Donate
Improving Routing Security: Introducing Six New MANRS Tutorials Thumbnail
‹ Back
Mutually Agreed Norms for Routing Security (MANRS) 26 February 2018

Improving Routing Security: Introducing Six New MANRS Tutorials

Megan Kruse
By Megan KruseBusiness Director, Online Trust Alliance

Routing outages or attacks – such as hijacking, leaks, and spoofing – can lead to stolen data, lost revenue, reputational damage and more, all on a global scale. Routing security is therefore vital to the future and stability of the Internet, and the Mutually Agreed Norms for Routing Security (MANRS) initiative implements crucial fixes. Today, we are pleased to announce a series of six new MANRS tutorials that will help network operators improve both the Internet’s routing security and their own network’s operational efficiency.

These tutorials are intended for network administrators, network engineers, and others with a working knowledge of routing and security who are looking for steps to improve their network’s routing security and to join the growing list of MANRS participants.

About the Tutorials

Module 1: Introduction to MANRS

What is MANRS, and why should you join? MANRS is a global initiative to implement crucial fixes needed to eliminate the most common routing threats. In this module you will learn about vulnerabilities of the Internet routing system and how four simple steps, called MANRS Actions, can help dramatically improve Internet security and reliability.

Module 2: IRRs, RPKI, and PeeringDB

This module helps you understand the databases and repositories MANRS participants should use to document routing policy and maintain contact information. You’ll learn what database objects to use to document routing information related to your network and how to register information in the RPKI system. Finally, you will learn how to use the Peering DB and other databases to publish your contact information.

Module 3: Global Validation: Facilitating validation of routing information on a global scale

In this module, you will learn how to prevent incorrect routing announcements from your customers and your own network. The module explains how filters can be built, including the tools used to build them. It also shows how to signal to other networks which announcements from the network are correct.

Module 4: Filtering: Preventing propagation of incorrect routing information

This module will help you apply anti-spoofing measures within your network. After this module you will be able to identify points/devices in the network topology where anti-spoofing measures should be applied, identify adequate techniques to be used (for example, uRPF, or ACL filtering), configure your devices to prevent IP spoofing, and verify that the protection works.

Module 5: Anti-Spoofing: Preventing traffic with spoofed source IP addresses

This module is to understand how to create and maintain contact information in publicly accessible places. It explains why it is important to publish and maintain contact information, how to publish contact information to Regional Internet Registries (RIRs), Internet Routing Registries (IRRs), and PeeringDB, and what contact information you should publish to a company website.

Module 6: Coordination: Global communication between network operators

This module helps you understand how to enable others to validate route announcements originating from your network by documenting a Network Routing Policy. You’ll learn what a Network Routing Policy is, how to document your organization’s Network Routing Policy and make it publicly available in order to signal to other networks which announcements from your network are correct.

Please go through all six new MANRS tutorials, and get your network ready to join MANRS!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?
Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?
Improving Technical Security20 November 2014

Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?

It’s been two weeks since we launched the Routing Resilience Manifesto initiative, featuring the Mutually Agreed Norms for Routing Security...

Securing Routing: MANRS, RPSL & RPKI @ APRICOT 2017
Deploy36024 March 2017

Securing Routing: MANRS, RPSL & RPKI @ APRICOT 2017

To wrap-up our reports on APRICOT 2017, we'd like to highlight the Network Security session that featured our Internet Society colleague...

Improving Routing Security: Microsoft Joins MANRS
Improving Routing Security: Microsoft Joins MANRS
Mutually Agreed Norms for Routing Security (MANRS)22 May 2019

Improving Routing Security: Microsoft Joins MANRS

In November, a routing incident in Nigeria caused Internet traffic to be rerouted through Russia and China. It lasted for...

Join the conversation with Internet Society members around the world