Nigerian firm admits misrouting Google traffic through China

ISP firm MainOne said misconfigured a border gateway protocol filter was the culprit after concerns were raised over traffic hijacking

messy wires

A Nigerian internet service provider (ISP) has taken responsibility for a glitch that caused some Google traffic to be misrouted through Russia and China.

A misconfigured border gateway protocol (BGP) filter, used to route traffic across the internet, inadvertently sent Google traffic through Russia and China, raising concerns of intentional hijacking.

But, the Main One Cable Co, or MainOne, a small firm in Lagos, Nigeria, said it was due to a "technical glitch" during a planned upgrade.

"In the early hours of Tuesday morning, MainOne experienced a technical glitch during a planned network upgrade and access to some Google services was impacted," the company said in a statement. "We promptly corrected the situation at our end and are doing all that is necessary to ensure it doesn't happen again.

Advertisement - Article continues below
Advertisement - Article continues below

"The error was accidental on our part; we are not aware that any Google services were compromised as a result. MainOne is a major internet service provider in West Africa and has direct reachability with over 100 leading networks globally."

Two of those leading global networks were TransTelekom in Russia and China Telecom, the latter being a partner with MainOne. China Telecom is said to have leaked the routing information out to the rest of the world, where TransTelekom picked it up.

Google is said to have lost control of several million IP addresses for more than an hour on Monday, causing problems for its cloud service and a number of other sites such as YouTube and Spotify. But it said it had no reason to believe it was a malicious act.

"We're aware that a portion of internet traffic was affected by incorrect routing of IP addresses, and access to some Google services was impacted," said a Google spokesperson. "The root cause of the issue was external to Google and there was no compromise of Google services."

Adding to suspicions of hijacking, some Cloudflare-owned IP addresses were also sent through China Telecom. But again, the cloud company has said this is due to the Nigerian ISP inadvertently leaked the routing information to China Telecom, who in turn then leaked it out to the rest of the world.

"Route leaks like this are relatively common and typically just the result of a mistaken configuration of a router," said John Graham-Cumming, Cloudflare CTO. "The global routing system, which is based on BGP, is entirely trust-based. As a result, if a major network wrongly claims that they are the rightful destination for certain traffic then it can cause a disruption."

Advertisement - Article continues below

"The impact on us was minimal. Cloudflare's systems automatically noticed the leak and changed our routing to mitigate the effects."

Graham-Cumming added that if there was something nefarious afoot there would have been a lot more direct, and potentially less disruptive and detectable, ways to reroute traffic.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now

Most Popular

cloud computing

Google Cloud snaps up multi-cloud analytics platform for $2.6bn

13 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Microsoft Azure

Microsoft Azure is a testament to Satya Nadella’s strategic nouse

14 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020