Reply to post: Resiliency options

Russia could chop vital undersea web cables, warns Brit military chief

Anonymous Coward
Anonymous Coward

Resiliency options

Despite the "everything will route around the break" talk, reality really isn't that simple.

Firstly, cables that are rented as dark fiber, or which have SDH and static MPLS provisioned point to point links routed over them cannot reprovision quickly. Just imagine say Hibernia having both it's Trans-Atlantic fibers cut and begging Century Link for space on it's fibers. Even the provisioning processes will be utterly different, and getting a "clean" fiber pair assigned would be just about impossible: they would all be in use on various wavelengths. The muxes or routers would probably require new dark fiber between them: fine if they are in the same carrier hotel, slow if not.. The interruptions to service would be measured in weeks or months, and in all you might be better off just waiting for the repair ships to finish.

Secondly, using IP to route around sounds easy, but it's not much better. The IP backbone of the affected carriers will be in all likelihood severely affected by the destruction of many of it's point to point links over which the IP runs. Carriers and end users do not generally have multiple transit relationships set up in advance: commit costs money, even if you don't use it, and even assuming there are available ports, capacity and all equipment in common carrier hotels (which have hopefully not also been attacked in some way!), you would need lots of planning and new dark fiber to stop these new links instantly saturating. So even assuming massive goodwill, we are talking about days or weeks to recover.

I've had personal experience of a trans Irish sea issue where one cable provider suffered a cut which caused fairly severe issues: so severe, one of our customers called to *offer* capacity on their network. Despite all sides being sincere, the practicalities (local loop install, IP peering problems) were such the offer was never taken up.

If you want to make us resilient, I think there are three things you could do. Firstly, mandate that key applications (banking, telephone/999, government functions) must be hosted within the UK. Incentivise this by making it a requirement for getting government business. Secondly, mandate that carriers must have contingency plans for rapidly increasing their transit and peering options: lit interfaces on routers between them, even if BGP is shutdown, "shadow" public peering configs held in readiness to be turned on on public exchanges, tested on occasion. Thirdly, mandate all carriers have plans to hurl neutrality into the bin in extremis, and aggressively throttle customer traffic by type on their edge, and also be willing to depeer AS's that demand the most traffic if the network is threatened by their demands.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019