Implementasi BGP dan Resource Public Key Infrastructure menggunakan
BIRD untuk Keamanan Routing
Dublin Core
Title
Implementasi BGP dan Resource Public Key Infrastructure menggunakan
BIRD untuk Keamanan Routing
BIRD untuk Keamanan Routing
Subject
Border Gateway Protocol, Resource Public Key Infrastructure, Bird Internet Routing Daemon, RPKI Validator
Description
The validity of the routing advertisements sent by one router to another is essential for Internet connectivity. To perform routing
exchanges between Autonomous Systems (AS) on the Internet, a protocol known as the Border Gateway Protocol (BGP) is
used. One of the most common attacks on routers running BGP is prefix hijacking. This attack aims to disrupt connections
between AS and divert routing to destinations that are not appropriate for crimes, such as fraud and data breach. One of the
methods developed to prevent prefix hijacking is the Resource Public Key Infrastructure (RPKI). RPKI is a public key
infrastructure (PKI) developed for BGP routing security on the Internet and can be used by routers to validate routing
advertisements sent by their BGP peers. RPKI utilizes a digital certificate issued by the Certification Authority (CA) to validate
the subnet in a routing advertisement. This study aims to implement BGP and RPKI using the Bird Internet Routing Daemon
(BIRD). Simulation and implementation are carried out using the GNS3 simulator and a server that acts as the RPKI validator.
Experiments were conducted using 4 AS, 7 routers, 1 server for BIRD, and 1 server for validators, and there were 26 invalid
or unknown subnets advertised by 2 routers in the simulated topology. The experiment results show that the router can
successfully validated the routing advertisement received from its BGP peer using RPKI. All invalid and unknown subnets are
not forwarded to other routers in the AS where they are located such that route hijacking is prevented.
exchanges between Autonomous Systems (AS) on the Internet, a protocol known as the Border Gateway Protocol (BGP) is
used. One of the most common attacks on routers running BGP is prefix hijacking. This attack aims to disrupt connections
between AS and divert routing to destinations that are not appropriate for crimes, such as fraud and data breach. One of the
methods developed to prevent prefix hijacking is the Resource Public Key Infrastructure (RPKI). RPKI is a public key
infrastructure (PKI) developed for BGP routing security on the Internet and can be used by routers to validate routing
advertisements sent by their BGP peers. RPKI utilizes a digital certificate issued by the Certification Authority (CA) to validate
the subnet in a routing advertisement. This study aims to implement BGP and RPKI using the Bird Internet Routing Daemon
(BIRD). Simulation and implementation are carried out using the GNS3 simulator and a server that acts as the RPKI validator.
Experiments were conducted using 4 AS, 7 routers, 1 server for BIRD, and 1 server for validators, and there were 26 invalid
or unknown subnets advertised by 2 routers in the simulated topology. The experiment results show that the router can
successfully validated the routing advertisement received from its BGP peer using RPKI. All invalid and unknown subnets are
not forwarded to other routers in the AS where they are located such that route hijacking is prevented.
Creator
Valen Brata Pranaya1
, Theophilus Wellem2
, Theophilus Wellem2
Publisher
Universitas Kristen Satya Wacana
Date
30-04-2021
Contributor
Fajar Bagus W
Format
PDF
Language
Indonesia
Type
Text
Files
Collection
Citation
Valen Brata Pranaya1
, Theophilus Wellem2, “Implementasi BGP dan Resource Public Key Infrastructure menggunakan
BIRD untuk Keamanan Routing,” Repository Horizon University Indonesia, accessed June 7, 2025, https://repository.horizon.ac.id/items/show/8957.
BIRD untuk Keamanan Routing,” Repository Horizon University Indonesia, accessed June 7, 2025, https://repository.horizon.ac.id/items/show/8957.