BGP Path Validation New Mechanism - AS Cones

When it comes to Routing Security, BGP Origin and Path Validation should be understood very well. It is the problem of all, not just large Service Providers. Enterprises, Service Providers, Mobile Operators, basically whoever are interacting with Global Routing. IRR, RPKI, BGPSEC, Origin Validation and Path Validation are the fundamentals of BGP Routing Security.

We have many other posts for the subject on the website but in this post I want to share with you new approach for BGP Path Validation. It is called as AS-Cones. At the moment, it is still IETF draft but soon it is expected to be Standard RFC.

I discussed it with the inventor of the mechanisms, Melchior Aelmans along with many other routing security topic and decided to share with you! In the below video, Orhan Ergun, Melchior Aelmans and Jeff Tantsura, discussing new approaches in BGP Security - Path Validation. They explain ASPA - Autonomous System Provider Authorization , and another approach AS-Cone and they compare those two.

Not only BGP Security Path Validation, but they identify the current known problems of the Global Routing Table/DFZ, such as Hijacks, different types of hijacks, route leaks and they discuss some prevention techniques such as BigNetwork Filter, Peer Lock, IRR , RPKI , Origin Validation and many other things, during 2 hours, intense discussion.

If you are interested in routing , routing security, this is one of the must to watch video.  

https://www.youtube.com/watch?v=TUDKba_mPUc&t=22s

Created by
Orhan Ergun

Orhan Ergun, CCIE/CCDE Trainer, Author of Many Networking Books, Network Design Advisor, and Cisco Champion 2019/2020/2021

He created OrhanErgun.Net 10 years ago and has been serving the IT industry with his renowned and awarded training.

Wrote many books, mostly on Network Design, joined many IETF RFCs, gave Public talks at many Forums, and mentored thousands of his students.  

Today, with his carefully selected instructors, OrhanErgun.Net is providing IT courses to tens of thousands of IT engineers. 

View profile