[menog] Secure Routing (Route hijacks, leaks, RPKI and more) ...
menog at ripe.net
Mon Jun 22 09:49:23 UTC 2020
Dear MENOG community,
Most network operators today have experienced some sort of route hijacks and/or leaks and whether intentional or not the result has almost always resulted in at best suboptimal routing but more often than not in an Internet outage somewhere on the Internet.
RPKI is a security framework that helps network operators make more informed and secure routing decisions, as it proves the association between specific IP address blocks or ASNs and the holders of those Internet number resources.
(for more info visit: https://www.ripe.net/manage-ips-and-asns/resource-management/certification <https://www.ripe.net/manage-ips-and-asns/resource-management/certification> )
This email has two YouTube links that can help you know everything you need to know about RPKI, why you need it and how to deploy it on your network.
The first link is from a talk that was originally scheduled for MENOG 20 earlier this year.
Cloudflare’s Tom Strickx talk titled “Anatomy of a route leak” provides an insight into the Internet history, and the leaks associated with it, as well as some of the ways that network operators can help prevent it in the future.
The second link covers the “How".
Everything you need to know about creating your own ROAs using the RIPE NCC member interface, validation using three different RPKI validators (The Ripe validator, Routinator and octo RPKI) as well as implementations on four different vendors (Juniper, Arista, Nokia and Cisco).
Please watch carefully and share with your colleagues and if you have any follow up questions there are experts on the mailing list that will be more than happy to add more insights and details.
On behalf of MENOG Sec.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Menog