The Russian government is serious about protecting the Runet from external threats, but it is hardly likely to take the radical step of making the Runet completely autonomous from the global Internet.


Does the Internet’s fragmentation pose a threat to the global Internet? Photo: Reuters

Is Russia pushing the Internet to the brink of fragmentation? The question is often asked with regard to the Russian Security Council’s plans to ensure protection of the Russian Internet (Runet) from external threats, which might include its disconnection from the global Internet.

The key question is on what infrastructure layer the potential transformation of the Runet might take place. One option that is widely mentioned is massive reorganization of the infrastructure of the Runet’s physical channels. Those include cross-border fiber optic cables owned by major Internet service providers (ISPs) and the key Internet Exchange Points (IXPs).

The IXPs are technical facilities enabling exchange of Internet traffic between the networks of different ISPs – and they are the major infrastructure allowing traffic to travel inside and outside Russian borders. There are now 14 IXPs in Russia, and there are 6 ISPs that together own 77 percent of cables and their throughput. This layer is a kind of bottleneck for the Runet, with a limited number of critical channels to control.

So one of the strategies for the Russian state in case of an emergency might be to order the major ISPs to terminate their operations and to block the operations of the key IXPs. This would likely result in a massive shutdown of the Internet in Russia. However, even in that case, the share of users without access would be far from 100 percent.

The Runet is simply too developed, and has too sophisticated and diversified an infrastructure. There are multiple cross-border cables, many of which are linked directly to foreign ISPs’ networks instead of the IXPs in Russia. And there are mobile connections, satellite communications, etc. But the major thing is that this method doesn’t meet the goal of the Russian government – to protect the Runet from external threats, not just to shut it down.

That is why the changes might rather take place on another infrastructure layer – the national segment of the Domain Name System (DNS). From what can be gathered from the media (though not confirmed by Russian officials), one ambitious initiative under consideration might include providing the Runet with something that could be called a backup nationwide DNS system.

A brief background: The DNS is a global hierarchical database that enables association of the domain names with IP addresses for all nodes and devices in the Internet. Due to its hierarchical nature – which is quite unique for the Internet infrastructure – the DNS is managed in a centralized manner, with the so-called Root Servers and their “mirrors,” distributed all over the world, on its top level.

So, here’s how it might work in theory: As far as everything is proceeding according to normal, the Runet operates as usual, with the Russian domains being a part of the global domain name space. But in case of extreme necessity, the upper level DNS servers resolving queries to the country-code Top Level Domains (ccTLDs) .RU and .РФ are switched off the global DNS system.

What happens next is a question with several answers. If the shutdown is a short-term measure (as it looks like from the media), the cached data at the DNS servers will still allow resolving queries to Russian TLDs.

In addition, the administrators of the Russian TLDs are also able to extend the autonomy period by launching a backup database enabling association of unique identifiers (IPs and domain names) within the Russian segment. However, both options would work only for hours or for several days – then the degradation of the isolated DNS segment will be almost inevitable.

Moreover, this is certainly not an option if the data on the Russian TLDs is permanently erased from the Root Zone file, which is zero level of the DNS system, containing information on all the TLDs. This is something, which is never going to happen based upon the whole history of Internet governance.

However, if anyone considers this threat real, there might be only one effective mitigation strategy – creating a National Root, a DNS system with its own Root Servers on the national level. This requires setting up DNS servers in Russia to perform the Root Servers functions and to ensure autonomous association of Russian domain names with the IP addresses. Theoretically, implementation of such measures would make the Runet completely autonomous from the global Internet.

Only this option would imply the fragmentation of the Internet in the true sense of this word. The idea of a National Root would be a nightmare for the global technical community, including ICANN – the Internet Corporation for Assigned Names and Numbers, a body responsible for allocation of the domain names and management of the global DNS system.

Establishment of a national DNS Root would establish a precedent which ICANN would very likely regard as opening Pandora’s box wide open. The expansion of such practices on a nation-by-nation basis would not only undermine the Corporation’s power and functions, but would effectively mean the breakup of the Internet into smaller national segments.

The Kremlin gives the green light to shut down the Internet. Photo: AFP

Is Russia going to shake up the fundamental nature of the Internet’s architecture that far? It is hardly likely.

Remember - Russia is connected to the global Internet not only by wires and cables, but also by a $30 billion Internet sector and by $250 billion in Internet-dependent business within the broader national economy. The Russian government does grasp the globalized nature of Internet businesses, so it would not undermine one of the major non-hydrocarbon drivers of Russia’s economic growth over the last decade.

Besides, despite Russia’s rather rocky relationship with ICANN, the idea of fragmentation is actually not what the Russian government is trying to develop. This is all about state sovereignty on the Internet – in the first place, and secondly, protection of the national segment of the Internet from any external threats.

Both goals might be achieved without isolation of the national segment from the global Internet as the new default mode. Control over major layers of the Internet’s infrastructure, which is incorporated in the digital sovereignty concept, does not imply its isolation. And this is clearly identifiable from the statements of the Russian delegates at the key international forums.

What is required, as they see it, is technical access to the “control panel” of the Runet’s critical infrastructure is case of a major crisis. The critical infrastructure obviously includes the DNS, and the DNS is certainly out of the state’s direct control for the moment. That’s it.

This is why measures would likely be taken to enable the autonomous operation of the national DNS segment in case of its temporary disconnection to the global DNS by any external adversary.

However, the scenario when the Russian government itself initiates the Runet’s short-term shutdown on the DNS level is unlikely and might take place only as a measure of last resort in case of a major crisis.

What should be stressed in this regard is that the basic incentive behind such moves lies in the security domain and has very little to deal with the rights and freedoms in the Internet.

In summary, the Internet’s fragmentation is neither the Holy Grail for Russia, nor the biggest challenge posed to the global Internet. The true problem is the politicization of Internet governance issues, which results in the West accusing Russia of oppressing Internet freedoms, while Russia is actually is trying to resolve its security concerns about the critical infrastructure.

On one hand, Russia sees the technical body of the Internet Assigned Numbers Authority (IANA) as a potential transmission mechanism for U.S. sanctions. On the other hand, the IANA technical geeks can hardly remember what these sanctions are actually about.

The problem is that the lack of mutual trust and politicized approach to the issues being discussed create real divisions in the minds of stakeholders. Then, as a consequence, these divisions start to be demarcated at the infrastructure level. The answer is to focus on preventing the politicization of Internet governance rather than worrying about fragmentation of the Internet.

The opinion of the author may not necessarily reflect the position of Russia Direct or its staff.