Announcing BRITE - BGPSEC / RPKI Interoperability Test & Evaluation system

Montgomery, Douglas dougm at nist.gov
Tue Jun 28 10:06:44 CDT 2011


BRITE is a web-based test and evaluation framework for exercising
implementations, configurations and deployments of emerging IETF BGP
security technologies, including some components of the Resource Public
Key Infrastructure (RPKI) and routers that support BGP security extensions.

BRITE is currently capable of testing: RPKI validation caches and BGP
routers that perform origin validation based upon RPKI ROAs. Future
extensions will support BGP routers that support full path validation.

BRITE currently supports the following capabilities / protocol
interfaces:
* rsync of RPKI objects from BRITE test suite repositories,
* RPKI/Router Protocol (draft-ietf-sidr-rpki-rtr-12 - TCP plain sockets,
no SSH transport or TCP-AO)
* BGP-4 (tested interoperability with Cisco IOS, JUNOS, Quagga, OpenBGPD
and BIRD)

BRITE is driven by test scripts that describe carefully crafted
Test Scenarios (stimulus inputs from BRITE using the protocols above) and
corresponding goals (expected responses from the Implementation Under Test
(IUT) using the protocols above). BRITE allows users to login, select a
specific test case, interactively configure and run the test case and then
browse/download detailed test reports, packet captures and log files.

Current test scripts & data sets are available for:
* BGP routers that implement the rpki-rtr protocol and simple BGP origin
validation route policies.

Additional test suites & data sets are in development and will be
announced when available.

To get additional information, browse existing test suites, or use the
BRITE system, goto:
http://brite.antd.nist.gov/

Questions or comments can be directed to brite-dev at nist.gov.


dougm

-- 
Doug Montgomery ­ Mgr. Internet & Scalable Systems Research / ITL / NIST








More information about the NANOG mailing list