Peering into BGP

This presentation will focus on the unprecedented cyber-attack on Orange España in January 2024, highlighting the novel misuse of the Resource Public Key Infrastructure (RPKI) to induce an outage.

We will explore the sequence of events leading to the service disruption, the attacker's strategy of publishing erroneous Route Origin Authorizations (ROAs), and the subsequent operational and security lessons for network operators. In particular what the incident tells us about how efficient RKPI is today, where we see a partial deployment on the Glocal Internet.

The BGP communities attribute, which usefully enables network operators to signal specific requests or information to nearby ASNs, also lets them signal RPKI status. But should they? In this presentation, I show the results of investigating the propagation of RPKI information in BGP communities.

There is a baseline of BGP Updates that is derived from the updates in RPKI - the creation or deletion of ROAs/VRPs - and this presentation shows what it is, who does it, and why this is not good for the Internet.

Recently, the Qrator.Radar team has released a new website, the main purpose of which is to help the community of network engineers solve various tasks related to the BGP protocol. One of the main tasks is to provide information about the connectivity of Autonomous Systems. 

In this report, I want to talk about how you can independently analyze connectivity, conduct a brief overview of popular services that help with connectivity analysis, as well as talk about the most significant updates in our service.