We already discussed the MANRS activities during SANOG 32 where we organised a Network Security Workshop and signed an MoU with the ISP Association of Bangladesh (ISPAB), but the Internet Society was also involved with three other events during the month of August. This included the Symposium on Internet Routing Security and RPKI, VNIX-NOG 2018 and the inaugural INNOG 1.
Symposium on Internet Routing Security and RPKI
ZDNS along with CNCERT organised a symposium on 17th August at Crowne Plaza Beijing to discuss routing security issues and how RPKI can help address this problem. There were many prominent participants representing local, regional and international entities including Baidu, Tencent, Alibaba, Huawei, ZTE, the Chinese Academy of Sciences, APNIC, ICANN, along with the Internet Society.
Dr Stephen Kent (BBN) was the keynote speaker, having played an important role in the SIDR (Secure Internet Domain Routing) Working Group at the IETF (Internet Engineering Task Force) and also co-authored many RFCs (Request for Comments) on RPKI. He discussed the ideas behind RPKI and Route Origin Authorization/Validation.
George Michaelson (APNIC) who along with his colleague Geoff Huston co-authored RFC 6483 – Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs) – followed this with a presentation on the status of RPKI deployment in the region with specific focus on China. CNNIC, the National Internet Registry (NIR) of China, only started offering ROA services in November 2017, so there is currently limited uptake, which is why the symposium is hoping to raise awareness of the importance of implementing RPKI.
I then outlined some of practical issues that network operators need to consider when deploying Route Origin Validation, as well as highlighting how the issues related to unallocated IPv4/v6 address space (aka Bogons) can be addressed.
VNIX-NOG 2018
The VNIX Network Operators Group Conference (VNIX-NOG) was held on 24 August 2018 in Danang City, Vietnam. This annual event is organised by the Vietnam Internet Network Information Centre (VNNIC), a National Internet Registry, and has become an important focus for local community to improve understanding and knowledge, and offers a platform to discuss information security issues relevant to Vietnam.
The theme of this year’s event was Routing Security, and Srinivas Chendi (APNIC) provided some background on RPKI, whilst Hiroki Kawabata (JPNIC) shared JPNIC’s experience of deploying RPKI for.
I then presented the ‘Routing Security landscape‘ that highlights the issues of BGP hijacks and leaks and how it would be beneficial for ISPs to join MANRS initiative. Very interestingly, not a single service provider in Vietnam advertises any IPv4/v6 Bogon.
INNOG 1
The ISP Association of India (ISPAI) organised the inaugural Indian NOG (INNOG) in the capital city of New Delhi. The event comprised three days of workshops (27-29 August 2018) and a one-day conference (30 August).
The Internet Society supported the Network Security workshop with our community trainers Moinur Rehman and Anirban Data, and turned to be fully booked. Our colleague Subhashish Panigrahi presented the MANRS initiative and highlighted the routing issues impacting Indian ISPs and enterprises, as well as the simple steps can be taken to address the problems.
Following this on 3 September 2018, the Internet Society signed a MoU with the ISP Association of India (ISPAI) in order to promote the MANRS principles and encourage member ISPs to sign-up as MANRS participants. The MoU was signed by Rajnesh Singh (ISOC Regional Bureau Director for the Asia-Pacific region) and Rajesh Chhariya (President ISPAI) and will give a great boost to improving the routing security situation in India.
AusNOG 2018
I also participated in AusNOG 2018, the Australian Network Operators’ Group, on 30-31 August 2018 in Sydney, Australia. A number of interesting announcements were made here, which will be the subject of a separate forthcoming blog.
Further Information