North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Best Current Practices for Routing Protocol Security

  • From: Sean Donelan
  • Date: Wed Aug 14 13:24:59 2002

What are the best current practices ISPs use to maintain routing protocol
security?

1. None - May be acceptable in some environments
2. I don't tell anyone about my routing protocols
3. Firewalls protect me
4. Don't exchange routing information with external parties
5. Explicit routing neighbor assocations - passive-interface default
6. Address validation on all edge devices
7. Signed routing messages - MD5 or something else
8. Non-routed routing infrastructure - RFC1918 for core
9. Non-IP routing protocols - ISIS
10. Out-of-band route servers - SS7 here we come