some available rpki tools
play

Some Available RPKI Tools Benno Overeinder Carlos Martinez Cagnazzo - PowerPoint PPT Presentation

Jan 15, 2023 •194 likes •305 views

Some Available RPKI Tools Benno Overeinder Carlos Martinez Cagnazzo SIDR IETF87 @Berlin 1 Thursday, August 1, 13 RPKI Tools The authors believe the information already contained in the RPKI has value in itself, even for operators not

  1. Some Available RPKI Tools Benno Overeinder Carlos Martinez Cagnazzo SIDR IETF87 @Berlin 1 Thursday, August 1, 13

  2. RPKI Tools • The authors believe the information already contained in the RPKI has value in itself, even for operators not able / not willing to run OV in their routers at this time • We believe there is a gap in the available tools that currently prevents this from being realized. • We believe in enabling and encouraging alternative use cases for the information already stored in the RPKI • There is a perceived need for better monitoring tools • We look forward to feedback from all users as to which directions tool development should follow 2 Thursday, August 1, 13

  3. Tool #1: Origin Validation LG • Goals • Ability to display and showcase the current status of RPKI deployment • Enable possible uses of RPKI without having to enable OV in routers just yet • Check proper resource usage rights when establishing peering relationships • Automating alarms 3 Thursday, August 1, 13

  4. Origin Validation LG Available at: http://www.labs.lacnic.net/rpkitools/looking_glass/ • Screen shot 4 Thursday, August 1, 13

  5. Origin Validation LG 5 Thursday, August 1, 13

  6. Origin Validation LG • Allows searching dataset by prefix, expected origin ASN as per ROAs, currently-seen origin ASN and filtering by valid / invalid • Web-friendly or machine-readable output. Queries are bookmarkable • Enables additional RPKI usage scenarios: • #1: When establishing peering relationships, parties can manually check ROA data and use it configure peering session • #2: Automate some infrastructure checks 6 Thursday, August 1, 13

  7. Tool #2: The RPKI Dashboard • [Over to Benno] 7 Thursday, August 1, 13

  8. Tool #3: The ROA Wizard User enters his/ hers LACNIC ORG-ID UY-ANTA-LACNIC 8 Thursday, August 1, 13

  9. The ROA Wizard • Allows easy ROA previewing, no login needed (i.e. can be used by ops engineers with no portal login rights) • If you have the login, you can create the detected ROA in two clicks 9 Thursday, August 1, 13

  10. A ROA to BGP prefix list ‘converter’ 10 Thursday, August 1, 13

  11. Thanks ! Thursday, August 1, 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A study of RPKI deployment and discussion for improvement RPKI is Coming of Age Taejoong (Tijay)

A study of RPKI deployment and discussion for improvement RPKI is Coming of Age Taejoong (Tijay)

A study of RPKI deployment and discussion for improvement RPKI is Coming of Age Taejoong (Tijay) Chung (https://tijay.github.io) Assistant Professor Rochester Institute of Technology 1 Outlines RPKI deployment and invalid route origins

583 views • 43 slides
Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing

Protecting Routing w ith RPKI Mark Kosters, ARIN CTO @ TeamARIN Agenda Operational routing RPKI Statistics challenges IRR Status Do we have a Research solution? Opportunities Using ARINs RPKI components @

889 views • 51 slides
AARON MURRIHY aaron.murrihy@reannz.co.nz 1 Apricot 2020 RPKI Feb 20 ABOUT US 2 Apricot

AARON MURRIHY aaron.murrihy@reannz.co.nz 1 Apricot 2020 RPKI Feb 20 ABOUT US 2 Apricot

SECURING THE INTERNET VALIDATING ROUTING WITH RPKI AARON MURRIHY aaron.murrihy@reannz.co.nz 1 Apricot 2020 RPKI Feb 20 ABOUT US 2 Apricot 2020 RPKI Feb 20 ABOUT REANNZ New Zealands NREN Engineering team of 7

662 views • 54 slides
From the Consent of the Routed: Improving the Transparency of the RPKI. Ethan Heilman Danny

From the Consent of the Routed: Improving the Transparency of the RPKI. Ethan Heilman Danny

From the Consent of the Routed: Improving the Transparency of the RPKI. Ethan Heilman Danny Cooper Leonid Reyzin Sharon Goldberg Boston University Aug 2014 Overview Motivation: The RPKI* (2011 to present) secures interdomain routing,

660 views • 27 slides
Overcoming Legal Barriers to RPKI Adoption Christopher S. Yoo University of Pennsylvania

