Securing BGP Content Roadmap

To build out our section on Securing BGP, our plan is to either find or create the resources listed below.  The content will either be curated (i.e. found on the Internet, verified for accuracy and pointed to with a review from the Deploy360 site) or will be created by the Deploy360 team in conjunction with partners and volunteers.  Our goal is not to be the most comprehensive site of BGP resources but rather the most helpful site.

If you know of current content that you believe would fit our roadmap below, or if you are interested in writing or creating a listed piece of content, please contact us. We also appreciate any feedback on this roadmap – will the resources we have listed here help you secure your usage of BGP?

Please note that we are always looking for the following kinds of information:

The resources below are listed in the rough order of priority that we would like to add them to the Deploy360 site:

Section Content Status
Basics A high level overview of the issues around securing BGP and the set of potential solutions
Basics A simple description of “best practices” for securing BGP
Basics Tutorial on the basics of BGP for use on the Securing BGP Basics page
Basics An animation or presentation with voice would be useful
Basics A high-level overview of BGP prefix filtering
Basics Tutorials on how to perform BGP prefix filtering on different types of routers (Ideally we will have a range of these tutorials for a number of different routers.)
Basics Tutorials on the basics of configuring access control lists (ACLs) on different types of router
Basics Explanation of BOGON prefixes and usage
Basics Page explaining any differences in prefix filtering or ACLs related to IPv6 (primarily for cross-connection into IPv6 section of Deploy360) Potential resource: NANOG BCOP On IPv6 Peering transit
Basics A high-level overview of issues related to BGP route flaps
Basics Tutorial on BGP route flap dampening
Basics Tutorial on AS-path filtering
Basics Tutorial on Next-Hop filtering
Basics A review of and guide to relevant RFCs related to securing BGP
Tools Tutorials about using any of the tools on our Securing BGP Tools page to secure your infrastructure
Tools Video tutorials/screencasts of various tools
Statistics Tutorials about using any of the sites on our Securing BGP Statistics page and in particular how they can be helpful to someone in their own network
Tools A high-level overview of the proposed “BGPSEC” extension (could be an explanation based off of the BGPSEC Overview Internet-Draft)
Tools A high-level overview of the Resource Public Key Infrastructure (RPKI)
Tools Tutorials around how to configure and use the RPKI
Tools A page describing the work of the Secure Inter Domain Routing (SIDR) working group within the IETF
Tools Pages describing the various RFCs and prominent Internet-Drafts that have emerged from SIDR
Books A page listing books both free and commercial explaining BGP that include an emphasis on security
Books Reviews of those books with commentary about the applicability to security
Training Courseware related to securing BGP available for free/open usage

Comments are welcome on this content roadmap.  Please either send us email or complete our feedback form.