Donate
Improving Routing Security: Introducing Six New MANRS Tutorials Thumbnail
‹ Back
Mutually Agreed Norms for Routing Security (MANRS) 26 February 2018

Improving Routing Security: Introducing Six New MANRS Tutorials

Megan Kruse
By Megan KruseDirector, Partner Engagement and Communications

Routing outages or attacks – such as hijacking, leaks, and spoofing – can lead to stolen data, lost revenue, reputational damage and more, all on a global scale. Routing security is therefore vital to the future and stability of the Internet, and the Mutually Agreed Norms for Routing Security (MANRS) initiative implements crucial fixes. Today, we are pleased to announce a series of six new MANRS tutorials that will help network operators improve both the Internet’s routing security and their own network’s operational efficiency.

These tutorials are intended for network administrators, network engineers, and others with a working knowledge of routing and security who are looking for steps to improve their network’s routing security and to join the growing list of MANRS participants.

About the Tutorials

Module 1: Introduction to MANRS

What is MANRS, and why should you join? MANRS is a global initiative to implement crucial fixes needed to eliminate the most common routing threats. In this module you will learn about vulnerabilities of the Internet routing system and how four simple steps, called MANRS Actions, can help dramatically improve Internet security and reliability.

Module 2: IRRs, RPKI, and PeeringDB

This module helps you understand the databases and repositories MANRS participants should use to document routing policy and maintain contact information. You’ll learn what database objects to use to document routing information related to your network and how to register information in the RPKI system. Finally, you will learn how to use the Peering DB and other databases to publish your contact information.

Module 3: Global Validation: Facilitating validation of routing information on a global scale

In this module, you will learn how to prevent incorrect routing announcements from your customers and your own network. The module explains how filters can be built, including the tools used to build them. It also shows how to signal to other networks which announcements from the network are correct.

Module 4: Filtering: Preventing propagation of incorrect routing information

This module will help you apply anti-spoofing measures within your network. After this module you will be able to identify points/devices in the network topology where anti-spoofing measures should be applied, identify adequate techniques to be used (for example, uRPF, or ACL filtering), configure your devices to prevent IP spoofing, and verify that the protection works.

Module 5: Anti-Spoofing: Preventing traffic with spoofed source IP addresses

This module is to understand how to create and maintain contact information in publicly accessible places. It explains why it is important to publish and maintain contact information, how to publish contact information to Regional Internet Registries (RIRs), Internet Routing Registries (IRRs), and PeeringDB, and what contact information you should publish to a company website.

Module 6: Coordination: Global communication between network operators

This module helps you understand how to enable others to validate route announcements originating from your network by documenting a Network Routing Policy. You’ll learn what a Network Routing Policy is, how to document your organization’s Network Routing Policy and make it publicly available in order to signal to other networks which announcements from your network are correct.

Please go through all six new MANRS tutorials, and get your network ready to join MANRS!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

New Category of CDNs and Cloud Providers Join MANRS to Improve Routing Security
New Category of CDNs and Cloud Providers Join MANRS to Improve Routing Security
Strengthening the Internet31 March 2020

New Category of CDNs and Cloud Providers Join MANRS to Improve Routing Security

Today, we’re proud to announce the new MANRS Content Delivery Network (CDN) and Cloud Programme. This new program broadens support...

Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?
Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?
Improving Technical Security20 November 2014

Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?

It’s been two weeks since we launched the Routing Resilience Manifesto initiative, featuring the Mutually Agreed Norms for Routing Security...

Working with APRICOT to Improve Routing Security
Working with APRICOT to Improve Routing Security
Mutually Agreed Norms for Routing Security (MANRS)25 March 2020

Working with APRICOT to Improve Routing Security

We’re pleased to announce that the Internet Society and the Asia Pacific Network Operators Group Ltd (APNOG) signed a Memorandum...

Join the conversation with Internet Society members around the world