For several years, RIPE NCC has had a monitoring infrastructure in place to observe losses of service and attacks. In the analysis of the YouTube attack, the Routing Information System (RIS) helped to evaluate BGP data from some 600 peers at 15 different locations. The data, collected by remote routing collectors, are also archived and made available via a web interface, both now and for later re-examination.
Two additional monitoring systems, Traffic Measurement (TTM) and DNS Monitoring Services (DNSMON), have their fingers on the pulse of the net, via data transfer rates and in the system via root and ccTLD servers. With the help of these tools, At the Berlin meeting, Mark Dranse of RIPE NCC gave a detailed description of the curbed network traffic due to the severed underwater cable in the Near East. Some 60 per cent of Egypt, Sudan and Kuwait were cut off from the Internet as a result.
Using the BGPPlay tool researchers were also able to graphically reconstruct some of the events in the YouTube outage. An hour and twenty minutes after the block in Pakistan, YouTube reacted, announcing the theft of the /24 address block in order to get data traffic back on track. Refice characterised the effect of the block as visible, but not devastating, because there were two competing 208.65.153.0/24 address blocks. Also, the attempt a short time later to decide the battle by co-opting the smaller 208.65.153.0/25 block failed because /25 blocks are usually not disseminated by network operators.The confrontation did not end until it was stopped at Pakistan Telecom or its upstream provider PCCW...
For more on this article, please click on the following link: "Router war" caused YouTube outage: Heise Online
Posts
No comments:
Post a Comment