Wednesday, December 1, 2010

Corruption of Internet Routing Tables

The rapid growth and fragmentation of Internet routing tables is one of the most significant threats to the integrity of the Internet transmissions.

When about 15% of the world’s Internet traffic was redirected by a set of servers owned by China Telecom there were popular websites, such as dell.com, cnn.com and amazon.de, that were re-routed through Chinese networks before reaching their destinations. This condition lasted for about 18 minutes. What was done was a prefix hijack by one or more routers. Whether this was intentional or not is unknown, but such routing accidents are all too common.

Routers tell packets of data which way to go. Organizations have private networks between various locations. When an e-mail is sent from one private network to another, the router “decides” that those packets should not be sent out to the Internet, but should instead travel within the corporate private network. An email sent from the same person to a potential customer, however, would be sent out via the Internet. In order for routers to know where to send things, they need to maintain some data about other networks. These are known as “routing tables”. If these routing tables get incorrect information, misrouting will occur.

Experts have considered the rapid growth and fragmentation of core routing tables as one of the most significant threats to the long-term stability and scalability of the Internet.

It is the Border Gateway Protocol (BGP) that decides where to forward IP packets to ensure they reach their correct destination network. The BGP table, which can be found on all Internet routers, contains all of the network "prefixes" – the IP address blocks assigned to any given network – active on the Internet at any given time. Over the years, as Internet usage has grown exponentially and the number of organizations coming online has increased, the number of networks advertised through BGP has swollen dramatically. In the last five years, it has more than doubled to almost 350,000 today. The number of routing table entries could hit two million in the next 10 years.

The danger here is that while BGP is the de-facto protocol for inter-domain routing on the Internet, actual routing occurs without checking whether the originator of the route is authorized to do so. The global routing system itself is made up of autonomous systems (AS). Each autonomous system decides, unilaterally, and even arbitrarily, to trust everything it hears from any other AS, to use that information without validation, and to further transmit that information to its other peers. This is often called “routing by rumor.”

Efforts are underway to secure the BGP based routing system. The IETF has initiated a working group, which is working on a Resource Public Key Infrastructure (RPKI), which provides for authentication for who can originate a route to an address.

Summary
The authentication of inputs to BGP tables is not merely a matter of changing standards. It will influence how router hardware will have to function and how messages with BGP instructions are distributed and secured.