According to Rolling Stone (paywall’d now), Ukraine has asked ICANN to disconnect Russia from the Internet. This is not something ICANN is capable of doing.
The reporting by RS was not entirely clear, and it’s worth pointing out that Ukrainian leaders are literally in a life-or-death struggle so these are not suggestions that have gone through a careful and thoughtful review process during a symposium. These ideas were voiced in desperation while bombs rain down, so some allowance for technical misunderstandings is understandable.
However, the core idea was to remove the .ru root domain, which will not isolate Russia from the Internet. As discussed on LowEndTalk, removing .ru would simply mean that no one could get to .ru-hosted domains. More likely, it means that no one outside Russia could get to them, as the Russians could hijack DNS requests inside their own country and provide their own .ru hosting.
Russians would still be able to get to whatever they can get to now, and while there undoubtedly would be some .ru businesses that would suffer, this is hardly a “nuclear option” regarding Russia and the Internet.
Isolating Russia from the Internet is possible – anything is possible given enough resources and will. But it is is not practical.
To really do this, you’d have to stop peering all the Russian AS networks, or at least throttle them, which has never been tried and would require a ton of work. There is not just one “Russian traffic on/off” switch but rather thousands or tens of thousands of Russian AS blocks that would have to be de-peered. It would be whack-a-mole for a while because I’m sure some Russian AS blocks are outside of RIPE and they could play lots of games to squat on unused blocks and who knows what else. We’re assuming that the many routers that would process this radical increase in filtering are up to the task.
Even if you had a perfect list and could implement it perfectly, it would be impossible to prevent some leakage through obliging friends (Belarus, perhaps China, etc.), especially given that you’re dealing with a very computer-savvy and capable nation (Russia).
You could got down to the physical layer and start unhooking and cutting cables, but there are many diverse methods of transit these days (satellites, etc.) It’s not even clear that all the nations required to do this would participate, or how things would work – for example, what if the only path to a third world country passed through Russia? Again, given unlimited time and resources these things could be changed but it’s not practical.
And of course, there is the larger question of whether this is good strategy or not. First, even if you could do it, so what? You’re not gaining new economic pressure. If we were talking about America instead, for example, if this was a practical threat, then network isolation would be potent leverage given how much the American economy depends on the Internet. The Russian economy does not to even remotely the same extent. Russia would certainly maintain an internal network and would become a more extreme form of China from a network perspective, so the actual pain felt by the Putin regime would be minor.
Also, from a policy perspective you have to consider if you would be eliminating needed outside voices and the ability to bring information to the outside world. Putin might love being isolated from the Internet because you would essentially be creating an echo chamber for Russian propaganda. North Korea is not network-isolated but self-isolates, and I don’t think anyone argues it has benefitted its people or caused their leadership to reform their aggressive policies.
Again, in the heat of battle, many ideas are put on the table and this, like many other options, are worth talking through, but ultimately this crisis cannot be solved at the network layer.
Related Posts:
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- IncogNET Teases Their Takeover of the Privacy-Focused Email Hosting Industry - November 17, 2024
- COMMUNITY NEWS: RackNerd LLC, Global IaaS Provider, Expands European Footprint with New Dublin, Ireland Datacenter - November 16, 2024
- Hey Providers – Want Some FREE Advertising During the SuperBowl? - November 14, 2024
Please note that .ua domains of Russian companies, such as mail.ua and yandex.ua, does not resolve already.
It seems that the domain information of these domains has been removed from the .ua zone authority servers, however whois still returns status: ok for the domains.
$ dig ns mail.ua @in1.ns.ua.
;; QUESTION SECTION:
;mail.ua. IN NS
;; AUTHORITY SECTION:
ua. 3535 IN SOA in1.ns.ua. domain-master.cctld.ua. 2022030124 3636 3600 3024000 3535
Turns out jwhois has incorrect whois server, these domains are now on clientHold.
>More likely, it means that no one outside Russia could get to them, as the Russians could hijack DNS requests inside their own country and provide their own .ru hosting.
Yes, that what was probably going to happen, using regular means though, not through hijacking.
In Russia, there’s a mirror of .ru zone, additional authoritive NS, and a government-controlled DNS resolvers which could be used.
what s joke. can you disconnect usa as he bomed syria? got balls?
great idea. they bombed yugoslavia too
fuck ukraine
That’s not helpful. Let us all hope for peace.
Thank God, they have more sense in ICANN than the LEB staff, because they immediately rejected this demented proposal of Ukrainian idiots (who have a great deal of credit for this war).