Routing

Routing is the process of selecting a path for traffic in a network or between or across multiple networks.

Internet Routing Registries

There are at least 25 IRRs registering and executing routing policies that

• offer public descriptions of the relationship between external and internal Border Gateway Protocol peers,
• offer Documentation,
• provide routing security,
• allow automatic generation of router configurations,
• provide a debugging aid,
• publish routing intentions,
• construct and maintain routing filters and router configurations, and
• share diagnostic and information service for general network management.^[1]

Routing Incidents Types

Border Gateway Protocol (BGP) is a key tool for Internet connection redundancy, enabling data communications between large networks operated by different organizations. However, one bad move can lead to a major blackout.^[2] Possible causes could be:

• Misconfiguration
• Malicious
• Targeted Traffic Misdirection

Timeline of Major Incidents

Routing Security

In June 2022, the SSAC released SAC121, which provides information on:

• the Internet’s routing system,
• routing security challenges for DNS infrastructure operators and their implications,
• the role of network operators in securing the Internet's routing system, and
• security extensions of the border gateway protocol.
  

Attackers can inject false routes or information into the routing system. Mistakes can occur through misconfiguration, making it difficult to determine whether a routing incident was intentional or not. Performing DNSSEC validation on signed domain names can protect against routing hijacks. The RPKI builds upon the earlier work of routing registries by associating digital signatures with some of the information found in Internet routing messages. MANRS is one of many security responses to routing issues^[3]; SAC121 is for a much broader audience.^[4]

References