Late on the 24th of February 2008, YouTube became unreachable from almost the entire Internet world. A close look to where the internet traffic was heading showed that packets sent to YouTube were flowing to Pakistan. The interesting part was that the Pakistan government had just placed a ban on the popular online video site. What happened was that Pakistan Telecom placed an address block route to YouTube's servers in an attempt to "black hole" access to the service. Instead of just blocking the path to YouTube's servers for only users inside of Pakistan, it blocked all traffic to almost all users around. This event points out how we, as internet users, take for granted that the internet works and that these service problems could get worse.
On Sunday February 24th a Pakistan inter-ministerial committee ordered all Internet service providers to block the YouTube website for "blasphemous" content and materials that were offensive to Islam. In response the Pakistan Telecom decided to "black hole" YouTube. They simply advertised a different route to YouTube on to their top leave routers. The new route link did not go anywhere. This was a simple measure to filter access to the service from inside of Pakistan. Here is where thing took a bad turn, the routing information escaped from Pakistan Telecom to its ISP PCCW in Hong Kong. From PCCW it spared to the rest of the world. So any packets heading to YouTube would end up in Pakistan Telecom's black hole.
To see how this simple access block went so bad, you have to understand Border Gateway Protocol (BGP) and Classless Inter-Domain Routing (CIDR). BGP is the standard that is used to maintain the routing tables between top leave routers on the internet. CIDR is the way IP addresses are interpreted by the routers. It allows address blocks to be given out in powers of two blocks using a slash after the IP addresses. For example 256 =/24, 512=/23, 1024=/22. Using this system creates a side effect, an IP address can now fall within multiple address ranges. For example, a router could have both 10.0.0.0/8 and 10.10.0.0/16 in its routing table. So they use the longest match first, smallest address block, with the largest number after the slash, takes precedence. Pakistan Telecom advertised a route for 208.65.153.0/24 to its provider. This is a more specific route than the ones used by YouTube (208.65.152.0/22). Both routes were on the routing table but because the longest match first rule, most routers would choose to send traffic to Pakistan Telecom instead of YouTube's own network.
One of the ways that this could have been avoided is by having ISP (like PCCW) limit the BGP advertisements it will accept from a customer. Also BGP vulnerability has been known for a very long time, and until recently only smaller accidents have happen with any frequency. Efforts to make the BGP more robust against this type of accident\attack haven't produced any results. There are routing databases where network operators can register their IP address blocks for the use of generating filters automatically. The problem is, since it’s up to everyone to register their own address blocks, and most people don't, the filters generated from these databases often do more harm than good. The internet can be more fragile then people think. One of the oldest myths on the web is the internet is the US government design the internet to survive a nuclear attack. The truth is the ARPANET (for runner of the internet) was designed to survive network losses, but the reason was that the switching nodes and network links were not very reliable, even without nuclear attacks.
No comments:
Post a Comment