Donate
Taking MANRS on the Road Going North Thumbnail
‹ Back
Improving Technical Security 19 October 2015

Taking MANRS on the Road Going North

Andrei Robachevsky
By Andrei RobachevskySenior Technology Programme Manager

Two weeks ago, we organized a panel discussion on the Mutually Agreed Norms for Routing Security (“MANRS”) document at NANOG65 in Montreal. It was wonderful to see that three MANRS participants – Tony Tauber (Comcast), Job Snijders (NTT), and Rob Hagens (Zayo) – were on the panel discussing some important aspects of MANRS and routing security in general. Andree Toonk from BGPmon.net also participated, providing an overview of the security landscape.

Perhaps the most important questions were: (a) Why join MANRS? and (b) What difference can it make?

I think the takeaways from this discussion can be summarized in three bullet points:

  • Because security of the global routing system is a sum of all contributions
  • Because this is a way to visibly define and promote a new baseline in routing security
  • Because a community has gravity that can attract others, producing a network effect

Another, similar discussion happened again last week, this time in Northern Europe, in Stockholm during the Netnod meeting.

The title of my presentation, “How can we work together to improve security and resilience of the global routing system?” contained part of the answer that MANRS participants believe in: we can only improve the situation by working together. And the MANRS initiative itself offers a possible answer to the how.

Reflecting on an old well-known incident of YouTube prefix hijacking, one can observe that YouTube, by itself, could not protect its network from hijacking, but that Pakistan Telecom and PCCW could. What YouTube could have done is mitigate the attack – and that is what it did – but the damage had already been done. Another thing that a network can do is to help others to protect their networks. For instance, letting others know what announcements to expect by registering this information in an IRR, or RPKI.

The promise of MANRS is that it can help others to protect your network. But to make this happen, you should join, too.

There was strong support for the idea that implementing the actions identified in MANRS is a good way to go that can make routing more secure and reliable. There was less agreement that one should also join the MANRS initiative, though. Apart from traditional shyness (we are simply doing our job well), there are other factors, like perceived difficulties of convincing other people in the company of the benefits of this initiative.

Write us (http://www.routingmanifesto.org/contact/) if you want to discuss this further, or simply share your doubts and concerns – that is very helpful, too!

And if you are ready and convinced – Gå med i MANRS idag!!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Routing Security BoF - APRICOT 2018
Routing Security BoF - APRICOT 2018
Mutually Agreed Norms for Routing Security (MANRS)6 March 2018

Routing Security BoF – APRICOT 2018

On Sunday, 25 February, the first day of APRICOT 2018, a "Routing Security BoF" (birds of a feather: An informal...

MANRS, Routing Security, and the Brazilian ISP Community
MANRS, Routing Security, and the Brazilian ISP Community
Mutually Agreed Norms for Routing Security (MANRS)11 December 2017

MANRS, Routing Security, and the Brazilian ISP Community

Last week, I presented MANRS to the IX.BR community. My presentation was part of a bigger theme – the launch...

Routing Security – Getting Better, But No Reason to Rest!
Routing Security – Getting Better, But No Reason to Rest!
Mutually Agreed Norms for Routing Security (MANRS)5 February 2019

Routing Security – Getting Better, But No Reason to Rest!

Editor's note: This is an abridged version of a post that was first published on MANRS.org. Read the full version....

Join the conversation with Internet Society members around the world