Internet Routing, Looming Disaster? 109
wiredmikey writes "The Internet's leading architects have considered the rapid growth and fragmentation of core routing tables one of the most significant threats to the long-term stability and scalability of the Internet. In April 2010, about 15% of the world's Internet traffic was hijacked by a set of servers owned by China Telecom. In the technical world, this is typically called a prefix hijack, and it happened due to a couple of wrong tweaks made at China Telecom. Whether this was intentional or not is unknown, but such routing accidents are all too common online. While BGP is the de-facto protocol for inter-domain routing on the Internet, actual routing occurs without checking whether the originator of the route is authorized to do so. The global routing system itself is made up of autonomous systems (AS) which are simply loosely interconnected routing domains. Each autonomous system decides, unilaterally, and even arbitrarily, to trust everything it hears from any other AS, to use that information without validation, and to further transmit that information to its other peers..."
...news? (Score:3, Insightful)
This is how the BGP internet functions. the last proposed solution was to centralize the BGP trust tables, which is likely a WORSE solution.
if you can't trust your peers: go work in another kitchen.
Re:...news? (Score:4, Insightful)
15% (Score:3, Insightful)
Imminent death of Internet predicted... (Score:5, Insightful)
It's always amusing when a new pundit discovers exactly how the Internet actually works.
Until they gain enough technical knowledge to be dangerous, they assume that the Internet is just as Hollywood portrays... A rock-solid utility run by the Government that only PhDs and arcanely skilled teenage geniuses can control or understand.
Then they discover just how "fragile" it is, and start telling the people who've been making it work all along that they need to straighten up and fly right, or else a major disaster is going to happen. Good thing they told us.
It's sad that they can't just say "Oh, I guess I didn't understand.". Instead they have to "take charge" of things because otherwise they'd have to accept their own irrelevance, or even (gasp) accept that despite their new-found expertise, they *still* don't really understand.
So straighten up, Cisco... it's obvious to this guy you don't know what you're doing. Fix that BGP thing and do it NOW, you hear him?
Re:...news? (Score:2, Insightful)
challenges, dangers, problems that are happening currently
Its FUD not insight. Those problems were solved years / decades ago.
The fact that the folks at the far left tail of the cluefullness bell curve will always find a way to shoot themselves in their feet, is not exactly an insight into this business or even generally into human nature.
FUDs usually used to gain control or make money not educate.
Re:Authentication (Score:4, Insightful)
Re:15% (Score:5, Insightful)
From what I've read so far on this, the 15% number is a red herring. The real problem was that China was able to route traffic for domains/networks which it had nothing to do with including dell.com and some US DoD networks. Volume wasn't the main issue (though surely it was causing problems in terms of latency and throughput) -- the main issue was that China was seeing packets that it shouldn't have.
Now we all know that no one routes traffic over the public internet that it doesn't assume bad actors will see. Right?
Re:Oh, bullshit... (Score:3, Insightful)
In a nutshell, that's pretty much the problem and the solution.
Tier 1 providers pretty much have no choice but to accept any update from other Tier 1s because they could each legitimately have routes to pretty much any network. It is also each of their responsibilities to make sure they don't get any bunk routes from downstream. One weak link, the chain breaks and, and everyone suffers. Obviously you wouldn't (shouldn't) be accepting a zero bit mask route from anyone; but besides the basic idiot proofing, you have to put a lot of faith in your peers, and their ability/diligence.