• Technology
  • Electrical equipment
  • Material Industry
  • Digital life
  • Privacy Policy
  • O name
Location: Home / Technology / A Russian ISP confirms Roskomnadzor’s Twitter-blocking blooper

A Russian ISP confirms Roskomnadzor’s Twitter-blocking blooper

techserving |
3323

reader comments

107

with 47 posters participating, including story author

Share this story

Share on Facebook

Share on Twitter

Share on Reddit

This is https://speed.gulag.link/, a speedtest application that demonstrates Roskomnadzor throttling to Russian users it impacts.

This is the Google-translated version of the gulag.link screenshot to the left.

Further Reading

Russian attempt to throttle Twitter appears to backfire

Last night, a confidential source at a Russian ISP contacted Ars with confirmation of the titanic mistake Roskomnadzor—Russia's Federal Service for Supervision of Communications, Information Technology, and Mass Media—made when attempting to punitively throttle Twitter's link-shortening service

t.co

.

Our source tells us that Roskomnadzor distributes to all Russian ISPs a hardware package that must be connected just behind that ISP's BGP core router. At their small ISP, Roskomnadzor's package includes an

EcoFilter 4080

deep package inspection system, a pair of Russian-made 10Gbps aggregation switches, and two Huawei servers. According to our source, this hardware is "massive overkill" for its necessary function and their experienced traffic level—possibly because "at some point in time, government planned to capture all the traffic there is."

Currently, the Roskomnadzor package does basic filtration for the list of banned resources—and, as of this week, has begun on-the-fly modifications of DNS requests as well. The DNS mangling also caused problems when first enabled—according to our source, YouTube DNS requests were broken for most of a day. Roskomnadzor eventually plans to require all Russian ISPs to replace the real root DNS servers with

its own

, but that project has met

with resistance and difficulties.

Advertisement

From the core BGP router at this Russian ISP—north of Roskomnadzor's system—this Microsoft resource downloads in 276 ms.

From behind Roskomnadzor's filtering apparatus, the same Microsoft download takes well over ten minutes to complete!

The throttling Roskomnadzor applied yesterday could better be described as a

tarpit

—as seen in screenshots above, it caused downloads from all affected domains to crawl along at only a few kilobytes per second. This renders affected domains effectively unusable, but it could also be considered an attack against the servers on those domains. Maintaining TCP/IP connections consumes memory and CPU resources on connected servers, which are often in shorter supply than raw bandwidth, and it seems likely that Roskomnadzor hoped for a negative impact on Twitter itself, as well as its own citizens.

As reported yesterday and confirmed by our source above, however, the tarpit attack did not only affect Twitter's

t.co

domain as intended—it affected all domains that

included

the substring

t.co

, for example

microsoft.com

and Russian state-operated news site

rt.com

. As you can see in the screenshots, a sample document that normally downloaded from Microsoft in a quarter of a second required well over ten minutes to download from behind the Roskomnadzor filtering apparatus.

According to our source, the mistaken block string was finally corrected with proper match limiting at around 4 am Eastern time today—Twitter's

t.co

is still affected as intended, but Microsoft, Russia Today, and other "collateral damage" sites can once again be browsed at full speed.

Listing image by

Roskomnadzor