After DNS Problem, Chinese Root Server Is Shut Down
A China-based root DNS server associated with networking problems in Chile and the U.S. has been disconnected from the Internet.
The action by the server's operator, Netnod, appears to have resolved a problem that was causing some Internet sites to be inadvertently censored by a system set up in the People's Republic of China.
On Wednesday, operators at NIC Chile noticed that several ISPs (Internet service providers) were providing faulty DNS information, apparently derived from China. China uses the DNS system to enforce Internet censorship on its so-called Great Firewall of China, and the ISPs were using this incorrect DNS information.
That meant that users of the network trying to visit Facebook, Twitter and YouTube were directed to Chinese computers instead.
In Chile, ISPs VTR, Telmex and several others -- all of them customers of upstream provider Global Crossing -- were affected, NIC Chile said in a statement on Friday. The problem, first publicly reported on Wednesday, appears to have persisted for a few days before it was made public, the statement says.
A NIC Chile server in California was also hit with the problem, NIC Chile said. While it's not clear how this server was getting the bad DNS information, it came via either Network Solutions or Equinix, according to NIC Chile.
Network Solutions wasn't to blame as it does not offer backbone provider services to NIC Chile, said Rick Wilhelm, the company's vice president of engineering. Equinix and Global Crossing could not immediately be reached for comment.
Netnod, which maintains a copy of its root DNS server in China, has now "withdrawn route announcements" made by the server, according to company CEO Kurt Lindqvist. This effectively disconnects the server from the Internet. In an e-mail interview, Lindqvist said he could not recall when his company took this action.
Netnod insists that its server did not contain the bad data that redirected Internet traffic, and security experts agree, saying that its data was probably being altered by the Chinese government somewhere on China's network, in order to enforce the country's Great Firewall.