I love these highly technical blog posts on recent events by cloudflare.<p>Keep up the good work guys.<p>[1] <a href="http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about" rel="nofollow">http://blog.cloudflare.com/why-google-went-offline-today-and...</a>
That is a frickin' awesome video. Does anyone know what tool that is, I think I want it running on my status displays.<p>For those who are wondering your edge router (or border router) "advertises" that it can route to a particular subnet. That information propagates around and packets find there way there. So someone in Syria told all of their border routers to stop advertising routes to Syria's IP blocks. Now the fun thing you can do is since they aren't advertising those routes, if you are sitting in a data center somewhere and have peering access and a ASIN id you can advertise those routes and all of Syria's traffic will start heading your way :-) Of course if that monitoring tool is still running it will have all these lines suddenly running off the screen toward your data center.<p>The traffic that is actually <i>in</i> Syria can't get out. So its not like you could snoop on Syria or anything.
This tells us nothing about how it was turned off, only that the routes were withdrawn from the global routing table. Which isn't "how" it was turned off, by why it's stopped working.<p>There's some guesses in here, but the title is rather misleading. No one still knows why these routes are no longer being advertised, only that they're not.
This doesn't necessarily explain HOW the network was taken down but, it does highlight the conflicting evidence between a "terrorist" style fire-sale attack, and a state-imposed outage to limit communications between dissidents.<p>Unfortunately, non of these hosting companies want to give an alternative to HOW to bring the network back up...<p>Anonymous seems to be the only group oriented at actually helping the citizens of the nation of Syria regain communication via alternative methods such as TCP/IP over HAM radio, and satellite links, personal wireless mesh networks using WiFi on mobile devices.<p>Everyone can bitch about HOW to take DOWN a nations internet but, it takes real humanitarians & 1337geeks to consider & implement HOW to bring a nations communications infrastructure back UP.<p>So, what are you waiting for...<p>HELP.
This is probably the best explanation of the Syrian outage I have ever seen. Cloudfare are exceptionally good at explaining things like this and even included a video of the Syrian traffic slowly dropping off. Expect those "cut" cables to miraculously be repaired shortly.
My wife's first thought when she heard about Syria's lack of internet was that the sitting government is about to start a nasty offensive.<p>This was a good read and informative. One question, though.<p>> When the outage happened, the BGP routes to Syrian IP space were all simultaneously withdrawn from all of Syria's upstream providers.<p>Does withdrawn mean not advertised or was a message sent out saying these routes are no longer available?
There are a few really baseless, attack-y comments on the original post. I wonder if they're some kind of Syrian social media reactionary force.<p>CloudFlare, if you have access to their data, what's interesting about them?
I have a few questions not knowing all that much about BGP other than thinking of it in terms of a higher level DNS system for IP routing.<p>What gives Syria the authority to do this? What gives anyone authority to do this? What prevents malicious routing?. Could they route all traffic to 8.8.8.8 and overwhelm another network? If it's ICANN, can they come in and revoke control and give it to a third party intermediary?<p>It has been rumored a small staff of 6 stayed trying to keep the routes up. Their current status is not known. I understand in those cases no intermediary would help. But from a pragmatic standpoint, I'm curious.<p>While I understand this goes against the "rules" but if I have a DNS server and the roots drop a zone, and I don't agree, I can add it back in. As a local user I could add to etc/hosts like in the old days.<p>The above assumes I had a large user base like openDNS or google pDNS to be effective. Can the same be done with BGP? Can major broadband providers decide to ignore the dropped routes and send traffic along?<p>I understand Syria would just toggle off some other "switch" and terminate core routers but it would at least send a tiny message of sorts.<p>How are they stopping satellite access?<p>How are they stopping cellular based access?<p>Is there any form of TCP over Ham radio? TCP over laser? USB over carrier pigeon (seriously)? What are the bare bones options here for getting data in and out and where is that closest point of access?<p>No one has put in long range wifi links of the 20 mile line of site type, or is that still too short a distance to get a few users online?<p>What about dialup?<p>If CloudFront can see this much traffic, they must be doing pretty well. What is the point of Facebook, reddit, and many others using CDN's and Amazon and such when they could probably half their hardware and push the rest to ClouFront. Or is CloudFront really only best for static sites that are hit hard and need lots if bandwidth. Dynamic sites would still bottleneck at the database/drive/physical/etc layer?<p>Thanks. Sorry if these are rudimentary questions. I haven't even met that many people who have had BGP access. I'm going to go look up what the format files look like now, just out of curiosity.
