Vodafone Idea, the Indian limb of the mega-carrier, has been fingered as the source of what’s been described as a “major GBP hijack” by Mutually Agreed Norms for Routing Security (MANRS), an organisation that “provides crucial fixes to reduce the most common routing threats.”
Early on Saturday, net-watchers noticed that an autonomous system number (ASN) held by Vodafone Idea published over 30,000 bogus border gateway protocol (BGP) prefixes.
BGP,HJ,hijacked prefix AS270497 18.104.22.168/24, RUTE MARIA DA CUNHA, BR,-,By AS55410 VIL-AS-AP Vodafone Idea Ltd, IN, https://t.co/WvDvQMMDCf
— Cisco BGPStream (@bgpstream) April 16, 2021
The incorrect publication meant that Vodafone Idea effectively claimed to oversee around 34,000 networks that it has role in operating.
Traffic to Vodafone Idea spiked to 13 times usual levels, and traffic to other networks drained away into an internet black hole.
The cause of the problem appears to have been an error, either by Vodafone Idea or one of its clients. The error was caught within a few minutes, but the faulty routes rolled out for at least an hour afterwards.
India’s telecoms given ten years to pay $22bn in back taxes they’ve already disputed for a decade
Digital experience monitoring outfit Catchpoint analysed the incident and said it spotted impacts on organisations including Google, Akamai, Edgecast, Deutsche Telekom, TIM, Claro, Orange, Telefonica), and several other Vodafone operations around the world.
Whatever the cause, Catchpoint and MANRS have slammed the carrier, suggesting that it could and should have been using well-known techniques that stop this sport of error from spreading and inconveniencing others.
Route filtering to rule out use of known bad routes is one such technique, and MANRS helps carriers to do it. But Catchpoint’s analysis suggests Vodafone Idea doesn’t use it, which was one reason this incident got big, fast. ®