1. [`--help`](#--help)
2. [`--usage`](#--usage)
3. [`--version`](#--version)
- 4. [`--tal`](#--tal)
- 5. [`--local-repository`](#--local-repository)
- 6. [`--work-offline`](#--work-offline)
- 7. [`--shuffle-uris`](#--shuffle-uris)
- 8. [`--maximum-certificate-depth`](#--maximum-certificate-depth)
- 9. [`--mode`](#--mode)
- 10. [`--server.address`](#--serveraddress)
- 11. [`--server.port`](#--serverport)
- 12. [`--server.backlog`](#--serverbacklog)
- 13. [`--server.interval.validation`](#--serverintervalvalidation)
- 14. [`--server.interval.refresh`](#--serverintervalrefresh)
- 15. [`--server.interval.retry`](#--serverintervalretry)
- 16. [`--server.interval.expire`](#--serverintervalexpire)
- 17. [`--slurm`](#--slurm)
- 18. [`--log.enabled`](#--logenabled)
- 19. [`--log.level`](#--loglevel)
- 20. [`--log.output`](#--logoutput)
- 21. [`--log.color-output`](#--logcolor-output)
- 22. [`--log.file-name-format`](#--logfile-name-format)
- 23. [`--log.facility`](#--logfacility)
- 24. [`--log.tag`](#--logtag)
- 25. [`--validation-log.enabled`](#--validation-logenabled)
- 26. [`--validation-log.level`](#--validation-loglevel)
- 27. [`--validation-log.output`](#--validation-logoutput)
- 28. [`--validation-log.color-output`](#--validation-logcolor-output)
- 29. [`--validation-log.file-name-format`](#--validation-logfile-name-format)
- 30. [`--validation-log.facility`](#--validation-logfacility)
- 31. [`--validation-log.tag`](#--validation-logtag)
- 32. [`--http.enabled`](#--httpenabled)
- 33. [`--http.priority`](#--httppriority)
- 34. [`--http.retry.count`](#--httpretrycount)
- 35. [`--http.retry.interval`](#--httpretryinterval)
- 36. [`--http.user-agent`](#--httpuser-agent)
- 37. [`--http.connect-timeout`](#--httpconnect-timeout)
- 38. [`--http.transfer-timeout`](#--httptransfer-timeout)
- 39. [`--http.idle-timeout`](#--httpidle-timeout)
- 40. [`--http.ca-path`](#--httpca-path)
- 41. [`--output.roa`](#--outputroa)
- 42. [`--output.bgpsec`](#--outputbgpsec)
- 43. [`--output.format`](#--outputformat)
- 44. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
- 45. [`--stale-repository-period`](#--stale-repository-period)
- 46. [`--configuration-file`](#--configuration-file)
- 47. [`--rsync.enabled`](#--rsyncenabled)
- 48. [`--rsync.priority`](#--rsyncpriority)
- 49. [`--rsync.strategy`](#--rsyncstrategy)
+ 4. [`--init-tals`](#--init-tals)
+ 5. [`--tal`](#--tal)
+ 6. [`--local-repository`](#--local-repository)
+ 7. [`--work-offline`](#--work-offline)
+ 8. [`--daemon`](#--daemon)
+ 9. [`--shuffle-uris`](#--shuffle-uris)
+ 10. [`--maximum-certificate-depth`](#--maximum-certificate-depth)
+ 11. [`--mode`](#--mode)
+ 12. [`--server.address`](#--serveraddress)
+ 13. [`--server.port`](#--serverport)
+ 14. [`--server.backlog`](#--serverbacklog)
+ 15. [`--server.interval.validation`](#--serverintervalvalidation)
+ 16. [`--server.interval.refresh`](#--serverintervalrefresh)
+ 17. [`--server.interval.retry`](#--serverintervalretry)
+ 18. [`--server.interval.expire`](#--serverintervalexpire)
+ 19. [`--slurm`](#--slurm)
+ 20. [`--log.enabled`](#--logenabled)
+ 21. [`--log.level`](#--loglevel)
+ 22. [`--log.output`](#--logoutput)
+ 23. [`--log.color-output`](#--logcolor-output)
+ 24. [`--log.file-name-format`](#--logfile-name-format)
+ 25. [`--log.facility`](#--logfacility)
+ 26. [`--log.tag`](#--logtag)
+ 27. [`--validation-log.enabled`](#--validation-logenabled)
+ 28. [`--validation-log.level`](#--validation-loglevel)
+ 29. [`--validation-log.output`](#--validation-logoutput)
+ 30. [`--validation-log.color-output`](#--validation-logcolor-output)
+ 31. [`--validation-log.file-name-format`](#--validation-logfile-name-format)