They mention that there are four cables "connecting Syria to the Internet."<p>OK, I'm curious! How do they know? How many cables connect, say, Brazil to "the Internet?"<p>Is this publicly available somewhere?
They've been blocking traffic in Syria to numerous social networking and email/voip sites since the revolution began, and nulling cell towers in every area where there are protests. This hasn't hampered the free syrian army or activists as since last year they've been passing sdcards to the border of lebanon, jordan, iraq and turkey and uploading their videos wirelessly from there. The FSA is running two border crossing with turkey anyways.<p>This seems to be like some sort of incompetence, more like they tried to set up some sort of spying choke point and it massively failed. ask nokia-siemens, they helped iran set up their chokepoint, most likely some infosec whitehats with zero ethics are currently flying out there to assist in the holocaust, er I mean rebellion put down, by working with Assad to get the tubes back up.<p>It only hurts Assad to keep the tubes out, his loyal base needs to buy their louis vuitton bags off alibaba to keep their minds off the constant public shooting of protesters and shelling of entire cities full of "terrorists"
Distance between Cyprus and Syria is < 200km. How much money would it take to setup a wireless link between the two? Wikipedia tells me it's possible (<a href="http://en.wikipedia.org/wiki/Long_Range_WiFi#Italy" rel="nofollow">http://en.wikipedia.org/wiki/Long_Range_WiFi#Italy</a>)
Since Google has also confirmed that Syria is offline now, we should spread the word about the telecomix dialup project: <a href="http://dialup.telecomix.org/" rel="nofollow">http://dialup.telecomix.org/</a><p>How could the information on that page be spread within Syria? SMS, MMS, Phone, Fax, Mail?
Great post, too bad the comments section is already full of syrian trolls trying to derail the subject from freedom of speech to some bullshit conspiracy from "the empire" against syria.<p>Guess they still give access to those who are <i>loyal</i>...
Its great to know how, but here is why:
<a href="http://www.youtube.com/watch?v=H40EsEVU1Wk" rel="nofollow">http://www.youtube.com/watch?v=H40EsEVU1Wk</a>
NSFW/NSFL<p>Apparently, bombing people turns out to be bad PR when they tweet about it.
I don't know enough about markets to find the answer to this. Does Syris have a "stock market" or some form of electronic exchange? I would imagine if they have money they do.<p>Did those routes stay up? If not, what are the repercussions of that going to be come open time? Or any foreign trade, anything that relies on network time, etc. the list is pretty large for services that need Internet at least infrequently in order to keep basic services up.<p>I can't imagine how many deaths there would be in the USA if this happened. All those televisions stop working, that's gotta be a few million heart attacks right there.
Easy way to shut off your internet connection. Quit paying the bill. ;)<p>Does the government have to pay for those lines? Or is that handled by some other entity?
I wonder what caused them to do that. It doesn't seem like the regime's been pulling any punches so far, and the various YouTube evidence etc didn't seem to cause any increase in outside pressure. Why do it now?
"Our thoughts are with the Syrian people and we hope connectivity, and peace, will be quickly restored."<p>Err... well, that's great. I'm glad that this information free blog post pimping your services ended with your sincere token of solidarity with the Syrian people.<p>For an article with real information from people who actually understand what a network is, go here: <a href="http://www.renesys.com/blog/2012/11/syria-off-the-air.shtml" rel="nofollow">http://www.renesys.com/blog/2012/11/syria-off-the-air.shtml</a><p>(Yes, I'm a little annoyed. But that's just because a lot of companies are submitting their "informative" blog posts on HN while really it's just more pimping of said service.)