Overcoming Legal Barriers to RPKI Adoption Christopher S. Yoo University of Pennsylvania

Overcoming Legal Barriers to RPKI Adoption Christopher S. Yoo University of Pennsylvania December 10, 2019 Research supported by NSF EAGER Award #1748362 Global RPKI Deployment ASes Validating Routes 5%, 5 3%, 3 9%, 8 12%, 11 71%, 65

216 views • 8 slides
RPKI and Routing Security Presentation | September 2015 Yerevan Regional Meeting Routing

RPKI and Routing Security Presentation | September 2015 Yerevan Regional Meeting Routing

RPKI and Routing Security Presentation | September 2015 Yerevan Regional Meeting Routing Security 2 Routing Registry route objects RPKI (Resource Public Key Infrastructure) ROAs (Route Origin Authorisation) RPKI and Routing

422 views • 31 slides
RPKI A quick configuration intro Massimiliano Stucchi | 19th January 2016 | UKNOF33 RPKI

RPKI A quick configuration intro Massimiliano Stucchi | 19th January 2016 | UKNOF33 RPKI

RPKI A quick configuration intro Massimiliano Stucchi | 19th January 2016 | UKNOF33 RPKI Overview Massimiliano Stucchi - RIPE NCC | 19th January 2016 | UKNOF33 2 Simply put 3 parts - Create certificates - Install/run validator -

562 views • 17 slides
Limiting the Power of RPKI Authorities Kris Shrishak Haya Shulman TU Darmstadt and Fraunhofer

Limiting the Power of RPKI Authorities Kris Shrishak Haya Shulman TU Darmstadt and Fraunhofer

Applied Networking Research Workshop 2020 acm sigcomm Limiting the Power of RPKI Authorities Kris Shrishak Haya Shulman TU Darmstadt and Fraunhofer SIT Motivation - Resource Public Key Infrastructure (RPKI) secures the interdomain routing

586 views • 39 slides
Research and Innovation By Alain P. AINA 03/12/2015 Department objectives RPKI v2.0

Research and Innovation By Alain P. AINA 03/12/2015 Department objectives RPKI v2.0

Research and Innovation By Alain P. AINA 03/12/2015 Department objectives RPKI v2.0 Project: New RPKI system DNSSEC v2.0 Project: New DNSSEC signer IETF activities: Identity and join key WGs and RGs African Internet Resources

308 views • 13 slides
A Few Months In The Life Of An RPKI Introduction Validator Performance Graphs Object Counts

A Few Months In The Life Of An RPKI Introduction Validator Performance Graphs Object Counts

A Few Months In The Life Of An RPKI Validator http://rpki.net/ A Few Months In The Life Of An RPKI Introduction Validator Performance Graphs Object Counts Connection Counts Objects/Connection Seconds/Object Rob Austein

663 views • 32 slides
Implementing RPKI-based origin validation one country at a time. The Ecuadorian case study.

Implementing RPKI-based origin validation one country at a time. The Ecuadorian case study.

Implementing RPKI-based origin validation one country at a time. The Ecuadorian case study. IETF 89 LONDRES MARCH 2014 Fabin Meja Why and who? BGP origin validation based on RPKI is in early stages of deployment. It is necessary to

314 views • 13 slides
MaxLength Considered Harmful to the RPKI Yossi Gilad, Omar Sagga , Sharon Goldberg Boston

MaxLength Considered Harmful to the RPKI Yossi Gilad, Omar Sagga , Sharon Goldberg Boston

MaxLength Considered Harmful to the RPKI Yossi Gilad, Omar Sagga , Sharon Goldberg Boston University Outline Background How does BGP work? How does RPKI work? What is the maxLength? How maxLength causes problems

741 views • 34 slides
Key Rollover for the RPKI Steve Kent (Channeling Geoff

Key Rollover for the RPKI Steve Kent (Channeling Geoff

Key Rollover for the RPKI Steve Kent (Channeling Geoff Huston ) Key Rollover Document New doc: draC-huston-sidr-aao-profile-0-

494 views • 14 slides
Secure Routing with RPKI: Status, Challenges and the Smart-Validator Amir Herzberg Univ of

Secure Routing with RPKI: Status, Challenges and the Smart-Validator Amir Herzberg Univ of

Secure Routing with RPKI: Status, Challenges and the Smart-Validator Amir Herzberg Univ of Connec2cut, Bar Ilan Univ, Fraunhofer SIT Joint project with Tomas Hlavacek, Yafim Kazak, Rafi Peretz, Fabian Sauer and Haya Shulman Route-Hijacking:

