Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Google Went Offline Today

Posted by Soulskill on from the ok-who-tripped-on-the-cable dept.

New submitter mc10 points out a post on the CloudFlare blog about the circumstances behind Google's services being inaccessible for a brief time earlier today. Quoting: "To understand what went wrong you need to understand a bit about how networking on the Internet works. The Internet is a collection of networks, known as "Autonomous Systems" (AS). Each network has a unique number to identify it known as AS number. CloudFlare's AS number is 13335, Google's is 15169. The networks are connected together by what is known as Border Gateway Protocol (BGP). BGP is the glue of the Internet — announcing what IP addresses belong to each network and establishing the routes from one AS to another. An Internet "route" is exactly what it sounds like: a path from the IP address on one AS to an IP address on another AS. ... Unfortunately, if a network starts to send out an announcement of a particular IP address or network behind it, when in fact it is not, if that network is trusted by its upstreams and peers then packets can end up misrouted. That is what was happening here. I looked at the BGP Routes for a Google IP Address. The route traversed Moratel (23947), an Indonesian ISP. Given that I'm looking at the routing from California and Google is operating Data Centre's not far from our office, packets should never be routed via Indonesia."

5 of 110 comments (clear)

  1. All your packets are belong to... by Adeptus_Luminati · · Score: 5, Interesting

    ... Network Admins who have no clue. Like when just 4 years ago, Pakistan took down Youtube...
    http://securitywatch.pcmag.com/dns/285152-pakistan-takes-youtube-down

    Clearly this should be on the agenda for the new "Cyber Reserves" of the department of Homeland Security. If Google can be taken down by accident in parts of the world, then it certainly can be taken down on purpose. Route filters are your friends!

    CYBER RESERVES: http://www.techradar.com/news/internet/department-of-homeland-security-recruiting-for-cyber-reserve-1109906

    --
    No trees were killed in the making of this post; however, many trillions of electrons were horribly inconvenienced.
  2. Root cause was PCCW, not Moratel by Aqualung812 · · Score: 5, Interesting

    From TFA:

    Someone at Moratel likely "fat fingered" an Internet route. PCCW, who was Moratel's upstream provider, trusted the routes Moratel was sending to them. And, quickly, the bad routes spread.

    Yes, someone at Moratel screwed up, but this is exactly why upstream ISPs should never allow advertisements from their customers for networks that their customer does not control.

    PCCW is to blame for allowing this to happen. Never trust customers with things that don't belong to them.

    --
    Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
    1. Re:Root cause was PCCW, not Moratel by Anonymous Coward · · Score: 5, Interesting

      PCCW is to blame for allowing this to happen.

      Again. They were also the upstream for the Pakistan-takes-down-YouTube fiasco.

  3. On the other hand: escape from bad ISP by DamonHD · · Score: 4, Interesting

    This sort of 'feature' did allow me once to escape from a misbehaving ISP holding me hostage and preventing me getting my mail to, for example, change my DNS glue records many many years ago. A helpful friendly new ISP managed to reroute traffic to me via them with a "bogus" routing announcement long enough for me to fix those records and then escape the old ISP when the new records propagated.

    Rgds

    Damon

    --
    http://m.earth.org.uk/
  4. China already did this in 2010 by hydrofix · · Score: 5, Interesting

    China Telecom also hijacked web traffic to US government websites in April 2010 for 17 minutes. At least that incident seems to have been a purposeful disruptions to capture sensitive data and/or try out a novel cyberwarfare tactic.