Difference between pages "RPKI" and "IRR"

From ICANNWiki
(Difference between pages)
Jump to navigation Jump to search
(Created page with "'''Resource Public Key Infrastructure''' (RPKI) is a framework designed to secure the Border Gateway Protocol. RPKI provides a way to connect Internet number resource...")
 
(Created page with "An '''Internet Routing Registry''' (IRR) is a database of Internet route objects for determining and sharing information for configuring routers and avoiding issues between ...")
 
Line 1: Line 1:
'''Resource Public Key Infrastructure''' (RPKI) is a framework designed to secure the [[BGP|Border Gateway Protocol]]. RPKI provides a way to connect Internet number resource information to a trust anchor. Holders of number resources use RPKI to control the operation of Internet routing protocols to prevent route hijacking and other attacks.<ref>[https://www.apnic.net/community/security/resource-certification/ Resource Certification, APNIC]</ref>
+
An '''Internet Routing Registry''' (IRR) is a database of Internet route objects for determining and sharing information for configuring routers and avoiding issues between [[ISP|Internet service providers]].
Resource Public Key Infrastructure (RPKI), defined in RFC 6810, was proposed to authenticate the relationship between a prefix and its origination.
 
  
In an article on security issues and resolutions for RPKI, [[MANRS]] Fellow Dr. [[Bahaa Al-Musawi]] describes in detail the pros and cons of implementing RPKI,<ref>[https://www.manrs.org/2021/04/2-security-issues-with-rpki-and-how-to-fix-them/ RPKI Security, MANRS]</ref> which include:
+
==List of IRRs==
 +
[[The Internet Routing Registry]], a union of routing policy databases that use the Routing Policy Specification Language ([[RPSL]]), maintains a list of IRRs. <ref>[http://www.irr.net/docs/list.html List of RRs, IRR]</ref>
  
''Advantages'':
+
{|
# reduces route leaks
+
| * [[AFRINIC]] || * [[EPOCH]] || * [[OPENFACE]]
# prevents the propagation of invalid routes
+
|-
# discards invalid routes
+
| * [[ALTDB]] || * [[HOST]] || * [[PANIX]]
 
+
|-
''Problems'':
+
| * [[AOLTW]] || * [[IDNIC]] || * [[RADB]]
# The open-source tool [[Rsync]] is the main way of distributing RPKI data; repositories are vulnerable to [[DoS Attack|Denial of Service attacks]], and few rsync client libraries exist
+
|-
# Unguaranteed updated RPKI data
+
| * [[APNIC]] || * [[JPIRR]] || * [[REACH]]
 +
|-
 +
| * [[ARIN]] || * [[LACNIC]] ||* [[RGNET]]
 +
|-
 +
| * [[ARIN-NONAUTH]] || * [[LEVEL3]] || * [[RIPE]]
 +
|-
 +
| * [[BELL]] || * [[NESTEGG]] || * [[ROGERS]]
 +
|-
 +
| * [[BBOI]] || * [[NTTCOM]] || * [[TC]]
 +
|-
 +
| * [[CANARIE]] ||  ||
 +
|}
  
 
==References==
 
==References==

Revision as of 17:01, 12 May 2021

An Internet Routing Registry (IRR) is a database of Internet route objects for determining and sharing information for configuring routers and avoiding issues between Internet service providers.

List of IRRs

The Internet Routing Registry, a union of routing policy databases that use the Routing Policy Specification Language (RPSL), maintains a list of IRRs. [1]

* AFRINIC * EPOCH * OPENFACE
* ALTDB * HOST * PANIX
* AOLTW * IDNIC * RADB
* APNIC * JPIRR * REACH
* ARIN * LACNIC * RGNET
* ARIN-NONAUTH * LEVEL3 * RIPE
* BELL * NESTEGG * ROGERS
* BBOI * NTTCOM * TC
* CANARIE

References

  1. List of RRs, IRR
Retrieved from "https://icannwiki.org/index.php?title=RPKI&oldid=1312320"