‹ Back
IETF 29 October 2013

Rough Guide to IETF 88: Routing Resilience

Andrei Robachevsky
By Andrei RobachevskySenior Director, Technology Programmes

Security is an important topic for the Internet Engineering Task Force (IETF) in general and at IETF 88 next week in Vancouver in particular. Not for nothing, all RFCs are required to have a ‘Security Considerations’ section to encourage document authors to consider security in their designs and to inform the reader of relevant security issues (RFC3552/BCP72). Security has many facets and the specific focus of each IETF working group (WG) is different. Efforts with the common aim of making Internet infrastructure more resilient and secure are spread across several WGs.

Speaking of security and resilience of the Internet routing infrastructure, there are several WGs that contribute in this area: Secure Inter-Domain Routing (SIDR), Global Routing Operations (GROW), Inter-Domain Routing (IDR), and Operational Security (OPSEC) Working Groups, to name a few.

The SIDR WG is focusing on securing inter-domain routing. The overall architecture is based on a Resource PKI (RPKI), which adds an authentication framework to the Border Gateway Protocol (BGP) – a global routing protocol fundamental to the operation of the Internet – requiring a certificate management infrastructure. This is a key technology for improving trust in the routing infrastructure.

In its current phase, the group is working on the BGPSEC requirements and protocol (see, for instance http://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-reqs/). The work on origin validation, allowing a relying party to check if a network (or an Autonomous System, AS) is legitimately announcing a prefix, is mostly complete from a protocol development perspective. Still, discussions continue around issues like scalability of the repository system and best practices for RPKI origin validation.

For example, a draft “Multiple Repository Publication Points support in the Resource Public Key Infrastructure (RPKI)” aimed at improving scalability and resilience of the RPKI infrastructure has generated quite a bit of discussion.

Since the inception of RPKI there were concerns that the hierarchical PKI structure creates new dependencies and associated risks. For instance, a parent Certificate Authority (CA) might make inappropriate changes to the RPKI, either accidentally or deliberately (e.g., as a result of some form of “government mandate”). A new proposal referred to as “Suspenders” is intended to address this risk. This is not a WG item, but it will be discussed during the SIDR WG meeting.

The focus of the GROW WG is on operational problems associated with the global routing system, such as routing table growth, the effects of interactions between interior and exterior routing protocols, and the effect of operational policies and practices on the global routing system, its security and resilience.

For instance, using BGP to implement certain business-driven policies is quite a common practice. Draft draft-ietf-grow-filtering-threats exposes how unexpected traffic flows can emerge in autonomous systems due to the filtering of overlapping BGP prefixes by neighboring domains.

Multilateral interconnection using Internet route servers can dramatically reduce the administrative and operational overhead of IXP participation, and many IXP participants use these systems as a preferred means of exchanging routing information. Draft draft-ietf-grow-ix-bgp-route-server-operations describes operational considerations for multilateral interconnections at IXPs.

Improper handling of malformed BGP attributes may cause serious outages, and even cascading effects affecting other networks. Draft draft-ietf-idr-error-handling, being considered by the IDR WG, discusses the error handling for UPDATE messages, and provides guidelines for the authors of documents defining new attributes. The working group is also working on improving the BGP, and there are several drafts in its portfolio aimed at improving its scalability and resilience.

More immediately, the OPSEC working group, which documents operational issues and best current practices with regard to network security, has a draft in WG last call [draft-ietf-opsec-bgp-security] that summarizes best practices for the security of inter-domain routing, providing guidance for implementing the best approaches to make the system more robust and secure.

In summary, there is a considerable set of work underway across a number of IETF working groups to ensure the Internet’s routing infrastructure is even more secure in both the short and long runs.

Related Working Groups at IETF 88:

IEFT 88 Rough guide:

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Rough Guide to IETF 89: Routing Resilience
Rough Guide to IETF 89: Routing Resilience
Improving Technical Security24 February 2014

Rough Guide to IETF 89: Routing Resilience

Security and resilience are important aspects of IETF work and there are many Working Groups (WGs) that contribute to the...

4 Sessions About Routing Resiliency/Security At IETF 88 Next Week
Deploy36030 October 2013

4 Sessions About Routing Resiliency/Security At IETF 88 Next Week

Next week at IETF 88 in Vancouver the topic of routing resiliency/security will be covered in a variety of different working groups....

Rough Guide to IETF 97: Internet Infrastructure Resilience
Rough Guide to IETF 97: Internet Infrastructure Resilience
Building Trust9 November 2016

Rough Guide to IETF 97: Internet Infrastructure Resilience

Let’s look at what’s happening in the IETF and the upcoming IETF 97 meeting in the area of Internet infrastructure...

Join the conversation with Internet Society members around the world