ThinkableWhat is this?

How the Internet Actually Works

The Internet Is a Polite Fiction Built on Borrowed Time

Every time you load a webpage, your data travels through dozens of strangers' infrastructure — and the whole system works because everyone agrees to trust everyone else, with almost nothing legally binding them to do so.

The Idea

Most people picture the internet as a single network — a vast, unified thing owned by someone. It is not. The internet is more accurately described as a network of networks: tens of thousands of independent systems, called autonomous systems, each owned by a different organisation — a university, a telecoms provider, a government, a cloud company. These systems voluntarily connect to each other through a protocol called BGP, the Border Gateway Protocol. BGP is essentially how these networks tell each other: 'I can get you there from here.' When you send a request to a server on the other side of the world, BGP routes it through a chain of these autonomous systems, each one handing it off to the next. The whole thing is less like a highway with a single authority in charge and more like a global network of independent roads whose owners have all agreed to let traffic pass through. What makes this genuinely strange is how fragile the trust is. BGP was designed in the 1980s with almost no built-in security. Networks can — and sometimes do — accidentally announce they can reach destinations they cannot, causing what are called 'route leaks' or 'BGP hijacks'. Traffic that should flow from London to New York has, on notable occasions, been silently rerouted through Beijing. The internet keeps working not because it is engineered to be robust against bad actors, but because the overwhelming majority of participants are acting in good faith, most of the time.

In the World

In April 2010, a Chinese state telecom called China Telecom announced, via BGP, that it had the best route to roughly 15% of the entire internet — including US military and government addresses. For about 18 minutes, a significant slice of global internet traffic was rerouted through Chinese infrastructure before anyone noticed and the routes were corrected. No one is entirely sure what happened during those 18 minutes. It may have been a configuration error — large-scale BGP incidents often are. But the episode exposed something uncomfortable: the routing layer of the internet has no reliable way to verify that an announcement is legitimate. A network says 'send traffic here' and, by default, others believe it. A more recent and costly example came in 2019, when a small internet provider in Pennsylvania accidentally leaked routes through a Nigerian ISP, causing traffic destined for Cloudflare, Amazon, and others to be misrouted for over two hours. Millions of users experienced slowdowns or outages. The cause was not a cyberattack — just a misconfiguration in a small company's router that propagated, unchecked, across the global routing table. Fixes exist. RPKI — Resource Public Key Infrastructure — allows networks to cryptographically sign their route announcements, making hijacks far harder. Adoption is growing, but slowly. The internet's backbone is being secured in the same way most critical infrastructure is: gradually, imperfectly, and slightly behind the pace of the threats.

Why It Matters

There is something clarifying about understanding that the internet is not infrastructure in the way a power grid or a water system is. It is a shared convention — a set of protocols that work because the participants, by and large, choose to follow them. That is simultaneously impressive and worth taking seriously. It also reframes how we think about internet reliability. When your connection drops, it is rarely about a single cable being cut. It might be a routing decision made by a network you have never heard of, in a country you were not thinking about, propagating a small error at the speed of light until it reaches you. And it puts debates about internet governance in sharper relief. Questions about who controls routing, who gets to peer with whom, and which nations are building their own sovereign network stacks — these are not abstract geopolitical conversations. They are arguments about whether the polite fiction continues, or whether the internet starts to Balkanise into something slower, more fragmented, and less useful to everyone.

A Question to Ponder

If the internet works primarily on mutual trust rather than enforceable rules, what would actually need to happen for that trust to break down at scale — and how would you know if it had started?

Get a new one of these every morning.

Start learning with Thinkable
One topic like this, every day.Start free