MANRS

Routing Security is Vital to the Future and Stability of the Internet

The Internet’s routing foundation has cracks, and they’re growing. Not a single day goes by without dozens of incidents affecting the routing system. Route hijacking, route leaks, IP address spoofing, and other harmful activities can lead to DDoS attacks, traffic inspection, lost revenue, reputational damage, and more. These incidents are global in scale, with one operator’s routing problems cascading to impact others.

Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, supported by the Internet Society, that provides crucial fixes to reduce the most common routing threats.

This short video helps explain:

How can MANRS help?

MANRS outlines four simple but concrete actions that network operators should take:

Filtering – Ensure the correctness of your own announcements and of announcements from your customers to adjacent networks with prefix and AS-path granularity
Anti-spoofing – Enable source address validation for at least single-homed stub customer networks, your own end-users, and infrastructure
Coordination – Maintain globally accessible up-to-date contact information
Global Validation – Publish your data, so others can validate routing information on a global scale

A separate set of Actions applies explicitly to Internet Exchange Points.

Is routing security important to you?

Please consider implementing the MANRS actions and joining the MANRS community. There are two categories:

Network operators – Implement the actions in the MANRS document and join the initiative.
Internet Exchange Points (IXPs) – Implement the actions in the IXP Programme and join the initiative.

MANRS requires collaboration among participants and shared responsibility for the global Internet routing system. Joining MANRS means joining a community of security-minded organizations committed to making the global routing infrastructure more robust and secure.

Two case studies further outline the benefits of MANRS participation:

What Participants Say About MANRS

The reliability and stability of the Internet is vital, and is the responsibility of all who participate in operating networks globally. AARNet has been actively filtering and blocking spoofed addresses for a number of years. We believe that this is an important global undertaking that should be encouraged and taken on by all who provide internet services.

Warrick Mitchell Network Architect, AARNet

MANRS Participants