[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Staale & Elm



> > I have been noticing a problem contacting sites all over Northern and Central
> > Europe.
> > 

Sprint's network was somewhat overloaded due to the bogus routes
redirecting traffic onto their network. I doubt the problem spread as far
as Europe, at least on a widespread basis. We have about 200 sites
worldwide, only a few actually connected to Sprint. We only saw
intermittent failures reaching some sites for about an hour. 

The problem occured at about 11:30 a.m. EDT, when the routers in question 
began sending invalid paths. The routers were shutdown at 12:15. 
Re-convergence might have taken another 20 mins. or so.

>   A problem at an Internet service provider in Virginia
>   triggered a massive logjam on the Internet Friday, but
>   the trouble was cleared up later in the day, Sprint
>   Corp. said. A customer of MAI Network Services, a
>   McLean, Va.-based Internet provider that is among
>   900 companies that buy wholesale access to the Net
>   from Sprint, entered 10,000 duplicate routes to the
>   Internet backbone.   That caused massive access delays for
>   an undetermined number of users, a Sprint spokes
>   man said. 


FLX. ASN 7007.

The Sprint router took in 72,000 bogus routes from the downstream 
source before it crapped out. A lot of traffic ended up being re-directed 
to Sprint as a result of the route problem, causing them to haul higher 
than normal levels of traffic.


> 
> 
> I wonder how long it'll be possible for unauthenticated/unapproved people to
> mess around with routers.

Sprint probably should have been filtering routes / AS_PATH (insert debate
here) from its downstreams. This is a management challenge, but Bad
Things(tm) can happen if you don't. 

> can't bring down the whole net, they'll just pass a law requiring
> that anyone who wants the 'enable' password to a cisco have first
> passed a government-approved "Internet Administrators Class" and
> gotten a license.

Why are you picking on Cisco? The equipment in question was a pair of Bay
Networks BLN routers. The jury is still out as to whether this was a Bay
bug or a config screw-up. 

-r.w.