11-15-2018, 03:10 PM
![[Image: tic-tac-toe-google-1538998296.jpg]](https://s3.amazonaws.com/images.seroundtable.com/tic-tac-toe-google-1538998296.jpg)
In news this week, Google users on Monday faced some complications when the site was down for over an hour. What was originally suspected was that traffic was hijacked by a Nigerian ISP, but what was found out is that it was an issue related to the BGP.
Ameet Naik, Technical Marketing Manager at ThusandEyes explained that according to a report, the firm was initially facing problems while trying to connect to G-Suite, afterwards they got to work trying to fix the problem. This resulted in them seeing that Google's traffic was dropping at China Telecom from numerous ThousandEyes vantage points all over the world.
They stated this:
“Traffic from Paris to www.google.com resolved to 216.58.204.132. While Google announces many /24 prefixes to cover its IP address range, this address was not covered by a /24 prefix. Instead, it was covered by a /19 prefix. We saw a suspicious announcement for 216.58.192.0/19 appear after about 12:45 pm PST with a convoluted AS path that included TransTelecom (AS 20485) in Russia, China Telecom (AS 4809) in China and MainOne (AS 37282), a small ISP in Nigeria. The traffic paths we saw mirrored the BGP AS Path, except all the traffic slammed into the great firewall, terminating at China Telecom edge router.”
It was found out that the issue was a peering relationship between MainOne Cable Company, the Nigerian provider, and China Telecom. The issue seemed to have spread to other transit ISPs beside the first three. This stands to rule out any attack by malicious actors and also really points out the weaknesses of BGP.
That was the news folks, have a good rest of the week and take it easy.
---Mad-Architect(RS)