I happened to be in one of our 7505 routers this afternoon when POP -- all
of a sudden most of the internet disappeared! I immediately thought it was
me, but looked around and saw this AS7007 broadcasting MY routes! It
wasn't for all of our network space -- We have several /18's here, and it
seemed only the first /24 of each CIDR was affected. When I found a
workstation at the end of the /18, we got the whois info for 7007 --
Florida Internet Exchange, and called them.
They claimed to have a customer broadcasting some bad routing information
and unplugged their router. A few moments later, the internet stabilized
and I started seeing real routes.
Correct me if I'm wrong, but:
(1) We're going to read about this in EVERY computer magazine, newspaper
and TV as "the end of the internet?"
(2) Access lists by backbone providers *should* have prevented this.
(3) Does or does not the RADB and other routing registries (MCI's, etc)
prevent this?
I bet this hole will be patched up real soon!
Steve
I happened to be in one of our 7505 routers this afternoon when POP -- all
of a sudden most of the internet disappeared! I immediately thought it was
me, but looked around and saw this AS7007 broadcasting MY routes! It
wasn't for all of our network space -- We have several /18's here, and it
seemed only the first /24 of each CIDR was affected. When I found a
workstation at the end of the /18, we got the whois info for 7007 --
Florida Internet Exchange, and called them.
They claimed to have a customer broadcasting some bad routing information
and unplugged their router. A few moments later, the internet stabilized
and I started seeing real routes.
Correct me if I'm wrong, but:
(1) We're going to read about this in EVERY computer magazine, newspaper
and TV as "the end of the internet?"
(2) Access lists by backbone providers *should* have prevented this.
(3) Does or does not the RADB and other routing registries (MCI's, etc)
prevent this?
Registering route objects in a routing registry is not, by itself, a
guaranty of sanity. Data in those registries have to be used by the
upstream provider to build a corresponding access-list provided, of
course, that it is enforced in the appropriate router configuration.
This is how we (AS6453) do it.
In the case of AS7007, if their upstream provider would have done so,
AS7007 would not have appeared at all in our routing tables as they dont
have a single route object registered!
I bet this hole will be patched up real soon!
Time will tell.