Please bear with me, this may be a long explanation. Also, if this belongs in a different sub, please let me know. I am continually getting complaints from employees that Google searches are sporadically timing out throughout the day. This occurs with different computers, different browsers, etc. This is not an isolated incident. With much troubleshooting, I have eliminated the local network and DNS as being the culprit.
Come to find out, other Google services are also having issues on the network. I have pfsense running Snort for IPS and noticed Google services just magically worked again after clearing out the Snort block list. After doing some digging, I noticed some Nmap scans being detected from 1e100.net addresses. Ok, maybe some bot is using Google's servers for attacks. Nope. From my firewall log:
51 220.127.116.11ET SCAN NMAP -sA (2) — 2020-07-27 04:31:36
Microsoft Windows [Version 10.0.18362.959]
(c) 2019 Microsoft Corporation. All rights reserved.
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms REMOVED FOR PRIVACY]
2 8 ms 8 ms 11 ms REMOVED FOR PRIVACY
3 9 ms 8 ms 8 ms REMOVED FOR PRIVACY
4 9 ms 9 ms 10 ms REMOVED FOR PRIVACY
7 18 ms 17 ms 14 ms 18.104.22.168
8 15 ms 15 ms 15 ms 22.214.171.124
9 14 ms 14 ms 13 ms 126.96.36.199
Same subnet. So, why are Google's web servers performing nmap scans against random IP addresses? This seems a bit brazen, even for Google. Is anyone else seeing this? If so, what have you done about it?
Edit: Removed personal info.