A few weeks ago, I had the chance to participate in a hackathon organised by LACNIC. The event was held in Montevideo, Uruguay, which also happens to be my home town.
I’ve already written about my experience as a participant in the hackathon on the APNIC blog - LACNIC 28, becoming a 'hackathonholic' - and as you can tell from the title, I really like the concept of hackathons.
It is a great way to work collaboratively with people from different backgrounds on useful tools. An example of this was the challenge I proposed for the LACNIC hackathon. APNIC is exploring the idea of enhanced member information services, which may be appearing in the MyAPNIC portal soon as a result of the work in data sciences that we are doing. In this context, I wanted to work on identifying some indicators of RPKI deployment on the member’s BGP peers while I was in Montevideo. I thought this could be a good challenge for the hackathon.
My proposal was called ‘RPKI in the neighbourhood’ and besides a catchy title it was also important that the challenge itself would catch the participants’ attention. So, I started my proposal by describing what Resource Public Key Infrastructure (RPKI) is, what it is used for and why it's important to deploy it widely.
What is RPKI and why is it important
RPKI is a public key infrastructure that allows an organisation to issue cryptographic material to establish the Autonomous System Number (ASN) that will be used to originate the IP prefixes it holds. Various hijacking episodes on a global scale have shown the importance of deploying RPKI. Although there have been advances in RPKI deployment, there are organisations that have not issued their certificate or their Routing Origin Authorisation objects (ROAs) yet, so it is still necessary to promote this technology.
It might be interesting for an organisation to evaluate whether to deploy RPKI or not and to understand the level of RPKI deployment of its neighbours. So I thought a tool to visualise this information in an easy to understand way would be very useful.
Sofia presenting the goals of the project
After having given the technology a name and description, I spent some time thinking about how such a tool could be divided into modules so that different participants could work in parallel, and I came up with these three modules:
- Module 1: Given a list of ASNs and a BGP routing table, find the BGP neighbours for each ASN and the list of prefixes announced by that ASN.
- Module 2: Given an ASN and the list of prefixes it announces and given a JSON file with information about issued ROAs, compute the percentage of announced space that is covered by ROAs.
- Module 3: Produce a graph showing an ASN and its BGP neighbours, with the corresponding links between them. In addition to that, show the level of RPKI deployment as a percentage of announced IP space covered by ROAs for each of the nodes in the graph.
My proposal was accepted by the hackathon organisers and it got published on the hackathon’s web page.
On the first day of the hackathon, after a round of introductions of all the participants, I had a few minutes to explain my project and I managed to convince three participants to work with me.
Our hackathon team hard at work
Only one of them was a developer, but the three of them were very eager to learn and working together we were able to meet all our goals, which was a prize in itself.
The winning team
After presenting our results at the end of the hackathon, we were evaluated by a jury based on the novelty of our solutions, how much they fit the proposed problem, the level of completion, and the quality of the oral presentations. Besides that, the jury imposed an extra difficulty on the teams that were made up of experts in the topic of the project. With all that in mind, we were very happy when we found out that we got the best score from the jury, which allowed us to choose the prizes first. I chose a power bank.
So, what started as a vague idea of a new feature that could be included in a member’s portal became a hackathon challenge and resulted in some useful code I will eventually use for my work. I love hackathons a bit more every day!
You can find some more information about the hackathon in an earlier RIPE Labs article: Hacking with Stroopwafles, Mate and Peppa Pig.