Thou shalt have no other gods before the ANSI C standard 1421

Hogwash.

If there is capacity, and a redundant route, and they did their networks according to Best Current Practice, we are at most talking about a few minutes here.

This is actually a relavant security question, so I'll keep the crosspost. The best current practice is pretty stable these days.

Internally in every ISP of any size the routers run an IGP, or internal routing protocol. OSPF and IS-IS are the main choices. These are link-state protocols, and the routers indenendently compute optimized paths through the network. Links that go down propagate as ripples, and recomputes happen fast, typically in 2-5 seconds. It there is no "link doen" signal it can take as much as a 95 seconds, 90 seconds for keepalives to time out, and 5 seconds to reconverge.

This is often run on top of SONET links, where the ring technology has 300ms reconvergence time, based on keepalives.

On top of the whole thing the entire Internet run BGP as a policy routing protocol, usually run on virtual links provided by the IGP. BGP is slower to reconverge, 45-90 seconds on a clean break, 4:30 to 6 minutes if keepalives are to carry the day. BGP is not designed for rapid failovers, it is made for mapping out the whole Internet.

So for a hardware fault it is important that the next layer hardware can detect a "link down" ("NO CARRIER"). This makes ripple updates in all available technology; SONET(150 ms), IS-IS and OSPF (a few seconds) or BGP (45+ seconds). If there are no such failure you have to trust keepalives to get lost, and have 300ms, 95 seconds or 6 minutes of recovery time. Sonet just send hardware pings, really insecure; but IS-IS; OSPF and BGP all have ways to make signed transactions. MD5 is popular as a signing algorithm.

The two worse-case scenarios are slowly degrading lines, where packet drop can climb into a few percent before the routing protocol gives up. Internet protocols have a knee in the performance at around 3% packet loss; this is where RTP (video, phones) start to sound really lousy, and TCP starts to back off badly in terms of bandwidth usage. The other is the "flapping" link that comes and goes. OSPF and BGP now have good flap resistance, and ISTR IS-IS is coming along too.

Flap resistance will hurt those who haven't followed BCP, and will allow their network routes to flap. It is really easy to avoid; and will meet zero sympathy at larger, professional ISP's upstream. This may hurt some customers, and the ISP in question will use some lame excuse as "instabile internet": "Flapped out" is the correct term.

So, at the worst case; it will take six minutes; say if they just turned IP forwarding of non-local packets off at some exchange point.

If some person reconfigure the net with explosives it will happen a lot quicker.

The experiences I have observed from actual data at 9-11 bears this out. SONET handled most line breaks, OSPF and IS-IS took care of some. But we had to fine-study network logs to see any breaks at all. Most transatlantic ISPs lost some capacity, on the order of 15-25%, and with the coming network load the networks were above design goals in actual loading. But no customer-visible performance problems.

-- mrr