AS 7007 incident

Major disruption of the Internet on April 25, 1997

The AS 7007 incident was a major disruption of the Internet on April 25, 1997, that started with a router operated by autonomous system 7007 (MAI Network Services, although sometimes incorrectly attributed to the Florida Internet Exchange[1]) accidentally leaking a substantial part of its entire routing table to the Internet, creating a routing black hole.

Probably because of a bug in the affected router, the routes leaked were deaggregated to /24 prefixes, which were more specific than the routes originally present on the Internet, and had the AS path rewritten to 7007, leading the Border Gateway Protocol (BGP) used by the Internet's routers to prefer the leaked routes. This was then exacerbated by other problems that prevented the routes from disappearing from other networks' routing tables, even after the original router that had sent them had been disconnected. The combination of these factors resulted in an extended disruption of operations throughout the Internet.

Analysis of this event led to major changes in Internet Service Providers' BGP operations intended to mitigate the effects of any subsequent similar events.[2]

See also

  • Route filtering

References

  1. ^ Peter G. Neumann, "Internet Routing Black Hole", The Risks Digest: Volume 19: Issue 12, Friday 2 May 1997
  2. ^ Murphy's Law Strikes Again: AS7007

External links

  • "Router glitch cuts Net access". cnet news. April 25, 1997. Retrieved 2009-03-06.
  • Origin authentication in interdomain routing
  • Interdomain Routing Security
  • nanog mailing list archive: "7007 Explanation and Apology"
  • A view of all NANOG mailing list discussions around the date of the incident - see 25 April 1997
  • BGP security: announcing prefixes without authorization