[Outages-discussion] [outages] DNSimple outage

Justin Scott leviathan at darktech.org
Tue Dec 2 11:08:43 EST 2014


If DNSimple (or more likely one of their customers) was the target of
the attack (assuming it was, vs another customer at their ISP), the
attacker would have simply attacked all of their nameserver locations
at once.  When I used to be in the DNS business I was on the receiving
end of a few of these attacks.  Even massive providers such as Network
Solutions who have many locations and use anycast routing can be
impacted by DDoS attacks on a large scale (as recent as last year if
memory serves).  Regardless of how DNSimple is handling this, it's
possible their upstream providers are scrambling just as much as they
are to handle that traffic.

The best mitigation strategy for customers of outsourced DNS hosting
are to set up service with multiple providers.  If one gets attacked
like this then it's a good bet that the secondary provider will still
be online and resolution will be only minimally impacted.

In any case, it's no fun for anyone involved.


-Justin



On Tue, Dec 2, 2014 at 7:23 AM, Cal Leeming <cal at iops.io> wrote:
> Yup, DNSimple messed up pretty badly here imho, sounds like they really just
> didn't know how to handle the situation properly (imho)
>
> Cal
>
> On Tue, Dec 2, 2014 at 5:07 AM, Frank Bulk <frnkblk at iname.com> wrote:
>>
>> Reading through some of the twitter commentary I get the impression from
>> many network admins that they feel this was out of their control.  They
>> could have avoided an outage by using multiple nameservers across multiple
>> providers.  Don’t put all your namserver eggs on one IP, one server, one
>> subnet, one prefix, one AS, one peer, or one DNS provider.  Simply having an
>> additional well-functioning nameserver in another AS with another provider
>> can avoid a world of pain.
>>
>>
>>
>> Frank
>>
>>
>>
>> From: Outages [mailto:outages-bounces at outages.org] On Behalf Of Grant
>> Ridder via Outages
>> Sent: Monday, December 01, 2014 1:31 PM
>> To: outages at outages.org
>> Subject: [outages] DNSimple outage
>>
>>
>>
>> "We are seeing a system-wide DNS outage. Investigating now."
>>
>> https://twitter.com/dnsimple/status/539499331670511616
>>
>>
>>
>> This is affecting Travis CI, PackageCloud.io, and RubyGems
>>
>>
>>
>>
>>
>> -Grant
>>
>>
>> _______________________________________________
>> Outages-discussion mailing list
>> Outages-discussion at outages.org
>> https://puck.nether.net/mailman/listinfo/outages-discussion
>>
>
>
> _______________________________________________
> Outages-discussion mailing list
> Outages-discussion at outages.org
> https://puck.nether.net/mailman/listinfo/outages-discussion
>



More information about the Outages-discussion mailing list