+ 32. [`--validation-log.facility`](#--validation-logfacility)
+ 33. [`--validation-log.tag`](#--validation-logtag)
+ 34. [`--http.enabled`](#--httpenabled)
+ 35. [`--http.priority`](#--httppriority)
+ 36. [`--http.retry.count`](#--httpretrycount)
+ 37. [`--http.retry.interval`](#--httpretryinterval)
+ 38. [`--http.user-agent`](#--httpuser-agent)
+ 39. [`--http.connect-timeout`](#--httpconnect-timeout)
+ 40. [`--http.transfer-timeout`](#--httptransfer-timeout)
+ 41. [`--http.idle-timeout`](#--httpidle-timeout)
+ 42. [`--http.ca-path`](#--httpca-path)
+ 43. [`--output.roa`](#--outputroa)
+ 44. [`--output.bgpsec`](#--outputbgpsec)
- 45. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
- 46. [`--stale-repository-period`](#--stale-repository-period)
- 47. [`--thread-pool.server.max`](#--thread-poolservermax)
- 48. [`--thread-pool.validation.max`](#--thread-poolvalidationmax)
- 49. [`--rsync.enabled`](#--rsyncenabled)
- 50. [`--rsync.priority`](#--rsyncpriority)
- 51. [`--rsync.strategy`](#--rsyncstrategy)
++ 45. [`--output.format`](#--outputformat)
++ 46. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
++ 47. [`--stale-repository-period`](#--stale-repository-period)
++ 48. [`--thread-pool.server.max`](#--thread-poolservermax)
++ 49. [`--thread-pool.validation.max`](#--thread-poolvalidationmax)
++ 50. [`--rsync.enabled`](#--rsyncenabled)
++ 51. [`--rsync.priority`](#--rsyncpriority)
++ 52. [`--rsync.strategy`](#--rsyncstrategy)
1. [`strict`](#strict)
2. [`root`](#root)
3. [`root-except-ta`](#root-except-ta)
- 50. [`--rsync.retry.count`](#--rsyncretrycount)
- 51. [`--rsync.retry.interval`](#--rsyncretryinterval)
- 52. [`rsync.program`](#rsyncprogram)
- 53. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
- 54. [`rsync.arguments-flat`](#rsyncarguments-flat)
- 55. [`incidences`](#incidences)
- 52. [`--rsync.retry.count`](#--rsyncretrycount)
- 53. [`--rsync.retry.interval`](#--rsyncretryinterval)
- 54. [`--configuration-file`](#--configuration-file)
- 55. [`rsync.program`](#rsyncprogram)
- 56. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
- 57. [`rsync.arguments-flat`](#rsyncarguments-flat)
- 58. [`incidences`](#incidences)
- 59. [`init-locations`](#init-locations)
++ 53. [`--rsync.retry.count`](#--rsyncretrycount)
++ 54. [`--rsync.retry.interval`](#--rsyncretryinterval)
++ 55. [`--configuration-file`](#--configuration-file)
++ 56. [`rsync.program`](#rsyncprogram)
++ 57. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
++ 58. [`rsync.arguments-flat`](#rsyncarguments-flat)
++ 59. [`incidences`](#incidences)
++ 60. [`init-locations`](#init-locations)
3. [Deprecated arguments](#deprecated-arguments)
1. [`--sync-strategy`](#--sync-strategy)
2. [`--rrdp.enabled`](#--rrdpenabled)
[--http.ca-path=<directory>]
[--output.roa=<file>]
[--output.bgpsec=<file>]
+ [--output.format=csv|json]
+ [--thread-pool.server.max=<unsigned integer>]
+ [--thread-pool.validation.max=<unsigned integer>]
```
If an argument is declared more than once, the last one takes precedence:
"output": {
"<a href="#--outputroa">roa</a>": "/tmp/fort/roas.csv",
- "<a href="#--outputbgpsec">bgpsec</a>": "/tmp/fort/bgpsec.csv"
+ "<a href="#--outputbgpsec">bgpsec</a>": "/tmp/fort/bgpsec.csv",
+ "<a href="#--outputformat">format</a>": "csv"
},
+ "thread-pool": {
+ "server": {
+ "<a href="#--thread-poolservermax">max</a>": 20
+ },
+ "validation": {
+ "<a href="#--thread-poolvalidationmax">max</a>": 5
+ }
+ },
+
"<a href="#--asn1-decode-max-stack">asn1-decode-max-stack</a>": 4096,
"<a href="#--stale-repository-period">stale-repository-period</a>": 43200
}
In order to print the Router Keys at console, use a hyphen as the \fIFILE\fR
value, eg.
