FORT Monitoring: Real-Time Mapping of Routing Incidents in the LAC Region

The goal of FORT Monitoring is to provide real-time information on routing security in the region, noted Carolina Caeiro, Development Project Coordinator at LACNIC.

Considered to be one of the pillars of the Internet, the global routing system is under constant pressure and vulnerable to attack. Whether deliberate or accidental, a failure in this system may affect the ability of users and organizations to interconnect.

For years, LACNIC has been working together with other organizations on the deployment of technologies to protect the routing system.

RPKI Deployment. This technology, which is currently in the process of being deployed worldwide and across the region, allows protecting the routing system against a large number of attacks. In order for the routing system to be protected, coverage should continue to increase and be as close to 100% as possible.

According to FORT Monitoring, last month, RPKI deployment for IPv4 prefixes reached 22.3% in the region, while for IPv6 prefixes it totaled 23%. Further details and the evolution of these figures over the past few months are available on the website.

RPKI Validator. BGP origin validation allows verifying the routing announcements made by other operators and is a form of protection against potential alterations in the path followed by Internet traffic. As can be seen in the FORT Monitoring graph that shows the status of prefixes announced via BGP originating in organizations of Latin America and the Caribbean, 20.3.7% of IPv4 prefixes are valid, 77.7% are unprotected and 2% are incorrect or malicious. In the case IPv6 announcements, 21% of prefixes are valid, 77% are unprotected and 2% are incorrect or malicious.

As RPKI deployment advances, it will allow reducing the number of unprotected prefixes and will provide operators with a tool to determine which prefixes on the global routing tables are valid and which are not.