Upload File

the first year of - registro.br

20
The first year of GTER-49 — GTS-35

Upload: others

Post on 18-Dec-2021

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: The first year of - Registro.br

The first year of

GTER-49 — GTS-35

Page 2: The first year of - Registro.br

RPKI RECAP

Page 3: The first year of - Registro.br

“Is this BGP route origination authorised by the legitimate holder of the IP space?”

Page 4: The first year of - Registro.br

NIC.BR: Delegated RPKI

• Run an RPKI Certification Authority (CA) as a child of the RIR/NIR/LIR

• Install and run Krill

• Generate a resource certificate, have it signed by the parent CA

• Publish signed objects yourself, or ask your parent to do it for you

• Anyone can download and use the data for Route Origin Validation (ROV)

Page 5: The first year of - Registro.br

LACNICAFRINIC APNIC ARIN RIPE NCC

NIC.BR

MEMBER

Customer

RIR

NIR

Page 6: The first year of - Registro.br

Relying Party

Software

validated cache

Page 7: The first year of - Registro.br
Page 8: The first year of - Registro.br

Core functionality

✔ Seamlessly operate under multiple parent CAs

✔ Act as a parent CA for customers and subdivisions

✔ Manage Route Origin Authorisations (ROAs)

✔ Stand-alone publication server

✔ Allow remote publication

Page 9: The first year of - Registro.br

ESSENTIALS

✔ Installation from source, Debian/Ubuntu packages or Docker

✔ Command Line Interface, User Interface and a REST-like HTTPS API

✔ Prometheus monitoring and alerting

✔ Audit log

Page 10: The first year of - Registro.br

CLOUD Marketplace

✔ Krill is available on the AWS Marketplace and DigitalOcean Marketplace

✔ You only pay the cost of the VM

✔ One-click setup

✔ Integrated updates, backups, logging, monitoring, TLS certificate setup and renewal

Page 11: The first year of - Registro.br

USER Interface

✔ Multi-language support (includes Brazilian Portuguese)

✔ Parent CA and Publication Server configuration

✔ ROA suggestions and alerting based on BGP route collectors

• Invalid announcements (incorrect ASN or prefix length), too permissive ROAs, redundant ROAs, etc.

Page 12: The first year of - Registro.br
Page 13: The first year of - Registro.br
Page 14: The first year of - Registro.br

2021 roadmap

• 1.0 Release: stable API

• Multi-user support based on OpenID Connect

• Clustering support

• BGP listener: manage ROAs based on your own router’s view

• Hardware Security Module (HSM) support: PKCS#11 and KMIP

• User interface refinements: audit log, bulk editing, etc.

Page 15: The first year of - Registro.br

in Brazil

🇧🇷

Page 16: The first year of - Registro.br

0

100

200

300

400

500

600

December

January

February

March

AprilMay

June

July

August

September

October

November

December

Certificate authorities537

Page 17: The first year of - Registro.br

Validated ROA Prefixes

0

500

1000

1500

2000

2500

December

January

February

March

AprilMay

June

July

August

September

October

November

December

IPv4

IPv6

2139

Page 18: The first year of - Registro.br

9.1% Covered

Page 19: The first year of - Registro.br

YOU MAKE A DIFFERENCE

• Dropping RPKI Invalid routes has gained significant momentum in 2020

Telia Carrier, Cogent, GTT, NTT, Cloudflare, Hurricane Electric, Netflix,

Scaleway, Wikimedia Foundation, TATA, PCCW, AT&T and many more…

source: rpki.exposed

http://rpki.exposed
Page 20: The first year of - Registro.br

• rpki.readthedocs.io — Documentation and FAQ

• JDR — A tool to help you explore, inspect and troubleshoot anything RPKI

[email protected] — Mailing list with 500+ subscribers

• From Zero to RPKI Hero — Webinar on ROV with RIPE NCC, NLnet Labs, Cloudflare, Cisco, Arista, Juniper and Nokia

VIBRANT ECOSYSTEM

! @krillrpki & @routinator3000

http://rpki.readthedocs.io
https://jdr.nlnetlabs.nl
https://nlnetlabs.nl/mailman/listinfo/rpki
https://youtu.be/46zfv_MXcn0
https://twitter.com/krillrpki
https://twitter.com/routinator3000

Tutorial DNSSEC 1 - ACME Cybersecurity Researchadriano/aulas/redes/2016/... · 2016-11-29 · Tutorial DNSSEC 1 Cesar Henrique Kuroiwa Registro.br

MINING ENGINEERING - University of Exeteras.exeter.ac.uk/.../qualityreview/psr/csm/rlit/Mining_Engineering_201… · BEng Mining Engineering Year 1: e first year of the programme

UK Bebras 2014 Answers - WordPress.com · 2017. 11. 28. · Last year the International Bebras Competi-ton celebrated its 10th year. For the UK it was its first official year. That

J.S. Milne · 2020-03-26 · The first version of these notes was written for a first-year graduate algebra course. As in most such courses, the notes concentrated on abstract groups

