On 2021-07-30 18:45, Christopher Morrow wrote:
> On Fri, Jul 30, 2021 at 10:57 AM Christopher Morrow
> <morrowc.lists@gmail.com> wrote:
>
>> On Thu, Jul 29, 2021 at 9:07 PM Denys Fedoryshchenko
>> <nuclearcat@nuclearcat.com> wrote:
>>
>>> On 2021-07-29 20:46, Randy Bush wrote:
>>>>> Looks like it did shown on news only.
>>>>
>>>> :)
>>>>
>>>> i wondered
>>> They have installed devices called "TSPU" on major operators.
>>> Isolation of specific networks is done without changing BGP
>>> announcements, obviously.
>>
>> Denys, can you say anything about how these TSPU operate?
>
> Denys is, I'm sure, 'lmgtfy'ing me right now but:
>
> https://therecord.media/academics-russia-deployed-new-technology-to-throttle-twitters-traffic/
>
> https://en.wikipedia.org/wiki/Internet_censorship_in_Russia#Deep_packet_inspection
>
> seems to be the system/device in question.
There is nothing magical or special in these devices, usual inline DPI
with IDS / IPS functionality, installed between BRAS and CGNAT.
Here is specs/description for one of them:
https://www.rdp.ru/en/products/service-gateway-engine/
They also sell them abroad. Anybody want to install? (Here must be an
emoticon that laughs and weeps same time)
>
>> I believe they at least swallow/stop TCP SYN packets toward some
>> destinations
>> (or across a link generally), but I'm curious as to what steps the
>> devices take,
>> to be able to judge impact seen as either: "broken gear" or "funky
>> TPSU doing it's thing"
They are fully inline, so they can do anything they want, without
informing ISP.
For example, make a network engineer lose the rest of his mind in search
of a network fault,
while it's "TSPU doing it's thing".
>>
>> thanks!
>> -chris
>>
>>> And the drills do not mean at all "we will turn off the Internet
>>> for all
>>> the clients and see what happens", journalists trivialized it.
>>> Most likely, they checked the autonomous functioning of specific
>>> infrastructurally important networks connected to the Internet,
>>> isolating only them.
>>> It's not so bad idea in general, if someone find another
>>> significant bug
>>> in common software, to be able to isolate important networks from
>>> the
>>> internet at the click of a button and buy time for patching
>>> systems.