I have been noticing a problem contacting sites all over Northern and Central Europe.
Sprint's network was somewhat overloaded due to the bogus routes redirecting traffic onto their network. I doubt the problem spread as far as Europe, at least on a widespread basis. We have about 200 sites worldwide, only a few actually connected to Sprint. We only saw intermittent failures reaching some sites for about an hour. The problem occured at about 11:30 a.m. EDT, when the routers in question began sending invalid paths. The routers were shutdown at 12:15. Re-convergence might have taken another 20 mins. or so.
A problem at an Internet service provider in Virginia triggered a massive logjam on the Internet Friday, but the trouble was cleared up later in the day, Sprint Corp. said. A customer of MAI Network Services, a McLean, Va.-based Internet provider that is among 900 companies that buy wholesale access to the Net from Sprint, entered 10,000 duplicate routes to the Internet backbone. That caused massive access delays for an undetermined number of users, a Sprint spokes man said.
FLX. ASN 7007. The Sprint router took in 72,000 bogus routes from the downstream source before it crapped out. A lot of traffic ended up being re-directed to Sprint as a result of the route problem, causing them to haul higher than normal levels of traffic.
I wonder how long it'll be possible for unauthenticated/unapproved people to mess around with routers.
Sprint probably should have been filtering routes / AS_PATH (insert debate here) from its downstreams. This is a management challenge, but Bad Things(tm) can happen if you don't.
can't bring down the whole net, they'll just pass a law requiring that anyone who wants the 'enable' password to a cisco have first passed a government-approved "Internet Administrators Class" and gotten a license.
Why are you picking on Cisco? The equipment in question was a pair of Bay Networks BLN routers. The jury is still out as to whether this was a Bay bug or a config screw-up. -r.w.