Synopsis
- Why do we keep seeing news headlines about major networks not being reachable because traffic got rerouted to somewhere else? BGP mishaps are very common and frighteningly very easy. Examples are malicious route hijacking, mis-origination (fat fingers), and bad filters (route leaks). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.
Target Audience
- Technical staff who are building or operating a service provider or enterprise network, who are looking to improve routing security and implement RPKI.
Pre-requisites
- This workshop is not an introduction. It is assumed that the workshop participants have working knowledge of IP routing.
- We recommend the following Academy courses be completed before the start of the tutorial:
- Routing Basics: https://academy.apnic.net/en/course/routing-fundamentals-course/
- Deploying BGP virtual lab: https://academy.apnic.net/en/virtual-labs?labId=69078
- Linux Virtual Lab: https://academy.apnic.net/en/virtual-labs?labId=87395
Course outline
- BGP Fundamentals
- BGP Attributes and Scaling Techniques
- BGP Policy Control
- BGP Operations & Security BCP
- Internet Routing Security Overview
- BGP Route Leaks Detection & Prevention
- RPKI & Route Origin Validation
Other Requirements
- Participants are advised to bring their own laptop or desktop computers with high-speed internet access and administrative access to system. It is also recommended that computers have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
- Software: SSH Client, Telnet Client (PuTTy)
- Confirm Secure SHell (SSH) is allowed from the office or home network to access the lab infrastructure? Test ssh connectivity, try to connect to route-views.routeviews.org. For example, from the CLI type: ssh [email protected]