And the fourth one is to facilitate the
validation of routing information.
We have a whole series talking about route
origin authorization but to summarize:
all routes originated need to be signed
to indicate that your AS is
authorized to originate these routes and
this is designed to help secure the
global routing system. So our advice: sign
ROAs, the Route Origin Authorization, for
all originated routes using the RPKI, the
Resource Public Key Infrastructure,
and make sure all customer originated routes
are also signed.
We also advise to validate received routes
from all peers, give high priority for validated routes,
discard invalid routes and perhaps low
priority for any unsigned routes.
© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.
Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.