On 5th July, suddenly some of my prefixes whose upstream used Asympto Networks (AS39533) as their upstream suddenly became unreachable from Hurricane Electric’s (AS6939) end. HE’s looking glass showed that my prefixes were reachable over via AS39533-AS34927-AS213326. However ping was unreachable and also traceroute showed that the traffic was being dropped after it was being handed over to AS39533. I contacted Hurricane to confirm if the issue from their end as all my prefixes were reachable from Tata Communications (AS6453) and Cogent (AS174) (one that doesn’t peer with AS6939). Thankfully none of my upstream providers use cogent for announcing my prefixes.
Surprisingly most of my upstream providers use Asympto Networks (AS39533) to get to Hurricane Electric. Hurricane Electric being somewhere between a Tier1-Tier2 ISP meant that a large number of networks who were single homed behind Hurricane Electric would simply be unreachable. I moved all prefixes to NATO Internet Services (AS46997) however I was till facing the same issue. On contacting NATO they immediately informed that though they had created my filter list based on AS-213326-PEERS, Hurricane was filtering out my prefixes. They immediately opened a docket with Hurricane Electric and in about 30 mins the prefix filter was checked and the issue was rectified. NATO also confirmed me that they had received similar reachability complains from other downstream networks yesterday.
The issue with Asympto Networks issue was also resolved in a couple of hours. From this incident I can conclude that it was more of a filtering issue at Hurricane Electric’s end as well as on Asympto’s end too. Now my prefixes are again reachable from Hurricane Electric where Asympto Networks is between Hurricane Electric and my upstream (eg: iFog networks).
This was the first time I had faced an issue since I had received my ASN. It was a learning experience. What I understood is that the entire internet works on every network (Autonomous System) doing its part right. It is the collective cooperation of all networks big and small that keeps the internet working the way it is. Just a simple wrong prefix filtering can cause partial or total blackout for a network. Maybe that’s why only the most experienced engineers in the organization get to manage BGP for the network. Getting a personal ASN is quiet beneficial for learning BGP in real time as such issues are virtually absent in GNS3 and other simulated environments. To get stated with your own personal ASN and ipv6 resources for cheap and get started read my previous post here.