[AusNOG] RFC7454 - "BGP Operations and Security"
Mark ZZZ Smith
markzzzsmith at yahoo.com.au
Thu Apr 16 13:15:25 EST 2015
Hi,
I saw this RFC in passing quite a while back when it was in draft form, and meant to get around to reading it but never did.
I've just discovered it was published back in February, and thought that it would be of interest to people on this list.
RFC7454 - "BGP Operations and Security"
https://tools.ietf.org/html/rfc7454
"Abstract
The Border Gateway Protocol (BGP) is the protocol almost exclusively
used in the Internet to exchange routing information between network
domains. Due to this central nature, it is important to understand
the security measures that can and should be deployed to prevent
accidental or intentional routing disturbances.
This document describes measures to protect the BGP sessions itself
such as Time to Live (TTL), the TCP Authentication Option (TCP-AO),
and control-plane filtering. It also describes measures to better
control the flow of routing information, using prefix filtering and
automation of prefix filters, max-prefix filtering, Autonomous System
(AS) path filtering, route flap dampening, and BGP community
scrubbing."
Regards,
Mark.
More information about the AusNOG
mailing list