PacNOG: Live online Securing Internet Routing Tutorial

11:00 - 01 July 2020
15:30 - 02 July 2020
Time shown in UTC +12.00

Register now


Why do we keep seeing news headlines about major networks not being reachable because traffic got rerouted to somewhere else? BGP mishaps are very common and frighteningly very easy. Examples are malicious route hijacking, mis-origination (fat fingers), and bad filters (route leaks). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.

This tutorial will look at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should do to secure the Internet routing instead of waiting for an ideal solution that fixes all issues.


This live online tutorial will be held at the online PacNOG 26 event, please visit the event webpage for full details and to register – https://pacnog.org/pacnog26/

Target audience

Anyone interested in understanding issues with securing the internet routing system and the use of filtering tools/techniques including filtering using ROAs.


  • This workshop is not an introduction – It is assumed that the workshop participants have a working knowledge of IP Routing (OSPF/IS-IS and BGP fundamentals), along with know how to use a router command line interface.
  • The lab exercises use Cisco IOS syntax and Linux CLI.

Course outline

  • Recent Routing Incidents
  • Current tools and techniques
  • RPKI framework: resource certificates, origin authority, chain of trust
  • Creating ROAs
  • Deploying RPKI validators
  • RTR configuration on routers
  • Filtering with ROAs (Route Origin Validation)
  • Path Validation – why and how?

Other requirements

Software: SSH Client (Ex – PuTTy)

Maximum number of attendees

Maximum 48 attendees.

Please note

This live online tutorial will consist of 4 sessions:

  • Timings: 11:00-12:30 and 14:00-15:30 each day (UTC +12.00);
  • Participation in all 4 sessions is required to complete the course.