Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Doug Madory Profile picture
@DougMadory
Sep 8, 2020 5 tweets 2 min read Read on X
Scrolly
RPKI in action!

On Friday, AS209 created ROAs for 64.193.176.0/20 and 64.193.192.0/20 to regain IP space hijacked by AS134121.

Networks that drop RPKI invalids (2914,1299,6939) dropped the routes, although they are still in circulation via other networks. Image
rpki-validator.ripe.net/announcement-p…

whois.arin.net/rest/net/NET-6… Image
Zoomed-in view to better understand withdrawal timing.
- AS1299 begins withdrawing at 19:22 UTC
- AS2914 begins withdrawing at 19:33 UTC
- AS6939 had route withdrawn by 19:38 UTC
(cc: @JobSnijders) Image
For good measure. AS209 also began announcing the 32 /24's that make up this space at 20:50 UTC.

For example, 64.193.176.0/24: Image
Epilogue: As of 20:01 UTC today the hijacked routes were withdrawn. Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Doug Madory

Doug Madory Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @DougMadory

Doug Madory Profile picture
Nov 21
Finally had some time to dig into the subsea cable cuts in the Baltic Sea that have gotten a lot of attention lately.

Due to the region's rich fabric of connectivity, the cable cuts caused minimal disruption.

However, here are some subtle BGP impacts I was able to identify. 🧵
I estimate that the BCS East-West Interlink was cut at 07:53 UTC on Nov-17 and the impacts are visible in both Lithuania and Latvia.

submarinecablemap.com/submarine-cabl…Image
Hundreds of prefixes transit by Telia Lithuania (AS8764) exhibited a slight decrease in transit from Arelion (AS1299) at the time of the cable cut.

78.61.16.0/20 and 78.57.128.0/20 are shown below. Image
Image
Read 9 tweets
Doug Madory Profile picture
Aug 24, 2022
In my latest blog post for @kentikinc, I join forces with @JobSnijders of @fastly once again. This time to answer an important question:

How much does RPKI ROV reduce the propagation of RPKI-invalid BGP routes?

kentik.com/blog/how-much-…
This analysis was motivated by a discussion following the recent Rostelecom hijack of Apple:

It seemed a good time to run the numbers for the whole routing table.
The big takeaway is that propagation is cut in half when a route is evaluated as RPKI-invalid (mostly due to most tier1's rejecting invalids). This will have the effect of blunting the impact of a future origination leak, for example.
Read 6 tweets
Doug Madory Profile picture
Aug 22, 2022
Large disruption of Internet services in #Pakistan.

According to @kentikinc data, traffic dropped by 40% at 17:57 UTC (10:57pm local). Image
Also visible in @gatech_ioda:
The internet of Pakistan has been dealing with multiple challenges in recent weeks.

Including a submarine cable outage on Aug-12 and an outage due to monsoon rains:
dawn.com/news/1704419
Read 5 tweets
Doug Madory Profile picture
Mar 18, 2022
It’s been >3 weeks since the #UkraineRussiaWar began.

Despite many outages, Ukraine's Internet is still online due in part to the heroic efforts by local techs fixing disruptions at great risk to themselves.

A 🧵 of 30-day snapshots of Ukrainian internet connectivity...
From @Kentikinc’s view, overall peak traffic levels into Ukraine have declined by about 20%.

This reflects a drop in internet usage that can be attributed to damaged infrastructure and fewer Ukrainian users due to millions of Ukrainians fleeing, among other factors.
Alternatively, @gatech_ioda focuses more on infrastructure and less user traffic levels.

It observes a visible decline in BGP routes, hosts responding to pings (active probing), as well as background traffic.

ioda.inetintel.cc.gatech.edu/country/UA?fro…
Read 6 tweets
Doug Madory Profile picture
Feb 1, 2022
I was curious of the origin of the assertion in this piece that Russia cut a subsea cable when it annexed Crimea in 2014.

This biggest issue is that there was no subsea cable connecting Crimea at the time.

Follow me as I try to find the origin of this story…
This starts with @jserhmcyber’s piece published yesterday.
atlanticcouncil.org/blogs/new-atla…

"When Russia illegally invaded and annexed Crimea in 2014, one of its first actions was to cut a submarine cable linking the peninsula to the outside world."

That cites…
An article by LCDR Dennis E. Harbin III entitled Targeting Submarine Cables…
tjaglcs.army.mil/-/-targeting-s…
Which states:
"During the annexation of Crimea…, one of Russia’s first acts was to disrupt internet connectivity to the Crimean peninsula and isolate it…"

That cites…
Read 16 tweets
Doug Madory Profile picture
Jan 15, 2022
Island nation of #Tonga is completely offline following a #tsunami triggered by a massive volcanic eruption in the Pacific Ocean.

According to @kentikinc data, traffic volumes began to drop around 4:30 UTC (5:30pm local) before finally going to zero at 5:40 UTC (6:40pm local).
Here's a view of the eruption from space:
Our data matches @CloudflareRadar tool for #Tonga. (cc: @dbelson)

radar.cloudflare.com/to?date_filter…
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(