What’s behind the recent Paralysis of the Chinese Internet

March 13, 2014 3 mins read
What’s behind the recent Paralysis of the Chinese Internet

On January 21, a devastating paralysis spread across the country’s internet.

 People were unable to use their micro blogs (gxdk.com.cn), access their email accounts, visit Taobao, or watch videos—it was truly unbearable! The culprit behind this mass paralysis was a little thing called DNS. As revealed by many DNS server providers, the root servers of all the GTLDs across the country experienced abnormalities, preventing huge numbers of internet users across the country from resolving domain names in an ordinary fashion. This led to tens of millions of users being significantly affected, unable to access a large number of well-known websites. What is it about DNS that makes it so special and powerful? How did it bring the Chinese internet to its knees?

The definition of DNS

DNS is the abbreviation of Domain Name System, and is a core service utilised by the internet. It is a distributed database that allows the mapping of domain names and IP addresses, allowing users to conveniently access the web without having to memorise long strings of IP numbers (which can be translated directly by the computer). It’s like if you don’t speak Chinese but want to understand what “你好” means. All you have to do is enter the characters into Google Translate and you’ll see that it’s the standard greeting “Hello”. DNS is pretty much like Google Translate, translating domain names into IP addresses and vice versa. For example, when you type in www.baidu.com, DNS will translate your request into the IP address 192.168.1.1 and tell the server to open that particular website. Therein lies to might of DNS.

The importance of DNS

With so many different websites, users don’t want to have to memorise so many long strings of IP addresses, making the importance of DNS immediately obvious. In the internet paralysis that occurred on January 21, somebody hijacked a huge number of .com and .cn domain names to the IP address 65.49.2.178, preventing the websites from opening normally. The fact that websites couldn’t be opened normally isn’t really a big deal; if the websites had been hijacked to a phishing site, many people could have been scammed, leading to the compromise of large amounts of personal information or damage of assets.

This isn’t the first DNS disaster

This isn’t the first time DNS has sent the country’s internet into a state of paralysis. According to investigations, in 2013 the country experienced two major DNS-related malfunctions. The first was on July 6, when the DNS equipment of Shanghai Unicom malfunctioned, preventing 2G and 3G mobile users from using the internet. The other was on August 25, when .cn root name servers experienced across the board failure. Thankfully, it didn’t lead to any serious consequences.

Morgan McKinley
shanghai@morganmckinley.com