.B \-\-output.bgpsec=-
+.P
+By default, it has no value set.
.RE
+.P
+
+.B \-\-output.format=\fIcsv\fR|\fIjson\fR
+.RS 4
+Output format for \fI--output.roa\fR and \fI--output.bgpsec\fR.
+.P
+By default, it has a value of \fIcsv\fR.
+.RE
+.P
+ .B \-\-thread-pool.server.max=\fIUNSIGNED_INTEGER\fR
+ .RS 4
+ Maximum number of threads that will be spawned at an internal thread pool to
+ attend incoming RTR clients (i.e. routers).
+ .P
+ The thread pool assigns one thread per RTR client, so a maximum of
+ \fI--thread-pool.server.max\fR clients will be attended simultaneously. If the
+ max limit is reached, any incoming client will be rejected: an RTR error PDU
+ will be sent to the client and the connection will be closed by the server.
+ .P
+ Once the client or the server terminates the session, the corresponding thread
+ will be returned to the pool so that it can be used again by any other incoming
+ client.
+ .P
+ By default, it has a value of \fI20\fR. Minimum allowed value: \fI1\fR,
+ maximum allowed value \fI500\fR.
+ .RE
+
+ .B \-\-thread-pool.validation.max=\fIUNSIGNED_INTEGER\fR
+ .RS 4
+ Maximum number of threads that will be spawned at an internal thread pool in
+ order to run validation cycles.
+ .P
+ When a validation cycle begins, one thread per configured TAL is utilized; once
+ the whole RPKI tree of the TAL is validated, the thread is returned to the pool.
+ .P
+ If there are more TALs at \fI--tal\fR than \fI--thread-pool.validation.max\fR
+ threads at the pool, is very likely that the validation cycles take a bit more
+ of time to complete since only \fI--thread-pool.validation.max\fR threads will
+ be working at the same time. E.g. if \fI--thread-pool.validation.max=2\fR and
+ the location at \fI--tal\fR has 4 TAL files, only 2 TALs will be validated
+ simultaneously while the rest waits in a queue until there's an available thread
+ at the pool to attend them.
+ .P
+ By default, it has a value of \fI5\fR. Minimum allowed value: \fI1\fR,
+ maximum allowed value \fI100\fR.
+ .RE
+
.B \-\-asn1-decode-max-stack=\fIUNSIGNED_INTEGER\fR
.RS 4
ASN1 decoder max allowed stack size in bytes, utilized to avoid a stack
],
"output": {
"roa": "/tmp/fort/roas.csv",
- "bgpsec": "/tmp/fort/bgpsec.csv"
+ "bgpsec": "/tmp/fort/bgpsec.csv",
+ "format": "csv"
},
+ "thread-pool": {
+ "server": {
+ "max": 20
+ },
+ "validation": {
+ "max": 5
+ }
+ },
"asn1-decode-max-stack": 4096,
"stale-repository-period": 43200
}
projects / thirdparty / FORT-validator.git / commitdiff
