Posts by Doug Madory

In this blog post, we describe how one backbone service provider uses Kentik to identify and root out spoofed traffic used to launch DDoS attacks. It’s a “moral responsibility,” says their chief architect.

Football is officially back, and Doug Madory is here to show you exactly how well the NFL’s streaming traffic was delivered.

Doug Madory investigates two large BGP leaks from August 28 and 29, 2023 and how RPKI ROV and other technologies can help mitigate widespread internet disruptions that can result for incidents like these.

On Sunday, August 6, an undersea landslide in one of the world’s longest submarine canyons knocked out two of the most important submarine cables serving the African internet. The loss of these cables knocked out international internet bandwidth along the west coast of Africa. In this blog post, we review some history of the impact of undersea landslides on submarine cables and use some of Kentik’s unique data sets to explore the impacts of these cable breaks.

This past weekend, the government of Iraq blocked the popular messaging app Telegram, citing the need to protect Iraqi’s personal data. However, when an Iraqi government network leaked out a BGP hijack used for the block, it became yet another BGP incident that was both intentional, but also accidental. Thankfully disruption was minimized by Telegram’s use of RPKI.

Stretching back to the AS7007 leak of 1997, this comprehensive blog post covers the most notable and significant BGP incidents in the history of the internet, from traffic-disrupting BGP leaks to crypto-stealing BGP hijacks.

In this blog post, BGP experts Doug Madory of Kentik and Job Snijders of Fastly update their RPKI ROV analysis from last year while discussing its impact on internet routing security.

It has now been over a year since Russian forces invaded its neighbor to the west leading to the largest conflict in Europe since World War II. Kentik’s Doug Madory reviews what has happened with internal connectivity within Ukraine over the course of the war in this analysis done for a collaboration with the Wall Street Journal.

In this article, Doug Madory uncovers the little-known “Russification” of Ukrainian IP addresses — a phenomenon that complicates the task of internet measurement and impacts Ukrainians connecting to the internet using IP addresses suddenly considered Russian.

In the early hours of Wednesday, January 25, Azure, Microsoft’s public cloud, suffered a major outage that disrupted their cloud-based services and popular applications such as Sharepoint, Teams, and Office 365. In this post, we’ll highlight some of what we saw using Kentik’s unique capabilities, including some surprising aftereffects of the outage that continue to this day.

This week marks a decade since the ALBA-1 submarine cable began carrying traffic between Cuba and the global internet. And last month’s recommendation by the US Department of Justice to deny the request by the ARCOS cable system to connect Cuba shows that, almost a decade later, geopolitics continues to shape the physical internet — especially when it comes to Cuba.

Only two days into the new year and we had our first BGP routing leak. It was followed by a couple more in subsequent days. In this blog post, we use some of Kentik’s unique capabilities to take a look at what happened, what the impacts were, and what might prevent these in the future.

This past year was another busy one for the internet. This year-end blog post highlights some of the top pieces of analysis that we published in the past 12 months. This analysis employs Kentik’s data, technology, and expertise to inform the industry and the public about issues involving the technical underpinnings of the global internet and how global events can impact connectivity.

The populations in Cuba and Iran were only the latest to experience what has become an increasingly common tactic of digital authoritarianism: the internet curfew. This tactic, in which internet service is temporarily disabled on a recurring basis, lowers the costs and thus increases the likelihood of government-directed internet disruptions.

This fall Amazon Prime Video became the exclusive broadcaster of the NFL’s Thursday Night Football. This move continued Prime Video’s push into the lucrative world of live sports broadcasting. As you can imagine, these games have led to a surge in traffic for this OTT service.

On August 17, 2022, an attacker was able to steal $235,000 in cryptocurrency by employing a BGP hijack against Celer Bridge, a cryptocurrency service. While this incident is the latest such attack, there are lessons beyond the world of cryptocurrency for any organization that conducts business on the internet.

Our analysis from earlier this year estimated that the majority of internet traffic now goes to routes covered by ROAs and is thus eligible for the protection that RPKI ROV offers. This analysis takes the next step in understanding RPKI ROV deployment by measuring the rejection of invalid routes.

Since the beginning of June 2022, internet connectivity in the Russian-held Ukrainian city of Kherson has been rerouted through Crimea, the peninsula in southern Ukraine that has been occupied by Russia since March 2014. As I explain in this blog post, the rerouting of internet service in Kherson appears to parallel what took place following the Russian annexation of Crimea.

