The Region’s Largest Origin Validation and RPKI Project

24/02/2017

The Region’s Largest Origin Validation and RPKI Project

This year, LACNIC’s Technology department provided training for technical coordinators of RENATA, Colombia’s National Academic Advanced Technology Network. This training on RPKI resource certification and origin validation represents the largest project to date for the deployment of this technology in Latin America and the Caribbean.

These Colombian IT experts received their training within the framework of the project titled BGP Security in RENATA Infrastructure, which received a FRIDA Award in 2016 and sought to promote the deployment of Resource Public Key Infrastructure (RPKI) technology within the institutions connected to the Colombian academic network in order to provide a solution to the information security issues affecting Colombia.

Gerardo Rada, software and development engineer at LACNIC, noted that training courses were held in January in the cities of Bogotá and Cartagena and were attended by fifty Colombian Regional Academic Network coordinators, IT managers and network administrators for the institutions connected to RENATA.

Rada said he had shared with local technicians “what RPKI is, how it works, what RENATA is doing with the implementation, what problems this technology solves, and what they can do to support the project.”

RPKI is a set of protocols, standards and systems that allows verifying the right to use Internet number resources such as IPv4 and IPv6 addresses and Autonomous Systems. The main goal of RPKI is to improve the Internet routing system’s reliability and security.

In the case of Colombia, “a massive deployment (of origin validation) is being implemented in an academic network,” said Rada, something that had never been done before in the region. LACNIC has already worked on similar RPKI deployment projects at NAP Costa Rica and origin validation at two nodes in Ecuador, but now, in Colombia, there is validation in all nodes of the academic network. “This is massive in scope, much more difficult, a different challenge,” stressed Rada.

RENATA will use existing tools and facilitate the use of RPKI, origin validation and other tools that will be developed, added the engineer.

LACNIC has participated in the definition of the standards that have allowed developing RPKI since 2007. In May 2011, LACNIC launched its RPKI Certificate Authority (CA) for the resources it administers.

The LACNIC region currently has an RPKI adoption rate of more than 20%, which means that one in five prefixes announced via BGP in Latin America and the Caribbean are covered by a Routing Origin Authorization (ROA).

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of LACNIC.

Subscribe
Notify of

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments