Whatever Happened to Internet Redundancy?

blueforce asks: "At one time, there was this really neat concept built into the internet that said there's all this redundancy like a spider web. If one segment or router would go down the internet would re-route traffic around the faulty segment and keep on chuggin'. So, as I sit here today and can't get to a whole bunch of places on the net, I'm wondering what gives? Where's all the redundancy? I'm not referring to mirrors or co-location. It almost seems like a script-kiddie with some real ambition could bring the world to it's knees. What really happens when routers go down, and what goes on when something like a Cable and Wireless pipe or someone else's OC-something backbone goes down?" Redundancies are nice, but not infinite. Planned DoS attacks can take out dozens or hundreds of routers at once, and as the number of downed nodes increases, the process of rerouting becomes increasingly difficult. What are some of the largest problems with the current systems in use today, and are there ways to improve them?

The 'net & real life

[maggard]

First of all yes it is possible to configure your own little part of the world to continue working in case of a meltdown.

You'll need multiple connections that are all independant. This can be difficult to ensure as lots of times Company A's fiberlink will be in the same trench as Conpany B's & so the same backhoe will take them both out even though you used two services. You'll need to determine the full path your data will take & lots of time the salesfolk won't have or even understand what you want, particularly if you're not a big commercial account.

Then you'll need a way to route your inbound & outbound traffic dynamically. BGP is the method of choice but it's *not* a friendly thing. For the small-time techie Zebra & other tools are under development to help with this sort of thing but it's still tricky tricky stuff full of gotchas.

The same redundancy advice goes for power - you'll need at least two separate services that are well & truly separate, not just the same line coming in the front door as well as the back door. Local generation for backup is also a good idea. You'll need to test everything regularly - systems often fail & a botched hand-off can ruin your whole day.

That said a buddy set his house up to be always-connected. UPS's on key hardware. BSD on dual laptops using BGP connected to cable-modem, ADSL, dial-up, digital-cellphone & a ham packet radio rig. Even has a wireless connection to a friend in another town a few blocks away but on a different part of the grid & central exchange with a similar setup.

Of course it's still possible for something to break in a big way. One EMP over Arlington Virginia-area would take out lots of important services, probably causing major disruption in the confusion & resultant instability. Heck a group with an axe to grind could presumably cut enough critical cables in isolated areas in an hour or two to 'cause significant traffic problems globally.

This is of course no more different then bringing down any number of other services: Water, electricity, sewage, roads, gas pipelines - none are particularly hard to shut down if one is nuts enough to try.

Dont forget regulators and petty bureaucrats

[anticypher]

In the U.S., the only problems are of money and a few anti-trust regulations. Interconnects can usually happen wherever someone wants to lay down some cable or fibre, and going from one state to another is no problem. Any start-up with ambition can buy an old telco building and create a NAP, and the customers tend to roll in and don't care about competitors also using the bandwidth.

But in the rest of the world, there quite often are regulations preventing a company from just running a fibre from one place to another. It is starting to improve, but for the longest time, almost 99% of all intra-european traffic passed through the US. Traceroutes from one ISP to another in the same country often went via the US.

This meant that everyone was relying on a few trans-atlantic carriers, and the reliability was pathetic. To get from here in Belgium, all communications to neighboring countries passed by the US. the people in charge of the routers, at the bean-counter, lawyer, politician level, would forbid the engineers to create inter-country routes, in case there was a law somewhere being broken. It doubled the traffic on the trans-atlantic lines, and engineers couldn't do much about it.

Recently a number of peering points and interconnects have sprouted up all over Europe. Economics eventually overrules short-sighted politicians. It feels so good, as an engineer, to be able to route traffic as directly as possible. But there are still problems with NAPs run by telcos, as they have learned two decades of dirty tricks by US telcos, and they have polished up those tricks to hurt competitors. Shit happens.

