APNIC Workshop – Advanced Routing with RPKI

Date : Tue, 3 Oct – Thu, 5 Oct 2023

Time : 9:00 AM – 5:00 PM SGT

Venue : SMU Lee Kong Chian School of Business

              Level 3 Seminar Room 3.1

              50 Stamford Road

              Singapore 178899

Synopsis

Why are BGP mishaps are very common and frighteningly very easy – malicious route hijacking, mis-origination (fat fingers), and route leaks (bad filters). We need better mechanism(s) to ensure no one can inject false information into the global routing system that easily.

This workshop will look at at current tools/techniques, how RPKI is just a piece in the puzzle, and what we should all do to secure Internet routing. We will also explore BGP mulithoming techniques for networks looking to peer at an Internet Exchange Point (IXP) or have multi-provider connectivity

Target audience

Technical staff who are building or operating a service provider or enterprise network with international and/or multi-provider connectivity, and considering participation at an Internet Exchange point.

Prerequisites

It is assumed that the workshop participants know:

  • have a working knowledge of an IGP (OSPF or IS-IS), and
  • how to use a router command line interface.

Knowledge of IPv6 fundamentals (protocol and address structure) and public-key cryptography is helpful.

This workshop is not an introduction. The lab exercises use Cisco IOS configuration syntax.

Academy resources to be completed before start of workshop:

Course outline

 
  • BGP Fundamentals recap
  • BGP Attributes and Scaling Techniques
  • BGP Policy Control
  • BGP Operations & Security BCP
  • Internet Multihoming Techniques
  • RPKI & Route Origin Validation

Other requirements

Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.

Maximum number of attendees

40 participants per workshop

Please note

Certificate of participation is provided upon successful completion of the course.

Imtiaz Sajid – Network Analyst / Technical Trainer










Imtiaz Sajid – Network Analyst / Technical Trainer

Imtiaz Sajid is a Network Analyst / Network Trainer. He has worked for Internet Service Providers (ISP) and managed service provider as Network Operation, Capacity Planning and Network Design Engineer to to provide L3/L4 support, managed services, design and capacity planning, testing, deployment and swap of IP network.

Areas of Interest:

BGP, Internet Routing, Peering.



Seo Boon Ng – APNIC Community Trainer










Seo Boon Ng – APNIC Community Trainer

Seo Boon Ng is a network engineer at Drivenets. He was a tech lead at Cisco Systems prior to his current role. He has over 20 years of experience in data networking industry and currently works for the Customer Experience Organization at Cisco Systems Inc. Seo’s primary role is providing consulting services to large Telco customers and occasionally serves as the escalation engineer for complex networking issues. He is also an advocate of open source software and is an avid Linux user. Seo’s skill set focuses on network automation and routing design and troubleshooting. He enjoys sharing and exchanging his knowledge with field engineers and takes a keen interest towards operational issues and improvement.

Seo Boon shares his knowledge as a volunteer community trainer for APNIC.

Areas of Interest:

Linux, Network Automation, Routing Design.



Shane Hermoso – Training Delivery Manager (South East Asia and East Asia










Shane Hermoso – Training Delivery Manager (South East Asia and East Asia

Sheryl (Shane) Hermoso is a Network Operations Engineer and a Senior Technical Trainer at APNIC. Before joining APNIC, Shane had various roles as a Network Engineer, managing the enterprise network backbone and wireless infrastructure. Shane regularly presents on routing issues at conference and training events throughout the Asia Pacific.

Areas of Interest:

DNS, DNSSEC, IPv6, Security, WiFi.