HI Folks,
One of our colleagues from AUSNOG mentioned this, and I thought it'd be worth reposting here as I'd imagine it's required reading for many of you (which I'm sure you have of course!).
Cheers
jamie
RFC7454 - "BGP Operations and Security"https://tools.ietf.org/html/rfc7454"AbstractThe Border Gateway Protocol (BGP) is the protocol almost exclusivelyused in the Internet to exchange routing information between networkdomains.�� Due to this central nature, it is important to understandthe security measures that can and should be deployed to preventaccidental or intentional routing disturbances.This document describes measures to protect the BGP sessions itselfsuch as Time to Live (TTL), the TCP Authentication Option (TCP-AO),and control-plane filtering.�� It also describes measures to bettercontrol the flow of routing information, using prefix filtering andautomation of prefix filters, max-prefix filtering, Autonomous System(AS) path filtering, route flap dampening, and BGP communityscrubbing."