28–29 May 2019
Orea Hotel Voronez
Europe/Prague timezone

Observing your MANRS

29 May 2019, 14:00
30m
Congress Hall (Orea Hotel Voronez)

Congress Hall

Orea Hotel Voronez

Krizkovskeho 47 603 73 Brno Czech Republic
CSNOG 2019 CSNOG2

Description

There are over 60,000 networks comprising the Internet that exchange reachability information using the Border Gateway Protocol (BGP), but the problem is that BGP is almost entirely based on trust with no built-in validation of the legitimacy of routing updates. This causes many problems such as IP prefix hijacking, route leaks, and IP address spoofing, and there have been a growing number of major incidents in the past few years. There are solutions to address these issues, but securing one’s own network does not necessarily make it more secure as it remains reliant on other operators also implementing these solutions too.

The Mutually Assured Norms for Routing Security (MANRS) initiative https://www.manrs.org) therefore tries to address these problems by encouraging network operators, content providers and IXPs to subscribe to four actions including filtering, anti-spoofing, coordination and address prefix validation, and has developed resources to help them implement these. This includes the MANRS Best Current Operational Practice (https://www.manrs.org/bcop/) which is a technical document providing step-by-step instructions, along with a set of online training modules, whilst the forthcoming MANRS Observatory will allow network operators to view the routing incidents that affect their networks.

By implementing these actions, operators are promoting a culture of collaborative responsibility, and are improving the security of the global routing system. MANRS is an opportunity to demonstrate they are committed to a secure Internet and by setting an example to other operators.

Primary author

Kevin Meynell (Internet Society)

Presentation materials