Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Routing Health Measurement Bar BoF

Published bySilvia Booker Modified over 6 years ago

Similar presentations

Presentation on theme: "Internet Routing Health Measurement Bar BoF"— Presentation transcript:

1 Internet Routing Health Measurement Bar BoF
25 October 2017 Internet Routing Health Measurement Bar BoF Sunday, 22 October 2017 Kevin Meynell Content & Resource Manager Presentation title – Client name

2 Objectives of BoF MANRS (Mutually Assured Norms for Routing Security) is community initiative to promote culture of collaborative responsibility for stability of routing system Defines four concrete actions that network operators should implement: filtering, anti-spoofing, coordination & global validation To discuss ideas for measuring the health of the Internet routing system Aim to develop some empirical data to strengthen the case for collaborative routing security, including indications of good and bad security, and what metrics would accurately reflect this 20 participants at BoF

3 Summary points Well we didn’t entirely manage to achieve the original objectives of the BoF! The participants saw little purpose in trying to devise metrics to measure the health of the Internet routing system, before identifying why previous and current attempts to address the issue of route leaks, hijacks and general BGP churn were essentially failures Less than 2% of IP prefixes cause 90% of the routing updates, so the problem lies with a relatively small number of ASes The problem with any tool or metrics detecting IP route misconfiguration or hijacking is finding one that doesn’t generate too many false positives Any mechanisms and metrics need to be able to identify leaks and make theft difficult, but must be lightweight enough not to affect basic functioning and scalability of BGP

4 Consensus: Don’t Shoot the Messenger!
Should be recognised that RKPI is not addressing the problem, and should be a neutral and dispassionate analysis of why this mechanism has such limited deployment It was felt BGPsec will also not address the problem, and is not likely to be deployed The discussion should be removed from the IETF and those with existing interests in the development of RPKI and BGPsec, and an analysis undertaken of the vendor and network operator industry. ISOC as an independent and dispassionate third-party was asked to organise a series of stakeholder workshops with (major) vendors and network operators, as well as with the RIR communities. What are their specific concerns, how would they address the problems, and what do they think is the best way to approach the issues? 

Download ppt "Internet Routing Health Measurement Bar BoF"

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.

APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.
RPKI and Routing Security ICANN 44 June 2012. Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.

RPKI and Routing Security ICANN 44 June Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
An Introduction to Routing Security (and RPKI Tools) Geoff Huston May 2013.

An Introduction to Routing Security (and RPKI Tools) Geoff Huston May 2013.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
The Resource Public Key Infrastructure Geoff Huston APNIC.

The Resource Public Key Infrastructure Geoff Huston APNIC.
APNIC eLearning: Intro to RPKI 10 December 2014 12:30 PM AEST Brisbane (UTC+10)

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)
Working Group #4: Network Security – Best Practices March 6, 2013 Presenters: Rod Rasmussen, Internet Identity Tony Tauber, Comcast WG #4.

Working Group #4: Network Security – Best Practices March 6, 2013 Presenters: Rod Rasmussen, Internet Identity Tony Tauber, Comcast WG #4.
Information-Centric Networks04a-1 Week 4 / Paper 1 Open issues in Interdomain Routing: a survey –Marcelo Yannuzzi, Xavier Masip-Bruin, Olivier Bonaventure.

Information-Centric Networks04a-1 Week 4 / Paper 1 Open issues in Interdomain Routing: a survey –Marcelo Yannuzzi, Xavier Masip-Bruin, Olivier Bonaventure.
Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.
AFRINIC Update Anne-Rachel Inné COO, AFRINIC ARIN 32, Phoenix October 2013.

AFRINIC Update Anne-Rachel Inné COO, AFRINIC ARIN 32, Phoenix October 2013.
Status Report SIDR and Origination Validation Geoff Huston SIDR WG, IETF 71 March 2008.

Status Report SIDR and Origination Validation Geoff Huston SIDR WG, IETF 71 March 2008.
A BCOP document: Implementing MANRS Job Snijders (NTT) Andrei Robachevsky (ISOC)

A BCOP document: Implementing MANRS Job Snijders (NTT) Andrei Robachevsky (ISOC)
1 Internet Society Collaborative Security & MANRS ENOG 10 – 14 October 2015, Odessa Maarit Palovirta

1 Internet Society Collaborative Security & MANRS ENOG 10 – 14 October 2015, Odessa Maarit Palovirta
BGP Validation Russ White Rule11.us.

BGP Validation Russ White Rule11.us.
Phase 2 of the National Accreditation System (NAS) and your CLC Monica Roberts Regional Accreditation Coordinator Meg Houston National Accreditation Coordinator.

Phase 2 of the National Accreditation System (NAS) and your CLC Monica Roberts Regional Accreditation Coordinator Meg Houston National Accreditation Coordinator.
Monitoring & Evaluation Capacity Strengthening Workshop WORKSHOP INTRODUCTION AND OVERVIEW.

Monitoring & Evaluation Capacity Strengthening Workshop WORKSHOP INTRODUCTION AND OVERVIEW.

Similar presentations

Ads by Google