Meet the Falcons - RIPE 71

Meet the Falcons - RIPE 71

Meet the Falcons Ciprian Marginean [email protected] Aris Lambrianidis [email protected] What are the Falcons?

A new pair of route servers Based on BIRD (Cisco does not scale easily nor support all features) Available only in Amsterdam (for now) Why go to the trouble? Prefix hijack (or misconfiguration) mitigation

no mechanism has been specified within BGP to validate the authority of an AS to announce NLRI information (prefixes) (RFC4272 3.2) How do we do it? RPKI validation (RFC6480) BGP community tagging based on RPKI status

(valid, invalid, unknown) IRRdb object filtering or tagging Whats new to the Falcons? Feature

BGP community based routing policies IRRdb based routing policies Inbound Routing Policies RPKI prefix validation and filtering IRRdb prefix validation and filtering AS Path prepending

Legacy Falcon Is it difficult to configure? One more click

The stats Active peers: 35 Valid:92 Invalid:15

Invalid: 467 ROA Unknown:1524 IRRdb

Valid:11 64 Key take aways? Lower the barrier for customers needing more tools to make security focused decisions

The routing policy is still controlled by the customer The Falcons are running in production in parallel with existing ones Key take aways? Lower the barrier for customers needing more tools to make security focused decisions

The routing policy is still controlled by the customer The Falcons are running in production in parallel with existing ones Key take aways? Lower the barrier for customers needing more

tools to make security focused decisions The routing policy is still controlled by the customer The Falcons are running in production in parallel with existing ones Will there be anything else, sir?

Highly flexible, per peer BGP attribute manipulation using communities: set MED set ORIGIN set prepend AS BGP ADD-PATH More configuration options: (IRRDB or Web portal)+

communities DDoS attack mitigation L2 filtering Any questions? This is still WiP, any feedback is welcome!

[email protected]

Recently Viewed Presentations