rpki20200401-au

Securing Internet Routing Tutorial

Date: 1st April 2020
Location: Webinar
Venue: Online

Synopsis

  • Why are BGP mishaps are very common and frighteningly very easy - malicious route hijacking, mis-origination (fat fingers), and route leaks (bad filters). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.
  • This workshop will look at at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should all do to secure Internet routing

Target Audience

  • Anyone interested in understanding issues with BGP (Internet routing) security and practising good hygiene, including filtering based on ROAs.

Pre-requisites

  • This workshop is not an introduction - It is assumed that the workshop participants have a working knowledge IP routing, along with know how to use a router command line interface.
  • The lab exercises use Cisco IOS configuration syntax.

Other Requirements

  • Hardware: It is highly recommended that participants bring their own laptop computers with Wifi(b/g/n) and administrative access to system to practice the lessons learned during the workshops.
  • Software: SSH Client, Telnet Client (PuTTy)

Workshop topics

  • Recent Routing Incidents
  • Current tools/techniques
  • RPKI framework: resource certificates, origin authority, chain of trust
  • Creating ROAs
  • Deploying RPKI validators
  • RTR configuration on routers
  • Filtering with ROAs (Route Origin Validation)
  • Path Validation - why and how?

Workshop Items

  • Agenda (includes links to presentations and schedule)
  • Instructors: Tashi Phuntsho (APNIC), Warren Finch (APNIC), Muhammad Yasir Shamim (APNIC)
  • Survey
  • rpki20200401-au.txt
  • Last modified: 2021/06/17 14:32
  • (external edit)