Open Nav

RPKI Roll Out on LINX’s AS5459 Network

RPKI Roll Out on LINX’s AS5459 Network

By Manolis Mathioudakis, Senior Network Engineer

In 2020 LINX announced it had successfully introduced the RPKI framework for all its route server locations in the UK and US. In this blog we explain why this was important for the AS5459 network, and how LINX members can benefit with some good practice tips today.

RPKI (Resource Public Key Infrastructure) is designed to secure the Internet’s routing infrastructure with an additional element of filtering and security before data is passed from one network to another. It uses a cryptographic method of signing records that associate a BGP route announcement with the correct originating AS number.

Having RPKI running adds an extra layer of defence to stop route leaks and hijacks into the AS5459 network. All London border routers currently have a session established with the RPKI validator, downloading the VRPs (Validated ROA Payload) from the validator cache server.

VRPs is a compiled list of ASN, prefix and maximum length of prefix which is pushed to the border routers with the use of the RTR (RPKI to Router Protocol).

LINX runs the Routinator 3000 validator software written in the Rust programming language, created by the NLnet Labs network research group.

By downloading and having an updated VRP list on the router doesn’t mean that the router will filter all the invalid routes. To achieve this, we updated our import policies on all Transit and Peering services with members, along with a few customers for whom we provide different services. Please note that LINX only reject only the invalid routes learnt, not the unknown and unverified.

To confirm, having RPKI enabled in the AS5459 network ensures all members peering with LINX receive a healthy and secure routing table.

Further Resources 

< Go Back

Recent Posts

5th December 2024

New LINX Portal Feature – Contact Management

By Lynsey Buckingham

We’re introducing a new feature in the LINX Member Portal to improve how contacts are managed in the New Member...

Read More
4th December 2024

LINX Support and Enable New Route Server Route Leak Prevention Process

By Lynsey Buckingham

Written by Moyaze Shivji, Senior Network Engineer at LINX The LINX engineering team has enabled RFC9234 on all LINX Route Servers...

Read More
30th September 2024

How KVM Technology is Improving Efficiency, Deployment and Product Growth

By Lynsey Buckingham

Written by Steven Cammidge, Systems Reliability Engineer at LINX. Kernel-based Virtual Machine (KVM) technology isn’t anything new in our...

Read More
Website by Echo
Email
Call