It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Internet Problems? BE customer traffic being sent to the USA and back to the UK or Europe!
page: 11
share:
For the last week or so I have been experiencing major connection issues with certain media sites, site that I have to access for work. This seemed to
only be happening at certain times of the day, kicking in at about 16:00 or so (GMT) and only affected certain sites.
For example, a media site that I work with has a secure content management system that I need to access to complete my work, and this is not functioning for several hours a day. While other media sites such as YouTube and DailyMotion are fine.
After looking into this yesterday, it seems I am not the only one, and many more across the UK (and potentially Europe too) are experiencing the same thing.
My service is provided by BE (as the wholesaler) and someone with a little more tech knowledge than me looked into this.
It seems that, for an unknown reason and without explanation, UK and European traffic is now being diverted to the USA, before returning to Europe.
BE Usergroup Site
BE seem as surprised about this as others are if this is their official line. They're asking for any other strange activity to be reported on the user forum too.
Forgive me if I have presented anything incorrectly, I'm not a techy person. But from what I have gathered, it looks as though the US is directly diverting the traffic of private service providers across Europe through America for a specific reason. I don't know if this is possible without permission, or whether they have just created an agreement with providers around Europe, but whatever the explanation this is a worrying development.
This is directly affecting a lot of people, with some gaming and media sites rendered basically unusable. There are customers of the end suppliers threatening to leave in droves, and no one seems to really be talking about it or explaining what has happened.
So what are your views? Has the US basically hacked Europe in an effort to steal and monitor more traffic?
For example, a media site that I work with has a secure content management system that I need to access to complete my work, and this is not functioning for several hours a day. While other media sites such as YouTube and DailyMotion are fine.
After looking into this yesterday, it seems I am not the only one, and many more across the UK (and potentially Europe too) are experiencing the same thing.
My service is provided by BE (as the wholesaler) and someone with a little more tech knowledge than me looked into this.
It seems that, for an unknown reason and without explanation, UK and European traffic is now being diverted to the USA, before returning to Europe.
Bytemark support say: "It looks a bit like BE have turned off their LINX peering, and now the traffic is going via level3 (and america for some reason)."
BE Usergroup Site
BE seem as surprised about this as others are if this is their official line. They're asking for any other strange activity to be reported on the user forum too.
More info when we have it. Any other reports if strange pings or problems please post it to the BE forum.
Forgive me if I have presented anything incorrectly, I'm not a techy person. But from what I have gathered, it looks as though the US is directly diverting the traffic of private service providers across Europe through America for a specific reason. I don't know if this is possible without permission, or whether they have just created an agreement with providers around Europe, but whatever the explanation this is a worrying development.
This is directly affecting a lot of people, with some gaming and media sites rendered basically unusable. There are customers of the end suppliers threatening to leave in droves, and no one seems to really be talking about it or explaining what has happened.
So what are your views? Has the US basically hacked Europe in an effort to steal and monitor more traffic?
Can you run traceroute to see how your packets are being diverted?
traceroute to www.abovetopsecret.com (173.193.40.4), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 1.086 ms 1.074 ms 2.141 ms
2 * * *
...
18 po2.fcr03.sr04.dal01.networklayer.com (66.228.118.190) 172.766 ms 171.008 ms ae0.dar01.sr01.dal01.networklayer.com (173.192.18.211) 173.542 ms
Any router (those IP addresses) could have their routing table modified to send the traffic via the USA. The "routing table" is like the list of connections that any one airport offers. Any connection is either a "local network" (to a smaller airport) or a trunk network (to a larger international airport).
Sometimes these are set up to automatically select the long-distance data carrier that offers the cheapest rates.
Othertimes, they get messed up by technicians.
traceroute to www.abovetopsecret.com (173.193.40.4), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 1.086 ms 1.074 ms 2.141 ms
2 * * *
...
18 po2.fcr03.sr04.dal01.networklayer.com (66.228.118.190) 172.766 ms 171.008 ms ae0.dar01.sr01.dal01.networklayer.com (173.192.18.211) 173.542 ms
Any router (those IP addresses) could have their routing table modified to send the traffic via the USA. The "routing table" is like the list of connections that any one airport offers. Any connection is either a "local network" (to a smaller airport) or a trunk network (to a larger international airport).
