Internet Routing – How an Email inside the UK can end up in Virginia | Storm Internet

When Edward Snowden revealed that the NSA had been reading Angela Merkel’s email, the German Chancellor wondered out loud why an email sent between two people in Germany should pass through Virginia.

The answer is that the route that data takes across the internet varies based on price, exchange server hosting and network congestion. That means data does not always go in a straight line or take the shortest path as one might think.

To illustrate this point, we conducted a small test. We sent data between two servers in Ireland and, to our surprise, that passed through the USA, just like the Chancellor said.

TraceRoute

First of all, email does not behave as you might imagine. It is not an object that travels along the internet as some kind of solitary entity like a snail mail package sent physically by truck or plane. Email uses SMTP (simple mail transport protocol). That creates a persistent connection between two servers. So it is not tossed onto the network and forgotten. The email servers chat back and forth as one deliver mails to another. And the route they use to chat back and forth is subject to the same routing rules explained above and demonstrated below. So it could follow lots of different paths.

If you could logon to your email provider’s email server you could see where that data is going. Let’s do a little test to illustrate.

You can do this on your computer too. Get a command prompt and type traceroute (on Windows is is tracert.)

We will pick a server in Ireland and a destination that is far away from that: Methodist Healthcare Systems in Dallas. Then we run traceroute. The output is below.

Look at the screen above. It shows all the networks that the data crossed to get to its destination. The number ms next to the IP address means the delay in milliseconds going from one point to another. We just said that internet routing varies depending on traffic congestion and price. We do not know what prices the different networks charge each other along the way. Big internet backbones usually do not charge each other anything as their bills tend to cancel each other out as they carry each other’s data. That’s called peer-to-peer pricing. But your ISP (internet service provider) has to pay another ISP to get onto the high speed part of the internet. Those charges vary by time of day, traffic, volume, discounts, etc.

Also one network only has control of the network next to it when deciding what path to use. Other networks that are adjacent to that make their own routing decisions too. So no one is in control of that decision from end to end.

In going to the hospital in Dallas, the traffic that we sent went over cogentco.com and then landed at qwest.net. So who is Cogentco?

Cogentco is a really big internet backbone provider. They even show us a map where they have run physical cables:

As you can see their network goes right under the ocean from Ireland to the USA. And then notice this network address revealed in the trace route: qwest.iad02.atlas.cogentco.com. It looks like they have some kind of dedicated connection to Qwest, who is a big ISP in the United States. Qwest is the ISP that the Dallas hospital uses. Qwest is, in this case, the off ramp from the high speed lane on the internet. The connection from the hospital to Qwest could be very fast too, but it will not be a bundle of fibre optic cables run under the sea and across land like Cogentco has.

We did another test to another destination (Google’s email server smtp.google.com) and in that case the server in Ireland used a network provider called Zaho to send that data. If you are wondering why they would use one network one time and another one another time it is because the company we used in Ireland, Stratogen, is a cloud hosting company. So they will have multiple internet connections for redundancy and pricing reasons.

Going from Ireland to Ireland the Long Way

So let’s send traffic from one point in Ireland to another point in Ireland and then see where the data does. Will it leave the country, like Chancellor Merkel feared? This answer is yes, in this example it went through the USA. Or maybe it did not. Let’s see.

Let’s pick Digital Rights Ireland as the destination. (DRI is the organization whose lawsuit caused the European Union to throw out its data retention laws that had forced telecom operators and ISPs to record data on their customers for law enforcement and intelligence purposes. So they are a friend in the battle for privacy.)

You can see above, that data went across Cogentco’s network hop in Dublin be2529.rcr21.dub01.atlas.cogentco.com. But did it go outside of Ireland?

The answer is unequivocally: maybe.

Notice that that traffic passed through the IP address 154.54.30.42. This web site that claims to know where IP addresses are physically located. It says that address is in the USA. But they also cite another source that says that IP address is in Mauritius.

Frankly, I am not convinced that they can determine physical location from an IP address. How could that website know anything about inside details of the Cogentco network? It is true that IP addresses are assigned in geographical blocks as each country around the world has blocks assigned to them. ISPs in these countries buy those addresses in bulk. But it is also true that some countries and companies, like Microsoft’s Windows Azure cloud business, have run out of IP addresses (There are only 4.3 billion available.), so they are buying them from countries who have excess ones. So it could be the case that, say, a Brazilian IP address is actually used in a data centre in the USA, which is exactly what Microsoft has done. (Microsoft has also bought those from Ireland.)

But what we do know for certain is that Cogentco does not have a data centre in Ireland. Their complete list of data centres is here and shown in the graphic below. The closest is in the managed hosting UK and France. So that data definitely would have to travel outside Ireland. Did it go through the USA? You can draw your own conclusion based on what we said above. Both the USA and Mauritius are outside of Europe. Mauritius is somewhere near India. Both of these are far from Ireland.

Well, our point here is made, which is that internet data can take a quite circuitous route to its destination. But it is one thing to tap into data-in-transit, passing through a router, and another to tap into data-at-rest. It very much does matter where data is kept if the goal is privacy.

There is only one way to keep UK data out of the hands of American espionage and enforcement agencies and that is to locate that data in the UK. It is probably not too likely that the NSA is again going to flout American law and tap directly into Yahoo, Microsoft, and Google data centres because all those businesses and American public have pushed back against that and President Obama has made clear that he wants his administration to follow the law. And with regards to what America can legally do, an American court cannot subpoena data that is housed outside of America. They would have to file suit in the UK, where there is no American Patriot Act with such broad powers.

Also European Data Directives that required ISPs and telecom companies to record all data for 6 months have all been ruled unconstitutional by a lawsuit brought by Digital Rights Ireland in the European Court of Justice. Each EU member state had to rewrite their laws after that and the UK and other nations have not been so bold as to order ISPs and telecoms to vacuum up data in such a wholesale fashion again.

To keep your data safe and rest well knowing that it will always remain within the bounds of the UK, talk to us by clicking here or call us on 0800 817 4727