Earlier today, we noticed that YouTube was not available. An ISP in Pakistan, PieNet, single-handedly blocked global access to the popular video site for two hours, according to multiple reports on the Times of London, ZDnet, ReneSys, OpenDNS and Data Center Knowledge.
PieNet hijacked YouTube’s domain name by sending Border Gateway Protocol (BGP) instructions called advertisements to reroute all requests for YouTube.com to an IP address in Pakistan. ISPs use BGP to link the routers in their networks together, creating the global internetwork that we call the Internet. ISPs trust that the BGP advertisements they receive from other ISPs are correct.
Trust is cheap
Researchers have developed encrypted forms of BGP, but ISPs would rather not implement these more secure protocols because more powerful and expensive routers would be needed. While Cisco and other router manufacturers would welcome the additional sales revenue, ISPs would pass along their increased costs to businesses and consumers.
Many Internet protocols and services rely upon trust. Email is a good example. The core e-mail protocols do not check message content or the identities of senders and recipients. Email messages are sent across the Internet as alphanumeric text. Over the years, as a few users decided to exploit the open nature of email, we have added protocols and services to identify spam, check user identity and encrypt messages and passwords.
Pakistan goes offline
It is very rare for a major mistake like this to happen, because ISP managers and staff understand the value of reputation and trust. This redirect was probably not an accident or an error by PieNet staff – it was almost certainly an intentional hijacking designed to make a political statement. A bogus BGP advertisement is a very loud and rude way to make such a statement.
Richard Stiennon of ZDnet notes that PieNet probably brought all Internet traffic in Pakistan to a grinding halt, as Pakistan Telecom could not handle millions of requests for YouTube.
YouTube engineers detected the redirection quickly and asked for help from major ISPs. Their next step was to find the bad BGP instructions. This was a trivial exercise, as PieNet’s identifiers were all over the advertisement.
PCCW Telecom, the main Internet provider for Pakistan, removed Pakistan’s ISPs from the Internet until the new BGP advertisements propagated to ISPs across the world. Once YouTube’s route was restored, users could watch their videos again.
Internet users in Pakistan will have slower Internet connections for the next few days, and network engineers around the world will keep close tabs on Pakistani ISPs.