687 views • 36 slides
BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec

BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec

Advanced Network Security BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec Startng (almost) from scratch 2 Autonomous systems (AS) Internet is divided into Autonomous Systems (AS) Controlled by

815 views • 39 slides
The Current State of DNS Resolvers and RPKI Protection By Erik Dekker and Marius Brouwer 1

The Current State of DNS Resolvers and RPKI Protection By Erik Dekker and Marius Brouwer 1

The Current State of DNS Resolvers and RPKI Protection By Erik Dekker and Marius Brouwer 1 Motivation Why is this research important? 2 Motivation BGP is old First RFC was published in 1989 (RFC 1105) BGP was developed in times

457 views • 28 slides
DUNE Cold Cable Status J. Kierstead Brookhaven National Laboratory Cold Cable DUNE

DUNE Cold Cable Status J. Kierstead Brookhaven National Laboratory Cold Cable DUNE

DUNE Cold Cable Status J. Kierstead Brookhaven National Laboratory Cold Cable DUNE Specification Cold cable development for DUNE has been Specification Matrix progressing with SBND in parallel for the past few months Shown is a

131 views • 9 slides
Number Theory MS-E1110 (5 cr) Course Presentation Lecturer: Camilla Hollanti TA: Taoufiq Damir

Number Theory MS-E1110 (5 cr) Course Presentation Lecturer: Camilla Hollanti TA: Taoufiq Damir

Number Theory MS-E1110 (5 cr) Course Presentation Lecturer: Camilla Hollanti TA: Taoufiq Damir Contact emails: {mohamed.damir, camilla.hollanti}@aalto.fi Taoufiqs room: Y249a (reception hours Tuesdays 14-16) Camillas room: Y239

503 views • 9 slides
Unsupervised learning of natural language morphology John Goldsmith March 1 , 2010

Unsupervised learning of natural language morphology John Goldsmith March 1 , 2010

Unsupervised learning of natural language morphology John Goldsmith March 1 , 2010 http://linguistica.uchicago.edu Word discovery A good deal of work beginning in the late 1960 s. Two widely-cited MIT dissertations in the mid 1990 s on this, by

307 views • 6 slides
Theory and Applications of Boosting Yoav Freund UCSD 2 1 0 2 l o o h c S r e m m

Theory and Applications of Boosting Yoav Freund UCSD 2 1 0 2 l o o h c S r e m m

Theory and Applications of Boosting Yoav Freund UCSD 2 1 0 2 l o o h c S r e m m Many slides from Rob Schapire u S z u r C a t n a S Monday, July 16, 2012 0 1 2 m e r S c h o o l 2 a C r u z S u m

1.14k views • 53 slides
Draft 1 Delay Predictors in Multi-skill Call Centers: An Empirical Comparison with Real Data

Draft 1 Delay Predictors in Multi-skill Call Centers: An Empirical Comparison with Real Data

Draft 1 Delay Predictors in Multi-skill Call Centers: An Empirical Comparison with Real Data Mamadou Thiongane University Cheikh Anta Diop, Dakar, Senegal Wyean Chan, Pierre LEcuyer University of Montreal, Montr eal QC, Canada ICORES

650 views • 39 slides
AFRICACRYPT 2011 Call for Papers AFRICACRYPT 2011 Call for Papers Africacrypt 2011 You are

AFRICACRYPT 2011 Call for Papers AFRICACRYPT 2011 Call for Papers Africacrypt 2011 You are

AFRICACRYPT 2011 Call for Papers AFRICACRYPT 2011 Call for Papers Africacrypt 2011 You are cordially invited to the fourth Africacrypt . AFRICACRYPT 2011 Call for Papers Africacrypt 2011 Place Africacrypt 2011 will be held in Dakar, Senegal.

368 views • 17 slides
Different Approaches to Morse-Bott Homology David Hurtubise with Augustin Banyaga Penn State

Different Approaches to Morse-Bott Homology David Hurtubise with Augustin Banyaga Penn State

Perturbations Spectral sequences Cascades Multicomplexes Different Approaches to Morse-Bott Homology David Hurtubise with Augustin Banyaga Penn State Altoona math.aa.psu.edu Universit e Cheikh Anta Diop de Dakar, Senegal May 19, 2012

985 views • 76 slides
I ntroduction / Standard digital control loop Actuator Physical System Sensor

I ntroduction / Standard digital control loop Actuator Physical System Sensor

I ntroduction / Standard digital control loop Actuator Physical System Sensor Resource-aware control Maurice Heemels Controller ! All control tasks executed periodically and triggered by time th oCPS PhD School on CPS,

271 views • 26 slides

More recommend