Failure in routers could cause a small blackout of the internet in May

At some point in May, the Internet will suffer a small blackout that will prevent thousands of people from accessing the network.

The event, known as Day 768k, has been expected for some time by operators and should affect customers whose Internet service providers use older network equipment.

What is Day 768k?

Day 768k is a kind of sequence or evolution of the event that became known as Day 512k, when on August 12, 2014 a “blackout” on the world wide internet caused billions in financial loss.

This general failure on the Internet occurred when the routers ran out of space to store the BGP routing table (data routing protocol used by most routers in the world). This table contains the IPv4 addresses of all known Internet networks in the world and is used by the routers to connect the user to the site that he wants to access.

What happened was that in 2014 most routers used a TCAM (ternary content-addressable memory) allocation system, which allowed a maximum limit of 512,000 allocated addresses (hence the name 512k).

So when Aug. 12, 2014, Verizon added 15,000 new BGP routes to the table, this caused the routers to suffer memory leakage, causing them to crash every time they tried to read or write. access any kind of file – which has affected practically all Internet providers in the world.

At the time, the emergency solution was to develop patches for the firmware of those routers that set a maximum limit of maximum memory for storing the BGP routes, increasing that number to 768,000 – from where the name was taken 768k.

Currently, the best source to manage the size of the BGP table is a Twitter bot called BGP4-Table, created to warn programmers about the approach of the fateful Day 768k. The profile tweeta every 6h with the current amount of addresses allocated in the BGP table and, according to the most recent tweet of it during the writing of this matter, there are currently 768105 IPv4 prefixes. Despite this, the actual number is a bit smaller, since the tool does not filter duplicate addresses.

That’s why some industry analysts, such as Aaron A. Glenn (network engineer at AAGICo in Berlin) and Jim Troutman (Director of the Northern New England Neutral Internet Exchange) estimate that Day 768k should happen sometime in May, when the number of addresses allocated should exceed 768 thousand real addresses (that is, without duplicates).

The end of the internet?

Despite the concern, neither of the two experts believes that reaching this milestone will cause as many problems as occurred on Day 512k. That’s because, unlike 2014, operators have already prepared for the event.

As they are already expecting Day 768k since the general blackout of the internet in 2014, companies have already developed several ways to prevent something like that from happening again. The equipment used by the companies already allows the allocation space of the BGP table to go far beyond the 768 thousand achieved in 2014, which ensures that those companies that have updated their equipment after 2014 should have no problems.

But even those who still own old equipment that would suffer with the limit of 768,000 allocation spaces can easily avoid the problem. This is because, according to Troutman, this limit is only a problem if the router of the servers of an internet provider is considering all the existing routes. If these devices are configured to ignore anything from routes / 24 (CIDR notation used to set IP addresses of large local area networks, such as Microsoft Ethernet) and direct requests from those addresses to the router of another company. This causes the number of existing addresses in the table of these older routers to fall to less than half, which allows them to operate without problems, leaving any request coming from something with this addressing to the newer equipment of the large carriers, which already have space for a number of allocations greater than 768 thousand addresses.

So, contrary to what happened in 2014, the arrival of Day 768k should not be a threat to the functioning of the Internet world, and only a few small local providers that are not updated on the subject should keep their systems off the air.