Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Analysis by Renesys, an internet monitoring body, indicates... careful and well-planned method .... Rik Ferguson of Trend Micro: "First at the DNS level, so any attempt to resolve any address in .eg will fail — but also, in case you’re trying to get directly to an address, they are also using the Border Gateway Protocol, the system through which ISPs advertise their internet protocol addresses to the network."

A complete border shutdown might have been easier, but Egypt has made sure that there should be no downstream impact, no loss of traffic in countries further down the cables.

Would someone with more network knowledge speak to the role Border Gateway Protocol plays here?

http://en.wikipedia.org/wiki/Border_Gateway_Protocol



The article is full of smart sounding nothing. BDP is the mechanism to say where the routers for some network segment are (where to go to deliver the packet with a given IP). DNS servers for .eg are in Egypt. AFAIK both things "don't work" looking form our side if you turn off the entry routers for the cables leading into Egypt. If they claim that they know that internet does function in Egypt but can't reach anything to the outside, then the question is if the users there see DNS resolution or not. If they don't then the DNS servers are turned off. But I think turning off the mentioned routers is more than enough for behaviour described in the article. Nothing smart.


Someone should set up pirate DNS and pirate backbones using sat coms and packet radio to link Egypt with the outside world.


I'm sure they are. And regular old phones are apparently working (who'd have thought it!!!) so modem to modem, bbs style, is an option to bridge wifi/packet gaps.


Fidonet FTW!

Some of those radical activists with ocean-going ships should get themselves some kit to handle this eventuality. You could fit a lot of comm gear and some capable uplinks onboard. It would be a lot more useful than throwing debris at Japanese whalers.


A good analogy (I think) is real borders. In this case airspace borders.

What Egypt have done would be the equivalent of saying to it's air controllers "Any plane incoming for an Egyptian airport, tell them we don't know where it is." And the only option that plane has is to return home (real analogy: the message gets sent to the source airport and the plane disappears into a black hole).

However, any plane that wishes to fly through Egyptian airspace to reach other countries, that's fine, and get's it's routing directions just fine.

The alternatives that the article are talking about, closing down the "bottom" routers: close down all the airports, instead of the whole airspace. This has the same effect, but is harder to co-ordinate.

A complete border shutdown would be like unplugging the cables... any aircraft flying through the airspace would be blackholed, and aircraft attempting to fly in will be blackholed, any attempting to fly through will be blackholed... all with a polite notice of course.

DNS would be equivalent of keeping the airports open & saying "shut down all the screens and don't let any airline attendant tell people the gate that their plane is flying from" (except that are millions of gates...). If you're smart enough to have written it down (cached), or know the gate directly, then you're still going to make your flight. If you don't, you've no chance of making it. (Let's not add vhosts into the mix... okay, maybe for fun... like arriving at the plane, and them saying "this service stops at 100s of destinations, and you've lost your ticket, so we can't let you board").




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: