[lacnog] Fwd: [sidr] Announcing BGP Secure Router Extension (BGP-SRx) Prototype Implementation

Arturo Servin aservin en lacnic.net
Dom Oct 9 17:58:07 BRT 2011


Ademas de las implementaciones en Cisco IOS y Juniper JunOS el NIST acaba de liberar una nueva extensión para Quagga.

Saludos,
as

Sent from my mobile device
(please excuse typoss and brevit.)


Begin forwarded message:

> From: "Montgomery, Douglas" <dougm en nist.gov>
> Date: 9 October 2011 14:19:48 GMT-02:00
> To: LIST NANOG <nanog en nanog.org>
> Cc: "sidr en ietf.org" <sidr en ietf.org>
> Subject: [sidr] Announcing BGP Secure Router Extension (BGP-SRx) Prototype Implementation
> 

> Announcing BGP Secure Router Extension (BGP-SRx) Prototype Implementation
> 
> IETF SIDR working group is developing standards for BGP origin validation
> and AS path validation to strengthen the inter-domain routing
> infrastructure. At the IETF 80 in March 2011, NIST made an introductory
> presentation on a prototyping effort called BGP Secure Router Extension
> (BGP-SRx). SRx is an open source reference implementation and research
> platform for investigating emerging BGP security extensions and supporting
> protocols.
> 
> BGP-SRx has three parts: SRx Server, SRx API, and Quagga SRx (integrates
> SRx API into Quagga router). The current focus in the BGP-SRx prototype is
> on origin validation, although it is designed to be be extended to path
> validation in the future (some stub functionality is already included in
> this version).
> 
> The current release implements: The RPKI/Router Protocol and a variety of
> BGP policies for enforcing Route Origin Authorizations (ROAs) conveyed
> from RPKI validating caches.  Also included in the release are test
> client/server test harnesses for RPKI/Router and WireShark modules for
> debugging.
> 
> For more information on BGP-SRx, and to download the prototype and tools,
> see:  http://www-x.antd.nist.gov/bgpsrx/
> 
> For those wanting an easy way to experiment with BGP-SRx, in June we made
> an announcement about the BRITE system (BGPSEC/RPKI Interoperability Test &
> Evaluation): http://mailman.nanog.org/pipermail/nanog/2011-June/038063.html
> 
> You can use BRITE (http://brite.antd.nist.gov/) to run BGP-SRx 
> (or any other implementation) through aseries of test scripts that exercise 
> numerous interesting scenarios for BGP ROA processing under different policy 
> assumptions.
> 
> We will make a presentation at NANOG-53 on Monday (9/10/11) in the ISP Security
> BoF where we will briefly explain the functionalities of both BGP-SRx and
> BRITE and also give demos. Please attend the BoF if you are interested to
> learn more.
> 
> Comments and feedback about SRx and BRITE are welcome.  See the project page
> For details.
> 
> dougm
> -- 
> Doug Montgomery – Mgr. Internet & Scalable Systems Research / ITL / NIST
> 
> _______________________________________________
> sidr mailing list
> sidr en ietf.org
> https://www.ietf.org/mailman/listinfo/sidr
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20111009/59405058/attachment.html>


Más información sobre la lista de distribución LACNOG