Running as a Daemon¶
Routinator can run as a service that periodically fetches RPKI data, verifies it and makes the resulting data set available through the built-in HTTP server and via the RTR protocol.
The server is not enabled by default for security reasons, nor does it have a
default host or port. You can start the Routinator service using the
server subcommand and specifying to start the HTTP server with the
--http option and the RTR server with the
--rtr option. You
can of course also start both.
Routinator will not reread the trust anchor locators after it has started the service. Thus, if you add or change a TAL you must restart Routinator or send it a SIGUSR1.
If you’re running Routinator on the IPv4 address 192.0.2.13 and you want to start the HTTP server on port 8323 and the RTR server on port 3323, run:
routinator server --http 192.0.2.13:8323 --rtr 192.0.2.13:3323
Make sure IPv6 addresses are in square brackets, e.g.:
routinator server --rtr [2001:0DB8::13]:3323 --rtr 192.0.2.13:3323
Both servers will only start serving data once the first validation run has completed.
By default Routinator will stay attached to your terminal and log to standard
error. You can provide the
--detach option to run it in the background
instead, in which case logging information is written to syslog. To learn more
about what kind of information is returned and how to influence what is logged
and where, refer to the Logging section.
On Linux systems there is an overlap between IPv4 and IPv6. You can’t bind to all interfaces on both address families on the same port. For example, this command will result in a ‘address already in use’ error:
routinator server --rtr 0.0.0.0:3323 --rtr [::]:3323
Instead, to listen to both IPv4 and IPv6 you can simply enter:
routinator server --rtr [::]:3323