Estimated reading time: 2 minutes
By Steven Wallace, Internet2 Security Architect
MANRS, IRR, RPKI, ROAs, oh my. Over the last eighteen months, the Internet2 community has steadily improved the security and stability of the research and education (R&E) routing infrastructure through the adoption of Mutually Agreed Norms for Routing Security (MANRS) practices.
Embracing MANRS comes with additional complexity and the requirement to employ additional technologies. Through our work with the community on improving MANRS adoption, with an initial focus on meeting the requirements of I2PX’s peers such as Google and Hurricane Electric, we’ve improved our understanding of what information and pointers can be useful.
That is why we are working on providing a comprehensive one-stop resource for all things related to routing requirements and best practices for the R&E community. This is very much a work in progress, and soon drafts will be circulated for community input, but let me provide a gist of the resource we’re developing.
We will publish a dedicated webpage on the Internet2 website in early 2021 with quick navigation to information and resources specifically compiled with network engineers in mind. Examples of topics that the webpage will cover include:
- Internet2 BGP Peering Requirements and Best Practices: This section will include references to requirements for prefix approval, the need to create a published routing policy (to better explain its meaning and how to meet the requirements), the meaning and use of BGP community values with the Internet2 network, the max length of announced prefixes, a checklist for configuring the peering, among other things.
- Step-by-step guidance on how to:
-publish route-policy using IRR and RPKI;
-view Internet2’s ROV status of your prefixes; and
-expand an as-cone into its constituent ASNs.
- An Internet2 Route Report: This will contain various statistics and metrics of the Internet2 R&E routing table, similar to the global routing report distributed on the NANOG list.
It’s heartening to see Internet2 members embracing practices that improve routing security across the R&E community. Our goal with this new resource is to make these practices more accessible.
I’m looking forward to feedback as we develop the new webpage. If you have suggestions you’d like to share, please get in touch.
View related articles and blog posts: