Do you want to make the Internet’s routing infrastructure more secure? Have you implemented anti-spoofing techniques to help protect against attacks such as DDoS attacks? Have you secured your use of BGP on your network?
How can we work together to improve the security and resilience of the global routing system?
Originally called the “Routing Resilience Manifesto”, the initiative published today the “Mutually Agreed Norms for Routing Security” (MANRS) at:
With the announcement came news of an initial set of participants that includes some of the largest global network operators such as Comcast, Level 3 and NTT. More companies will be added and signups are already coming in!
To participate, a network operator needs to agree to at least 2 (and ideally all 4) of these actions:
- Filtering – Prevent propagation of incorrect routing information.
- Anti-spoofing – Prevent traffic with spoofed source IP addresses.
- Coordination – Facilitate global operational communication and coordination between network operators.
- Global Validation – Facilitate validation of routing information on a global scale.
Basically you could think of this as a “code of conduct” for network routing… an agreement that companies publicly say they are going to follow to help the overall Internet’s routing infrastructure be more resilient and secure.
Our colleague Andrei Robachevsky has been heading this project and working with a team of people from network operators around the world (some of whom have already signed on as formal participants, others who hope to do so soon). It’s great to see this out there and we look forward to seeing the list of participants grow.
Please do read the MANRS document and sign up if your network can undertake those actions. If every network operator can mind their MANRS, we’ll all have a much safer, more secure and more resilient Internet!
P.S. If you are looking for information about how to get started with anti-spoofing or securing BGP, please see our Network Operators Start Here page to get started.