Pretty Good BGP on Quagga


We just wanted to let you know that Pretty Good BGP (PGBGP) is now
available for Quagga. The Internet Alert Registry (IAR) has been
running it stably for a few months now and we wanted to open it up to
early adopters.

PGBGP is a distributed security mechanism for BGP that attempts to
avoid prefix hijacks, sub-prefix hijacks, and spoofed paths. Each
router individually computes its own idea of the origin ASes for each
prefix based on the past few days of routing announcements. Routes
for prefixes with new origin ASes are labeled as anomalous and are
depreferenced for 24 hours, using the more trusted (stable) routes
where possible. New links are also considered anomalous, as well as
new sub-prefixes. New sub-prefixes are dealt with by choosing paths
to the trusted less specific when possible for 24 hours. Opt-in
emails are sent to operators to inform them of anomalies, to help them
identify and fix the problem (if any) within the 24 hours.

Hardware overhead:
Running PGBGP requires roughly ~20MB of extra RAM. Adding additional
BGP sessions does not significantly affect PGBGP memory usage. CPU
requirements are minimal.

Routing performance:
Sometimes, PGBGP will select an inferior path in order to avoid an
anomalous route. Our studies have shown that typically, anomalous
routes are short lived (e.g. due to convergence churn). On the IAR,
of the available 1,546,996 routes in the RIB, 5,111 of them are
anomalous at the time of writing this email. There are corner cases
in which PGBGP could cause loss of reachability, and they are
discussed in the papers.

Documentation, papers, links to NANOG presentations, and the patch
itself are available at the project's webpage:

If you're interested in PGBGP or would like to help further BGP
security research, please give it a try and let us know that you're
running it. We'd be happy to entertain suggestions, discuss the
protocol, and provide support.

Thanks for your time,