nanog mailing list archives
Re: Thursday: Internet outage eastern Europe Iran and Turkey
From: "Scott Weeks" <surfer () mauigateway com>
Date: Mon, 23 Dec 2019 11:35:53 -0800
--- morrowc.lists () gmail com wrote: From: Christopher Morrow <morrowc.lists () gmail com> On Sat, Dec 21, 2019 at 11:53 PM Scott Weeks <surfer () mauigateway com> wrote:
--- morrowc.lists () gmail com wrote: From: Christopher Morrow <morrowc.lists () gmail com> I do think the overall conversation about nation states disabling internet (which is not likely the case with Sean's original post?) is nanog-worthy. -------------------------------------- Yes, I believe you're correct for the most part. I just was more interested in the technical parts and there is a global audience here that may have insight as to how that part of the network is working. I can easily see how that would get out of control. But, how are they configuring their network elements to block is my question. (DPI? BGP? etc.)
ah! ok... I imagine there are a few knobs for each sort of thing that can get turned. I think we've seen over the years at least: 1) turkey blocking access to 8.8.8.8 (looked like mostly done with static /32's?) 2) egypt turning off internet for the country (prior to overthrow? - I believe 'phone calls to providers' was renesys's conclusion) https://dyn.com/blog/egypt-leaves-the-internet/ this article points at tunisia and iran as well. 3) pktelecom bgp routery making youtube less cat and more pain. https://dyn.com › blog › pakistan-hijacks-youtube-1 4) prc firewall - forms of mostly DPI packet skullduggery blocking random http (really tcp traffic), specific DNS RRs, disrupting/blocking various VPN technologies I'd say it probably depends a bunch on whom is doing the poking, for how long they plan to make this work/not-work and the tools they have immediately available :( Figuring more of this out seems like a good plan though... I'm not sure trying to actively subvert any of these nation state actions is particularly smart/healthy though :( (note: i don't think YOU/scott are looking for this last part, but generally speaking... it seems like folk put themselves in a bad place if/when they attempt to get around a nationstate's actions, particularly from inside that nationstate) ------------------------------------------------------- Thanks, I have left this on the list for now. I can go off list if necessary. That's good information. Does Dyn put this out regularly or just for certain events? I knew about 1-3, but how do folks find out about 4? :: Figuring more of this out seems like a good plan though... What I would like to find out is something like "the XXXcountry part of the network is unreachable via BGP/DNS/at all (firewall drops)" or something like that. It would be interesting to see how the different blocks are technically implemented and how that changes over time. And, no, I'm not looking to subvert those things. I live in the US where they do everything sneakily (ATT closet in SF still going?) but I wonder why microwave over the border or satellite isn't used. Then ad-hoc jumped through the country. I guess the getting killed or jailed if you get caught thing is why? I dunno, it is just an interesting thing to me. scott
Current thread:
- Thursday: Internet outage eastern Europe Iran and Turkey Sean Donelan (Dec 21)
- <Possible follow-ups>
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Scott Weeks (Dec 21)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Ross Tajvar (Dec 21)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Christopher Morrow (Dec 21)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Mark Rousell (Dec 22)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Ross Tajvar (Dec 21)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Scott Weeks (Dec 21)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Christopher Morrow (Dec 23)
- Re: Thursday: Internet outage eastern Europe Iran and Turkey Scott Weeks (Dec 23)