Full Text

Abstract - As the number of IP hijacking incidents has increased, many IP hijacking monitoring tools have been implemented. However, none of the monitoring tools can directly control the data plane of BGP routers. Therefore, network administrators should protect their routers by using command line interface when the network administrator receives any warning from BGP hijacking monitoring tools. As the number of routers and prefixes continuously increased, checking the routing information in their routers manually is one of the big burdens on the administrators. In addition, when IP hijacking occurs, it is very important for the administrator to quickly block the bogus prefixes. Otherwise, thousands of traffic will be transferred to the wrong way within a very short moment. In this paper, we extended Quagga-SRx so that the Quagga-SRx can send a BGP update message including an opaque extend community to other iBGP peers for notifying bogus IP prefixes after detecting abnormal IP prefixes. As a result of this, the other iBGP peers can recognize bogus IP prefixes by accepting the BGP update message that includes the opaque extend community, and automatically blocks the bogus prefixes if the iBGP routers have an ability to process the opaque extend community. Therefore, when IP hijacking occurs, the bogus prefixes can be blocked automatically and quickly, which makes the ASes more secure.

Keywords: BGP, border gateway protocol, interdomain routing, network security, networks, routing