The Internet Resilience Observatory in France publishes its report for 2013

The report by the Internet Resilience Observatory in France, written by the French National Agency for the Security of Information Systems (ANSSI) in conjunction with Afnic, provides an annual analysis of the state of the French Internet through an in-depth study of the Border Gateway (BGP) and Domain Name System (DNS) protocols. The two protocols are responsible for almost all of the queries transmitted over the Internet.

According to the findings of the study, the situation of the French Internet remains satisfactory. The 2013 study shows that a French Autonomous System (AS)^[2] with two suppliers can contact the rest of the Internet in case of failure of any other AS. Regarding the DNS, the concentration of DNS hosts in France is very high, which is directly reflected in the results.

Based on these results, the Observatory encourages Internet stakeholders in France to adopt the best practices accepted for BGP and DNS and has made the following recommendations:

• deploy IPv6 to anticipate future operational problems and facilitate the build-up in skills
• evenly distribute the authoritative DNS servers to improve the robustness of the infrastructure,
• deploy the DNSSEC secured protocol to fight against cache pollution attacks,
• systematically declare route objects, and keep them up to date in order to facilitate the detection and filtering of illegitimate BGP announcements,
• use RPKI (Resource Public Key Infrastructure) certification and declare ROAs (Route Origin Authorizations),
• apply good BGP[3] practices in interconnections between operators.

ANSSI encourages Internet stakeholders to adopt these recommendations and fully implement them at the earliest.

• Further information (in French only, soon available in English).

• Download the report “Résilience de l’Internet français en 2013” (PDF, 1,8 Mo) (in French only, soon available in English).