Inter-domain SimLab¶
Inter-domain SimLab is a containerlab-based routing range: a live BGP fabric of transit providers, customer ASes and a passive collector, where an attacker with a foothold AS practises prefix hijacks, route leaks and RPKI abuse as a free-roam CTF. It is the routing counterpart to the OT estate in ics-access-simlab. Where that lab models a utility’s IT/OT boundary, this one models the public routing commons: the global table, the relationships between autonomous systems, and the trust those relationships quietly assume. Consequences emerge from what the player actually announces.
Where a player starts¶
./ctl player enters through the bastion, the one door. The player picks an operation from a menu and is
dropped straight onto the box it starts from: the foothold router (attacker-as, AS65020) in vtysh for a
straight hijack, or the registry-attacker workstation (launder, poison) for a registry-tamper move, from
where a pivot to the foothold is one foothold command away. The looking glass, lg, is the player’s single
public vantage for confirming what an announcement did to the table. The passive collector belongs to the
operator, not the player, and announces nothing.
The fabric¶
Private ASNs (64512 to 65534) and documentation prefixes (TEST-NET), with no internet egress, so the range stays contained.
Node |
ASN |
Role |
|---|---|---|
transit-a |
65001 |
transit provider, peers with transit-b |
transit-b |
65002 |
transit provider, peers with transit-a |
victim-as |
65010 |
customer of transit-a, owns 203.0.112.0/22 and a /24 |
attacker-as |
65020 |
customer of transit-b, the player’s foothold |
customer-leaky |
65030 |
multi-homed leaky ISP, the route-leak position |
observer |
65000 |
passive collector, peers both transits, operator only |
lookingglass |
65005 |
single-vantage public collector, the player’s |
web |
n/a |
victim service behind 203.0.113.0/24 |
eyeball |
n/a |
client generating traffic toward the victim |
The registry plane runs RPKI origin validation, with live ROV and ROA state served over native RRDP, and an IRR database with bgpq4 prefix filters. A move has to get past the same validation a real announcement would meet, not a simplified stand-in.
The moves¶
Seven scenarios play end to end from the foothold, each a prefix hijack, a route leak, or an abuse of the registry trust, and each with a briefing and a reference solution in the repo:
false-origin prefix hijack
incomplete-RPKI hijack
legitimate-peering hijack
policy-trust-abuse hijack
ROA-poisoning hijack
route-leak hijack
route-legitimacy subversion
A player drives real BGP announcements from a real vtysh, and reads the effect through the looking glass.
Nothing here is an operator knob standing in for the attack: the announcement is the move, and the table’s
response is the consequence.
Last updated: 1 July 2026