Resistant to breaks
The original internet was designed to be resistant to breaks in the network, with traffic re-routed around them. But who knows what the modern accountants have imposed on us?
Fiber optic internet cables across France have been cut in an apparent act of sabotage, resulting in outages across the country. The attacks on French internet infrastructure were committed Sunday night, according to Secretary of State for Digital Affairs Marina Ferrari, who on X said the cable sabotage only had "localized …
This post has been deleted by its author
It's worth pointing out that a fiber is only the physical layer. It could be carrying any one of a number of upper-layer protocols (Ethernet-based, ATM or SDH/SONET etc) and not just limited to 'internet' traffic, which may account for the different level of impact on the end-users.
Fiber breaks are not uncommon on land for various reasons (Usually ground-works involving a digger and/or insufficient mapping and human error), and thankfully less common on high-capacity undersea cables. For a while, the most common cause (here in the UK, anyway) was thieves thinking the 'cable' they were stealing contained copper that could be weighed-in/sold for scrap..
I've got some experience in designing-in redundancy within SDH/SONET (Think MSP/MSPRING/SNCP) to consciously plan for the inevitable fiber faults during network build-out, and I guess other technology-specific protection mechanisms are available [1] for the different layers. It helps if you think about this sort of thing ahead of construction [2].
Who knows what (if any) transmission-protecting mechanisms were in use on the severed cables in France....some people will pay for it up-front, and some won't :-)
[1] Anyone know how you protect the individual wavelengths in a DWDM system? If you do, please give me a hint!
[2] The usual 'gotcha' here is that you take the trouble to route physical links over geographically diverse/difference routes in the infrastructure you control, only to find later that all of the protected paths end up in a single building/power zone/underground ducting etc. courtesy of someone more cost-conscious or less diligent than you!
>Who knows what (if any) transmission-protecting mechanisms were in use on the severed cables in France....some people will pay for it up-front, and some won't :-)
Not clear what "transmission-protecting mechanisms" you can use with a deliberate terrorist attack - other than perhaps 10KV DC feed in the outer armor
At physical level there's no protection mechanism... at routing level, except when a PoP/Baseband got burned, the traffic is rerouted through an alternate route...
Now knowing the French ISPs and a bit of their network ( especially SFR and Bouygues ), rerouting may lead to blackholing the traffic and packet dropping because the configuration of the whole network was not tested with multiple rerouting. Which might require a monkey to make some modificatins to fix the blackhole or the network congestion ( and the dropped packets ).
"transmission-protecting mechanisms" you can use with a deliberate terrorist attack
If it was SDH, 'Multiplex Section Protection' would have helped.. '1+1 MSP' has a second/redundant pair of fibers between adjacent nodes (via different physical paths!), carrying exactly the same 'bitstream'. The RX at each node can monitor the health of the optical PHY and/or MS etc. and select the 'working' input. This results in a more or less an instant change-over, meaning the body on the circuit switched phone call doesn't even notice (The Multiplex Section stream has moved from one receiver to the other). There's another flavor of MSP named '1-to-N' which does the same thing, but protects any one of 'N' links with a single protection pair.
At least, that's how it used to work...I dunno how much SDH/SONET is still in use these days.. it can't ALL be obsolete yet!
I guess the equivalent in the IP world would be an OSPF interface who's PHY does down or the OSPF dead interval timer expires..either of these cause LSA updates which should trigger the re-routing..
other than perhaps 10KV DC feed in the outer armor
Actually, that's pretty close, at least for the long-distance submarine cables with re-generators installed...have a look at the way power is supplied for these... Sort of has to be high voltage, because...electrical physics:-)
One of the guys down the hall* from the data center at a previous employer developed the method for using a signal sent along an otherwise dark fiber, that with the correct hardware on the end of the cable, could pinpoint the JBC and dispatch policemen, firemen, or service techs (based on what was in that trench) to arrive before they could reach the conduit with their rogue digger.
* - the number of PhDs per person in that department was astounding.
...developed the method for using a signal sent along an otherwise dark fiber, that with the correct hardware on the end of the cable,
Decent DWDM switches (eg Infinera, Huawei) can include OTDR (Optical Time Domain Reflectometry) cards or strap-ons that can be switched to a dead interface and used to detect where a break might be. If they're on both ends of a link, they can provide a pretty accurate distance indication to the fault. Or the first fault. Then, because you have accurate mapping* you can despatch your field engineers** to fix the cut(s)
And then the fun begins. Which can include paperwork and permits to dig up the road. Or in one of my most interesting outages, turn up and go "Where's the road gone?". A severe typhoon had caused a landslide, which took out a fair chunk of the road our fibres ran along. I got field engneers to send me pics which I could send to irate customers who wanted to know why we were going to violate our MTTR just a tad. Otherwise it can just be a slog of identifying and splicing together 144 or 288 fibres. Also mildy curious if restoring these cuts will take a bit longer because the cuts are effectively crime scenes. There can also be FUN! when cuts are in places where there are events on, like Parisian roads and the Olympics when local authorities don't want transport routes interrupted.
