Deploy360 Mutually Agreed Norms for Routing Security (MANRS) Securing Border Gateway Protocol (BGP)

Routing Health Measurement BoF @ RIPE 75

Jan Žorž and Kevin Meynell from the Deploy360 team, with support from Andrei Robachevsky and Benno Overreinder (NLnet Labs), hosted a BoF session on ‘Internet Routing Health’ during the RIPE 75 meeting on 22 October 2017 in Dubai, United Arab Emirates. This discussed ideas for measuring the health of the Internet routing system, in order to obtain empirical data to strengthen the case for collaborative routing security which is the rationale behind the MANRS initiative.

The BoF attracted 20 participants variously drawn from commercial network operators and cloud providers, Regional Internet Registries (RIRs), and academia, and proved to be a lively session with some interesting and arguably controversial suggestions. In fact, the outcome ended up being somewhat different from the original objectives of the BoF, but in the true spirit of the bottom-up process.

There was a consensus that there was little purpose in trying to devise metrics to measure the health of the Internet routing system before identifying why previous and current attempts to address the issue of route leaks, hijacks and general BGP churn were essentially failures. Indeed, less than 2% of IP prefixes cause 90% of the BGP routing updates, so the problem lies with a relatively small number of networks. In addition, any mechanisms and metrics for identifying route misconfiguration or hijacking cannot generate too many false positives if they’re going to be useful, and must be lightweight enough not to affect the basic functioning and scalability of Border Gateway Protocol (BGP).

[BGP is the standard mechanism for exchange reachability and routing information amongst different networks (Autonomous Systems or AS) on the Internet.]

There was also some consensus that the RPKI (Resource Public Key Infrastructure) that provides a mechanism to validate the ownership of IP addresses and AS numbers against established trust anchors (provided by the RIRs), was not addressing the problem and there should be some neutral and dispassionate analysis as to why it currently had such limited deployment. This should include an evaluation of the prospects for BGPsec which offers cryptographic attestation of routing paths, but will require support to be added in routers and which introduces significant processing overhead.

To this end, it was felt any analysis should primarily focus on the vendor and network operator industries to understand what the specific concerns were, how would they address the issues or do they even think the issues need solving, and what can be done better? The Internet Society was therefore asked by the participants to organise series of stakeholder workshops as a neutral, independent, and dispassionate third-party.

Of course, the BoF only reflected a relatively small cross-section of those involved in Internet routing, so further consultations will be necessary before deciding exactly how to proceed. But it nevertheless provided some useful feedback on the issues and concerns of some of those deploying routing systems.