iTnews
  • Home
  • News
  • Technology
  • Networking

Telstra routing flub affects hundreds of networks worldwide

By Juha Saarinen on Sep 30, 2020 9:33AM
Telstra routing flub affects hundreds of networks worldwide

Accusations of BGP hijacking fly.

A misconfiguration by Telstra is causing problems for hundreds of network providers worldwide, sparking accusations of border gateway protocol (BGP) hijacking by the Aussie telco.

BGP is used to determine traffic routes between internet connected network providers based on agreements and policies.

The routing protocol is prone to misconfigurations, at times with major consequences as traffic is sent by large networks to smaller ones that don't have the capacity to handle the volume, for example.

Swiss privacy-oriented email provider ProtonMail complained on social media that Telstra was announcing its 185.70.40.0/24 subnet with authorisation, which meant that traffic to that network took a detour via Melbourne.

This caused delays for incoming and outgoing messages, which ProtonMail had to queue up and route via slower secondary paths.

Several other providers fell victim to erroneously advertised routes for their networks as well, although some have managed to contact Telstra and have the problem resolved.

Some Quad9 prefixes are currently being announced without permission by @Telstra causing outages for some end users. Other firms report similar hijacking of routes. Investigation and mitigation is ongoing. Please ensure 149.112.112.112 is in your resolver config to avoid faults.

— Quad9 (@Quad9DNS) September 29, 2020

Packet's Sydney facility that hosts Google's local region was also impacted for three hours.

Reverse proxy and content delivery network Cloudflare's BGP routes page showed Telstra's Autonomous System 1221 this morning as announcing 102 networks on the internet, with invalid route origin authorisation.

A Telstra spokesperson told iTnews that the issues were the result of a "technical error" in which "a number of internet prefixes were incorrectly advertised as Telstra’s."

"This meant some internet traffic may have been routed to Telstra incorrectly, although our systems indicate negligible traffic was actually received," the spokesperson said.

"The overnight change has now been reversed.

"We’re working with ProtonMail and other impacted customers to ensure a full recovery of their services."

Outside of this morning's specific issue, a collective effort called Resource Public Key Infrastructure (RPKI) is underway among internet connected networks to prevent similar BGP configurations mistakes and ensuing outages.

However, RPKI only works if networks filter on the validity of cryptographically signed route objects, and drop invalid ones without the appropriate authorisation.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bgpborder gateway protocolgooglenetworkingprotonmailroutingrpkitelco/isptelstra

Partner Content

The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Sep 30 2020
9:33AM
0 Comments

Related Articles

  • Testing mistake triggered Telstra route 'hijacks'
  • Cloudflare black-holed its own traffic for an hour
  • Researchers devise stealthy phone tracking without fake base stations
  • Optus wants gov response to OTTs 'free riding' on telco networks
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals

PayTo rollout kicks off

PayTo rollout kicks off

Services Australia spends $50m on IBM Power hardware upgrade

Services Australia spends $50m on IBM Power hardware upgrade

NSW gov adds six providers to cloud panel

NSW gov adds six providers to cloud panel

Digital Nation

Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.