Donate
Routing Health Measurement BoF @ RIPE 75 Thumbnail
‹ Back
Deploy360 10 December 2017

Routing Health Measurement BoF @ RIPE 75

Kevin Meynell
By Kevin MeynellManager, Technical and Operational Engagements

Jan Žorž and Kevin Meynell from the Deploy360 team, with support from Andrei Robachevsky and Benno Overreinder (NLnet Labs), hosted a BoF session on ‘Internet Routing Health’ during the RIPE 75 meeting on 22 October 2017 in Dubai, United Arab Emirates. This discussed ideas for measuring the health of the Internet routing system, in order to obtain empirical data to strengthen the case for collaborative routing security which is the rationale behind the MANRS initiative.

The BoF attracted 20 participants variously drawn from commercial network operators and cloud providers, Regional Internet Registries (RIRs), and academia, and proved to be a lively session with some interesting and arguably controversial suggestions. In fact, the outcome ended up being somewhat different from the original objectives of the BoF, but in the true spirit of the bottom-up process.

There was a consensus that there was little purpose in trying to devise metrics to measure the health of the Internet routing system before identifying why previous and current attempts to address the issue of route leaks, hijacks and general BGP churn were essentially failures. Indeed, less than 2% of IP prefixes cause 90% of the BGP routing updates, so the problem lies with a relatively small number of networks. In addition, any mechanisms and metrics for identifying route misconfiguration or hijacking cannot generate too many false positives if they’re going to be useful, and must be lightweight enough not to affect the basic functioning and scalability of Border Gateway Protocol (BGP).

[BGP is the standard mechanism for exchange reachability and routing information amongst different networks (Autonomous Systems or AS) on the Internet.]

There was also some consensus that the RPKI (Resource Public Key Infrastructure) that provides a mechanism to validate the ownership of IP addresses and AS numbers against established trust anchors (provided by the RIRs), was not addressing the problem and there should be some neutral and dispassionate analysis as to why it currently had such limited deployment. This should include an evaluation of the prospects for BGPsec which offers cryptographic attestation of routing paths, but will require support to be added in routers and which introduces significant processing overhead.

To this end, it was felt any analysis should primarily focus on the vendor and network operator industries to understand what the specific concerns were, how would they address the issues or do they even think the issues need solving, and what can be done better? The Internet Society was therefore asked by the participants to organise series of stakeholder workshops as a neutral, independent, and dispassionate third-party.

Of course, the BoF only reflected a relatively small cross-section of those involved in Internet routing, so further consultations will be necessary before deciding exactly how to proceed. But it nevertheless provided some useful feedback on the issues and concerns of some of those deploying routing systems.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

RIPE 75: IoT & Routing Security
RIPE 75: IoT & Routing Security
Deploy3601 November 2017

RIPE 75: IoT & Routing Security

RIPE 75 was held on 22-26 October 2017 in Dubai, United Arab Emirates, and was the second time the meeting...

BCOP BoF to be held at APRICOT 2017
Deploy36016 February 2017

BCOP BoF to be held at APRICOT 2017

The Deploy360 team will be organising a BoF on Best Current Operational Practices (BCOP) during APRICOT 2017 in Ho Chi...

RIPE 75 starts in Dubai next week
RIPE 75 starts in Dubai next week
Deploy36020 October 2017

RIPE 75 starts in Dubai next week

The RIPE 75 meeting is happening next week in Dubai, United Arab Emirates, and it's going to be a busy week for...

Join the conversation with Internet Society members around the world