Tutorial

Online: Securing Internet Routing

Start
09:30 - 30 April 2020
End
17:30 - 30 April 2020
Location
Time shown in UTC +10.00

Synopsis

THIS ONLINE TUTORIAL IS FULL.

Why are BGP mishaps are very common and frighteningly very easy – malicious route hijacking, mis-origination (fat fingers), and route leaks (bad filters). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.

This online tutorial will look at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should all do to secure Internet routing.

Fees

This online tutorial is fee-free.

Target audience

Anyone interested in understanding issues with BGP (Internet routing) security and practising good hygiene, including filtering based on ROAs.

Prerequisites

This workshop is not an introduction – It is assumed that the workshop participants have a working knowledge IP routing, along with know how to use a router command line interface.

The lab exercises use Cisco IOS configuration syntax.

Course outline

  • Recent Routing Incidents
  • Current tools/techniques
  • RPKI framework: resource certificates, origin authority, chain of trust
  • Creating ROAs
  • Deploying RPKI validators
  • RTR configuration on routers
  • Filtering with ROAs (Route Origin Validation)
  • Path Validation – why and how?

Other requirements

Hardware: It is highly recommended that participants laptop computers have Wifi(b/g/n) and administrative access to system to practice the lessons learned during the workshops.

Software requirements: SSH Client, Telnet Client (PuTTy)

Maximum number of attendees

There are a limited number of places available for this tutorial.