North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: YouTube IP Hijacking

  • From: michael.dillon
  • Date: Tue Feb 26 10:18:56 2008

> > You _need_ a license to drive a car, fly a plane etc. but until now 
> > you dont need to show that youre skilled enough to run a border 
> > router. Good idea? I dont think so.
> My point was that even with a license, accidents still occur.

Even with a licence and testing, airline crashes still occur,
commercial airline pilots still arrive at work drunk or die
of heart-attacks behind the wheel of the airplane.

But, due to a lot of effort in making better educational material
available for pilots, including better flight simulators and
better simulator scenarios, flying is a lot safer than it was
in 1958.

Not to mention the great effort that is put into post-mortem studies
of airline crashes, the open sharing of information around the world,
and the steady incremental improvement of best-practices and educational

The Internet operations "profession" could do all of that without any
need for laws, licenses, inspections, or whatever. In fact, if you look
around you, the Internet ops profession actually *DOES* do a lot of the 
same stuff that the airline industry does and things ARE getting better
when you measure the impact per user or per connected device. The net
is a lot bigger than it was 10 years ago, and far fewer incidents happen
that have wide impact. In fact, it is not even clear that this YouTube
incident counts as having wide impact. How many people were impacted
by the YouTube outage compared to the Asian Tsunami/landslide of 2005?

You don't need a Rogers Commission (Challenger disaster) or a 9-11
Commission set up by the President to solve these problems. For all
the moaning and complaining that hit this list and the blogosphere,
lots of people actually are studying the root cause of this disaster
and taking action to mitigate such events in the future.

It should be no surprise that the most important such mitigation events
are not related to installing more BGP filters, but in making sure that
outages/anomalies are promptly detected and promptly escalated to the 
RIGHT people in the operations team who can fix or mitigate them. 

> I am not against training personnel, but your solution 
> doesn't resolve either of the above for the most part.

Training is a form of education, and education is a necessary
prelude to action. You would be a fool to just accept someone's 
advice from this list and run out to implement it RIGHT NOW.
Better to study it, try it in the lab. Figure out what it does,
why it does it. Think about how to monitor it and manage it.
Write up a business case to see if you really can justify this
action to management. Then document it and do it when everybody
understands the problem and the solution.

Alex wrote such a brilliant message summarizing the discussion
to date that I'm thinking we should reshape the mailing list 
committee into a kind NTSB for the Internet
that would solicit comments, compile incident reports and 
produce best practice documents. That kind of thing might be
valuable enough that somebody would pay NANOG to do it.

--Michael Dillon