Tools for Improving Internet Routing Security

LACNIC has intensified its efforts to develop new tools and implement Internet routing security related actions in order to strengthen network protection mechanisms and guarantee connectivity in Latin America and the Caribbean. This is clear from the tutorial on Secure Routing held during LACNIC 33, with the participation of close to 240 people from 14 different countries of the region.

Guillermo Cicileo opened the tutorial by presenting data on recent routing events and incidents in Latin America and the Caribbean obtained by the FORT project. According to his study, the number of incidents has fallen sharply over the past three years. While in 2017 there was a total of 4,950 incidents, in 2018 they dropped to 3,286 and in 2019 they totaled 2,889. According to Cicileo, “The goal of ​​this type of training is to try to reduce these types of incidents that affect the global Internet.”

He noted that incidents can be caused by route hijacking (when an AS announces a prefix it does not actually originate, whether accidentally or intentionally) and route leaks (the propagation of routing announcements beyond their intended scope).

Cicileo observed that one of the techniques used for incident prevention consists of comparing the announcements received via BGP against external sources. In this sense, he added that there are two technologies that contribute to the prevention of incidents: Internet Routing Registries (IRR) and Resource Public Key Infrastructure (RPKI).

Starting this year, LACNIC has an IRR. In this regard, the expert explained that LACNIC’s IRR is available to all operators in the region who have access to MiLACNIC, a platform that manages IRR information and uses the information already contained in RPKI and the LACNIC registry database. All objects generated in LACNIC’s IRR are public and available through LACNIC’s FTP servers. They can also be queried through different web interfaces and the WHOIS service.

BGP Filtering.

The tutorial continued with Mariela Rocha’s presentation on how BGP works. The LACNIC expert pointed out that BGP basically works by learning and announcing routes. “When an AS announces a prefix, it is letting its neighbors know which prefixes can be reached through this prefix. This is basically how BGP works,” Rocha explained.

She then shared examples of peering, filters and transit, and analyzed practical exercises with the audience.

Practical RPKI

To conclude, Erika Vega spoke about the creation of ROAs and their use and validation with FORT.

Vega presented the FORT validator, which is an open source RPKI validator developed as part of the FORT project, a joint initiative by LACNIC and NIC.MX.

The tool seeks to contribute to the deployment of RPKI to increase routing system security and resilience and develop a monitoring mechanism to study routing incidents in the region and expose intentional hijacks.

Videos of this and the other FTL presentations are available here.