Pesquisa TIC Kids Online Brasil - Registro.br

Semana IPv6 - Registro.br

Cardiac Emergencies in the First Year of Life … · The most challenging scenarios of cardiac emergencies in the first year of life include cyanotic episodes, congestive heart failure,

Registro.br · sobre o comércio eletrônico, e participado ativamente em diversos fóruns de discussão, nacionais e internacionais, buscando protagonismo para a promoção de segurança

Financial Report for the First Half of 2019...taxes (EBIT) rose to TEUR 1,002 compared to TEUR 520 in the first half of the previous year. The UMT Group closed the first six months

Readmission, mortality, and first-year medical costs after ...homepage.vghtpe.gov.tw/~jcma/76/12/703.pdfreadmissions or mortality, and the amount of the first-year medical cost (FYMC)

Registro.br Updates · Registro.br Updates - GTER33/GTS19 04.05.2012 Publicação DNS - Estrutura a partir de Mar/2012 A partir do início de Março de 2012, foram colocados em produção

Wilkinson Microwave Anisotropy Probe (WMAP) Three Year … · 2008-04-18 · The power-law ΛCDM model fits not only the Wilkinson Microwave Anisotropy Probe (WMAP) first year data,

Review of eStorage’s first year results

2015: A TRANSFORMATIONAL YEAR - Pfizer · Notably, in 2015, Pfizer achieved its first year of operational revenue growth since 2009. This occurred largely due to the strong performance

Inorganic carbon dynamics of melt-pond-covered first-year ... · 2048 N.-X. Geilfus et al.: Inorganic carbon dynamics of melt-pond-covered first-year sea ice and increasing surface

DRAFT KIMBERLY HISTORY The First Years€¦ · Kimberly’s first principal was Schyler Phillips (who presided over both Kingsbury and Kimberly the year of 1957) and first kindergarten

RYAN C. HICKOX - Dartmouth Collegehickox/hickox_CV.pdfLeader of 2nd year undergraduate tutorials in the Department of Physics. Tutor (advisor) for ten first-year undergraduates, associated

Solu%ons(to(Preclinical(Teaching(Challenges(in(the(first ... · Solu%ons(to(Preclinical(Teaching(Challenges(in(the(first(year(of(the(Dental(Curriculum(Samuel(Elhadad,"DDS,$$Laura$Darnell,$DMD,$PhD"

Year One - AnnualReports.com · Year One Our first year as a public company. 2004 Annual Report

Environmental regulation and firm exports: Evidence from the eleventh Five-Year Plan ...mis.sem.tsinghua.edu.cn/UploadFiles/File/201804/... · 2019-11-15 · The first Five-Year

2016 YEAR IN REVIEW - Strive Sponsorship€¦ · The first year for virtual reality was sobering, especially for manufacturers of dedicated hardware. A high price point, the absence

Using 464XLAT in Residential Networks - Registro.br

Lecture Notes for Econometrics 2002 (first year PhD …home.datacomm.ch/paulsoderlind/Courses/OldCourses/EcmAll.pdf · Lecture Notes for Econometrics 2002 (first year PhD course

Wilder for first Huskies sweep B LR.pdf · resume as a junior varsity coach and varsity assistant in football, basketball and baseball. But Marsing shows improvement as first-year

DDoS na Rede Ipê - Registro.br•53 % Downadup •42% Outros •3% Sality •2% Conficker •1 Zeus –11.754 endereços IP únicos Histórico de incidentes • Backbone com alta

The first year of Reiwa (2019.4.1~2020.3.31) How to put out ... · Burnable Burnable Burnable Burnable Burnable Burnable Burnable Burnable Non burnable Non burnable The 1st year

palestra GTS 2019 sanitizado - Registro.br

Registro.br · 5. Apresentação de Workshop s em Eventos dos nossosl representados voltados para capacitação e desenvolvimento tecnológico; 6. Participar ativamente das Recomendações

Registro.br · à Internet. Nosso indicado, ao compor esse Comitê, realizaria atividades como. 1. Apresentar propostas de programas de pesquisa sobre a Internet e de desenvolvimento

Veterinary science FSG Dec07... · Accounting ‘Accounting 1’ is a one-semester core course in the first year of a three-year bachelor of business administration (BBA) degree

IB#students#&first-year#university#performance:##...11,000+ BC 12s and 800+ IB Diploma students • (a * anticipated IB Diploma points) + b = 1st year UBC • (x * BC12 Spring admission

Education (EDUC) - University of Colorado Boulder · 2020-05-08 · Education (EDUC) 1 EDUCATION (EDUC) Courses EDUC 1020 (1) First Year Success at CU Introduces first-year majors

September 2019 Year Overview - TECHNOLOGY · 2019-08-14 · September 2019 Year Overview Congratulations, You survived your first year of high school. Now it’s time to get back

first things first { } Kurt & Brenda Warner - Tyndale House · first things first Kurt & Brenda Warner { } ... CHAPTER 17 Aerosmith family vacation 245 ... ful to have been raised

Avanços em IP multicast - Registro.br