On July 8, 2022, Canadian telecommunications giant Rogers Communications suffered a catastrophic outage taking down nearly all services for its 11 million customers in the largest internet outage in Canadian history. We dig into the outage and debunk the notion that it was caused by the withdrawal of BGP routes.

On Tuesday, June 7, internet users in numerous countries from East Africa to the Middle East to South Asia experienced an hours-long degradation in service due to an outage at one of the internet’s most critical chokepoints: Egypt. In this blog post, we review some of the impacts as well as compare how this disruption affected connectivity within the three major public cloud providers.

RPKI is the internet’s best defense against BGP hijacks. What is it? And how does it protect the majority of your outbound traffic from accidental BGP hijacks without posing a risk to legitimate traffic?

Last night, Kansas topped the University of North Carolina in a thrilling come-from-behind victory to win their fourth championship in men’s college basketball. It was also notable in how viewers saw the game. Instead of being aired on network television like in the past, the game was carried on TBS requiring viewers to have either a cable TV package or use a streaming service to watch the game. Here’s what we saw.

In our updated blog post, read why international telcos Cogent and Lumen say they are taking action against Russia.

Just in time for Valentine’s Day, we’re announcing our newest labor of love: Kentik Market Intelligence (KMI), a new product that spells out the internet ecosystem.

On Saturday, the pacific island nation of Tonga was decimated by a massive volcanic eruption that was visible from space. At 5:27pm local time, the underwater volcano Hunga Tonga-Hunga Ha’apai unexpectedly erupted, sending ash and debris for hundreds of miles. As of this writing, all internet and telephone communications between Tonga and the rest of the world are still down.

Every year the internet suffers numerous disruptions and outages, and 2021 was no exception. Kentik’s Doug Madory recaps the top 10. And now the world’s network engineers deserve a load of #HugOps in 2021.

Last month, the long-awaited film adaptation of Frank Herbert’s sci-fi epic Dune was released in theaters and on HBO Max. Directed by Canadian filmmaker Denis Villeneuve, the movie was a hit at the box office as well as via streaming, leading to another OTT traffic surge.

Facebook suffered a historic and nearly six-hour global outage on October 4. In this post, we look at Kentik’s view of the outage.

Last Tuesday, September 14th was the second Tuesday of the month, and for anyone running a network or working in IT, you know what that means: another Microsoft Patch Tuesday. Doug Madory looks at how the resulting traffic surge can be analyzed using Kentik’s OTT Service Tracking.

There has been a new development in The Mystery of AS8003.

As you may recall, this was the AS number registered to a defunct company in Florida that appeared earlier this year in the global routing table announcing over 175 million IPv4 addresses belonging to the US Department of Defense.

Well, that just changed.

As the last US military aircraft depart Kabul, so closes a chapter of U.S. involvement in the country. Will it also end a period of growth of the domestic internet in Afghanistan?

Africa’s regional internet registry, AFRINIC, is involved in a legal dispute over an increasingly valuable commodity: IPv4 address space. Kentik’s Doug Madory takes a deeper look at what’s happening.

On January 20, 2021, a great mystery appeared in the internet’s global routing table. An entity that hadn’t been heard from in over a decade began announcing large swaths of formerly unused IPv4 address space belonging to the U.S. Department of Defense. Registered as GRS-DoD, AS8003 began announcing 11.0.0.0/8 among other large DoD IPv4 ranges.

In the past 24hrs, Myanmar experienced a military coup d’état during which prominent government figures like Nobel laureate Aung San Suu Kyi were detained and internet service was almost entirely blacked out.

Here is what the shutdown looked like in our data (with annotations for timing) for Myanmar’s big four: Myanma Posts and Telecommunications (MPT), Telenor Myanmar, Ooredoo Myanmar, and Mytel.

Last week I had the honor to participate in the PTC 2021 conference. Held in Hawaii every January, PTC’s annual conference is the Pacific Rim’s premier telecommunications event. Although this year’s conference was all virtual (no boondoggles to Honolulu!), it was no less important as the theme this year was New Realities. In the following blog post, I summarize what I presented in my PTC panel entitled Strategies to Meet Network Needs.

The shutdown in Egypt not only shifted the dynamics of protest in the 21st century, it was a watershed moment for the internet community — from technical organizations like Renesys to digital rights advocacy groups like Access Now. The era of the large-scale government-directed internet shutdown had truly begun.