Thursday, January 30, 2020

Using RIS for BGP route monitoring

RIPE RIS can be used for analysis of BGP updates or other source for BGP forensics.

https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris

The access is simple and free. You can use curl to access the information or write python interface to query for information.

e.g { the prefix that my  home ISP lives in }

curl -s "https://ris-live.ripe.net/v1/stream/?format=json" -H 'X-RIS-Subscribe: {"prefix": "199.188.248.0/21"}'

And output would be similar to the following;



For traffic analysis you can query bgp message types;


You can string key/valuepair attributes to drill in and to reduce the number of matches, here I'm looking or interested in the remote-route-collector 00 & NOTIFICATIONS


If you knew the underlaying  rcc and it's peers, you can find BGP opens



So the options are quite flexible and wide. A organization could build a BGP message analysis database for querying to research events internal to it's BGP topology and to help analysis BGP flaps,events,outages or help with RCAs.









NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o

        /  \



Posted by at No comments:

Friday, January 3, 2020

Fortigate in the IBMCloud


Fortinet supports both a 10 and 1 gige firewall solution for the IBMcloud. Again FTNT is a leader in . security solutions and has a host of solutions for most if not all PublicCloud providers.

You can find more details at the IBMcloud website https://www.ibm.com/cloud/fortinet . Keep in mind that the 1gige is a single support vlan device.

Outside of that, the units can be HA and manage just like a on premise Fortigate Appliance.








NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o

        /  \







Posted by at No comments:
Subscribe to: Posts (Atom)