Advancing MANRS for Secure Internet Routing
Discover how MANRS is evolving to strengthen global routing security through community collaboration and structured development.
The Internet’s routing system forms the backbone of global connectivity, directing data packets across networks worldwide. Yet, vulnerabilities like route hijacking and leaks threaten this foundation, potentially disrupting services and compromising security. Mutually Agreed Norms for Routing Security (MANRS) addresses these challenges by promoting voluntary standards among network operators. Initially launched to foster better practices, MANRS has grown into a cornerstone initiative, now featuring formalized processes and expanded participation to ensure long-term efficacy.
Understanding the Foundations of Routing Security
Routing security relies on protocols like Border Gateway Protocol (BGP), which operators use to exchange routing information. Without safeguards, malicious actors can announce false routes, leading to traffic blackholing or redirection. MANRS counters this by outlining actionable norms: validating route origins, maintaining accurate records, protecting the global table, and reporting anomalies.
These norms encourage operators—ISPs, cloud providers, and enterprises—to implement technologies such as Resource Public Key Infrastructure (RPKI). RPKI cryptographically validates route announcements, preventing unauthorized prefixes from propagating. Adoption has surged, with governments and enterprises recognizing its value in supply chain protection.
Evolution Through Structured Development Processes
To sustain relevance, MANRS introduced the MANRS Development Process (MDP) in early 2025. This consensus-driven framework ensures updates to actions and documents reflect community needs. The process unfolds in key phases:
- Proposal Submission: Any community member submits ideas to the secretariat, which vets for validity before Steering Committee review.
- Deliberation and Refinement: The committee evaluates, potentially forming working groups open to all members for deeper development.
- Community Feedback: Drafts enter public comment on mailing lists, culminating in a ‘Last Call’ for participant approval.
- Finalization: Ratified documents get published, with version tracking for transparency.
This methodical approach mirrors standards bodies like the IETF, promoting inclusivity and buy-in. It allows for enhancements like stricter traffic filtering or enterprise-focused audits, adapting to emerging threats.
Building a Vibrant Community Ecosystem
MANRS thrives on active engagement. Over 1,000 participants, including major operators, collaborate via forums and dedicated lists. Member-only channels facilitate trusted discussions on implementation hurdles and coordinated responses to incidents.
Ambassadorship programs empower participants to advocate internally and externally. Organizations share success stories through guest posts and events, inspiring peers. Marketing guidance helps leverage MANRS badges for differentiation, signaling commitment to customers and regulators.
| Benefit | Description | Impact |
|---|---|---|
| Enhanced Credibility | Public badge and reporting | Customer trust and competitive edge |
| Scalable Security | RPKI and filtering tools | Reduced hijacks by up to 90% |
| Community Support | Mailing lists and WGs | Faster issue resolution |
Real-World Implementations and Milestones
Governments lead by example. In 2024, the US Department of Commerce deployed RPKI across networks, setting a precedent for critical infrastructure. This aligns with MANRS actions, urging public sectors to prioritize validation.
Enterprises increasingly demand MANRS compliance from vendors, as surveys reveal. A 2023 study highlighted that while valuing routing security, many underestimate influence over providers. Concepts like MANRS+ propose advanced requirements: comprehensive traffic mitigation and rigorous audits.
Internet Exchange Points (IXPs) play a pivotal role. Programs since 2018 promote collective fixes at peering points, curbing common threats efficiently.
Technical Pillars: From ROAs to Global Validation
Route Origin Authorizations (ROAs) are central. Providers like IPXO automate ROA management, aligning with MANRS for validation and renewal. This minimizes disruptions from expired certificates.
Broader efforts include Best Current Operational Practices (BCOP) documents, offering step-by-step implementation guides. These resources demystify complex setups, from prefix filtering to anomaly detection.
Challenges and Pathways to Overcome Them
Despite progress, hurdles persist. Scalability demands automated tools; credibility requires independent audits; community growth needs outreach. Initiatives address these: observatories track compliance, t-shirts and swag build morale, and integrations with tools like URSA enhance peering validation.
Transitioning to full community governance, with advisory committees, ensures independence from initial stewards like the Internet Society.
Future Horizons for MANRS
Looking ahead, MANRS eyes expansions: MANRS+ for enterprises, deeper IXP integrations, and global policy advocacy. With formalized processes, it positions as the gold standard for routing resilience.
Operators must act: deploy RPKI, join communities, and push suppliers. Collective adoption fortifies the Internet against threats, safeguarding digital economies.
Frequently Asked Questions
What is MANRS?
MANRS is a global initiative promoting norms to secure BGP routing through validation, filtering, and transparency.
How does RPKI work with MANRS?
RPKI enables cryptographic ROA validation, fulfilling MANRS Action 1 for route origin checks.
Who can participate in MANRS?
Network operators, ISPs, enterprises, and IXPs worldwide; join via manrs.org.
What is the MANRS Development Process?
A phased, consensus-based method for updating actions, ensuring community-driven evolution.
Why is routing security critical today?
Incidents like hijacks disrupt services; MANRS mitigates risks for a stable Internet.
References
- Evolving MANRS by Formalizing a MANRS Development Process — MANRS. 2025-01-01. https://manrs.org/2025/01/manrs-development-process/
- Impact Report — Internet Society. 2020-03-01. https://www.internetsociety.org/wp-content/uploads/2020/03/2019_ImpactReport-EN-1.pdf
- The US Makes a Big Step Toward Better Routing Security — MANRS. 2024-05-01. https://manrs.org/2024/05/us-improves-routing-security/
- Survey Shows Enterprises Value Routing Security — MANRS. 2023-08-01. https://manrs.org/2023/08/survey-shows-enterprises-value-routing-security-may-underestimate-their-ability-to-influence-vendors/
- New RPKI Guide for a More Secure Internet — MANRS. 2020-04-01. https://manrs.org/2020/04/new-rpki-guide-for-a-more-secure-internet/
Similar Articles
Read full bio of Sneha Tete
