Border Gateway Protocol/Operations

From Citizendium, the Citizens' Compendium
Jump to: navigation, search
This article is developing and not approved.
Main Article
Talk
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
Advanced [?]
Operations [?]
 
More information on Operations relevant to Border Gateway Protocol.

Routing policy consistency

RPSL

Routing registry

Defense against infrastructure attack

In the public Internet, there are attacks both against enterprises that use BGP, typically for multihoming and traffic engineering, and against ISPs, for whom BGP is utterly essential.

Unicast RPF (uRPF)

Unicast reverse path forwarding is a widely used technique, an evolution of access control lists that were harder to maintain and imposed much higher router overhead.[1]

Blackhole route injection into iBGP

Once a specific IP address or range of addresses is shown to be under attack, blackhole route injection is a way to quarantine the attack traffic. It will make the target unusual at the cost of making it unreachable. When the attack traffic is isolated, however, the operator can apply much more powerful diagnostics to circumvent it, and ideally trace it back to its source and defeat it there. In the public Internet, it will usually take cooperation among autonomous systems to defeat an attack. [2]


Sinkholes

Network intrusion analysis

Statistical monitoring for attacks

Internal router metrics from SNMP, external from NetView or equivalent

References

  1. Baker, F. & P. Savola, RFC 3704: Ingress Filtering for Multihomed Networks
  2. Gemberling, Brian W.; Christopher L. Morrow & Barry R. Greene, ISP Security: Real World Techniques (Version 1.0), at 24-36