Update rate

[reuteran]

Hey!

I've been wondering if there is a way to use custom update times for the trust anchors? I couldn't find anything in the conf file and I thought before digging through the source code I'd ask here first!

[AlexanderBand]

Hi Andreas!

The RPKI Validator is currently hard coded to update each Trust Anchor every 4 hours. The only way to force a refresh is by hitting the "Update" button on the Trust Anchors page in the UI. This was done so that people wouldn't frivolously set this interval to 30 seconds for example, but we're open to change this functionality.

The publication of ROAs for the RIPE NCC Trust Anchor is about once every 15 minutes, and as far as I know we are the quickest.

What update interval did you have in mind?

[reuteran]

Hey Alexander, thank you for your response. I did not have a concrete interval in mind, but I would like to use the validator with a live BGP stream and would like to have the newest RPKI data available as fast as possible (without updating too much). I was wondering if you could tell me roughly where to look if I want to change the rate myself (I'll make sure of course to not use something frivolous!)?

[waehlisch]

+1 for making this parameter configurable.

[AlexanderBand]

This is on the list for version 2.17. We'll deploy it soon! Almost done.

[waehlisch]

Great! Thanks Alex.

[omuravskiy]

There are now three configuration options available:

validation.interval defines a period between validation runs for a trust anchor.

fetch.rddp.interval and fetch.rsync.interval define a period of time within which already downloaded objects will not be updated from remote repositories, for RRDP and rsync repositories, accordingly.

I think this resolves the issue.