Arouteserver

-------

- Fix: handle more formats for ROAs exported from the public instances of RIPE and NTT validators.

A new way of representing ASNs (without the "AS" prefix) and new TA names which were not matched by the default values of ``rpki_roas.allowed_trust_anchors`` prevented ROAs from being imported and correctly processed when the default settings were used.

-------

This is the last release of ARouteServer for which Python 2.7 compatibility is guaranteed. From the next release, any new feature will not be tested against that version of Python.

- New: `OpenBGPD Portable <https://github.com/openbgpd-portable/openbgpd-portable>` (release 6.5p1) also supported.

Release 6.5p1 of OpenBGPD Portable edition passed the integration testing suite.

- New: add support for OpenBGPD/OpenBSD 6.5 enhancements.

Support for matching multiple communities at the same time allows to create more readable configurations.

- Improvement: OpenBGPD, some filters refinement.

Avoid checking AS0 in AS_PATH since 6.4.
No needs to check routes of an address family different than the one used for the session.

As announced with release 0.20.0, OpenBGPD/OpenBSD 6.2 is no longer tested. Also OpenBGPD/OpenBSD 6.3 tests have been decommissioned.
Starting with this release, tests will be executed only against the 2 most recent releases of OpenBGPD/OpenBSD and against the last release of the supported major versions of BIRD.
The implementation of new features may break compatibility of the configurations built for unsupported releases.

-------

- Deprecation: SAVVIS IRR removed from the list of default sources used by bgpq3.

- Fix (minor): truncate the max length of AS-SET names to 64 characters.

BIRD supports only names no longer than 64 characters.

Related: `issue 47 on GitHub <https://github.com/pierky/arouteserver/issues/47>`_.

-------

- Improvement: when ``ripe-rpki-validator-cache`` is set as the source of ROAs, multiple URLs can now be specified to fetch data from.

URLs will be tried in the same order as they are configured; if the attempt to download ROAs from the first URL fails, the second URL will be tried, an so on.

By default, the `RIPE NCC public instance <https://rpki-validator.ripe.net/>`_ of the RIPE RPKI Validator will be tried first, then the `NTT instance <https://rpki.gin.ntt.net/>`_. The list of URLs can be set in the ``general.yml`` configuration file, ``roas.ripe_rpki_validator_url`` option.

-------

This is the last release of ARouteServer for which OpenBGPD/OpenBSD 6.1 and 6.2 CI tests are ran. From the next release, any new feature will not be tested against these versions of OpenBGPD. Users are encouraged to move to newer releases.

- New: add support for OpenBGPD/OpenBSD 6.4 `enhancements <https://ripe77.ripe.net/presentations/143-openbsd-status.pdf>`_.

Use new sets for prefixes, ASNum, and origins (prefix + source-as), and also RPKI ROA sets.

- Improvement: OpenBGPD, reduce the number of rules by combining some into the same rule.

- Improvement: route server policies definition files built using the ``configure`` command now have RPKI BGP Origin Validation and "use-ROAs-as-route-objects" enabled by default.

As announced with release 0.19.0, OpenBGPD/OpenBSD 6.0 is no longer tested.
The implementation of new features may break compatibility of the configurations built for unsupported releases.

Most of this release is based on the work made by `Claudio Jeker <https://github.com/cjeker>`_.

-------

- Fix (BIRD configuration only): change ``bgp_path.last`` with ``bgp_path.last_nonaggregated``.

When a route is originated from the aggregation of two different routes using the AS_SET, ``bgp_path.last`` always returns 0, so the origin ASN validation against IRR always fails.

Related: `issue 34 on GitHub <https://github.com/pierky/arouteserver/issues/34>`_.