Original URL: http://www.theregister.co.uk/2010/04/10/bgp_glitch/
Glitch diverts net traffic through Chinese ISP
Twice in two weeks
Internet service providers in China briefly tainted network routing tables on Thursday, marking the second time in two weeks operators in that country have done so, IDG news reports.
The bad networking information originated from IDC China Telecommunication and was soon retransmitted by China's state-owned China Telecommunications. ISPs including AT&T, Level3, Deutsche Telekom, Qwest Communications and Telefonica soon incorporated the data into their tables as well, IDG said.
As a result, routing information for 32,000 to 37,000 networks was affected, potentially causing them to be redirected through IDC China instead of their path. Some 8,000 of the networks were located in the US, including those operated by Dell, Apple, CNN, and Starbucks. Networks in Australia, China and elsewhere were also affected.
The incident comes two weeks after a similar networking anomaly caused people in Chile to be redirected to Chinese networks, potentially blocking websites such as Facebook and YouTube, which are banned in that country.
The snafu underscores the fragility of the Border Gateway Protocol, which is used to route traffic over the internet. The core net underpinning remains susceptible to man-in-the-middle attacks that can divert traffic to impostor networks.
At the 2008 Defcon hacker conference in Las Vegas, researchers demonstrated a BGP attack that allowed them to redirect traffic bound for the conference network to a system they controlled in New York. Also in 2008, large chunks of the internet lost access to YouTube when BGP tables inside Pakistan spread to other countries.
It's unclear how widely felt Thursday's incident was outside of Asia, IDG said. Routers frequently subscribe to several BGP routes and follow the shortest path. That means networks physically located in the US, Europe and elsewhere may have ignored the tables that traveled through China. ®