How I participated in the development of a new Internet standard
This year in April a draft was presented to the IETF Meeting 95, in the creation of which I participated. This draft is a proposal by Qrator Labs to improve the BGP protocol standard for detecting and eliminating route leaks (“route leaks”, hereinafter referred to as faces ). This network anomaly occurs when a route is advertised in violation of routing policies. As a result, network delays can significantly increase, and in addition, this mechanism can be used to organize attacks MitM (Man in the Middle) or DoS (Denial of Service). About IETF (Internet Engineering Task Force) not so long ago wrote on Habré my colleague and co-author of this draft.
The main idea of ​​the proposed solution was to add information about the type of interconnection between BGP neighbors directly in their configuration with verification of these settings through a handshake in the OPEN message. We want only on the basis of this setting (which shows whether the operator is a client, peer or supplier for his neighbor) to both avoid the faces inside a separate autonomous system and detect the faces made by other telecom operators on the Internet. Description of our idea with pictures can be viewed here .
I became the co-author of this draft almost by accident, mainly due to the fact that about a year before I met Qrator Labs at the Career Day at Moscow State University. Next, I'll tell you how it happened.
Typical Career Day at the VMK.
')
To be honest, few people go (at least among my friends) to such events in order to get a job - this happens rarely. Rather, Career Days are useful for exploring the labor market: look at companies that need new employees; on areas of business that are actively developing; on demanded vacancies; assemble a complete collection of free mugs, pens and notebooks. On the first courses you don’t understand very well what you want. Many people dream of working at Horns and Hooves (insert here the name of any international company that is known), and they usually do not participate in such events.
At senior courses, attitudes change: students go to the stands and leave applications for almost everyone in a row - just like that, just in case. Basically, therefore, I submitted my contacts without much hope, leaving them at the Qrator Labs stand too. At that moment I was graduating from a bachelor degree (faculty of the CMC, department of ASVK) and was a little interested in DDoS attacks and waysto counter them (even wrote a curriculum on this topic, so my attention was attracted by the Qrator Labs stand with a big DDoS inscription). To my surprise, they quickly called me back. But at that moment I could not go to work, because I was finishing my bachelor’s degree. I agreed to wait, and already in June I went on an internship.
Photo from the stand. Almost everything turned out to be true.
If we talk about working conditions, then last year in the fall (after the probation period) I was accepted at half-time, so the whole year I could combine my studies at the full-time department and work without any problems. I still have a free schedule, on average I come to the office about 3 times a week. The beginning and, accordingly, the end of the working day are not normalized, which is also important for me. Companies are much more important for employees to get results than to spend their time in the office, so there is also an opportunity for remote work.
At first I was given a trial project related to X.509 certificates. Pretty quickly, I realized that for me personally, the tasks of monitoring and searching for anomalies are much more interesting. I found a project that reflected my desires, namely Qrator.Radar, within which there is a lot of work on the study of inter-domain routing. Also lucky with the fact that the company is loyal to the possibility of transition between projects and departments, considering it the main thing for you to do interesting tasks for you. The first research project was connected with route leaks. Together with the project manager of Qrator.Radar, Alexander Azimov , we developed a zero version of the draft, I did an implementation on BIRD, and we checked that our idea really works. Sasha went from our team to RIPE and presented our idea as part of the Routing WG ( work group ). After this presentation, we had another co-author, Randy Bush . With it, we prepared the text of the new draft and presented it to the IETF in Buenos Aires. Our idea received at that time quite a lot of good feedback. Mostly sounded: yes, the task is important; Yes, the solution seems to be working; further discussion and adaptation to the working group is necessary.
The main problem in the way of this draft is the existence of a competing solution from NIST (National Institute of Standards and Technology), which appeared a little earlier, and by the time of our presentation was taken into consideration by the WG (although it does not cover all possible cases). But this is not a reason to stop: our document has passed a global revision, and we plan to present a new version at the next IETF in Seoul.
Now, in addition to this project, I am involved in developing a solution for detecting and filtering packets with spoofed IP addresses (spoofing) at the level of transit operators. We are not the first to try to solve this problem: the first attempt was BCP 38 , but this solution is not scalable, the second is dynamic RPF filters ( BCP 84 ), but they are tied to the BGP routing table and cannot actually work because of asymmetric routing at the level of transit operators. Our idea is based on the further use of the infrastructure of roles, at the moment we are at the stage of testing the prototype.
Contrary to my expectations (which began to emerge from the first year, when companies refuse to you just because you are in junior courses), Career Day was not such a useless event. Do not be afraid to approach the stands you are interested in and ask questions, even if you do not have experience or sufficient knowledge. Usually at such events they are looking for promising interns who can be trained or who are ready to study independently.
