Routing

After my last post about home networking, I am jumping back into global routing. More specifically how Indian traffic is hitting the globe when it does not need to. This is an old discussion across senior management folks in telcos, policymakers, and more. It’s about “Does Indian internet traffic routes from outside of India?” and if the answer is yes then “Why?” and “How much?”

It became a hot topic, especially after the Snowden leaks. There was even an advisory back in 2018 from Deputy National Security Advisor to ensure Indian internet traffic stays local (news here). Over time this has come up a few dozen times in my discussion with senior members from the Indian ISP community, individuals, and even latency-sensitive gamers. So I am going to document some of that part here. I am going to put whatever can be verified publically and going to avoid putting any private discussions I had with friends in these respective networks. The data specially traceroutes will have measurement IDs from RIPE Atlas so they can be independently verified by other network engineers.

BCP38 - also known as “Network Ingress Filtering” is concept where we filter incoming packets from end customers and allow packets ONLY from IP’s assigned to them.   Before going to BCP38, let’s first understand how packets forwarding work:

Here User 1 is connected to User 2 via a series of router R1, R2 and R3. Here R1 and R3 are ISP’s edge routers while R2 is a core router. In typical way the network is setup, entire effort is given on logic of routing table i.e for packets to reach from User 1 to User 2, we need to ensure that User 1 has default route towards R1, knows that User-2’s IP is behind R3 which is reachable via R2. So path User 1 > R1 > R2 > R3 > User 2 comes up. And same for User 2 > R3 > R2 > R1 > User 1 as return path. Now e.g IP pool for User-1 is 192.168.1.0/24 and is using 192.168.1.2 out of it while IP pool for User-2 is 192.168.2.0/24 and is using 192.168.2.2 out of it.  

Yesterday I came across a very interesting case of network hijacking of an ISP from wrong BGP announcements by another network. This issue was reported to NANOG mailing list. 

Issue was reported by Kevin, Senior Engineer at Altus Communications (AS11325). Problem was that SBJ Media LLC (AS33611) was making a /24 block announcement for specific slices of Altus -  208.110.48.0/20, 63.246.112.0/20, and 68.66.112.0/20 which are allocated to Altus Communications (as per ARIN whois).

Hello everyone!

Seems like Tata Communications routing table is changed (call it fixed) to route traffic for openDNS to Singapore. It’s not going to London anymore and I see very good latency from BSNL too (which uses Tata Comm for most of it’s International traffic).

Here’s latest routing from BSNL to openDNS: 

HOST: laptop                                                                 Loss%   Snt   Last   Avg  Best  Wrst StDev

  1. router2                                                                        0.0%    50    2.0   1.7   1.5   2.2   0.2

  2. 117.207.48.1                                                             2.0%    50   25.4  26.2  24.5  36.1   1.6

  3. 218.248.173.38                                                        0.0%    50   26.1  31.2  25.0 125.5  17.8

  4. 121.244.68.114.static-lvsb.vsnl.net.in               2.0%    50   70.1  72.2  69.4  97.8   6.0

  5. 172.31.61.210                                                            0.0%    50   92.9  94.8  92.9 109.0   2.2

  6. ix-4-2.tcore1.CXR-Chennai.as6453.net            0.0%    50   94.3  98.4  93.1 154.6  12.6

  7. if-5-2.tcore1.SVW-Singapore.as6453.net          0.0%    50  127.2 130.6 125.8 165.5   8.5

  8. if-2-2.tcore2.SVW-Singapore.as6453.net         0.0%    50  126.8 128.6 124.4 178.2   8.3

  9. Vlan1807.icore1.SVQ-Singapore.as6453.net   2.0%    50  135.4 132.3 126.1 140.4   4.4

 10. 203.208.186.101                                                      0.0%    50  202.4 163.6 156.9 256.5  17.5

 11. 203.208.153.110                                                       0.0%    50  159.1 166.8 157.0 272.4  23.6

 12. 203.208.190.166                                                      2.0%    50  160.3 160.6 158.6 191.9   4.6

 13. resolver1.opendns.com                                           2.0%    50  159.0 158.3 156.9 162.4   1.0

Overall I am getting latency from 160ms which seems OK considering 25-30ms latency for DSL, adding 60-90ms for route till South India followed by 30-40ms latency between Chennai and Singapore and eventually destination openDNS node on ASN 36692.