v0.17.2

• Fix: configure command, omit extended communities for OpenBGPD configurations.

  This is to avoid the need of using the --ignore-issues extended_communities command line argument.

• Improvement: environment variables expansion when YAML configuration files are read.

v0.17.1

• Fix: minor installation issues.

v0.17.0

• New feature: allow to set the source of IRR objects.

  AS-SETs can be prepended with an optional source: RIPE::AS-FOO, RIPE::AS64496:AS-FOO.

• New feature: support for RPKI-based Origin Validation added to OpenBGPD configurations.

  RPKI ROAs must be loaded from a RIPE RPKI Validator cache file (local or via HTTP).
  Mostly inspired by @job's tool https://github.com/job/rtrsub

• Improvement: RPKI ROAs can be loaded from a local file too.

  The file must be in RIPE RPKI Validator cache format.

• Fix (minor): remove internal communities before accepting blackhole routes tagged with a custom blackhole community.

  This bug did not affect routes tagged with the BLACKHOLE community; anyway, the internal communities were scrubbed before routes were announced to clients.

Upgrade notes: after upgrading, run the arouteserver setup-templates command to sync the local templates with those distributed with the new version. More details on the Upgrading section of the documentation.

v0.16.2

• Fix: avoid empty lists of prefixes when a client's white_list_pref contains only prefixes for an IP version different from the current one.

v0.16.1

• Fix: handle the new version of the JSON schema built by arin-whois-bulk-parser.

v0.16.0

• Improvement: OpenBGPD, more flexibility for inbound communities values.

  This allows to use inbound 'peer_as' communities which overlap with other inbound communities whose last part is a private ASN.

• New feature: use ARIN Whois database dump to authorize routes.

  This feature allows to accept those routes whose origin ASN is authorized by a client AS-SET, whose prefix has not a corresponding route object but is covered by an ARIN Whois record for the same origin ASN.

• Improvement: extend the use of RPKI ROAs as route objects and ARIN Whois database dump to tag_as_set-only mode.

  Before of this, the RPKI ROAs as route objects and ARIN Whois DB dump features were used only when origin AS and prefix enforcing was set.
  Starting with this release they are used even when enforcing is not configured and only the tag_as_set mode is used.

v0.15.0

• New feature: configure and show_config support commands.

  • configure: it can be used to quickly generate a route server policy definition file (general.yml) on the basis of best practices and suggestions.

  • show_config: to display current configuration settings and also options that have been left to their default values.

• New feature: ixf-member-export command, to build IX-F Member Export JSON files from the list of clients.

• Improvement: cache expiry time values can be set for each external resource type: PeeringDB info, IRR data, ...

v0.14.1

• Fix: BIRD, "Unknown instruction 8574 in same (~)" error when reloading IPv6 configurations.

  A missing case for the !~ operator triggers this bug when neighbors are established and trying to reload bird6 configuration.

  Related: issue #20.

v0.14.0

This release breaks backward compatibility (OpenBGPD configs only): for OpenBGPD configurations, starting with this release the Site of Origin Extended BGP communities in the range 65535:* (soo 65535:*) are reserved for internal reasons.

• New feature: use RPKI ROAs as if they were route objects.

  This feature allows to accept those routes whose origin ASN is authorized by a client AS-SET, whose prefix is not but it is covered by a RPKI ROA for the same origin ASN.

  Related: issue #19.

• New feature: automatic checking for new releases.

  This can be disabled by setting check_new_release to False in arouteserver.yml.

• Improvement: routes accepted solely because of a white_list_route entry are now tagged with the route_validated_via_white_list BGP community.

• Fix: on OpenBGPD configurations, in case of duplicate definition of a client's AS-SETs, duplicate BGP informational communities were added after the IRR validation process.

v0.13.0

• New feature: an option to set RFC1997 well-known communities (NO_EXPORT/NO_ADVERTISE) handling policy: pass-through or strict RFC1997 behaviour.

  This breaks backward compatibility: previously, NO_EXPORT/NO_ADVERTISE communities were treated accordingly to the default implementation of the BGP speaker daemon (BIRD, OpenBGPD). Now, ARouteServer's default setting is to treat routes tagged with those communities transparently, that is to announce them to other clients and to pass-through the original RFC1997 communities.

• Improvement: when using PeeringDB records to configure the max-prefix limits, a margin is took into account to accomodate networks that fill the PeeringDB records with their exact route announcement count.

  This breaks backward compatibility: if using max-prefix from PeeringDB, current limits will be raised by the default increment values (+100, +15%): this behaviour can be reverted to the pre-v0.13.0 situation by explicitly setting the max_prefix.peering_db.increment configuration section to 0/0.

  Related: issue #12.

• New feature: client-level white lists for IRRdb-based filters.

  This allows to manually enter routes that must always be accepted by IRRdb-level checks and prefixes and ASNs that must be treated as if they were included within client's AS-SETs.

  Related: issue #16.