* You have that, don't you?
** You have those, don't you? And didn't RIF/Outsource that capability
The main issue is that French telcos are controlled by accountants nowadays... And it costs a lot of money to deply a PoP ( Point of Presence ) somewhere, so they tend to share the thing.
So if a single 240VAC/48VDC Converter blows up in a PoP somewhere, bringing down the router and switches that gets the power out of it, you end up with 3 of the ISP down ( out of 4 ) in a 150K people city until the conpany in charge of the replacement of the blown converter has done it and you have replaced the router ( because obviously it also got bricked along the way )...
Been there's done that, was lucky to be secondary on call for that January First. The main on call guy didn't sleep that day, and Internet only came back two days later for hte impacted persons just because a 2U DC converter threw a fuming fit and blew a 2U ADSL Aggregation/CPE router.
The second issue is that lots of these equipments are in small shelters in the wild secured by a weak fence with warning signs at best. ( in many cases the fence is not even there. So you set up the shelter on fire and *voila* you just disrupted fixed Internet in the area. For mobile, it's even easier, set up the waveguides that comes out of the shelter ( they are more secured usually ) and go to the pylon on fire.
Ecoterrorists and Extreme Left Anarchists have been at it for a while on a semi regular bass... It's just getting more press coverage this time because it comes two days after a cordinated physcal attack on the signalling infrastructure of the TGV lines and France is a media magnet with the Olympic games on
> The second issue is that lots of these equipments are in small shelters in the wild secured by a weak fence with warning signs at best. ( in many cases the fence is not even there.
Reminds me of the mobile opCo site I worked at in a different EU country, the building had both offices and the local cell mast but *NO* wall of any type around the site despite a public pavement being within 0.5m of the mast and with the cable tray containing cables going between building and mast being only just above head-height where it entered the building over one of the doors (about 1.5-2m from said pavement).
Then again at the same OpCo's HQ their main DC was on the ground floor with a multi-story staff carpark above it and with one of the exterior walls of a DC hall being (I assume) toughened glass (rather than brick/concrete) at the edge of their site with wasteland next to it and again no walls around the site - so at night if lights were on then the rows of racks were clearly visible from the street and wasteland. For extra measure throw-in that the (unmanned) DC entry door was on the public pavement and that door often tended to not lock (it seemed to bounce off the magnetic stops when closing, so sitting about 1 inch open) and there seemed to be no monitoring of whether that door was actually closed or not.
Then again at the same OpCo's HQ their main DC was on the ground floor with a multi-story staff carpark above it and with one of the exterior walls of a DC hall being (I assume) toughened glass (rather than brick/concrete) at the edge of their site with wasteland next to it and again no walls around the site - so at night if lights were on then the rows of racks were clearly visible from the street and wasteland. For extra measure throw-in that the (unmanned) DC entry door was on the public pavement and that door often tended to not lock (it seemed to bounce off the magnetic stops when closing, so sitting about 1 inch open) and there seemed to be no monitoring of whether that door was actually closed or not.
any issues arise due to those items you mention?
> any issues arise due to those items you mention?
Not that I remember. The door-not-quite-closed was common enough that I got into the habit of checking before I tapped my access card on the outside reader.
The "DC with a car park above it" was just something I'd never seen before anywhere as where I come from such a layout would never happen (concerns of a car intended to go "bang!"). I would have thought even the risk of car fuel/battery fires would have prevented the idea of sharing a car park with a DC, obviously not.
The "large glass wall" on one side of the DC hall was strange when working in there at night as it was only a few metres from an expanse of weeded wasteland. Also immediately outside the glass wall were a few parking spaces - someone silly enough to start their car in the wrong gear could end up going into/through the glass (and it was large enough for a large truck to fit). Also remember there was no wall around the whole site so someone could drive down the road, turn off the road towards the carpark entrance (which did have a card-controlled barrier) but instead go to those outside car spaces and drive straight through the glass wall.
I'd expect telecoms infrastructure to be considered "critical national infrastructure" and have better (or rather some) security than that.
I'd expect telecoms infrastructure to be considered "critical national infrastructure" and have better (or rather some) security than that.
Might depend on the country I guess. The very first DC I worked in, the facilities people had ordered a big blue sign to slap on the side of the building. They were told in no uncertain terms not to do that because the DC was CNI and a List X site. The DC had windows, but heavily tinted and walled up on the inside. DCs or facilities that handle classified data end up on List X in the UK which means complying with site security specifications, so your DC would have failed on that. Pretty much all the countries I've worked in have similar requirements, some stricter than others.
