Internet Performance Delivered right to your inbox

6 Hours in Indonesia: How Fat Fingers Generated an Internet Outage for One Company

Late last week, a tiny Indonesian ISP announced a new ASN to the internet: AS135469. While this might be great news for the netizens of the Province of Gorontalo, it wasn’t great news for US communications defence contractor L-3 Communications. That’s because this ISP fat fingered the IP address when it started announcing its address space, transposing two digits, and in the process actually hijacked IP address space belonging to L-3 for over six (6) hours.

The screenshot below shows traffic intended for the the L-3 IP space on the Indonesian ASN.

II screenshot showing traffic intended for the the L-3 IP space on the Indonesian ASN

And in this Internet Intelligence screenshot, we see the AS path of the hijacked route. It is a more-specific of, originated by AT&T.

Internet Intelligence screenshot, showing the AS path of the hijacked route

The practical result of this is that any internet traffic directed to the L-3 address space would have been directed to Indonesia, resulting in denial of service. And while we don’t know exactly what L-3 hosted in this space, it’s not hard to imagine how a six hour outage could be pretty distressing for many companies, if not materially impacting. What would be the impact if your eCommerce site, email server or supplier portal was effectively offline or inaccessible for six hours? We’d guess things would be hitting the fan pretty hard in the NOC. Worse yet, without visibility, identifying the root cause would be quite challenging.

But what’s really amazing about this event is that it’s not really all that amazing. As Dyn monitors global internet conditions in real time, we see events like this happen every day, in fact, several times a day. While the major service outages and DDoS attacks get the attention and (unwanted) headlines, it’s actually always cloudy on the internet. In other words, disruptions like these are not at all “black swan” events.

As more services and, particularly, things join the ever-growing internet, the need for companies to manage how users connect to internet-connected assets becomes more and more critical. That’s why we’re so bullish about Internet Performance Management (IPM).

Share Now

Doug Madory
Whois: Doug Madory

Doug Madory is a Director of Internet Analysis at Oracle Dyn where he works on Internet infrastructure analysis projects. Doug has a special interest in mapping the logical Internet to the physical lines that connect it together, with a focus on submarine cables.

To current Dyn Customers and visitors considering our Dynamic DNS product: Oracle acquired Dyn and its subsidiaries in November 2016. After June 29th, 2020, visitors to will be redirected here where you can still access your current Dyn service and purchase or start a trial of Dynamic DNS. Support for your service will continue to be available at its current site here. Sincerely, Oracle Dyn