The greed factor has also raised its head, as some of the more criminally backed peering points *cough*telehouse*cough* have tried to purchase European wide laws giving them 100% of the market. The argument is that all the incumbent telcos all are too greedy and incompetent and biased to run peering points, and all the peering points should be run by a single, greedy, politically aligned non-incumbent non-telco operator. Whoops, maybethose last points were raised by all the other NAP operators.

I feel the internet is coming to the breaking point, where its being pushed to do what it was never originally designed to do. The original design was for reliable communication, not censorship, business operations, or avoiding national laws. The telephone companies of the world worked out many of these issues in back rooms, with no real public insight into the down side to each policy. The result was a communication system which never worked very efficiently, and cost a huge amount more than it should have. Those costs and inefficiencies slowed the growth of telecoms the world over, until the US justice department broke up ma bell, and, unforseen to them, sparked a revolution for cheap telecoms which is now churning around the world. I remember when a short overseas call cost one weeks wages, now I don't even think about chatting for an hour to the US.

The internet has started to make people aware that unlimited communication has its downsides as well, since not all humans are perfect, good creatures. Because of this realisation, we are seeing a large backlash from the unwired masses who never had a need to communicate, and want others to stop communicating freely. The internet was designed to communicate, and there are no easy (or even complicated) engineering fixes to social problems placing limits on communication.

the AC

Timely Question

[vergil]

The current edition of the European "Netzkultur" magazine, Telepolis features an article discussing the vulnerability of the the Dutch Internet infrastructure to a single, well-placed attack, according to a recent report issued by the Dutch Ministry of Traffic and Waterways:

One well-placed bomb could wreck the entire Dutch Internet, the report states.The physical protection of (fiber optic) cables at critical network and ISP junctions is almost none, TNO claims. It is very easy to find out where exactly the cables are located and they can easily be approached. 'For now the chances of a deliberate disruption of the cable network by activists or terrorists are low. But as the importance of the Internet is growing, we fear that criminals, activists or terrorist will see the cable infrastructure or other critical infrastructure as targets in the near future.'

Sincerely,
Vergil
Vergil Bushnell

Re:BGP

[ZanshinWedge]

Yup. If I had to sum up the flakiness of the internet in one word it would be "routing". When every link works as it is supposed to internet routing is already strained nearly to the breaking point. Screw up a link here or there, or update a routing table or software and drop a router or two, and poof, major internet cluster fuck. Theoretically your packets are supposed to be routed differently if they can't reach a destination. But in practice that rarely occurs. Most of the time you get the same route sending your packets into the same big brown smelly hole like lemmings. Enjoy! The other major contributor to internet flakiness is the organization of the major links and interlinks. There are few uber-high bandwidth pipes and they are rarely organized to provide superior routing and redundancy.

There are a few hopeful signs on the horizon though. IPv6 should make routing a lot easier and give us a lot more operational "breathing room" which we can use for redundancy and robustness. There will also be a lot more high speed fiber optic links from hither and thither, which should help out quite a bit (especially to fix the "backhoe" vulnerability).

ramifically speaking

[gBonics]

This is a misunderstatement. Al Gore, the inventor of the internet didn't coverationalize the impending ramificacations when he invented the router for Internet world wide web traffic which could systemautomatically handle the dispersement of traffic fluctuating in outer space.

Aren't you glad you have a Resident who cares?

Resident George W. Bush

Re:Hi!

[circletimessquare]

Hi, I don't know anything about communicating my vast networking know-how to the average slashdot visitor, how to come down out of my ivory tower, being friendly, or the differences between a good honest question for good honest debate and a question I can inflate my ego over by making snide sarcastic fun of. I don't even know that a majority of slashdot visitors don't know as much as I do about packet-forwarding protection.

Hell, I don't even pay attention to the looks I get when my voice rises in frustration because no one else understands what I'm talking about when I'm in "the zone," or the simple human convention of being nice because I'm too busy plotting to take over the world and educating everyone about my vast knowledge of networking minutiae, decreasing my need to spend hours explaining things that I already know and holding it against other people because they don't know about decreasing network redundancy by entire orders of magnitude.

But, um, slashdot, I was wondering...

why can't i get a date?

thanks.