Beginning Saturday afternoon on 16 November 2019, the government of Iran ordered the disconnection of much of the country’s internet connectivity as a response to widespread protests against the government’s decision to raise gas prices. While Iran is no stranger to government-directed interference in its citizens’ access to the internet, this outage is notable in how it differs from past events.
Iran used bandwidth throttling in its response to the 2009 Iranian presidential election protests and again in 2011 when faced with another wave of nationwide protests. As we discussed in a 2009 blog post at the time, the throttling left the country’s internet connected but painfully slow. Iran is also well-known for censoring its internet, blocking numerous popular sites including Facebook and Twitter. We even documented an instance when Iran’s censorship of online pornography leaked onto the wider internet.
A Wholesale Disconnection
Unlike previous efforts at censorship and bandwidth throttling, the internet of Iran is presently experiencing a multi-day wholesale disconnection for much of its population – arguably the largest such event ever for Iran.
As NetBlocks founder Alp Toker observed, this incident is also unique in its complexity. Instead of a single act taking down the country, we’re seeing a variety of different actions take place – some networks have withdrawn their routes while others continue to announce routes but block traffic. We chose the start time of 16:45 UTC in our first tweet about the blackout on 17 November because that was when our completing traceroute measurements into Iran precipitously dropped off, but there were BGP routing withdrawals occurring as early as 14:00 UTC.
Below is a recent view showing the Iranian internet blackout from our free Internet Intel Map which offers a live view of multiple connectivity statistics.
A Country At Risk
Following our coverage of the internet disconnections during the Arab Spring, Renesys founder Jim Cowie wrote a blog in 2012 asking, Could it happen in your country? In this piece, he highlighted countries whose centralized control of their national networks was visible in BGP routing. Iran was listed as a country at “significant risk” due to the fact that all international connectivity had to flow through two only entities: state telecom TIC and research center Institute for Physics & Mathematics (IPM). The attributes that made it high-risk in 2012 haven’t changed despite the continuing development of the Iranian internet.
In the past decade, the internet of Iran has grown more complex by every measure – more BGP routes, more domestic players exchanging traffic (measured by domestic ASes), more hosted websites. Even TIC’s international gateway grew from one to three ASes to accommodate additional infrastructure. Since 2010, Iran has been exporting internet service to neighboring Iraq and Afghanistan. Iranian state telecom TIC is now present at one of the world’s largest internet exchange points (DE-CIX), hosts one of the internet’s root servers, and leads the region in IPv6 deployment.
But the continued presence of TIC and IPM serving as bottlenecks between Iran and the global internet remains as the defining characteristic of Iranian internet topology. These chokepoints suggest the Iranian government has architected, and will likely retain, the ability to control (and in recent days block) internet access of its people.