BGP mishap sends European mobile traffic through China Telecom for 2 hours(arstechnica.com)
arstechnica.com
BGP mishap sends European mobile traffic through China Telecom for 2 hours
https://arstechnica.com/information-technology/2019/06/bgp-mishap-sends-european-mobile-traffic-through-china-telecom-for-2-hours/
14 comments
>I understand the impulse to want to live on an exciting cyberpunk Internet
I don't think you do. On the contrary many people have no such impulse and in fact never wanted or expected such scenarios to be a realistic concern.
It's scary. Undo this story and take back your cyber punks, please. Just the possibility it was malicious, snd that's not necessarily an indictment of China alone in the post Snowden era, is reason to seep up BGP improvements.
I don't think you do. On the contrary many people have no such impulse and in fact never wanted or expected such scenarios to be a realistic concern.
It's scary. Undo this story and take back your cyber punks, please. Just the possibility it was malicious, snd that's not necessarily an indictment of China alone in the post Snowden era, is reason to seep up BGP improvements.
This incident once again proves that implementing RPKI is a major steps that needs to happen to keep routing on the internet managable and above all else, secure and trustworthy.
Do these leaks happen with other providers and if so, do they happen statistically-significantly more often with Chinese ones?
How many "mishaps" does it take until it becomes "willful???"
What possible motivation could that Swiss hosting company have to intentionally mess up their BGP configuration?
Why do you assume they messed it up themselves?
See also discussion from yesterday: https://news.ycombinator.com/item?id=20123720 (35 comments)
Also, please: "Operators, where are your MANRS?"
https://www.manrs.org/
Also, please: "Operators, where are your MANRS?"
https://www.manrs.org/
Mishap? Yeah, right.
My thoughts exactly. Once is an accident. Twice is coincidence. Three times is enemy action. And this kind of $#@! has happened way more than three times.
I've forgotten my headphones at home more than three times, clearly enemy action.
What happened here is that a small Swiss provider, Safe Host, accidentally advertised routes it shouldn't have (those routes may also have been AS-padded, as a safeguard to make them less attractive as primary routes). China Telecom mistakenly propagated those routes, and in doing so became the preferred path for a bunch of prefixes.
There appear to have been two mistakes here. China Telecom's was in propagating the Safe Host advertisements, but the crucial mistake happened at Safe Host in Switzerland, by leaking those routes in the first place.
I understand the impulse to want to live on an exciting cyberpunk Internet where major governments are constantly manipulating BGP4 to capture WhatsApp traffic or whatever, but these "mistakes" are almost always just mistakes. It doesn't help that BGP4 itself is a clownfire of mistakes duct-taped together with other mistakes: significant chunks of global Internet routing policy are bound up in regular expressions.