Forgot your password?

Close
typodupeerror
Networking The Internet Technology

Internet Routing, Looming Disaster? 109

Posted by CmdrTaco
from the fear-the-packets dept.
wiredmikey writes "The Internet's leading architects have considered the rapid growth and fragmentation of core routing tables one of the most significant threats to the long-term stability and scalability of the Internet. In April 2010, about 15% of the world's Internet traffic was hijacked by a set of servers owned by China Telecom. In the technical world, this is typically called a prefix hijack, and it happened due to a couple of wrong tweaks made at China Telecom. Whether this was intentional or not is unknown, but such routing accidents are all too common online. While BGP is the de-facto protocol for inter-domain routing on the Internet, actual routing occurs without checking whether the originator of the route is authorized to do so. The global routing system itself is made up of autonomous systems (AS) which are simply loosely interconnected routing domains. Each autonomous system decides, unilaterally, and even arbitrarily, to trust everything it hears from any other AS, to use that information without validation, and to further transmit that information to its other peers..."
This discussion has been archived. No new comments can be posted.

Internet Routing, Looming Disaster? More

Internet Routing, Looming Disaster?

Comments Filter:

  • It's called a filter (Score:5, Informative)

    by Tolaris (31078) on Wednesday December 01, 2010 @12:24PM (#34405114) Homepage

    No, each ISP chooses what routes to accept from what peers. It's called a filter. Smart ISP use routing databases like RIPE to verify what they'll accept and reject automatically. Others do it by hand. Dumb ones accept updates from peers without filtering. It's this last group that needs to update their practices.

  • Oh, bullshit... (Score:5, Informative)

    by autocracy (192714) <slashdot2007@sto ... om minus painter> on Wednesday December 01, 2010 @12:25PM (#34405120) Homepage

    Anybody who touches BGP needs to understand route filtering.

      * Would I trust everything I see from Sprint? Yes.
      * Would I trust anything except what I expect from the local ISP I route to? No.
      * Would I expect Sprint to execute the same filtering as above? Yes.

    BGP nodes should always have filters on their connections that describe what is allowed to be accepted. Every failure I can think of... and I'm sure most notable ones that have happened... have been caused by failure to properly filter incoming routes.

  • Re:15% (Score:4, Informative)

    by genkaos (570912) on Wednesday December 01, 2010 @12:44PM (#34405396)
    Actually it was 15% of the internet's prefixes, not 15% of traffic.

  • Wait a second.... (Score:3, Informative)

    by SirThe (1927532) on Wednesday December 01, 2010 @01:20PM (#34405950)

    In April 2010, about 15% of the world's Internet traffic was hijacked by a set of servers owned by China Telecom.

    Wasn't there an article yesterday about how this wasn't true?

  • Re:...news? (Score:4, Informative)

    by anti-NAT (709310) on Wednesday December 01, 2010 @03:49PM (#34408644) Homepage

    "If you're an experienced network expert it may not be surprising, ..."

    and they're the people at ISPs who're running it (I used to be one of them). Running the Internet backbone is self regulating, because everybody who does it also has a vested interest in policing it. This article is FUD. The clueless tech people can continue to remain clueless.

The sight of death frightens them [Earthers]. -- Kras the Klingon, "Friday's Child", stardate 3497.2

Close