Sometimes these are set up to automatically select the long-distance data carrier that offers the cheapest rates.
Othertimes, they get messed up by technicians.
ISP's will have multiple routes to the wider world and each route will have fall backs so if a link from A to B dies it will use route C due to stuff
like sending stuff via transatlantic cable there and back costs more than routing it via lets say a cross channel cable ISP's wont do it unless its
last resort to maintain a certain level of service
More than likely someones gone and made a change on a core router somewhere and broken things so when BE wants to talk to a server it now see's the cheapest/fastest route as going via some transatlantic cable, now it may not be a BE problem but someone 2-3 hops away who's changed something and thus the tracking down can be a pain to track down and get them to admit fault and fix the problem
More than likely someones gone and made a change on a core router somewhere and broken things so when BE wants to talk to a server it now see's the cheapest/fastest route as going via some transatlantic cable, now it may not be a BE problem but someone 2-3 hops away who's changed something and thus the tracking down can be a pain to track down and get them to admit fault and fix the problem
Used to be a "Be" customer but jumped ship when it became clear there was no more investment in their network.
The Be Usergroup is pretty clued up but if no one knows about it there it could in fact be an exploit on your modem/router as the supplied Thomson kit is insecure.
The reason I say this is because I has a similar problem which turned out to be the TDSS rootkit.
Because my PC became infected it gained admin. access of the ISP supplied Thomson and changed the DNS to a server providing fake site search results.
Be were completely clueless at the time but then did an upgrade which they say took away the flaw.
TLDR: If only a few people are experiencing redirects consider the modem/router as a cause as it's insecure.
Check Thomson DNS settings and ensure they are as supplied.
If not:
Download support.kaspersky.com... and run all windows devices with wireless/wired access.
Factory reset Thomson and input original details supplied by Be.
The Be Usergroup is pretty clued up but if no one knows about it there it could in fact be an exploit on your modem/router as the supplied Thomson kit is insecure.
The reason I say this is because I has a similar problem which turned out to be the TDSS rootkit.
Because my PC became infected it gained admin. access of the ISP supplied Thomson and changed the DNS to a server providing fake site search results.
Be were completely clueless at the time but then did an upgrade which they say took away the flaw.
TLDR: If only a few people are experiencing redirects consider the modem/router as a cause as it's insecure.
Check Thomson DNS settings and ensure they are as supplied.
If not:
Download support.kaspersky.com... and run all windows devices with wireless/wired access.
Factory reset Thomson and input original details supplied by Be.
edit on 6-7-2013 by Jukiodone because: (no reason given)
Also take into consideration that a lot of places are these days using DDOS protection, like softlayer here on ATS, which you may route through.
I dunno, i can't see what the tracert was going to in the pastebin, looks like from a personal IP to a personal IP and not any services.
Where I live, everything goes into the US anyway, so I'll never know if we're having traffic routed nefariously. Which sucks as the latency sky rockets as soon as it leaves Aus.
I dunno, i can't see what the tracert was going to in the pastebin, looks like from a personal IP to a personal IP and not any services.
Where I live, everything goes into the US anyway, so I'll never know if we're having traffic routed nefariously. Which sucks as the latency sky rockets as soon as it leaves Aus.
new topics
-
Driving home for Christmas… fast!
General Entertainment: 1 hours ago -
My Retirement
General Chit Chat: 2 hours ago -
‘Something horrible’: Somerset pit reveals bronze age cannibalism
Ancient & Lost Civilizations: 3 hours ago -
Spiritual Solstice
Short Stories: 6 hours ago
top topics
-
'Mass Casualty event' - Attack at Christmas market in Germany
Mainstream News: 16 hours ago, 28 flags -
My Retirement
General Chit Chat: 2 hours ago, 8 flags -
Driving home for Christmas… fast!
General Entertainment: 1 hours ago, 3 flags -
‘Something horrible’: Somerset pit reveals bronze age cannibalism
Ancient & Lost Civilizations: 3 hours ago, 2 flags -
Spiritual Solstice
Short Stories: 6 hours ago, 1 flags
1