Advanced Routing with RPKI (3 days)
Synopsis
Why are BGP mishaps are very common and frighteningly very easy – malicious route hijacking, mis-origination (fat fingers), and route leaks (bad filters). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.
This workshop will look at at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should all do to secure Internet routing. We will also explore BGP mulithoming techniques for networks looking to peer at an Internet Exchange Point (IXP) or have multi-provider connectivity
Target audience
Technical staff who are building or operating a service provider or enterprise network with international and/or multi-provider connectivity, and considering participation at an Internet Exchange point.
Prerequisites
It is assumed that the workshop participants know:
- have a working knowledge of an IGP (OSPF or IS-IS), and
- how to use a router command line interface.
Knowledge of IPv6 fundamentals (protocol and address structure) and public-key cryptography is helpful.
This workshop is not an introduction. The lab exercises use Cisco IOS configuration syntax.
Academy resources to be completed before start of workshop:
- https://academy.apnic.net/en/course/ipv6-fundamentals/
- https://academy.apnic.net/en/course/routing-fundamentals-course/
Course outline
- BGP Fundamentals recap
- BGP Attributes and Scaling Techniques
- BGP Policy Control
- BGP Operations & Security BCP
- Internet Multihoming Techniques
- RPKI & Route Origin Validation
Other requirements
Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
Maximum number of attendees
40 participants per workshop
Please note
Certificate of participation is provided upon successful completion of the course.