To build out our section on Securing BGP, our plan is to either find or create the resources listed below. The content will either be curated (i.e. found on the Internet, verified for accuracy and pointed to with a review from the Deploy360 site) or will be created by the Deploy360 team in conjunction with partners and volunteers. Our goal is not to be the most comprehensive site of BGP resources but rather the most helpful site.
If you know of current content that you believe would fit our roadmap below, or if you are interested in writing or creating a listed piece of content, please contact us. We also appreciate any feedback on this roadmap – will the resources we have listed here help you secure your usage of BGP?
Please note that we are always looking for the following kinds of information:
- Case studies of security issues related to BGP in either written or video form for our Securing BGP Case Studies page.
- Reports or whitepapers relevant to securing BGP for our Securing BGP Reports page.
- BGP-related statistics sites for our Securing BGP Statistics page.
- New tools for our Securing BGP Tools page.
The resources below are listed in the rough order of priority that we would like to add them to the Deploy360 site:
|Basics||A high level overview of the issues around securing BGP and the set of potential solutions|
|Basics||A simple description of “best practices” for securing BGP|
|Basics||Tutorial on the basics of BGP for use on the Securing BGP Basics page|
|Basics||An animation or presentation with voice would be useful|
|Basics||A high-level overview of BGP prefix filtering|
|Basics||Tutorials on how to perform BGP prefix filtering on different types of routers (Ideally we will have a range of these tutorials for a number of different routers.)|
|Basics||Tutorials on the basics of configuring access control lists (ACLs) on different types of router|
|Basics||Explanation of BOGON prefixes and usage|
|Basics||Page explaining any differences in prefix filtering or ACLs related to IPv6 (primarily for cross-connection into IPv6 section of Deploy360)||Potential resource: NANOG BCOP On IPv6 Peering transit|
|Basics||A high-level overview of issues related to BGP route flaps|
|Basics||Tutorial on BGP route flap dampening|
|Basics||Tutorial on AS-path filtering|
|Basics||Tutorial on Next-Hop filtering|
|Basics||A review of and guide to relevant RFCs related to securing BGP|
|Tools||Tutorials about using any of the tools on our Securing BGP Tools page to secure your infrastructure|
|Tools||Video tutorials/screencasts of various tools|
|Statistics||Tutorials about using any of the sites on our Securing BGP Statistics page and in particular how they can be helpful to someone in their own network|
|Tools||A high-level overview of the proposed “BGPSEC” extension (could be an explanation based off of the BGPSEC Overview Internet-Draft)|
|Tools||A high-level overview of the Resource Public Key Infrastructure (RPKI)|
|Tools||Tutorials around how to configure and use the RPKI|
|Tools||A page describing the work of the Secure Inter Domain Routing (SIDR) working group within the IETF|
|Tools||Pages describing the various RFCs and prominent Internet-Drafts that have emerged from SIDR|
|Books||A page listing books both free and commercial explaining BGP that include an emphasis on security|
|Books||Reviews of those books with commentary about the applicability to security|
|Training||Courseware related to securing BGP available for free/open usage|
Comments are welcome on this content roadmap. Please either send us email or complete our feedback form.