Routing security workshop by Randy Bush

Workshop: RPKI-Based BGP Origin Validation Workshop
Lead by: Randy Bush, IIJ



BGP Origin Validation based on the Resource Public Key Infrastructure (RPKI) is in test and prototype deployment has begun. It protects against accidental mis-origination, the most common routing error we see today. The documents are in the sidr working group of the IETF and are now being processed through the RFC sausage machine.

The work-flow for using the full implementation in open source RPKI software from GUI to running router (router code not open source) can be seen at

There will be a workshop where operators can play with the entire system, end to end. Attendees can create RPKI objects with the GUI and configure Cisco and Juniper routers to deal with valid and invalid routing. The more adventurous sysadmin talented attendee with access to a UNIX, Linux, or MacOSX environment, can even build and install the open source RPKI software.

Randy Bush Biography:

Randy Bush is a Research Fellow and Network Operator at Internet Initiative Japan, Japan’s first commercial ISP. He specializes in network measurement especially routing, network security, routing protocols, and IPv6 deployment. Randy has been in computing for 45 years, and has a few decades of Internet operations experience. He was the engineering founder of Verio, which is now NTT/Verio. He has been heavily involved in transferring Internet technologies to developing economies for over 20 years.

He was a chair of the IETF WG on the DNS for a decade and served as a member of the IESG, as co-chair of the IETF Operations and Management Area for six years. Randy was the first Chair of the NANOG Steering Committee, a co-founder of AfNOG, on the founding Board of Directors of ARIN, helped start AfriNIC, and has participated in APNIC, RIPE, et alia since each was founded.

For more, see

Randy Bush doing RPKI workshop at RIPE63 meeting in Vienna:

Comments are closed.