Action 1: Prevent propagation of incorrect routing information
In the input filters, configurations are set to accept only IPv4 routes with prefixes ranging from /8 to /24 and IPv6 routes with prefixes between /32 and /48, while specifically excluding any spoofing block. In the output filters, we are configured to send only blocks originating from our ASN, with prefix sizes ranging from /22 to /24 for IPv4 and from /32 to /48 for IPv6.
We have also established sessions with Team Cymru and Walled Garden, which are designed to identify and accept bogons, configuring these as blackhole routes in our network.
Action 2: Prevent traffic with spoofed source IP addresses
We have also established sessions with Team Cymru and Walled Garden, which are designed to identify and accept bogons, configuring these as blackhole routes in our network.We have configured our routers with a list of private IP addresses. This setup enables us to automatically discard these routes when they are received from our customers or suppliers, ensuring the security and efficiency of our network operations.
Action 3: Facilitate global operational communication and coordination
Our company consistently updates our contact information in PeeringDB, the Internet Routing Registry (IRR), and Registro.br. This practice ensures that if anyone needs to reach out to us, they can quickly find the necessary contact details.
Action 4: Facilitate validation of routing information on a global scale
As emphasized earlier, it is crucial for our company to maintain up-to-date information on PeeringDB, the Internet Routing Registry (IRR), and Registro.br. Additionally, to validate our IP block, we have implemented Resource Public Key Infrastructure (RPKI) within our network infrastructure, further enhancing our network security and reliability.