Measuring BGP Route Origin Registration and Validation

Iamartino, Daniele; Pelsser, Cristel; Bush, Randy

doi:10.1007/978-3-319-15509-8_3

Daniele Iamartino^15,16,
Cristel Pelsser¹⁵ &
Randy Bush¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 8995))

Included in the following conference series:

International Conference on Passive and Active Network Measurement

2279 Accesses
12 Citations

Abstract

BGP, the de-facto inter-domain routing protocol, was designed without considering security. Recently, network operators have experienced hijacks of their network prefixes, often due to BGP misconfiguration by other operators, sometimes maliciously. In order to address this, prefix origin validation, based on a RPKI infrastructure, was proposed and developed. Today, many organizations are registering their data in the RPKI to protect their prefixes from accidental mis-origination. However, some organizations submit incorrect information to the RPKI repositories or announce prefixes that do not exactly match what they registered. Also, the RPKI repositories of Internet registries are not operationally reliable. The aim of this work is to reveal these problems via measurement. We show how important they are, try to understand the main causes of errors, and explore possible solutions. In this longitudinal study, we see the impact of a policy which discards route announcements with invalid origins would have on the routing table, and to a lesser extent on the traffic at the edge of a large research network.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

IPv4 Address Space in ROAs (/24s). http://certification-stats.ripe.net/?type=roa-v4
IPv4 Prefixes Delegated by AfriNIC. ftp://ftp.afrinic.net/stats/afrinic/delegated-afrinic-extended-latest
IPv4 Prefixes Delegated by APNIC. ftp://ftp.apnic.net/pub/apnic/stats/apnic/delegated-apnic-extended-latest
IPv4 Prefixes Delegated by ARIN. ftp://ftp.arin.net/pub/stats/arin/delegated-arin-extended-latest
IPv4 Prefixes Delegated by LACNIC. ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-extended-latest
IPv4 Prefixes Delegated by RIPE NCC. ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-extended-latest
rcynic RPKI validator. http://rpki.net/wiki/doc/RPKI/RP/rcynic
University of oregon route views project. http://www.routeviews.org
YouTube Hijacking: A RIPE NCC RIS case study, March 2008. http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study
Fincham, M.: RPKI, NZNOG 2014, February 2014. http://hotplate.co.nz/archive/nznog/2014/rpki/
Goldberg, S., Shapira, M., Hummon, P., Rexford, J.: How secure are secure interdomain routing protocols? Comput. Netw. 70, 260–287 (2014)
Article Google Scholar
Heilman, E., Cooper, D., Reyzin, L., Goldberg, S.: From the consent of the routed: improving the transparency of the RPKI. In: Sigcomm 2014 (2014)
Google Scholar
Kloots, J.: RPKI Routing Policy Decision-Making, A SURFNET Perspective, February 2014. https://blog.surfnet.nl/?p=3159
Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B., Zhang, L.: PHAS: a prefix hijack alert system. In: Proceedings of USENIX Security Symposium (2006)
Google Scholar
Lepinski, M., Kent, S.: An Infrastructure to Support Secure Internet Routing, RFC 6480, February 2012
Google Scholar
Litke, P., Stewart, J.: BGP Hijacking for Cryptocurrency Profit, August 2014. http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/
Toonk, A.: Hijack Event Today by Indosat, April 2014. http://www.bgpmon.net/hijack-event-today-by-indosat/
Wählisch, M., Maennel, O., Schmidt, T.C.: Towards detecting BGP route hijacking using the RPKI. In: Sigcomm 2012 (Poster) (2012)
Google Scholar
Zmijewski, E.: Indonesia Hijacks the World, April 2014. http://www.renesys.com/2014/04/indonesia-hijacks-world/

Download references

Acknowledgments

We thank the operator of the large American research network for setting up the collection of the traffic statistics. Rob Austein was a great help toward understanding the mechanics of the RPKI infrastructure and the different events we observed.

Author information

Authors and Affiliations

Internet Initiative Japan, Tokyo, Japan
Daniele Iamartino, Cristel Pelsser & Randy Bush
Politecnico di Milano, Milano, Italy
Daniele Iamartino

Authors

Daniele Iamartino
View author publications
You can also search for this author in PubMed Google Scholar
Cristel Pelsser
View author publications
You can also search for this author in PubMed Google Scholar
Randy Bush
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniele Iamartino .

Editor information

Editors and Affiliations

University of Southern California, Marina Del Rey, California, USA
Jelena Mirkovic
New York University, New York, New York, USA
Yong Liu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Iamartino, D., Pelsser, C., Bush, R. (2015). Measuring BGP Route Origin Registration and Validation. In: Mirkovic, J., Liu, Y. (eds) Passive and Active Measurement. PAM 2015. Lecture Notes in Computer Science(), vol 8995. Springer, Cham. https://doi.org/10.1007/978-3-319-15509-8_3

Download citation

DOI: https://doi.org/10.1007/978-3-319-15509-8_3
Published: 04 March 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15508-1
Online ISBN: 978-3-319-15509-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics