BGP Still Contains 20-Year Old Insecurities

According to an article from the AP, BGP (Border Gateway Protocol) still contains weaknesses that could result in widespread loss of Internet connectivity.

The article spends an inordinate amount of time explaining that this has already happened in certain areas for other reasons, and only discusses BGP briefly (relative to the rest of the article).

It is, however, a real problem. Current protocol changes (to improve security) include a wide range of protocols: DNS-SEC, SNMP v4, SMTP (with message submission and encryption), POP3S, IMAPS, and others. Even IPv6 involves changes to increase security.

It is unfortunate that the routing backbone of the Internet is still suffering from reliability problems after all these years – even after the president said that fixing it was top priority.

The problems go beyond just security, but stability and scalability as well. Is it time for a replacement or redesign of BGP?

Working in a development environment

In a standard business environment, a production system is one that must be up and stable, and cannot be changed without a lot of forethought and a lot of getting people to coordinate and okay the process. A development system is one that the administrators use to prepare for bringing systems into production.

However, if your users are developers, then things may be different – especially if you are also using the software in a stable environment.

Development, by its nature, produces unstable code which is prone to crashes and other undesirable behavior. This stands the usual system administration goals on their head: your systems, though they are in “production” (that is, they are used by normal users on a daily basis) – these “production” systems behave like test systems in that they are not reliable. With reliability issues, it may seem as if they are not production systems – but they are.

What’s more, there may be actual “production” systems – systems with the same software which is not being developed, but being used. These systems then, are also systems that should not change (in production, we would say), but do not have reliability problems.

Even though the development environment may feel like a test lab at times, with systems going experiencing hangs and so forth, these systems still need to be treated like a normal production system. Never forget that your users, even though they seem to do “bad” things to the system, still rely on the system being there on a daily basis.

It also means that you will have to respond to problems faster, and be proactive in preventing problems – and that you will have more problems to resolve.

In short, the normal software development environment is more challenging to the admins that support this environment – but also more exciting.