How I participated in the development of a new Internet standard

Published on September 15, 2016

How I participated in the development of a new Internet standard

    This year in April , a draft was presented at the IETF Meeting 95 , in the creation of which I participated. This draft is a proposal by Qrator Labs to improve the standard of the BGP protocol for detecting and eliminating route leaks (“leakage” of routes, hereinafter referred to as faces ). This network anomaly occurs when a route is advertised in violation of routing policies. As a result, network delays can increase significantly, and in addition, this mechanism can be used to organize MitM (Man in the Middle) or DoS (Denial of Service) attacks. About IETF (Internet Engineering Task Force) not so long ago, my colleague and co-author of this draft wrote on the hub

    The main idea of ​​the proposed solution was to add information about the type of relationship between BGP neighbors directly in their configuration with the verification of these settings through handshake in the OPEN message. We want only on the basis of this setting (which shows whether the operator is a client, a feast or a supplier for his neighbor) it is possible to avoid faces inside a separate autonomous system and to detect faces made by other telecom operators on the Internet. A description of our idea with pictures can be found here .

    I turned out to be a co-author of this draft almost by accident, mainly due to the fact that about a year before I met Qrator Labs at Career Day at Moscow State University. Next I will describe how this happened.

    image
    Typical Career Day at the Navy.

    Honestly, few people go (at least among my friends) to such events in order to get a job - this rarely happens. Rather, career days are useful in order to study the labor market: look at companies that need new employees; to areas of business that are actively developing; on sought-after vacancies; collect a complete collection of free mugs, pens and notebooks. In the first courses, you don’t understand very well what you want. Many dream of working in Horns and Hooves (insert the name of any international company that is well known here), and they usually do not participate in such events.

    In senior courses, the attitude changes: students walk on stands and leave applications to almost everyone in a row - just like that, just in case. This is mainly why I submitted my contacts without much hope, leaving them, including at the booth of Qrator Labs. At that moment, I was finishing my undergraduate studies (faculty of the VMK, department of ASVK) and was a little interested in DDoS attacks and how to organize their response to them (I even wrote a kursach on this topic, so my attention was drawn to the Qrator Labs stand with a large inscription about DDoS). To my surprise, they called me back pretty quickly. But at that moment I could not go to work, because I was completing a bachelor's degree. They agreed to wait for me, and in June I went on an internship.

    image
    Photo from the stand. Almost everything turned out to be true.

    If we talk about working conditions, then last year in the fall (after the trial period) I was accepted part-time, so all year I could easily combine full-time studies and work. I still have a free schedule, on average I come to the office about 3 times a week. The beginning and, accordingly, the end of the working day are not standardized, which is also important for me. It is much more important for companies that employees get results than they spend their time in the office, so there is also the opportunity for remote work.

    At first I was given a trial project related to X.509 certificates. Pretty quickly, I realized that for me personally, the tasks of monitoring and searching for anomalies are of much greater interest. There was a project that reflected my desires, namely Qrator.Radar, in the framework of which there is a lot of work to study cross-domain routing. It was also lucky that the company was loyal to the possibility of a transition between projects and departments, considering it the main thing that you deal with interesting tasks for you. The first research project was connected with route leaks. Together with the project manager of Qrator.Radar, Alexander Azimov, we developed a zero version of the draft, I made an implementation on BIRD, and we checked that our idea really works. Sasha went from our team to RIPE and presented our idea as part of the Routing WG ( work group ). After this presentation, we got another co-author - Randy Bush . With it, we prepared the text of a new draft and presented it at the IETF in Buenos Aires. Our idea received at that time quite a lot of good feedback. Mostly it sounded: yes, the task is important; Yes, the solution seems to be working; further discussion and adaptation to the working group is needed.

    The main problem in the way of this draft is the existence of a competing solution from NIST (National Institute of Standards and Technology), which appeared a little earlier, and by the time of our presentation it was accepted for consideration by WG (although it does not cover all possible cases). But this is not a reason to stop: our document has undergone a global audit, and we plan to submit a new version at the next IETF in Seoul.

    Now, in addition to this project, I am participating in the development of a solution for detecting and filtering packets with spoofed IP addresses (spoofing) at the level of transit carriers. We are not the first to try to solve this problem: the first attempt was BCP 38 , but this solution is not scalable, the second is dynamic RPF filters ( BCP 84), but they are tied to the BGP routing table and in fact cannot work due to asymmetric routing at the level of transit operators. Our idea is based on the further use of the role infrastructure; at the moment we are at the prototype testing stage.

    findings


    Contrary to my expectations (which began to emerge from the first year, when companies refuse you only because you are in junior courses), Career Day was not such a useless event. Do not be afraid to approach the stands that interest you and ask questions, even if you do not have experience or sufficient knowledge. Usually, at such events, they are looking for promising interns who can be trained, or ready to study on their own.

    And, ending with a bachelor’s degree, I didn’t even expect that in Russia there are companies in which you can deal not just with “writing code”, but with fun writing, solving interesting topical problems, participating in and viewing materials from top conferences, spending time analyzing existing solutions and attempts to create something of their own. And certainly you should not underestimate the company just because they are unknown to you. In my opinion, small companies are much more interested in the professional growth of their employees than the well-known corporations of Good and Evil.