“Digital borders”: A technical matter
The Kremlin therefore needed to keep the Runet within borders (mental, cultural, political, and technological) consistent with its geopolitical goals and to turn it away from the model of the global, open internet. This is precisely the purpose of the 2019 law, which intends to institute real “digital border posts” to control traffic entering and leaving the country.
As we understand, the technical implementation of this law relies on the state’s ability to fundamentally reorganize the routing logic that structures the internet, in particular by means of “anti-threat devices” (TSPUs) that operators and ISPs are now obliged to install on the nodal points of their network.
The TSPUs, which are boxes operated by Roskomnadzor, Russia’s telecommunications watchdog, have a dual purpose. One is to enable the Russian state to exercise the right of oversight conferred by the 2019 law on data packets entering and leaving the country. The other purpose is to carry out the order to isolate the Russian segment of the internet in the event of an external threat.
To do this, TSPUs must act primarily on the BGP layer of the internet. BGP is the protocol that allows the subsystems that make up the internet to communicate with each other. These subsystems, which are called Autonomous Systems (ASs), are the basic building blocks of the Internet.
In concrete terms, an AS corresponds to an internet access provider, cable operator, administration etc. In short, an entity which manages its own perimeter autonomously. For two ASs to exchange data, they must have a “BGP agreement” – that is to say, an agreement, contractual or not, which governs the terms and conditions according to which two autonomous systems can exchange data.
However, no AS has a BGP agreement with all the other As that make up the internet, since these agreements are the product of contractual relationships between network operators. Therefore, they are the result of commercial and technical negotiations, which may be influenced by political or even geographic considerations.
The main consequence of this is that, to get from point A to point B on the internet, a data packet sent by one user to another will generally pass through several intermediate ASs, tracing a logical path. Furthermore, the fact that not all the ASs in the world are interconnected makes some of them more central than others. In some countries, such as Iran, some ASs even act as an interface between the national network and the rest of the world, creating strategic bottlenecks that are controlled by national authorities or interests close to them.
It is precisely such bottlenecks that the Russian authorities hope to use to filter, or even cut off, the flow of data entering and leaving Russian territory with the TSPU boxes in particular. On paper, all the authorities need to do is give the order to disconnect the networks by way of this infrastructure. However, most of the tests conducted by the government do not seem to have had the desired effects: they were even postponed in 2020, officially because of the Covid 19 pandemic
. Since then, activity on this front has remained very low and has not picked up since the Russian invasion of Ukraine.