We are euphoric to announce the latest release of Routinator, version 0.4.0 ‘The Bumpy Road to Love.’
Routinator is an RPKI relying party software that collects and validates statements in the Resource Public Key Infrastructure (RPKI) about allowed route origins and makes them available to the BGP workflow.
This release fundamentally changes the command line options for running the server and introduces a new way to initialize the local RPKI repository used by Routinator. If you have been using previous releases, you will likely have to adjust your tooling. We apologize for this, but we also feel that the new commands are more intuitive and logical.
The command for running the server (previously rtrd) is now called server. It will not detach from the terminal anymore unless explicitly instructed via the -d option.
When we added HTTP support, we intended it to be for monitoring only. But it turned out that using HTTP is very useful for integrating Routinator into existing work flows, so we now make HTTP a first class protocol. Since this means that users may want to use the server mode without RTR, Routinator will not listen on any ports by default any more. Instead, you will have to explicitly choose the protocols, addresses, and ports to listen on. The options for listening are now more intuitive, too: --rtr for RTR and --http for HTTP.
Previously, Routinator automatically installed the TALs if the TAL directory wasn’t present and then stopped because of the missing ARIN TAL. This made it difficult to automatically install TALs in deployments.
This release replaces the automatic mechanism with a manual procedure that is invoked by the new init command.
In addition, we have received permission by ARIN to include their TAL. If you agree with the ARIN Relying Party Agreement, you can now instruct Routinator to install all TALs without having to download anything.
Filtering of VRPs
To make up for all these breaking changes, we added filtering of VRPs in output both via the vrps command and in the HTTP output. Command line options or HTTP query fields allow limiting the output to those VRPs that cover a set of address prefixes or are related to a set of ASNs.