U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

This is an archive
(replace .gov by .rip)

SP 800-189

Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation

Date Published: December 2019

Supersedes: SP 800-54 (07/17/2007)

Planning Note (4/27/2021): The NIST RPKI Monitor is a test and measurement tool designed to monitor the dynamics of the global Resource Public Key Infrastructure (RPKI) and the impact of RPKI Route Origin Validation (ROV) on Internet routing. Its purpose is to provide measurement data and analyses to the research, standardization, and operations communities necessary to improve the trust and confidence in the underlying technologies.  


Kotikalapudi Sriram (NIST), Douglas Montgomery (NIST)



routing security and robustness; Internet infrastructure security; Border Gateway Protocol (BGP) security; prefix hijacks; IP address spoofing; distributed denial-of-service (DDoS); Resource Public Key Infrastructure (RPKI); BGP origin validation (BGP-OV); prefix filtering; BGP path validation (BGP-PV); BGPsec; route leaks; source address validation (SAV); unicast Reverse Path Forwarding (uRPF); remotely triggered black hole (RTBH) filtering; flow specification (Flowspec)
Control Families

None selected


SP 800-189 (DOI)
Local Download

Supplemental Material:
NIST RPKI Deployment Monitor (web)

Related NIST Publications:
White Paper NIST Technical Note (TN) 2060

Document History:
12/17/18: SP 800-189 (Draft)
10/17/19: SP 800-189 (Draft)
12/17/19: SP 800-189 (Final)


Security and Privacy
configuration management; public key infrastructure; threats


communications & wireless