Slashdot Mirror

← Back to Stories (view on slashdot.org)

Internet Routing, Looming Disaster?

Posted by CmdrTaco on from the fear-the-packets dept.

wiredmikey writes "The Internet's leading architects have considered the rapid growth and fragmentation of core routing tables one of the most significant threats to the long-term stability and scalability of the Internet. In April 2010, about 15% of the world's Internet traffic was hijacked by a set of servers owned by China Telecom. In the technical world, this is typically called a prefix hijack, and it happened due to a couple of wrong tweaks made at China Telecom. Whether this was intentional or not is unknown, but such routing accidents are all too common online. While BGP is the de-facto protocol for inter-domain routing on the Internet, actual routing occurs without checking whether the originator of the route is authorized to do so. The global routing system itself is made up of autonomous systems (AS) which are simply loosely interconnected routing domains. Each autonomous system decides, unilaterally, and even arbitrarily, to trust everything it hears from any other AS, to use that information without validation, and to further transmit that information to its other peers..."

3 of 109 comments (clear)

  1. It's called a filter by Tolaris · · Score: 5, Informative

    No, each ISP chooses what routes to accept from what peers. It's called a filter. Smart ISP use routing databases like RIPE to verify what they'll accept and reject automatically. Others do it by hand. Dumb ones accept updates from peers without filtering. It's this last group that needs to update their practices.

  2. Oh, bullshit... by autocracy · · Score: 5, Informative

    Anybody who touches BGP needs to understand route filtering.

      * Would I trust everything I see from Sprint? Yes.
      * Would I trust anything except what I expect from the local ISP I route to? No.
      * Would I expect Sprint to execute the same filtering as above? Yes.

    BGP nodes should always have filters on their connections that describe what is allowed to be accepted. Every failure I can think of... and I'm sure most notable ones that have happened... have been caused by failure to properly filter incoming routes.

    --
    SIG: HUP
  3. Imminent death of Internet predicted... by EriktheGreen · · Score: 5, Insightful

    It's always amusing when a new pundit discovers exactly how the Internet actually works.

    Until they gain enough technical knowledge to be dangerous, they assume that the Internet is just as Hollywood portrays... A rock-solid utility run by the Government that only PhDs and arcanely skilled teenage geniuses can control or understand.

    Then they discover just how "fragile" it is, and start telling the people who've been making it work all along that they need to straighten up and fly right, or else a major disaster is going to happen. Good thing they told us.

    It's sad that they can't just say "Oh, I guess I didn't understand.". Instead they have to "take charge" of things because otherwise they'd have to accept their own irrelevance, or even (gasp) accept that despite their new-found expertise, they *still* don't really understand.

    So straighten up, Cisco... it's obvious to this guy you don't know what you're doing. Fix that BGP thing and do it NOW, you hear him?