In order to protect network routes in the Asia-Pacific region against spoofed route advertisements, APNIC has rolled out a feature to pre-validate route information before it is disseminated over the Internet.
Enterprise system administrators are well aware of what happens if a network operator mistakenly declares themselves to be the best route for their network: traffic black-holes and they are cut off from the Internet until the situation is resolved. .
This is because the Border Gateway Protocol (BGP), one of the foundation protocols of the Internet, was designed in an era when networks assumed that other networks could be trusted.
Hence APNIC’s decision to implement Route Management Prevalidation (RMP), a way for bodies accepting and redistributing BGP announcements to alert the operator if something goes wrong.
As explained in APNIC’s blog post, “Users will receive a warning if they attempt to submit route management changes to MyAPNIC whereby any of their current BGP announcements will be considered ‘RPKI-invalid’.”
“Users can then make adjustments as needed and as a result avoid running into reusability issues and the like.”
By validating when ROA changes occur, it should be possible to reduce RPKI-invalid.
See what APNIC is doing to help this https://t.co/IFsDQs7xLx pic.twitter.com/7OPI0UI8Ko
— APNIC (@apnic) 11 April 2022
The author of that post, APNIC Product and Distribution Manager – Registry Products, talked to Tom Harrison. iTnews About how RMP will work when it is enabled.
When a network operator tries to make a route announcement, for example that they should receive traffic for 10.0.0.0/24 AS124 (the IP address blocks in this autonomous system number), “the system is basically going to have that rule.” will determine the effect,” he said.
Harrison said “if that role for AS124 would violate a rule for AS123”, the network operator would be warned before proceeding.
It’s as simple as warning one operator, “This is going to invalidate someone else’s declaration. Do you want to move on?”, he explained.
For something as important as keeping the Internet’s routing infrastructure stable, it would at first glance seem like the wrong thing to do to leave the operator able to override the prevalidation system.
Not so, Harrison explained.
Route verification has not yet been widely deployed – RIPE (Registry for Europe, the Middle East, and some Central Asia) is the only other organization running it, as far as Harrison knows.
So there are large parts of the Internet where bad route announcements can still be used for network disruption or espionage (for example, researchers accused China of systematic network hijacking in 2018).
Harrison said a network operator should be able to override the route verification warning, in order to be able to reverse accidental or intentional hijackings.
The route verification process was first described in 2012 in Internet RFC 6483.
It has since been included in the cooperative effort of international network operators, a set of agreements to adopt Mutually Agreed Norms for Routing Security (MANRS), practices that prevent instability in the BGP system.