The company offers a wide range of network security services, including Qrator Availability Network

Qrator Labs participated in CSNOG 2023 conference to share its expertise in prevention of BGP anomalies with the new adopted RFC 9234 BGP Roles

Qrator Labs attended the regular meeting of the Czech and Slovak network industry that took place on May 16 and 17 in Zlin, Czech Republic.   

Czech and Slovak Network Operators Group (CSNOG) is a community of ISPs, network operators, registrars, network engineers and Internet and network technology enthusiasts.

The regular meetings of the CSNOG community are aimed to enable mutual exchange of experience, discussion of current issues and sharing of solutions leading to the development of Internet networks.

Alexander Zubkov, Head of the Network Operations Center in Qrator Labs, took the stage to talk about how to prevent and detect BGP route leaks with the RFC 9234 “BGP Roles”, which was developed by Qrator Labs’ research team.

Route leaks can be accidental or malicious but most often they arise from accidental misconfiguration. According to Qrator Labs’ BGP incidents report for Q3 2022, there were 12,103,554 BGP route leaks, originated by 3,030 unique route leakers during the period.

The new solution brings RFC 9234, which provides a meaningful tool to prevent and detect BGP route leaks. By enhancing the BGP OPEN message to establish an agreement on the peering relationship on each eBGP session it can enforce appropriate configuration on both sides. Propagated routes are then marked according to the agreed relationship — an in-band method with the new configuration parameter — with BGP Role, which is negotiated using a BGP Role Capability in the OPEN message. An eBGP speaker may require the use of this capability and confirmation of the BGP Role with a neighbor for the BGP OPEN to succeed.

Many free router implementations already support roles, as do development versions of tcpdump and WireShark, for example. “Of course, there is still a lot of software that hasn’t not yet implemented the new RFC.” Changes in network elements usually take very long time, and vendors are waiting for more requests from their customers. 

"Of course, we, as a community, need to apply enough energy to eliminate route leaks but we hope that RFC 9234 will become a good start to eliminating BGP anomalies for the better Internet," concluded Alexander Zubkov.