The other issue I've come across is insurance audits, so those will often include a physical inspection of the site. Not having a SCADA system that alerts on entry/exit and if the doors fail to lock properly would fail both insurer and government audits. Maglocks are pretty notorious for doing that, along with being fairly easily defeated. There's also an ISO standard who's number escapes my memory that also specifies minimum DC build and security standards. Sadly, so are thefts from DCs because servers can get stolen, as can other stuff.
One example I encountered in my journey was a country that had a bit of an organised crime problem. One routine generator test failed because the generators had been stolen, so solution was to hire an armed guard at that site. That can be common in countries that take security of CNI seriously and permit armed security. But the French scenario may help increase security awareness around CNI, which could lead to changes in security requirements. Which could be a challenge (ie expensive) for operators if they have to comply and do things properly. A lot of duct covers are already alarmed, but if an attacker is determined enough, it'll be too late from the alarm altering, and getting a response to site.
Show me your numbers.
Addressing Anonymous Coward's claim that the far right is more involved in terrorist activities than the far left:
The far right and religious extremists have been involved in far more violent attacks, particularly lethal ones, than the far left. Or as the link puts it:
"However, although there was a historically high level of both far-right and far-left terrorist attacks in 2021, violent far-right incidents were significantly more likely to be lethal, both in terms of weapon choice and number of resulting fatalities. ... Of the 30 [terrorist] fatalities in 2021, 28 resulted from far-right terrorist attacks. "
That's a US study on US attacks, current only through 2021, and it does not address economic impact as monetary costs did not seem to be AC's point.
The usual 'gotcha' here is that you take the trouble to route physical links over geographically diverse/difference routes in the infrastructure you control, only to find later that all of the protected paths end up in a single building/power zone/underground ducting etc.
Yes, you carefully provision 2 links from 2 different suppliers, then 5 years down the line company A buys company B and decides to 'rationalise' their plant. You only find out when someone puts a backhoe through what turns out to be your single non-redundant fibre backhaul... Been there.
1] Anyone know how you protect the individual wavelengths in a DWDM system? If you do, please give me a hint!
Usually a variation on the death rattle.. I mean this-
https://en.wikipedia.org/wiki/Dying_gasp
When an optical network terminal loses power it will send a dying gasp signal to the optical line terminal which will end the session.
Which they've cribbed from Cisco so.. not entirely true given they don't really play in the real optical space. But also kinda depends on the service and implementation. So a wavelength service is usually some form of transport protocol, ie Ethernet over that wavelength, which is the most common service in my experience. So then Ethernet could use it's dying gasp to signal a loss of path, or client could rely on a higher level protocol like OSPF, IS-IS. A client-side optic can also signal* so monitoring the SFP.
But generally the loss of a single wavelength means a fault with the SFP, or power loss at the far end. But wavelength services are inherently 'dumb' clocked light and P2P. Provisioning systems do allow for protection switching based on LOS, so if a wavelength (or more often cable) goes down and there's a diverse connection, you can switch wavelengths to a pre-defined/provisioned protection path.
The usual 'gotcha' here is that you take the trouble to route physical links over geographically diverse/difference routes in the infrastructure you control, only to find later that all of the protected paths end up in a single building/power zone/underground ducting etc. courtesy of someone more cost-conscious or less diligent than you!
Bane of my life. Plus also why outages like the French one will be more common. Once upon a time, specific cable routes were pretty much a trade secret, ie if you were in the trade, you'd know precise cable routes. But as the demand for bandwidth exploded, so did demands from customers for .kmz files so they could see cable routes, which means more people knowing where to cut to cause maximum damage. Also a lot of the gotchas can be self-inflicted, ie unless a customer orders a protected or diverse service, then.. it might not be. Providers and planners need to know if services need to be designed or maintained as diverse, or they can be moved & groomed and lose that diversity. Especially when there's a lot of M&A and industry consolidation where your dual providers might get absorbed and become one.
*Hey, who turned the lights out?
The degree of coordination observed in Friday's railway attacks (setting geographically distant control posts on fire, simultaneously, at a specific time) has suggested to some that this may have been beyond the capabilities of local troublemakers (especially French ones), and may involve foreign agents (as in the recent bed bug farce, Star of David graffiti affair in Paris, and Eiffel Tower coffin dumbo mission). Sunday's Internet sabotage appears to have followed a similarly non-French pattern IMHO (simultaneity, geolocations, ...).
