This article was originally published on France-IX Blog. The views expressed in this article are those of the author alone and not the Internet Society/MANRS.
As part of its mission of constantly improving the quality of Internet, France-IX has naturally joined the MANRS (Mutually Agreed Norms for Routing Security) IXP programme after meeting a number of eligibility criteria, reflecting its long-term involvement in securing routing infrastructure.
What is the purpose of this initiative? What are the actions involved and what is the overall impact on the community?
Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, supported by the Internet Society, that provides crucial fixes to reduce the most common routing threats. Initially designed for network operators, the initiative took a step further by involving IXPs in these actions, as they should obviously play an active role in protecting the Internet.
Secure routing: why is it vital?
Insecure routing is one of the most common paths for malicious threats. Attacks can take anywhere from hours to months to recognize. Inadvertent errors can take entire countries offline, while attackers can steal an individual’s data or hold an organization’s network hostage.
In 2017 alone, 14,000 routing outages or attacks – such as hijacking, leaks, and spoofing – led to a range of issues including stolen data, lost revenue, reputational damage, and more. About 40% of all network incidents are attacks, with the average duration per incident lasting 19 hours. Incidents are global in scale, with one operator’s routing problems cascading to impact others*.
Then, who is responsible for securing routing?
There are approximately 60,000 core networks (Autonomous Systems) across the Internet, each using a unique Autonomous System Number (ASN) to identify itself to other networks. Border Gateway Protocol (BGP), used to exchange routing and reachability information among ASNs on the Internet, is based entirely on trust between networks.
MANRS improves the security and reliability of the global Internet routing system, based on collaboration among participants and shared responsibility for the Internet infrastructure. The MANRS Actions were initially set up for network operators, but Internet Exchange Points (IXPs) are also important partners in the MANRS community. They are indeed key players who already contribute to a more resilient and secure Internet infrastructure. The MANRS IXP Programme was thus created to address the unique needs and concerns of IXPs, with a related but separate set of MANRS actions for IXP members.
What criteria and actions involved for an IXP?
Joining MANRS means joining a community of security-minded network operators committed to making the global routing more secure. To join the MANRS IXP Programme, IXPs must demonstrate commitment by implementing a majority of the IXP Programme Actions (at least three out of five).
Actions 1 (“Prevent propagation of incorrect routing information”) and 2 (“Promote MANRS to the IXP membership”) are mandatory, and then at least one additional Action must be implemented from the list.
France-IX has therefore completed a number of specific actions, now contributing to a globally robust and secure routing infrastructure, among which: protecting the peering platform, facilitating communication and coordination between network operators, providing monitoring and debugging tools to its members… France-IX has now achieved actions in each of the 5 scopes of the IXP Programme Action Set. Please check the complete updated list here: https://www.manrs.org/ixps/ixp-participants/entry/714/
For more information on how you can contribute, please visit the MANRS website: www.manrs.org
Leave a Reply