SoylentNews is people
SoylentNews
Submission Preview
Large European Routing Leak Sends Traffic Through China Telecom
Large European Routing Leak Sends Traffic Through China Telecom [oracle.com]
Beginning at 09:43 UTC today (6 June 2019), Swiss data center colocation company Safe Host (AS21217) leaked over 70,000 routes to China Telecom (AS4134) in Frankfurt, Germany. China Telecom then announced these routes on to the global internet redirecting large amounts of internet traffic destined for some of the largest European mobile networks through China Telecom’s network. Some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1130) of Holland, and Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France.
Often routing incidents like this only last for a few minutes, but in this case many of the leaked routes in this incident were in circulation for over two hours. In addition, numerous leaked routes were more-specifics of routed prefixes, suggesting the use of route optimizers or similar technology.
At 09:57 UTC, over 1,300 Dutch prefixes were announced in this leak. For 470 routes of KPN (AS1136), the leak took the form:
… 4134 21217 21217 21217 21217 21217 21217 13237 1136
If someone thought the prepending of AS21217 would keep these routes from leaking out, they were mistaken.
[...]Today’s incident shows that the internet has not yet eradicated the problem of BGP[*] route leaks. It also reveals that China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur. Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications.
A great place for any telecom to start improving their routing hygiene is to join the Internet Society’s Mutually Agreed Norms for Routing Security [internetsociety.org] (MANRS) project.
[*] Border Gateway Protocol [wikipedia.org]: "Border Gateway Protocol (BGP) is a standardized exterior gateway protocol [wikipedia.org] designed to exchange routing and reachability information among autonomous systems [wikipedia.org] (AS) on the Internet. "
Given how many existing devices are on the internet that would need to be updated, many of them totally unawares to the groups that employ them, is there any possible way to fix BGP so that these kinds of problems can be totally eradicated?
