AS 7007 incident

From Wikipedia, the free encyclopedia

The AS 7007 incident was a major disruption of the Internet on April 25, 1997, that started with a router operated by autonomous system 7007 (MAI Network Services, although sometimes incorrectly attributed to the Florida Internet Exchange[1]) accidentally leaking a substantial part of its entire routing table to the Internet, creating a routing black hole.

Probably because of a bug in the affected router, the routes leaked were deaggregated to /24 prefixes, which were more specific than the routes originally present on the Internet, and had the AS path rewritten to 7007, leading the Border Gateway Protocol (BGP) used by the Internet's routers to prefer the leaked routes. This was then exacerbated by other problems that prevented the routes from disappearing from other networks' routing tables, even after the original router that had sent them had been disconnected. The combination of these factors resulted in an extended disruption of operations throughout the Internet.

Analysis of this event led to major changes in Internet Service Providers' BGP operations intended to mitigate the effects of any subsequent similar events.[2]

See also[edit]


External links[edit]

  • "Router glitch cuts Net access". cnet news. April 25, 1997. Retrieved 2009-03-06.
  • Origin authentication in interdomain routing
  • Interdomain Routing Security
  • nanog mailing list archive: "7007 Explanation and Apology"
  • A view of all NANOG mailing list discussions around the date of the incident - see 25 April 1997
  • BGP security: announcing prefixes without authorization