Search in HRJ Tricks

Related Posts Plugin for WordPress, Blogger...

Wednesday, November 19, 2014

Chinese Telecom Routes Russian Domestic Internet Traffic through China

Chinese Telecom Routes Russian Domestic Internet Traffic through China
Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom, which could result in compromising the security of Russian communications...

Internet monitoring service Dyn reported Thursday in a blog post that the apparent networking fault is due to the weakness in the Border gateway protocol (BGP), which forms the underpinning of the Internet's global routing system.

The problem started after the BGP peering agreement signed between the China Telecom and top Russian mobile provider Vimpelcom in order to save money on transit operators, so that some of the domestic traffic may carried over the other's network rather than through a more expensive transit operator. Under this deal, Russian domestic traffic was repeatedly being routed to routers operated by China Telecom.

Routing Traffic allows law enforcement agencies and hackers with the ability to monitor. “Unlike other routing leak scenarios, such as Indosat originating the entire global routing table or VolumeDrive leaking nearly the entire BGP table from one transit provider to another, the leaks described above occur with much greater frequency and with little fanfare. In fact, typically the parties involved are unaware of the glitch and, as a result, these more limited problems can persist much longer than the larger catastrophic incidents.” Doug Madory, Director of Internet Analysis at Dyn said.

Unlike other routing leak scenarios, such as Indosat originating the entire global routing table or VolumeDrive leaking nearly the entire BGP table from one transit provider to another, the leaks described above occur with much greater frequency and with little fanfare. In fact, typically the parties involved are unaware of the glitch and, as a result, these more limited problems can persist much longer than the larger catastrophic incidents.
"During [one] incident, over 7000 routes from Vimpelcom’s customer cone were globally announced by China Telecom," Doug Madory wrote in the blog post. "The August 5 event was one of the times that China Telecom briefly announced nearly a full BGP table [of] 326,622 routes to Vimpelcom, placing itself in the path of outbound traffic from Vimpelcom to the outside world — including Russian routes." 
"The traceroute (below) shows Vimpelcom taking traffic to Frankfurt, handing it over to China Telecom which takes it to Shanghai before handing it over to Chello Broadband, which peers with China Telecom in Los Angeles. Chello then takes it from New York to Frankfurt again and then into the German countryside."
Traceroutes from Moscow to other Russian locations were pushed by Vimpelcom to China Telecom infrastructure in Frankfurt and redirected back to Russia via Megafon without getting directed out to Shanghai.
"If this routing arrangement is intended to provide Vimpelcom low-latency access to the Far East, it isn't working that well," Madory said.
Madory suggests networks operators to carefully routes their traffic traverses and to filter the routes they receive. "Without both measures, your traffic could be easily misdirected, potentially hurting both the performance and security of your Internet communications," he warned.

No comments:

Post a Comment