My book: 'Running IPv6' by Iljitsch van Beijnum BGPexpert My book: 'BGP' by Iljitsch van Beijnum

Home · BGP Expert Test · What is BGP? · BGP Vendors · Links · Archives · Books · My BGP Book

BGP (advertisement)

Interdomain Routing News Archive

(See the home page for the most recent IDR news.)

  • During the week from September 17 to 23, the main topic of NANOG was the new worm called Nimda. There was some discussion whether it is useful to try to slow worms down using "tar pits" such as LaBrea.

    A discussion about physical resiliency and security turned into a debate about using MD5 authentication in BGP (RFC-2385). It was assumed that this wouldn't help against TCP RST attacks, but actually it does. An MD5 message digest is calculated over each TCP segment and a password and the result is stored in a TCP option. This makes it possible to detect spoofed session setups, resets or data segments so attackers are unable to disconnect BGP sessions or present themselves as a legitimate BGP peer.

  • The terrorist attack on the World Trade Center in New York City resulted in outages for a number of ISPs. Of the destroyed buildings, WTC 1 and 7 housed colocation facilities. The Telehouse America facility on 25 Broadway in Manhattan, not far from the WTC, lost power. The facility was not damaged, but commercial power was lost and after running on generator power for two days, the generators overheated and had to be turned off for several hours. Affected ISPs received many offers for temporary connectivity and assistence rebuilding their networks.

    The phone network experienced congestion in many places on the day of the attack. Although individual (news) sites were slow or hard to reach, general Internet connectivity held up very well. While phone traffic was much higher than usual, traffic over the Internet rose shortly after the attack, but then it declined and stayed somewhat lower than normal the rest of the day, with some unusual traffic patterns.

    It seems obvious that packet switched network have better graceful degradation than circuit switched networks. A phone call always uses the same amount of bandwidth, so either you are lucky and it works, or you are unlucky and you get nothing. Packet networks on the other hand, slow down but generally don't cut off users completely until things get really, really bad. And while the current Internet holds its own in many-to-many communication, it can't really cope with massive one-to-many traffic.

    Photos of an affected telephone Central Office in New York

  • Geoff Huston has written an article "The Unreliable Internet" (PDF) about how ISP networks becoming less resilient and customers becoming more so (by connecting to two or more ISPs, in other words: multihoming) creates a vicious circle.

    At the same time, there is concern about the growth of the number of networks in the global routing table, which is in part caused by the increase in multihoming. The IETF Operations and Management Area has the multi6 working group looking into the the issue from an IPv6 angle. While there is much improvement possible in current protocols, there is no be-all, end-all solution in sight that would scale to unlimited numbers of multihomers.