BGPSEC implementation

Michael Baer baerm at tislabs.com
Wed Jan 30 04:32:56 CET 2013


Hi,

I sent mail awhile ago mentioning work being done to implement BGPSEC
within the BIRD code and I wanted to give an update.  The current code
supports the newest version of BGPSEC protocol document as far as
capability negotiation and update messages.  This includes the
cryptographic signing/checking using the openssl libraries.  We are
continuing to work on it.  There are a couple things missing from the
update processing (e.g. proper confed handling) and one of the major
next steps would be to integrate RPKI data, hopefully using the BIRD ROA
tables and pulling from a cache.

I can make a patch available of the current code base, if anyone is
interested in playing with it (GPL licensed to match the BIRD). Feedback
on bugs and improvements would be welcome.  I noticed that Ondrej Filip
is giving a BIRD presentation at NANOG 57.  Several people associated
with our project, including Sam cc'd above, will be at that meeting if
you want to talk to one of us about it.  Let me or Sam know, and one of
us can send other contact info privately.

Thanks,
Mike

-- 
Michael Baer
baerm at tislabs.com



More information about the Bird-users mailing list