With Washington cyberbuzzing from Congressional hearings and report releases over the past week – on topics from the power struggle over who should be the USG’s cyber tsar to how best to prepare the nation for what seems to be imminent “cyberattacks” from Russia or China – you’d think lawmakers are convinced that, unless someone “owns the problem” and the US provides stronger leadership, the Internet as we know it is doomed.
Fortunately, the experts over at Renesys have again published data suggesting that this is not necessarily the case – that the Internet’s infrastructure (in this case routing) is remarkably resilient in the face of constantly changing threats. Furthermore, their data seemingly indicates that there are high levels of largely uncoordinated (that’s right, leaderless) organizational responses occurring when incidents transpire.
The Renesys article covers what happened this past weekend when AfNOG innocently advertised their shiny new 4-byte autonomous system number (ASN) into the global routing table. I’ll leave the technical details to the folks at Renesys, but the end result was that a substantial portion of network operators routing Internet traffic using Linux boxes with free Quagga routing software choked on the data. It turns out the culprit was an older version of the Quagga software that could not handle the newer 4-byte ASN standard.
As the charts in their article indicate, the effects on Internet routing were immediate (over 1500 prefixes impacted) and widespread (impacting 19 countries). But what was more amazing than the substantial increase in unstable prefix announcement or outages was the timely recovery that took place. Within 9-10 hours Internet routing anomalies had returned to “normal” pre-incident levels.
How could this correction occur so quickly, and on a Sunday no less? I posed the question to Renesys and queried if it indicated that operators upgraded to the newest version of Quagga during that timeframe. They assumed this was the explanation or that operators announced their outaged prefixes in some other way during the restoration time period. Either way, it showed an amazing level of uncoordinated response to correct a routing problem with global scope. Operators everywhere were doing there part to make the Internet run. Other incidents (e.g., last year’s Pakistan-YouTube episode) have shown similar quick resolution.
So lawmakers in DC, be forewarned and proceed cautiously on all things “cyber.” There is something much larger happening with Internet infrastructure at a global scale; something that national legislative efforts can probably do little to improve. We shouldn’t dismiss efforts to improve the security of the Internet’s infrastructure. And the USG should address vulnerabilities in its own networks. However, lawmakers need to ensure that anything that emerges from Washington takes into account the ongoing transnational collaboration that makes the Internet’s infrastructure run smoothly.