Abstract

Nils Rodday, Italo Cunha, Randy Bush, Ethan Katz-Bassett, Gabi Dreo Rodosek, Thomas C. Schmidt, Matthias Wählisch,
Revisiting RPKI Route Origin Validation on the Data Plane,
In: Proc. of Network Traffic Measurement and Analysis Conference (TMA), IFIP, 2021.
HTML   BibTeX   Abstract  

Abstract: The adoption of the Resource Public Key Infrastructure (RPKI) is increasing, as are measurement activities to identify RPKI-based route origin validation (ROV). Several proposals try to identify Autonomous Systems (ASes) that deploy ROV using control plane as well as data plane measurements. We show why simple end-to-end measurements may lead to incorrect identification of ROV. In this paper we evaluate data plane traceroute measurements as a mechanism to extend coverage and provide a reproducible method for ROV identification using RIPE Atlas. Moreover, we extend the current state-of-the-art by identifying ROV performed by route servers at Internet Exchange Point (IXP) and using an include list to differentiate between fully and partially ROV-enforcing ASes. Our measurements from 5494 vantage points in 3699 ASes infer ROV is deployed in 216 unique ASes: 11 with strong confidence, 18 with weak confidence, and 187 indirectly adopting ROV via filtering by IXP route servers.

Themes: Network Security , Internet Measurements and Analysis , Network Management

 


This page generated by bibTOhtml on Fr 5. Nov 11:48:12 CET 2021