The IESG has approved the following document: - 'BGP operations and security' (draft-ietf-opsec-bgp-security-07.txt) as Best Current Practice This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Joel Jaeggli and Benoit Claise. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-opsec-bgp-security/ Technical Summary BGP (Border Gateway Protocol) is the protocol almost exclusively used in the Internet to exchange routing information between network domains. Due to this central nature, it is important to understand the security measures that can and should be deployed to prevent accidental or intentional routing disturbances. This document describes measures to protect the BGP sessions itself (like TTL, TCP-AO, control plane filtering) and to better control the flow of routing information, using prefix filtering and automatization of prefix filters, max-prefix filtering, AS path filtering, route flap dampening and BGP community scrubbing. Working Group Summary Nothing particular to point out. The document and work contribution went smoothly without hiccups. Document Quality This Is an operational document describing best practices. The baseline of the document is the writing down of what successful BGP network implementations have deployed. Personnel Document Shepherd: Gunter Van de Velde Responsible Area director: Joel Jaeggli
