Mark Townsley teaching BGP Security
In the course INF566 “Internet Protocol Success” at Ecole Polytechnique, and as part as the curriculum in Advanced Communication Networks, I, my colleague Mark Townsley, and again with expert assistance from Jean-Louis Rougier, are teaching “enterprise-grade Internet Routing”. Starting with an understanding of peering and network tiers, of the business relationships that these entail, and of the Internet Peering Ecosystem, we’re digging into the technical difficulties and details.
Jonathan Zittrain’s fantastic TEDTalk on “Random Acts of Kindness” provides (other than a moment of entertainment) an exceptionally well scoped motivating example for the rest of this lecture: when Pakistani blackholed Youtube for the whole Internet, and the Internet operator geeks came together and “fixed the problem”.
In Zittrain’s words, fortunately there was no StarTrek convention going on that day – so the “geeks” were available to solve that problem – and, in a mere two hours…
Jonathan Zittrain and Random Acts of Kindness
But, in keeping with this metaphor: what if there had been a StarTrek convention going on? How can the Internet routing system be secured to (on this front) replace “random act of kindness” with technology? We’re exploring AS-Path Validation, Origin Validation, RPKI – and other than adressing the Pakistani Telecom case, are also discussing other ways in which the Internet has been taken down over the years: the AS 7007 accident from 1997, the China Telecom 2010 traffic hijacking incident, the Lapela/Polosov attack, etc. That’s all part of this class – which also, under the broad topic of “Enterprise Grade Routing” will include the technical aspects of IGPs, practical exercises on BGP, etc. … and which, otherwise, also includes topics such as “Advanced Problems in Transport”.
As always in this course, we’re doing an RFC5218-analysis of all the technology we encounter.