Slashdot Mirror
The Status of Routing Reform — How Fragile is the Internet?
crimeandpunishment points out the Associated Press's look (as carried by SkunkPost) "at an issue the government has been aware of for more than 20 years, but still isn't fixed and continues to cause Internet outages: a flaw in the routing system that sends data from carrier to carrier. Most outages are innocent and fixed quickly, but there's growing concern the next one could be devastating. A general manager at Renesys Corporation, which tracks the performance of Internet data routes, says, 'It amazes me every day when I get into work and find it's working.'"
...i'm glad I decided to wait for internets2 before i get online.
[posted via FIDOnet]
THL phish sticks
Kind of. However, it has also always been this way, and it has survived so far. All that has really changed is the number of players has increased, and the size of the routing tables are increasing.
It has to work, so a lot of people should notice very quickly if something large goes wrong.
It also cannot very easily be fixed, as many players would have to spend a lot of money for it to change, and there is little financial incentive to chase that ghost.
And you thought IPv6 or DNSSEC adoption was taking a long time... imagine how many decades it would take for SBGP adoption?
First of all, the US federal government shouldn't have the power to do this even in America, and it definitely doesn't have the power to enforce this in the rest of the world.
Secondly, no sane ISP will forward BGP data.
This limits the problem to people with access to core internet routers. Companies that own these routers should only give access to extremely trustworthy people, and even then, they should still only need to access the server when there's a legitimate change. The issue then lies with accidents, which will always happen, no matter what you do, and corruptness. Corrupt ISPs should be removed from the network as soon as they are found to be corrupt.
BGP Filtering. There, fixed that for you.
"In the meantime, network administrators deal with hijacking an old-fashioned way: calling their counterparts close to where the hijacking is happening to get them to manually change data routes. Because e-mails may not arrive if a route has been hijacked, the phone is a more reliable option, says Tom Daly, chief technical officer of Dynamic Network Services Inc., which provides Web hosting and other Internet services."
Route filtering, USE IT!
Especially when peering with Pakistani/Chinese/etc ISPs.
This is why RIRs such as RIPE/ARIN/APNIC have their information publicly available.
So you know which addresses belong to who.
Only accept routes from your BGP peers that you know belong to them.
This also (in addition to hijack prevention) prevents a clueless NOC monkey from another autonomous system from messing up your whole network by announcing a default route.
But there are only 13 internet root servers . . . .
13 root DNS servers...this is a different protocol altogether. I don't pretend to understand real well--VLSM/CIDR confuse the hell out of me, and that's where I gave up trying to understand the nuts and bolts--but there's a very large number of systems whose routes would need to be compromised, and quickly, to make this have an effect that is visible to end users--and even that would be short lived. As the parent put it:
This "hijacking" happens all the time, people immediately see it and fix it and nobody notices.
I don't post AC. I like my -1, Flamebaits. Trump/Sheen 2012 on the Batshit Insane ticket!
What?! Anyone can edit it?! Really???
'It amazes me every day when I get into work and find the Wikipedia front page has not been blanked or filled with goatse porn.'
it's hard to work out if your joking, ignorant or stupid
If you mod me down, I will become more powerful than you can imagine....
From TFA:
"It's kind of everybody's problem, because it impacts the stability of the Internet, but at the same time it's nobody's problem because nobody owns it," says Doug Maughan, who deals with the issue at the Department of Homeland Security.
So clearly we need one centrally owned routing system under the watchful and benevolent eye of DHS, right? With help from advisors provided by Microsoft and Disney.
Decentralized routing is a feature, not a bug. And although the problems identified in the article are real enough, the implications of this kind of discussion always scare the hell out of me.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
From the article: "My fear is that innovation on the Internet would slow down if there's a need to go through a central authority," Poll says. "I see little appetite for that in the industry." --- Is there an argument against this (quote above)?
No single point of failure? Correct. Instead it seems to be many points of failure. I am not a networking wiz and I don't even like networking issues, but I have taken a few networking classes and after trying to set up even basic RIP stuff I'm amazed that the internet works at all. It's been a while ago but I recall that even one team in our lab screwing up brought down the whole network.
http://www.rootstrikers.org/
This is ridiculous, I suspect this is FUD created to take control of the Internet. Routing tables are a feature of the Internet that are designed to ensure the Internet doesn't have a single point of failure. Hacked router?, connection hit by bomb?, satellite suffering from solar flares?... change a few routes and it's fixed. Security?... TLS. The moron even suggests that creating a central authority would make the Internet more secure!!! Imagine if you wanted to take out the Internet and it relied on a central authority, hmm, what would you attack, billions of Internet clients, millions of routers, or the one authority?
Or, as Arthur C. Clarke put it, "Any sufficiently advanced technology is indistinguishable from magic."
