Discovered that Google's global traffic was via China due to a mistake by a Nigerian dealer

by Rikke Filbært

There was a problem connecting Google's Cloud Platform (GCP) including G Suite on Monday, November 12, 2018. When I looked for the cause, it turned out that the Nigerian dealer misconfigured the BGP filter and Google's global traffic was via China for 74 minutes.

Internet Vulnerability Takes Down Google
https://blog.thousandeyes.com/internet-vulnerability-takes-down-google/

Nigerian solid takes blame for routing Google traffic through China | Reuters
https://www.reuters.com/article/us-alphabet-disruption/nigerian-firm-takes-blame-for-routing-google-traffic-through-china-idUSKCN1NI2D9

Google goes down after major BGP mishap routes traffic through China | Ars Technica
https://arstechnica.com/information-technology/2018/11/major-bgp-mishap-takes-down-google-as-traffic-improperly-travels-to-china/

This fact was revealed by Thousand Eyes and BGPmon , which are monitoring the Internet.

According to ThousandEyes' report, the situation occurred from 13:00 to 14:23 on Monday, November 12, 2018 in the US Pacific Standard Time. When I investigated the cause because it became impossible to connect to the G Suite that is used internally by Thousand Eyes, I noticed that there is an effect on Google Analytics, further examining further, it is clear that the traffic to go to Google from the office of ThousandEyes , But it turned out that it is heading for China Telecom, via Russian ISP.

The unusual situation that this "traffic goes to China Telecom" is occurring not only in TousandEyes but in all over the world. And as a result of the route survey, the traffic from Paris to Google was via Russia, China and Nigeria.

On November 13, 2018 (Tue), this Nigerian provider, Main One, acknowledged that it was a mistake in setting up the BGP filter during the network upgrade.

We have investigated the advertisement of @ Google prefixes through one of our planned network upgrade due to a misconfiguration on our BGP filters. The error was corrected within 74 mins & processes put in place to avoid reoccurrence

- MainOne (@ Mainoneservice) November 13, 2018

"BGP (Border Gateway Protocol)" is " one of protocols (communication protocol) that defines procedures for exchanging path information between networks among TCP / IP networks ". The content is "blindly" designed to trust, it is one of the fundamental weaknesses in the structure of the Internet.

According to Ars Technica, Google said that the case was due to carelessness of Main One, not a malicious network hijacking. Likewise, the nonprofit organization RIPE NCC, which assigns an IP address to the ISP, also concludes that it is not a malicious matter as a result of the investigation.

Google goes down after major BGP mishap routes traffic through China | Ars Technica
https://arstechnica.com/information-technology/2018/11/major-bgp-mishap-takes-down-google-as-traffic-improperly-travels-to-china/

In addition, in Nigeria 2017, a new investment of 40 billion dollars (about 4.5 trillion yen) is being done from China in exchange for compliance with the "one China" principle.

China bought Nigeria "with money" - for the principle of "one China" | world | latest articles | news week Japan official website
https://www.newsweekjapan.jp/stories/world/2017/01/post-6728.php