For more than two hours on Thursday, June 6, a large chunk of European mobile traffic was rerouted through the infrastructure of China Telecom, China’s third-largest telco and internet service provider (ISP).
The incident occurred because of a BGP route leak at Swiss data center colocation company Safe Host, which accidentally leaked over 70,000 routes from its internal routing table to the Chinese ISP.
The Border Gateway Protocol (BGP), which is used to reroute traffic at the ISP level, has been known to be problematic to work with, and BGP leaks happen all the time.
However, there are safeguards and safety procedures that providers usually set up to prevent BGP route leaks from influencing each other’s networks.
But instead of ignoring the BGP leak, China Telecom re-announced Safe Host’s routes as its own, and by doing so, interposed itself as one of the shortest ways to reach Safe Host’s network and other nearby European telcos and ISPs.
Mobile operators in France, Holland, Switzerland affected
For the subsequent hours, until China Telecom operators realized what they have done, traffic meant for many European mobile networks was rerouted through China Telecom’s network.
“Some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1130) of Holland, and Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France,” said Doug Madory, Director of Oracle’s Internet Analysis division (formerly Dyn).
“Often routing incidents like this only last for a few minutes, but in this case many of the leaked routes in this incident…