Indian Route Leak or There and Back Again
On the 30.12.2017 Idea Cellular Limited (AS55644) created a massive BGP route leak between its peers and upstream providers, including TATA (AS6453), Reliance Globalcom Limited (AS15412) and Sify (AS9583). This anomaly affected an enormous number of networks all over the world, including content providers, transit ISPs - more than 70000 prefixes overall.
However, for the significant part of leaked prefixes propagation of this anomaly was limited to the Indian market, so end-users from other countries may not have noticed any problems while reaching out for their favorite services. Still, more than 4500 prefixes reached the Tier1 networks and as a result redirected significant part of global user traffic to India. As an example, several leaked prefixes originated from Microsoft (AS8075) were accepted by the Telia (AS1299):
BGP4MP|12/30/17 09:27:52|A|****|197068|18.104.22.168/14|197068 1299 9583 55644 8075|IGP
For such prefixes the network delay may have increased from 200ms to 300ms, being the cost of traffic redirection from EU/US to India and back. Luckily, not all leaked prefixes were globally propagated. Nevertheless, thousands of them reached Tier1. This situation highlights that old style ingress filters being built using AS-SETs and ROUTE objects, even in case of an appropriate maintenance, can’t be treated as a silver bullet anymore.