But yes, overall it seems whoever it is doing this, is trying to mess with France as it hosts the Olympics with a dissolved government (from hasty action by the Prez himself), for which the President now delays naming of a (inevitably) "cohabitation" Prime Minister (and corresponding set of ministers for everything else).
The situation could be grave, but the French are at their best when everything around them is amiss (de traviole) ... so ... keep'em coming, suckers!
any sabotage of uk railways is more likely to improve things than make it worse.
knowing in advance the trains where cancelled so you make alternate arrangements instead of waiting at the platform till 20 minutes past the departure time and they announce the cancellation even though they've been promising it would arrive for 20 mins, would definitely be an improvement.
The degree of coordination observed in Friday's railway attacks (setting geographically distant control posts on fire, simultaneously, at a specific time) has suggested to some that this may have been beyond the capabilities of local troublemakers (especially French ones), and may involve foreign agents
But everyone of us who knows we could pull it off, should we ever be inclined to, knows that's just bullshit to distract from the fact that co-ordinated vandalism is easy to do, difficult to stop. Co-ordination isn't at all hard using watches or phones.
What most amused me was the description of the attack locations as "unguarded" - as if it's routine to place guards along thousands of miles of track.
>Co-ordination isn't at all hard using watches or phones.
I also thought someone had an axe to grind with the neighbours because, amongst others, not being allowed to participate. Coordination, knowing where to hit ... Anyways, hats off for the organisation of the games. Some retards worry about singing headless Marie-Antoinettes, gay last-suppers, but couldn't care less that schools and hospitals are getting bombed around the world.
"Co-ordinated attack" does sound rather un-French. The winners of the recent parliamentary elections can't even co-ordinate between themselves to agree on a leader. Usually it's the losers who fight like rats in a sack. Here in France it's the winners.
Investigators are having trouble determining the culprits and motive for the nationwide SNCF and fibre optic cable-cutting spree because multiple conflicting pieces of "evidence" are being left for them to "discover". At one particular site where fibre cables were sawn, graffiti left by the perpetrators indicated their unhappiness with the Olympic Games, objection to buying nuclear waste, and support for New Caledonian independence. Yeah, and why not "Just Stop Oil", "Swifties Unite" and "Drag Queens for Gaza" while they're at it?
Earlier last week, the French police arrested some fool who believed himself to be working for Russian intelligence, planning a series of attacks on French soil while the world's media was focused on Paris for the Olympics. The guy comes across as a bit of a tit but it's not unfeasible that a secret service hoping to cause distractive uproar in a foreign country might persuade a variety of local deadheads with chips on their shoulders to turn to coordinated vandalism as a means of raising awareness of whatever interest groups they happen to support.
Indeed. The "NO JO" graffiti seems to have been copied from Extinction Rebellion's December '23 "NO JO 2030" food-coloring-on-snow protest-art piece (with no Fiber cutting, nor train arson ...).
A definite false flag to leave this graffiti at this week's disruption scene(s) IMHO. I doubt it's from DGSE, though they do have past experience with Rainbow Warrior (39 years ago this past July 10).
A definite false flag to leave this graffiti at this week's disruption scene(s) IMHO. I doubt it's from DGSE, though they do have past experience with Rainbow Warrior (39 years ago this past July 10).
Thing is the French far-left/ecoterrorists have been doing this for years, so it's not at all suprising they'd do it now to get maximum publicity. Except the MSM is being a bit coy about naming the culprits.
>> A definite false flag
Maybe. I noticed that the graffiti calling for New Caledonian independence was misspelt. One might have opinions about "extreme-left" activists (i.e. fascists who want everyone to do as they say, or else) but generally speaking those seeking independence for their country know how to spell it.
Note that for the railway attacks they set up on fire distant control posts at strategic junctions between the High speed tracks and regular ones ( or in Courtalain case when the track split n two ) to maximize the impact.
For the fiber/internet attack, the new information I got told me that they did it by cutting fibers at specifc locations in manholes. ( underground fibers running along motorways, canals and main rivers )
While the railway attack doesn't really need insider information ( you can look for the control posts in the area you want to do it while preparing the operation ), the fiber/internet attack required insider information ( you can't really go around opening all the manholes in an area to find the right ones without being noticed, especially if the ones you are looking for are spread in the wild or along a motorway )
I live here...er...there. But out in the northwest bit where nothing happens.
If my internet goes down, it's going to be because the dickhead neighbour gives zero fucks about the public infrastructure when wrangling hay bales with his tractor. He's already smashed up one pole and brought the fibre down off another. I have tied it to that other pole with some twine to keep it mostly off the lane, but one of those big wagons goes through and the fibre is going to be torn apart. Reported it to Orange, they "promise" it'll be fixed in a month. Hmm...
Not an act of terror, just an act of terrible driving.