Towards Increased Security in Interconnection and Peering
Monday May 2nd, 9:30 - 18:00
This tutorial will analyze the basics of Traffic Exchange, Peering, and CDNs, including technical aspects and business relationships. Specific topics to be discussed during this workshop include how, with whom and where to peer, different types of traffic exchange, how to analyze network traffic to make better interconnection decisions, where to register peering sites, and policies and best practices for the use of BGP in peering. The workshop will also provide an overview of the latest tools and best security-related practices in Internet routing security and discuss how to monitor the proper operation of BGP announcements. The tutorial will comprise a hands-on section using virtual labs. Participants are expected to have prior knowledge of how BGP works.
Among topics, the tutorial will address the following:
- Internet traffic, CDNs, eyeballs networks
- Private and public peering
- IXPs: characteristics, types of agreements, forms of interconnection
- An introduction to current Internet routing issues and different ways to secure BGP
- RPKI: creation of ROAs, use, validation using the FORT validator
- IRR: route(6) equivalence with ROAs, AS-SET, examples of utilization
- Best practices for network operators and Internet exchange points, MANRS
- Monitoring BGP and RPKI announcements
Time UTC-5 | Title | Instructors | Presentation | Video |
---|---|---|---|---|
9.00 | Hacia una interconexión y peering más seguros | Erika Vega Guillermo Cicileo |
Presentation | Video 1 |
Nicolás Antoniello | Video 2 | |||
Tutorial: RPKI, not only about signing | Massimo Candela | Presentation | ||
Silvia Chávez | ||||
Santiago Aggio |
Acceso al laboratorio y guía de laboratorio:
Formulario para reservar una instancia de laboratorio:
https://forms.gle/7FMhWqmHmacCp8KX6
Planilla para visualizar el número de grupo que me asignaron:
https://docs.google.com/spreadsheets/d/1XUa5SRjyidrp0cKoa2KAiwdt_rBAzm4cGSIylppBqjk/edit?usp=sharing
Archivo .csv con las contraseñas para los equipos de laboratorio:
https://drive.google.com/file/d/1zSe_NmRZ2bKwFgoRF2GfJLfI6EUx_KM8/view?usp=sharing
Letra con la guía del laboratorio:
https://github.com/LACNOG/rpki-labs/blob/main/lab-configs/RPKI_FRR_Lab_script.md
URL para conectar a la instancia de laboratorio: (sustituir la X de "grpX" por el número de grupo asignado)
https://lacnic37.te-labs.training/grpX-routing-network-globalRPKI-map.html