YouTube IP Hijacking

Wed Feb 27 00:02:45 UTC 2008

On Feb 26, 2008, at 1:07 PM, Steve Gibbard wrote:

> As far as I can piece together from what's been reported and argued  
> here, there were three responsible parties:  The Pakistani  
> Government who ordered YouTube blocked, Pakistan Telecom who  
> implemented a lawful order but overshot their government's  
> jurisdiction, and PCCW who accepted the announcements and passed  
> them on to the world.

This sure sounds a lot like tragedy of the commons...

To say these guys should have done X, Y, and Z - and not made
a mistake - so that I don't have to better protect myself and my
customers sure seems a bit disingenuous to me.

AND do tell yourself that tomorrow when the next malicious OR
inadvertent route announcement occurs and breaks something
else folks seems to care about.

While I agree with Jared's basic NVRAM point, I'm not particularly
sympathetic to it anymore.  There's nothing stopping any provider
today from implementing more explicit policy sets, at both the
customer edge, and the inter-provider edge.  And by more explicit
I don't mean trivial AS path policies, I mean prefix-based policies
derived from AS-MACRO style data.

Sure, operators would have to start employing IRRs, and IRRs
would have to start ensuring more secure infrastructure exists,
and configurations would need to be touched more often, and
router vendors would need additional incremental scale, but the
basic infrastructure is there -- it's just become particularly dusty
over the past decade.

The fact is that employment of explicit inter-domain prefix filtering
seems to only be deteriorating from where it was 15 years ago is
telling, and I think folks have become lazy and accepting, even as
more and more critical infrastructure and services require an
available and accurate routing system.

IMO, the onus is on the operators to step up...

-danny