GPF 14 – IXP Route Servers with RPKI and IXP Manager

IXP Route Servers with RPKI and IXP Manager

Barry O’Donovan, INEX

Most route server instances at internet exchanges (IXPs) perform prefix
filtering based on route/route6 objects published by internet routing
registries. The data quality of these IRRDB objects is often poor, with
problems relating to missing, stale and incorrectly duplicated
information. Resource holders often have difficulty correcting this
information due to the object sets being decoupled from the RIR resource
assignments.

RPKI is a public key infrastructure framework designed to secure the
Internet’s routing infrastructure in a way that replaces IRRs with a
database where trust is assigned by the resource holder. There are still
issues: the database has only a fraction of the prefix coverage as IRR
databases do, and there is no implemented support for features such as
AS-SETs. We are now in a multi-year transition from IRR to RPKI while
these issues are solved.

In the presentation, we propose a best-practice integration of RPKI into
the current IX route server context which still includes IRR support. We
will present the development work we have completed with IXP Manager to
support RPKI and discuss our experiences at putting this live at INEX.