And, finishing the bachelor’s degree, I certainly didn’t expect that there are companies in Russia where you can do not just “write code”, but a funny survey, solving interesting actual problems, participating and watching materials from top conferences, spending time on analyzing existing solutions and attempts to create something of their own. And you certainly should not underestimate companies just because they are unknown to you. In my opinion, small companies are much more interested in the professional growth of their employees than the well-known corporations of Good and Evil.
The main idea of ​​the proposed solution was to add information about the type of interconnection between BGP neighbors directly in their configuration with verification of these settings through a handshake in the OPEN message. We want only on the basis of this setting (which shows whether the operator is a client, peer or supplier for his neighbor) to both avoid the faces inside a separate autonomous system and detect the faces made by other telecom operators on the Internet. Description of our idea with pictures can be viewed here .
I became the co-author of this draft almost by accident, mainly due to the fact that about a year before I met Qrator Labs at the Career Day at Moscow State University. Next, I'll tell you how it happened.
Typical Career Day at the VMK.
')
To be honest, few people go (at least among my friends) to such events in order to get a job - this happens rarely. Rather, Career Days are useful for exploring the labor market: look at companies that need new employees; on areas of business that are actively developing; on demanded vacancies; assemble a complete collection of free mugs, pens and notebooks. On the first courses you don’t understand very well what you want. Many people dream of working at Horns and Hooves (insert here the name of any international company that is known), and they usually do not participate in such events.
At senior courses, attitudes change: students go to the stands and leave applications for almost everyone in a row - just like that, just in case. Basically, therefore, I submitted my contacts without much hope, leaving them at the Qrator Labs stand too. At that moment I was graduating from a bachelor degree (faculty of the CMC, department of ASVK) and was a little interested in DDoS attacks and ways
Photo from the stand. Almost everything turned out to be true.
If we talk about working conditions, then last year in the fall (after the probation period) I was accepted at half-time, so the whole year I could combine my studies at the full-time department and work without any problems. I still have a free schedule, on average I come to the office about 3 times a week. The beginning and, accordingly, the end of the working day are not normalized, which is also important for me. Companies are much more important for employees to get results than to spend their time in the office, so there is also an opportunity for remote work.
At first I was given a trial project related to X.509 certificates. Pretty quickly, I realized that for me personally, the tasks of monitoring and searching for anomalies are much more interesting. I found a project that reflected my desires, namely Qrator.Radar, within which there is a lot of work on the study of inter-domain routing. Also lucky with the fact that the company is loyal to the possibility of transition between projects and departments, considering it the main thing for you to do interesting tasks for you. The first research project was connected with route leaks. Together with the project manager of Qrator.Radar, Alexander Azimov , we developed a zero version of the draft, I did an implementation on BIRD, and we checked that our idea really works. Sasha went from our team to RIPE and presented our idea as part of the Routing WG ( work group ). After this presentation, we had another co-author, Randy Bush . With it, we prepared the text of the new draft and presented it to the IETF in Buenos Aires. Our idea received at that time quite a lot of good feedback. Mostly sounded: yes, the task is important; Yes, the solution seems to be working; further discussion and adaptation to the working group is necessary.
The main problem in the way of this draft is the existence of a competing solution from NIST (National Institute of Standards and Technology), which appeared a little earlier, and by the time of our presentation was taken into consideration by the WG (although it does not cover all possible cases). But this is not a reason to stop: our document has passed a global revision, and we plan to present a new version at the next IETF in Seoul.
Now, in addition to this project, I am involved in developing a solution for detecting and filtering packets with spoofed IP addresses (spoofing) at the level of transit operators. We are not the first to try to solve this problem: the first attempt was BCP 38 , but this solution is not scalable, the second is dynamic RPF filters ( BCP 84 ), but they are tied to the BGP routing table and cannot actually work because of asymmetric routing at the level of transit operators. Our idea is based on the further use of the infrastructure of roles, at the moment we are at the stage of testing the prototype.
findings
Contrary to my expectations (which began to emerge from the first year, when companies refuse to you just because you are in junior courses), Career Day was not such a useless event. Do not be afraid to approach the stands you are interested in and ask questions, even if you do not have experience or sufficient knowledge. Usually at such events they are looking for promising interns who can be trained or who are ready to study independently.
And, finishing the bachelor’s degree, I certainly didn’t expect that there are companies in Russia where you can do not just “write code”, but a funny survey, solving interesting actual problems, participating and watching materials from top conferences, spending time on analyzing existing solutions and attempts to create something of their own. And you certainly should not underestimate companies just because they are unknown to you. In my opinion, small companies are much more interested in the professional growth of their employees than the well-known corporations of Good and Evil.
Source: https://habr.com/ru/post/310126/
All Articles