Use Internet Route Registries (IRR) to register all BGP sessions to your ASN, require all your peers to use the same IRRs, and then script the configurations to update the ingress/egress prefix filtering.
It does not make any sense to have all the BGP sessions undocumented. Internet Route Registries (IRRs) and tools like PeeringDB document how we are interconnected. The first step is to “IRR Empowered” and gain knowledge around the IRR Tools. NOCTION has provided the community an IRR Empowerment and PeeringDB series to illustrate how routes can be pulled with a script from PeeringDB (a popular IRR) then used to generate configs.
- Using PeeringDB to set up your internet exchange peering – Part 1
- Using PeeringDB to set up your internet exchange peering – Part 2
- PeeringDB & Internet Exchange peering Part 3: generating router configurations
Back to the main guide BGP Route Hijacks & Routing Mistakes – What can be done Today?
These BGP security materials are provided to help people around the Internet understand how do their part to deploy a more resilient BGP infrastructure. Seek out more information on www.senki.org.