Page 91 - SAMENA Trends - May 2020
P. 91
ARTICLE SAMENA TRENDS
ARTICLE
Securing the Internet’s Routing System with MANRS
There are over 3,500 networks in the
SAMENA region, but just 17 are currently
participating in the MANRS initiative with
Bangladesh having the highest number
of MANRS conformant networks with
6. Nevertheless, networks in the region
already show high levels of conformance
with the MANRS Actions and we would
therefore encourage them to lead by
example by publicly demonstrating their
commitment to routing security.
The Internet’s foundation has cracks, and they’re growing.
Every single day, dozens of incidents affect the Internet's
routing system, which can lead to DDoS attacks, traffic
inspection, lost revenue, reputational damage, and more.
Mutually Agreed Norms for Routing Security, or MANRS,
encourages network operators, Internet Exchange Points
(IXPs), Cloud Providers, and Content Delivery Networks (CDNs)
to adopt routing best practices in order to mitigate these
issues and improve the security and resilience of the Internet.
Routing Basics and Security Issues
The Internet is made up of thousands of independently
controlled, interconnected networks called Autonomous Aftab Siddiqui
Systems (ASes). Networks connect to each other using Technical Engagement Manager for Asia-Pacific
Border Gateway Protocol (BGP), which directs traffic across
the Internet. Networks use BGP to exchange “reachability Internet Society
information” – networks they know how to get to - to facilitate
forwarding packets of information from router to router,
typically using the most optimal path.
The problem is that BGP was designed before security was a
consideration, and is entirely based on unverified trust between
networks - namely that an AS will only advertise address
space it legitimately holds, only announce routes that it can
actually reach, and only send packets with correct source IP
addresses.
91 MAY 2020
