Hacker News new | ask | show | jobs
by avh02 2023 days ago
i'm not necessarily familiar with all the services (or the specific dependencies) on that list, but a lot of it will be a knock on effect from e.g: fb login not working as expected

People will very often see it as "service x with fb login is broken"
1 comments
florianmari 2023 days ago
I work in one of these companies and I can confirm that is a network outage and even our internal tools hosted in our datacenter (so no dependencies with fb) are down
link
walrus01 2023 days ago
I sincerely hope that AS3356 hasn't broken a big chunk of the Internet again.

https://isc.sans.edu/forums/diary/CenturyLink+Outage+Causing...

https://www.zdnet.com/article/centurylink-outage-led-to-a-3-...

link
dahfizz 2023 days ago
My bet is BGP. Its always BGP.
link
oblio 2023 days ago
It's been a while since I studied routing, but have they fixed BGP security?

I remember reading about the protocol and thinking something like: this seems awfully "hippie-trust" levels of security.

Granted, this was 10 years ago so my recollection of BGP is super fuzzy :-D

link
walrus01 2023 days ago
nope. proper and full implementation of BCP38, MANRS, full RPKI validation of all IP ranges and such is a long distance away.

within trusted groups of ISPs where the admins all know each other, in certain specific geographic regions, it's better than others.. I would say that the number of ISPs I could call "fully compliant" with current best practices, in the Portland-Seattle-Vancouver area, is higher than in many other parts of the world.

link
ficklepickle 2022 days ago
How is shaw?

Anecdote: I was surprised to find they honour TTLs on their DNS service. Everyone else I have access to seems to return the new IP almost immediately, but shaw waits it out.

link
curi0sity 2023 days ago
As someone interested in the internal workings of the internet, do you have any further reading on current best practices?
link
dahfizz 2023 days ago
To be fair, BGP only runs between large network operators. The security / trust of routing agreements is mostly solved through business deals and contracts.
link
walrus01 2023 days ago
Every time this happens I have a mental metaphorical image of somebody tripping over the $5 power strip that has the single point of failure route-server or route-reflector plugged into it.
link
avh02 2023 days ago
I stand corrected :)

Any info on what network/operator/operator/etc is suffering the issue? (just so people know about it if it's public, i don't see anything on HN at least)

Thanks, and good luck!

link