-
This is https://speed.gulag.link/, a speed test application that demonstrates Roskomnadzor’s limitation for Russian users that it affects.
Jim Salter
-
This is the Google-translated version of the gulag.link screenshot on the left.
Jim Salter
Last night, a confidential source at a Russian ISP contacted Ars with confirmation of the titanic error Roskomnadzor – Federal Communications, Information Technology and Mass Media Service of Russia – while trying to punishly strangle Twitter’s link shortening service t.co.
Our source told us that Roskomnadzor distributes to all Russian ISPs a hardware package that must be connected right behind that ISP’s BGP core router. In its small ISP, the Roskomnadzor package includes an EcoFilter 4080 deep inspection system, a pair of Russian-made 10 Gbps aggregation switches and two Huawei servers. According to our source, this hardware is “a massive exaggeration” for its required function and its level of experienced traffic – possibly because “at some point, the government planned to capture all existing traffic”.
Currently, the Roskomnadzor package does basic filtering of the list of prohibited resources – and, starting this week, it also started to modify DNS requests in real time. DNS mutilation also caused problems when activated for the first time – according to our source, YouTube’s DNS requests were interrupted for most of the day. Roskomnadzor eventually plans to require all Russian ISPs to replace the actual root DNS servers with their own, but that project encountered resistance and difficulties.
-
From the main BGP router on this Russian ISP – north of the Roskomnadzor system – this Microsoft resource is downloaded in 276 ms.
Jim Salter
-
Behind Roskomnadzor’s filtering apparatus, the same download from Microsoft takes well over ten minutes to complete!
Jim Salter
The Roskomnadzor bottleneck applied yesterday could best be described as a tarpit – as seen in the screenshots above, it made downloads for all affected domains drag on at just a few kilobytes per second. This makes the affected domains effectively unusable, but it can also be considered an attack against the servers in those domains. Maintaining TCP / IP connections consumes memory and CPU resources on connected servers, which are often shorter than the gross bandwidth, and it seems likely that Roskomnadzor expected a negative impact on Twitter itself, as well as its own citizens.
As reported yesterday and confirmed by our source above, however, the attack on the tarpit didn’t just affect Twitter t.co domain as intended – affected all domains that included the substring t.co, for example, microsoft.com and the Russian state news site rt.com. As you can see in the images, a sample document that is usually downloaded from Microsoft in a quarter of a second took well over ten minutes to download behind the Roskomnadzor filtering apparatus.
According to our source, the incorrect blocking string was finally corrected with the appropriate match limitation around 4:00 am Eastern time today – from Twitter t.co is still affected as intended, but Microsoft, Russia Today and other “collateral damage” sites can once again be browsed at full speed.
List image by Roskomnadzor