Why are BGP mishaps are very common and frighteningly very easy – malicious route hijacking, mis-origination (fat fingers), and route leaks (bad filters). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.
This online tutorial will look at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should all do to secure Internet routing.
Note: you must attend the theory session on 13 May to attend this lab session on 14 May.
This online tutorial is fee-free.
Anyone interested in understanding issues with BGP (Internet routing) security and practising good hygiene, including filtering based on ROAs.
The lab exercises use Cisco IOS configuration syntax.
Recent Routing Incidents
RPKI framework: resource certificates, origin authority, chain of trust
Deploying RPKI validators
RTR configuration on routers
Filtering with ROAs (Route Origin Validation)
Path Validation – why and how?
Hardware: It is highly recommended that participants laptop computers have Wifi(b/g/n) and administrative access to system to practice the lessons learned during the workshops.
Software requirements: SSH Client, Telnet Client (PuTTy)
Maximum number of attendees
There are a limited number of places available for this tutorial.
This is a 2-part tutorial:
Wednesday 13 May – theory session (note: you must attend this theory session to attend the lab session on 14 May)
Day 1 – Registration URL: https://apnic.zoom.us/meeting/register/tJclceutrzMoHtH-k0Mak8QQgrK8xIBcKSGr
Thursday 14 May – lab session – there will be a limit on the number of attendees for this lab session.