Shulou(Shulou.com)06/01 Report--

According to foreign media reports, Internet users in some areas suffered a network connectivity failure on August 25, and their network speed was slow or part of the network was inaccessible. However, the person most affected by the accident was Japanese netizens.

When the network breaks down, most netizens will think that there is something wrong with their computers or operators (that is, telecom, Unicom, etc.), but they can't imagine that it is caused by Google.

Some friends joke: is Google AlphaGo's artificial intelligence going to dominate the earth?

Back to the point, let's briefly talk about how this failure was caused, because BGP neighbors are directly established between the operator and the Google, so that the operator and the Google can transmit routes directly. At this time, the staff of Google posted the wrong route to BGP, and the operator learned the route of Google, and then the operator passed it to other operators, causing a large-scale network failure.

1. Why did operators establish BGP neighbors with Google in the first place?

Under normal circumstances, the company will not direct the routing of the public network to its own network equipment, because there is a very heavy load on the equipment by directing more than 500,000 routes from the public network to the company's network equipment (many small companies cannot support so many routes).

So why did Google establish a neighbor relationship with BGP with operators?

For example, when PC1 accesses the public network, the default is to go out to ISP telecom lines. For normal companies, telecom is active and Unicom is standby. Now the company's intranet has a PC1 access site server for Unicom, and PC1 → company exports → ISP telecom → ISP → Unicom site server

Under normal circumstances:

There must be a delay from China Telecom to China Unicom. Is there any way to make the China Unicom take the Unicom line? the purpose is to take the telecommunication line. Establish BGP neighbors between the company equipment and the carrier equipment.

PC1 → exports site servers of → ISP Unicom and → Unicom

two。 The operator wants to establish BGP neighbors with Google.

In this case, as long as the operator updates the route, Google can immediately learn the latest route, and if Google updates the route, the operator can immediately learn the latest route.

The accident was because a careless network engineer posted a route on a Google device that Google itself did not exist, and the operator learned the route, which happens to be used in Japan. At this time, the routes for access or backhaul all point to Google. After the packet is sent to Google, this network segment does not exist in Google, so packet loss is carried out directly.

3. How to prevent this situation.

Many students said that the above situation can be effectively prevented by a firewall in China, but it has nothing to do with a firewall, but it just so happens that the network segment released by Google does not coincide with the domestic network segment.

If you want to prevent this from happening again, the operator needs more control to receive routes from other companies. For example, the routing operator sent by Google Company does not receive all routes by default in the direction of the in of BGP. If you need to receive Google routes, you need to write the corresponding receiving policy in the operator.

Well, to put it more popularly, if we want to prevent this kind of situation, we should learn from the treatment with our Chinese characteristics, that is, many red hearts rush to the party, the motherland develops and I grow, and the route that Google sends to the operator. This situation can be completely avoided if it is accepted after approval by the operator.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.