On Sat, May 01, 2021 at 12:14:22AM +0200, Sebastian Benoit wrote: > Claudio Jeker(cje...@diehard.n-r-g.com) on 2021.04.29 15:34:15 +0200: > > Like for rsync repos files in the RRDP repos should be delayed until after > > the validation finished. As with anything RPKI related there is little > > trust in the repositories and their abilities to not botch an update. > > > > One thing I'm not sure is what should happen if a file is supposed to be > > removed but is still referenced by some other file. For now this fact is > > logged and the file is kept in the repo. I'm unsure about keeping the > > fine with me, ok benno@ > > > file, it feels like the right move but may result in unreferenced files > > piling up in the rrdp repo dirs. > > > > There is no way to detect stale files in RRDP repos (apart from removing > > all files and fetching a snapshot). So until RRDP grows up to a real sync > > protocol the only thing one can do is to provide a large enough partition > > and to remove the cache from time to time. > > You could get a file listing at the start and then remove files from the > list that are referenced, at the end you delete the ones left. That does not work because when updating via RRDP deltas there is no full list of available files transferred. So if a file is removed the next RRDP run will not restore the file (like rsync does). So if a repo adds an unreferenced file and then a few deltas later change another file to point to that one the validation will fail because the file is missing.
The sync mechanism in RRDP is weak and requires to start fresh from a snapshot from time to time. The problem is that rpki-client will do the same merge game for deltas and snapshots so unless you remove the rrdp cache old file will hang around. -- :wq Claudio