And that is a big reason why the Internet exterior gateway protocol is not RIP or any other IGP.
A premise of the RIP and other IGP protocols is routers talking to each other trust each other.
With BGP, the premise is the opposite... routers speaking the protocol implement policies against each other: policies regarding what routes they propagate or originate outbound, policies regarding what routes they accept, and policies regarding what incoming routes they propagate.
So networks that don't trust each other only accept appropriate routes from their peer based on AS-path and Prefix-list filters.
Basically almost all networks should treat their peers as untrusted, and list out prefixes of end users.
It doesn't start to get hairy, until you need to peer with a provider (instead of an end-user) and accept all prefixes from them, because you want their customer prefixes, or you want to buy transit from them.
As for ISPs and providers though... failing to filter downstream announces is the exception to the rule.
"I am not a networking wiz and I don't even like networking issues" So you tried to setup basic RIP and you are amazed the internet works at all huh.
Well this artical is pure BS, sure you packets go between multiple backbone ISP's and a couple smaller isps on the edge maybe, but the guys that run the bigger ISP's do have rules that govern how they BGP peer with other backbones and peers. They enforce strict BGP filtering, to keep the smaller compaines from causing major issues.
Sure every once in a awhile someone might fat finger some shit and mess something up that will effect 1 of the main backbones, but with more automated tools this happens way less than it used to. Most big backbone ISP's use router hierarchy and pure core routers are protected from anyone configuring them much at all once setup.
I think the system runs well, I am sure it could be made better in many ways, but the issues made here are non issues, the backbones one security would be the main factor here, and that should get only better over time.
Its better there is no central routing authority on the internet. Each company has it in thier best interest that it has the best routes to get to a centain network, and if that company messes its routes up, others should be protected by proper BGP filering. BGP filtering can get pretty complex, on ciscos this can be with prefix based ACL's and also with BGP AS number based ACL's, you can also use BGP communities to keep things nice and neat. If done correctly it can be pretty rock solid, if a rookie does the filtering you can have holes and issues, but a big company like LEVEL3 for instance, should have standards and all this stuff pretty hardened and worked out.
This internet sky is not falling.
Route filtering. Trust me, if the 12 occasionally scattered folk I work with every day can manage block leaks of inappropriate routes within 15-60 minutes, so can everyone else, and they typically do...generally they're properly filtered to begin with. The open nature of the internet and diversity amongst transit carriers is precisely what contains these leaks to segmented populations rather than causing a massive nationwide failure. The fact that largely Internet standards have been left to technocratic, Balkanized organizations rather than via Congress is what keeps everyone playing nice. The "next one" may be "a big one", but anyone running a truly important network should and will have diverse carriers...anyone critical to the US infrastructure should and does generally run over dark fiber that would not be affected. Not seeing the call to action here, but I have very little faith in the media to actually competently understand and relate this one. HangingChad, exactly: "I got a bad feeling about this"
I've seen alternate routing protocols proposed wherein your traffic has to barter/haggle its way through the network at every hop, as some new troll demands a passage fee for a certain QOS.
These new methods look to me like they would create two issues:
1. Unpredictable permutations of complex, balkanized, and non-local routing strategies. Performance of the system as a whole would be unpredictable and possibly unstable.
2. It really is back to the old circuit-switching network of ma bell, on top of IP. A few nice low-latency end-to-end Concorde-like connections for those willing to fork over the dough, clogging up the routers so all the proletariat traffic suffers in a poverty of routes and bandwidth.
Deep Simplicity at the core of routing protocol is the only thing that will work at the scale of the Internet. Maybe a "voluntary-QOS-downgrade" flag on email packets etc, and a "pretty please low latency" flag on video packets, might work, but these should not have monetary contracts associated with them. They should just indirectly affect the end-consumer's bandwidth bill if anything.
Where are we going and why are we in a handbasket?
Euh... their are more then 13 routes, their are 13 addresses (prefixes) but their are many, many more routes, most of those 13 prefixes are announced in many places it's called anycast and their aren't just 13 servers either. Every one of them is a cluster of machines and as many use anycast their are multiple clusters per 'root nameserver'.
New things are always on the horizon
As someone who's accidentally announced the entire Internet routing table to an ISP when setting up a dual-homed configuration, I can confirm that good upstream ISPs do BGP filtering. I was trying to troubleshoot what was going on, and the Tech on the other end was helpful enough to tell me that I was sending him the full route table. Fortunately they had filters in place to stop them from going out any further and impacting anything. But I had it clearly demonstrated to me how important filters are on both ends of the connections.
xkcd explained this a while ago. Basically, if the internet ever *stops* working, even for a few seconds, alarms go off and people panic and do anything necessary to get it working again immediately. It turns out this is actually a fairly reliable system.
Cut that out, or I will ship you to Norilsk in a box.