Rough Guide to IETF 98: Internet Infrastructure Resilience Thumbnail
‹ Back
IETF 20 March 2017

Rough Guide to IETF 98: Internet Infrastructure Resilience

Andrei Robachevsky
By Andrei RobachevskySenior Director, Technology Programmes

Let’s look at what’s happening in the area of Internet infrastructure resilience in the IETF and at the upcoming IETF 98 meeting. My focus here is primarily on the routing and forwarding planes and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There is interesting and important work underway at the IETF that can help address problems in both areas.

DDoS attacks are a persistent and growing threat on the Internet. And as DDoS attacks evolve rapidly in the aspect of volume and sophistication, a more efficient cooperation between the victims and parties that can help in mitigating such attacks is required. The ability to quickly and precisely respond to a beginning attack, communicating the exact information to the mitigation service providers is crucial.

Addressing this challenge is what keeps the DDoS Open Threat Signaling (DOTS, WG busy. The goal of the group is to develop a communications protocol intended to facilitate the programmatic, coordinated mitigation of such attacks via a standards-based mechanism. This protocol should support requests for DDoS mitigation services and status updates across inter-organizational administrative boundaries. Specifications outlining the requirements, architecture and the use cases for DOTS are maturing and will be discussed at the meeting.

Draft “Inter-organization cooperative DDoS protection mechanism” ( goes further than communication between a victim and a mitigation service provider. It attempts to describe possible mechanisms that implement the cooperative inter-organization DDoS protection by DOTS protocol, leveraging the capacity of the protection by sharing the resources among several organizations.

A recently chartered SIDR Operations Working Group (SIDROPS) has taken over the technology developed in the SIDR WG and is focused on developing guidelines for the operation of SIDR-aware networks, and providing operational guidance on how to deploy and operate SIDR technologies in existing and new networks. The working group meets for the first time and will, among other things, discuss mitigation mechanisms for route leaks.

There are still two proposals addressing the route leak problem. One is an IDR WG document, “Methods for Detection and Mitigation of BGP Route Leaks” (, where the authors suggest an enhancement to BGP that would extend the route-leak detection and mitigation capability of BGPSEC. Another is an independent submission, “Route Leak Detection and Filtering using Roles in Update and Open messages” ( This proposal enhances the BGP Open message to establish an agreement of the (peer, customer, provider, internal) relationship of two BGP neighboring speakers in order to enforce appropriate configuration on both sides. Propagated routes are then marked with a flag according to agreed relationship allowing detection and mitigation of route leaks. An updated version of the specification allows signaling a potential leak more than one hop away.

Both proposals will be discussed at the SIDROPS as well as at the IDR WG sessions.

Another item that can certainly contribute to better resilience of an IXP infrastructure and is on the agenda of the IDR WG session is a proposal, “Making Route Servers Aware of Data Link Failures at IXPs” ( When route servers are used, the data plane is not congruent with the control plane. Therefore, the peers on the Internet exchange can lose data connectivity without the control plane being aware of it, and packets are dropped on the floor. This document proposes a means for the peers to verify connectivity amongst themselves, and a means of communicating the knowledge of the failure back to the route server.

To summarize – there is important work underway at the IETF that will hopefully lead to a more resilient and secure Internet infrastructure.

Related Working Groups at IETF 98

SIDROPS (SIDR Operations) WG
Tuesday, 28 March, 14:50-16:20, Zurich C

GROW (Global Routing Operations) WG
Monday, 27 March, 17:10-18:10, Zurich G

IDR (Inter-Domain Routing Working Group) WG
Friday, 31 March, 09:00-11:30, Zurich G

DOTS (DDoS Open Threat Signaling) WG
Tuesday, 28 March, 16:40-18:40, Zurich G

Follow Us

There’s a lot going on in Chicago, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

About Internet Society 30 November 2020

Internet Society Continues Strong Support for the IETF’s Critical Work on Open Standards

Open standards and the role they play are an important part of what makes the Internet the Internet. A...

IETF 23 March 2020

IETF 107 Starts Today as a Virtual Meeting

Later today, the 107th meeting of the Internet Engineering Task Force (IETF) will begin its working group sessions in...

IETF 15 November 2019

IETF 106 Begins Nov 16 in Singapore – Here is how you can participate remotely in building open Internet standards

Starting Saturday, November 16, 2019, the 106th meeting of the Internet Engineering Task Force (IETF) will begin in Singapore....

Join the conversation with Internet Society members around the world