Action 1: Prevent propagation of incorrect routing information
At 39D, we are committed to ensuring the integrity and security of our network through robust measures for protecting our BGP sessions. Our approach includes the following practices:Prefix List Protection: All customer and peering BGP sessions are safeguarded by manually configured prefix lists. These prefix lists are rigorously checked against data from the RIPE Internet Routing Registry (IRR) and validated through the Resource Public Key Infrastructure (RPKI). This ensures that only legitimate and authorized prefixes are announced and accepted.Active Collaboration with Customers: We actively collaborate with our customers to identify and resolve any routing issues. This proactive approach helps in maintaining accurate routing information and preventing incorrect or malicious route announcements.These measures underscore our dedication to maintaining a secure and reliable network environment for all our customers and peers.
Action 2: Prevent traffic with spoofed source IP addresses
At 39D, we have implemented robust measures to prevent the transmission of traffic with spoofed source IP addresses across our network. This critical security practice enhances the integrity and reliability of internet communications by mitigating the risk of IP address spoofing, which can be exploited for various malicious activities, such as DDoS attacks and man-in-the-middle attacks.
Action 3: Facilitate global operational communication and coordination
At 39D, we prioritize transparency and accessibility regarding our network operations and contact information. We have implemented the following measures to ensure that our contact details and roles are easily accessible and up-to-date:RIPE Database: We have published and regularly update contact information and roles associated with the relevant Route/Route6, Inet-Num, and Aut-Num objects in the RIPE Database. This ensures that our network details are current and accurately reflected.PeeringDB: Our peering information is consistently maintained and up-to-date in PeeringDB. This platform provides our peering policies and contact information, facilitating efficient and reliable peering arrangements with other networks.Website Contact Information: Our contact details, including general inquiries and specific roles, are available on our website. We are also in the process of updating our website to include dedicated peering and abuse contact information, ensuring that relevant parties can reach the appropriate contacts quickly and easily.These measures reflect our commitment to maintaining open communication channels and supporting the needs of our network peers
Action 4: Facilitate validation of routing information on a global scale
At 39D, we prioritize transparency and security in our routing practices. Our comprehensive measures include:RIPE Database Publication: We publish detailed routing information through the RIPE Database, specifically in AUT-NUM and Route objects. This ensures that our routing policies and prefix information are accessible and up-to-date for the internet community.RPKI ROAs: To enhance the security of our routing information, we have created Route Origin Authorizations (ROAs) for all prefixes associated with our ASNs using RIPE's resource certification service. This cryptographic validation helps in preventing route hijacking and ensures the authenticity of our prefix announcements.Peering Policy: Our general peering policy is transparently published in PeeringDB. This includes our peering requirements, policies, and contact information, facilitating clear and efficient peering arrangements with other networks.These practices demonstrate our commitment to maintaining a secure, transparent, and well-documented network environment for our peers and customers.