Comment by bm1362
13 years ago
Superficial explanation:
BGP is the border gateway protocol- you can think of large infrastructure providers as being huge networks that are connected through 'border nodes'. BGP is the protocol it uses to negotiate routes into each other's networks, each provider advertises to the other provider what routes it has available. A common way to make a country go dark is by simply removing the BGP routes advertised for that country.
All right... but who is faking this? Who can be faking this and how and how does it change the traceroute?
Anyone can make their machine emit any packets they want it to. That's the fundamental principle in play here.
How it works is simple: ICMP ping, which is what most traceroute implementations work on, just works based on computers sending packets with their address information in response to a ping request.
If a computer that's really at IP address 10.0.5.23, for example, sends ping responses saying they're from IP address 10.2.0.93, a traceroute program will keep pinging that computer until it either gets a reply that says it's from the correct IP address or it decides the trace is futile.
A computer can lie as many times as it wants and create an arbitrarily long path that has no basis whatsoever in reality. Anyone who wants to do a good job of the lie would simply look at the Internet's routing information, which is (by definition) publicly available, and figure out which sequence of IP addresses they'd have to fake replies from. That's what's been done here, and almost a full month before April Fool's Day, no less.
Doing a better job would involve programming the computer to handle all network traffic with varying speeds, to fake the increased travel time the laws of physics would impose on the progressively longer paths it's faking. The Pirate Bay people apparently didn't bother with this part.