China Telecom Misdirected US Net Traffic Through China

For two and a half years internet traffic originating in Los Angeles was misdirected through the Chinese mainland before arriving at its destination in Washington DC, wrote Doug Madory, Director of Internet Analysis for Oracle’s Dyn Global Business Unit, in a blog post last week. Madory’s illustration of what happened is reproduced above.

The routing of internet traffic is subject to the Border Gateway Protocol (BGP), as implemented through the autonomous systems (AS) managed by network operators. Madory’s analysis concluded that the bizarre routing of US domestic traffic through mainland China occurred because AS4134, an autonomous system on the China Telecom backbone, incorrectly handled routing announcements for AS703, an autonomous system belonging to Verizon. This caused other international carriers – including Tata, Telia and Vodafone – to send traffic meant for Verizon’s AS703 through China Telecom’s AS4134 in mainland China.

The impact of the misdirection was mitigated by some networks, as explained by Madory:

Over the course of several months last year, I alerted Verizon and other Tier 1 carriers of the situation and, ultimately, Telia and GTT (the biggest carriers of these routes) put filters in place to ensure they would no longer accept Verizon routes from China Telecom. That action reduced the footprint of these routes by 90% but couldn’t prevent them from reaching those who were peering directly with China Telecom.

No claims have been made about whether the misdirection was accidental or deliberate. However, routing the traffic through China has obvious implications for security. Madory is a supporter of a proposed IETF standard that would use public key cryptography to create signatures that link a BGP route announcement with the correct originating AS. The objective of this standard would be to prevent BGP hijacking and the route ‘leaks’ which occur when routing announcements are propagated which violate the policies of one of the automated systems in the relevant path. The lead author of the draft for RPKI-based AS path verification is Alexander Azimov of QRator Labs.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.