U.S. R&E Community Embraces Routing Security Thumbnail
Mutually Agreed Norms for Routing Security (MANRS) 14 November 2018

U.S. R&E Community Embraces Routing Security

By Kevin MeynellFormer Senior Manager, Technical and Operational Engagement

The Internet Society participated in a Routing Security Workshop that was held during the Internet2 Technology Exchange 2018 on 15 October 2018 in Orlando, United States. The research and education networking community has been one of the key targets of the MANRS initiative that is promoting adoption of best practices to reduce threats to the global routing system, and this community workshop followed on from a previous engagement we had with Internet2 and a number of other R&E networks in the US earlier in the year.

Internet2 interconnects R&E institutes across the United States in conjunction with regional and state networks, so we see them as a key partner in raising awareness of the routing security issues, as well as encouraging the adoption of the four MANRS principles. Indeed, one of the aims of MANRS is for network operator communities to take ownership of this process by generating awareness and disseminating best practices, along with making recommendations for improvement. So this workshop was a fantastic step in this direction.

Another positive step was Internet2 formally becoming a MANRS participant shortly before the workshop, follow in the footsteps of ESnet, CAAREN, KanREN, George Washington University, Indiana University, and DePaul University. WiscNet subsequently also joined, which brings the total number of R&E networks participating in MANRS to nearly 30.

Around 50 participants attended the workshop, where the opening presentation was provided by myself (Kevin Meynell). This highlighted how the global routing system is constantly under attack, and provided some statistics on who the outages were affected, and who were the potential culprits. It also made the point that whilst more than 60,000 Autonomous Systems make up the Internet, only about 10,000 are considered part of the core, which means routing security can be greatly improved even if only a relatively small percentage of these adopt the MANRS principles.

The remainder of the workshop covered how to implement some of the routing security best practices, including the importance of Internet Routing Registry (IRR) updates, implementation of RPKI and uRPF, as well as how to implement BGP FlowSpec to implement packet filtering in order to mitigate Distributed Denial of Service (DDoS) attacks. There was also an interesting presentation on the Legal Barriers to Securing the Routing Architecture, followed by a discussion on what routing security means to Internet2 members implementing the next generation Internet.

Our colleague Ryan Polk assisted by Fabio Erdos also took the opportunity to interview the representatives of several MANRS participants attending the Internet2 Technology Exchange, to get their views on the routing issues they had encountered, how they were supporting routing security best practices, and why supported the MANRS initiative.

We would like to thank all those who agreed to be interviewed, Paul Howell, Anita Nikolich and Grover Browning who organised the workshop, and Internet2 for hosting it.

Further Information

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Strengthening the Internet 6 September 2024

US Government Networks Get a Security Boost: White House Roadmap Tackles Routing Vulnerabilities

The White House's Roadmap to Enhancing Routing Security is an important step toward strengthening routing security in the United...

Strengthening the Internet 14 May 2024

The US Makes a Big Step Toward Better Routing Security

The US Department of Commerce began implementing better routing security practices—a step in the right direction for wider MANRS...

Securing Border Gateway Protocol (BGP) 18 April 2024

The US FCC Signals a Dangerous New Course on BGP Security

The US Federal Communications Commission recently released a draft Declaratory Ruling and Order in the Open Internet Proceeding. However,...