Announcing BRITE - BGPSEC / RPKI Interoperability Test & Evaluation system
BRITE is a web-based test and evaluation framework for exercising implementations, configurations and deployments of emerging IETF BGP security technologies, including some components of the Resource Public Key Infrastructure (RPKI) and routers that support BGP security extensions. BRITE is currently capable of testing: RPKI validation caches and BGP routers that perform origin validation based upon RPKI ROAs. Future extensions will support BGP routers that support full path validation. BRITE currently supports the following capabilities / protocol interfaces: * rsync of RPKI objects from BRITE test suite repositories, * RPKI/Router Protocol (draft-ietf-sidr-rpki-rtr-12 - TCP plain sockets, no SSH transport or TCP-AO) * BGP-4 (tested interoperability with Cisco IOS, JUNOS, Quagga, OpenBGPD and BIRD) BRITE is driven by test scripts that describe carefully crafted Test Scenarios (stimulus inputs from BRITE using the protocols above) and corresponding goals (expected responses from the Implementation Under Test (IUT) using the protocols above). BRITE allows users to login, select a specific test case, interactively configure and run the test case and then browse/download detailed test reports, packet captures and log files. Current test scripts & data sets are available for: * BGP routers that implement the rpki-rtr protocol and simple BGP origin validation route policies. Additional test suites & data sets are in development and will be announced when available. To get additional information, browse existing test suites, or use the BRITE system, goto: http://brite.antd.nist.gov/ Questions or comments can be directed to brite-dev@nist.gov. dougm -- Doug Montgomery Mgr. Internet & Scalable Systems Research / ITL / NIST
participants (1)
-
Montgomery, Douglas