Feeds

Routing instability causes net traffic chaos

Interweb routing chart snarl-up

Internet Security Threat Report 2014

Surfers experienced problems accessing parts of the internet Monday, following the flare-up of router instability problems.

Security watchers pinned the problem on "garbage" being thrown into global BGP (Border Gateway Routing) lookup tables, causing entries to become unnecessarily long. Some backbone routers with older software versions are unable to process this traffic, resulting in sessions getting dropped and problems reaching parts of the internet as a result.

BGP is a core routing protocol which, put simply, maps the best available routes for traffic to flow across the interweb. These routing tables have become snarled up with junk in the loose equivalent of motorists being instructed to go around a roundabout 20 times before proceeding with their journey. As a result traffic has become snarled up and, in some cases, may only be able to access parts of the net via the back-roads.

"The source of the problem appears to be with AS 47868 causing AS paths to become too long," writes Marcus H Sachs, director of the SANS Internet Storm Center. "Not much you can do about it unless you have access to your BGP router, in which case you might want to either block AS 47868 or limit the length of any AS path."

BGP autonomous system (AS) numbers represent unique routing domains, which are typically linked to administrative domains. These work something like place names, indicating the fastest routes on the information super-highway, with the important difference that these routing tables are not fixed but periodically updated.

Danny McPherson, chief security officer at Arbor Networks, explained that routers still running versions of Cisco software older than three years old didn’t allocate enough buffer space for "silly long AS paths, and so they blow chunks when they receive the update".

"However, other vendor implementations and patched versions happily propagate the update, apparently through numerous intermediate ASes, so seemingly random sets of BGP routers in the routing system were taking a dump, or dropping sessions with malformed AS path complaints," he notes.

Similar problems caused global routing instability five years ago, McPherson notes in a detailed technical dissection of the problem here.

The practical upshot of the problem is not altogether clear.

UK traffic stats from LINX look normal, but elsewhere Slashdot reports a "single mis-configured router is apparently able to cause a DOS for a huge chunk of the net". ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Oracle hires former SAP exec for cloudy push
'We know Larry said cloud was gibberish, and insane, and idiotic, but...'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.