can see the error messages and that it fails.
New VRP output format openbgpd which produces a roa-set for
OpenBGPD config.
Thanks to Job Snijders. (#32)
A new command line and config file option rsync-command allows to
choose which command to run for rsync. A new config file option
rsync-args allows to provide arguments to rsync. (#41)

Bug Fixes

The default output format was accidentally changed to none. It is
csv again.

Performance Improvements

Caching of CRL serial numbers for CAs with large manifests leads to
about half the validation time for the current repository. (#34)

Assets 2

21 Feb 14:28

partim

v0.1.2

b11dc6d

0.1.2 ‘And I Cry If I Want To’

Bug Fixes

Panic in iterating over the withdrawals in an RTR set.
When comparing serial numbers for RTR Serial Query, looked at the oldest
known serial not the newest, always returning an empty change set.

Assets 2