Why Google Went Offline Today 110
New submitter mc10 points out a post on the CloudFlare blog about the circumstances behind Google's services being inaccessible for a brief time earlier today. Quoting:
"To understand what went wrong you need to understand a bit about how networking on the Internet works. The Internet is a collection of networks, known as "Autonomous Systems" (AS). Each network has a unique number to identify it known as AS number. CloudFlare's AS number is 13335, Google's is 15169. The networks are connected together by what is known as Border Gateway Protocol (BGP). BGP is the glue of the Internet — announcing what IP addresses belong to each network and establishing the routes from one AS to another. An Internet "route" is exactly what it sounds like: a path from the IP address on one AS to an IP address on another AS. ... Unfortunately, if a network starts to send out an announcement of a particular IP address or network behind it, when in fact it is not, if that network is trusted by its upstreams and peers then packets can end up misrouted. That is what was happening here.
I looked at the BGP Routes for a Google IP Address. The route traversed Moratel (23947), an Indonesian ISP. Given that I'm looking at the routing from California and Google is operating Data Centre's not far from our office, packets should never be routed via Indonesia."
Re:Happens all the time, just not usually to Googl (Score:4, Insightful)
Seriously, a porn link in your sig?
Anyway... clearly Anonymous hasn't learned how to delete BGP filters and inject fake routes yet.
Re:All your packets are belong to... (Score:5, Insightful)
How is it a problem, again? Something bad happened, it got fixed right quick. I fail to see how it's a call to arms for anything. or anybody. If idiots keep broadcasting bad routes, then other networks will be more rigorous about their filtering. This doesn't need a committee.
Something bad happened, it got fixed right quick. This Time.
What about next time, when the whole mess is run by the UN? [cnet.com]
If idiots are currently accepting bad routes from idiots that broadcast them, then it surely does need fixing.
Why would you rely on bottom-up security?