New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
300 gbit/s attack. Larges in the world, has effect to LINX (london INX);
http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
here is link. All exUSSR IT forums/news portals talks about that
Comments
i remember here was problem with nodedeploy london. thats why.
This is the third topic regarding the same thing. I'd link, but I'm on my phone.
The Open Resolver Project made available the full list of the 21.7 million open resolvers online in an effort to shut them down.
http://openresolverproject.org/
@pubcrawler +1 even the attacks are only leading to the fix IMHO
Cloudflare is pretty good at these PR / sales writeups... Well done.
They didn't see much on their network though. It's the Peer 1 providers who dealt with the attack and mitigation. Total spin.
@pubcrawler They did mention it hit the peer1 on their site
Agreed they are good at PR though
Glad to see our AS clean Although i believe this list is not very accurate.
True @Fliphost.
Cloudflare was sitting on their arse for most of this. They need to stop it with the Superman cape and antics. Odds are with their incessant promotion that other attacks are going to go directly after them and their infrastructure --- ignoring the bandwidth part.
Fun to watch and read about though.
LiNX has some explaining to do. Graphs that just don't make sense. Looks/sounds like bunch of traffic there got smashed. Big peer point to get beat down like that.
I hope not, I signed up with them recently before this publicity stunt...
@pubcrawler The way i read it was that they hit via cf first but coudlnt take them down. from there they started hitting who serves CF. Not really more than could do
True @Fliphost. But no frickin way the upstreams didn't see this tidal wave and proactively get on it up front.. Cloudflare had to be on the phone with their providers early.
CF pumps the anycast and having fleet of servers. Who knows how many places they are and Peer 1's they deal with, but anytime a customer network gets deluged and tons of origins for the traffic, has to trigger alerts at that scale.
If attackers couldn't bring Cloudflare down, trying to hit the Peer 1 upstreams was stupid. At best geographically able to hit non peer one points (LiNX). That's still impressive, but minor.
Big question I have lingering is what datacenters is Cloudflare in globally and how were other clients impacted in those datacenters... CF is using public backbones and not private dedicated connections I suspect. Some lip action out there from CF customers about the risk of one customer that could/might put them all offline.
Some of the noise in the UK with attacks might have been made worse/amplified by the LiNX snafu. Unsure if Coventry/RS folks have looked/talked to facility about the matter and congestion/collision.
Thank You. +1
Cloudflare sucks..
^ --- cloudflare seems alright. However see a lot of random issues from sites on behind their protection. Who knows... probably the operators of those sites and kind of why they ran to the service.
considering how many big name sites are behind them, they are doing pretty good.
It showed us clean too, however, if you look at your /24s you will see the IPs there, we currently have some 10 per allocated /24
I will talk with Salvatore about what we can do. At least a letter to all those involved should be done.
Totally agreed.
@Maounique, Prometeus continues to be a beast network.. You dinosaurs are the place to be in Europe. Mind you dinosaurs are heavy lifter in this case...
Anycast is like water; it will find its way as long as there is a pipe available somewhere
Just as how black lotus etc operate; flat big pipes...
^ question is, is how big are Black Lotus' pipes? I doubt they have that much pipe to swing around in each location. It's a mighty big cost center to plan for oh sh!t just in case scenario.
Black Lotus has mythological good rep, although not in this community are they really know (i.e. costs real pocket bills).
Ideally they come over here and school us
Not really, only have 10 gbps in the mix and 10 gbps reserve in case the main network is suffering. Managed to tank so far 7-8 gbps and a couple million packets with only the attacked node dead, but 300 gbps will knock the socks out of the exchange, even, not only us.
Sustained 10-15 gbps attacks will cost us a bit since will have to upgrade the network to be sure it does well and over 40 gbps the core router will be out since only has 4x10 gbps ports.
A real dinosaur will be Google or Yahoo...
DDoS is a very nasty business, this is why we have such a clear policy regarding targets.
Good to know @Maounique... Pretty impressive the transparency there...
300Gbps is no joke... Anyone who thinks they can swallow that is full of it.
Most affordable DDoS services only cover 1-9Gbps size attacks.... So, what you can handle is on the upper north side of things..
Yeah, back pat buddy and give Uncle one too...
Just of curiosity, how much does 9 Gbps cost ?
Let's just say too much... thousands a month... no idea if that means peak usage or sustained 95% style...
Hum, so it is comparable with the legit bw, that also costs thousands a month, I always thought DDoSers get it cheap because of the botnets.
$5-7 per Mbps.... obviously some discount/large commit buy down... thousand a month per Gbps... minimum..... Talking mixed bandwidth... lower tier stuff...
DDoS target will only reduce costs where their colo/host can upstream the issues and block the attacks and traffic higher in the network ... before they enter the facility and count against the commits.
5-7 $ per mb is a lot. There are places where you can get it at 1. I get it even lower in Bucharest.
Even L3 here is 50 cents a mbps buying larger than 1 gbps port or even in small batches (mix not pure L3) of 100 mbps it costs 60 cents a mbps.
Edit: Euro cents, but still...
$1 per Mbps.................. What sort of mix is that? Tier what? Internet Exchange handed off?
There is $1-3 for Cogent and maybe HE blend... Certainly with large commits....Seems like the industry hit bottom and is lingering or ticking upwards...
L3 @ 50 cents per Mbps... Holy heckith.... Can't say I've seen that pricing this side of the pond..
From what I dig it seems the large carriers offer lower prices in eastern Europe since they get customers which connect there it might as well be worth it lower the price and haul it themselves instead of peering locally through other ppl.
At least this is my idea on why they are doing it.
Internet here is dirt cheap, I can get 1gbps at 75 Eur but wont be L3, of course, more like local peers.
My last mile regular connection is 10 Eur for 100 mbps but best effort, it does 7-8 MB/s locally and 2-3 internationally.
Wonder what prices CF is pushing for their BW considering they use so much of it