| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | yuicat has quit IRC (Ping timeout: 268 seconds)
yuicat has joined #arpnetworks | [01:23] |
| ................................................................................................ (idle for 7h57mn) | ||
| RandalSchwartz has quit IRC (Ping timeout: 245 seconds) | [09:21] | |
| ...... (idle for 28mn) | ||
| RandalSchwartz has joined #arpnetworks | [09:49] | |
| ................... (idle for 1h31mn) | ||
| nathani | Twitter DNS: ;; connection timed out; no servers could be reached | [11:20] |
| ant | yeah dyn.com is under attack (ddos) | [11:25] |
| mike-burns | Yup.
Maybe someone here can explain what's going on, though: why isn't secondary DNS a fix for this? Or, do Twitter, GitHub, etc, not have secondaries? | [11:26] |
| ant | well, if secondary dns means using a second provider, then no, they don't | [11:31] |
| nathani | I'd like to know the scale of the DDOS in Gig/sec or Tbit/sec | [11:31] |
| ant | apparently dyn usually posts post-mortems, so when they're done mitigating they might post details | [11:32] |
| sjackso | seems like kayak might be their customer too, they're also having flaky dns | [11:33] |
| mike-burns | Today I learned that basically every Web site uses Dyn. | [11:33] |
| awyeah | lol wtf | [11:36] |
| ant | i actually didn't notice until someone commented about it on a mailing list... | [11:39] |
| brycec | brycec hasn't noticed either
Apparently I haven't tried to reach an affected site today. *shrug* And now I get to feel good that the domains I maintain use secondaries on separate providers. :) | [11:41] |
| nathani | brycec: like he.net and cloudflare? | [11:51] |
| brycec | That's an example, sure.
brycec wonders if he can slave from Cloudflare | [11:52] |
| *** | pyvpx has quit IRC (Remote host closed the connection) | [11:55] |
| .... (idle for 17mn) | ||
| mkb | awsdns-52.com awsdns-21.co.uk awsdns-32.org awsdns-01.net
does amazon understand the purpose of a domain name? | [12:12] |
| brycec | Not sure I see your point (or understand the context) | [12:24] |
| mkb | I can understand registering the same domain under different tlds
presumably the tlds maintain distributed enough servers that them all having trouble at once is unlikely the root zone certainly does and I'm pretty sure .com .net etc do, but who knows about the smaller tlds but they've got awsdns-[00-63].com and I can't understand that | [12:24] |
| brycec | Ahh | [12:28] |
| ..... (idle for 22mn) | ||
| mkb | /win 4 | [12:50] |
| mercutio | /lose :)
why don't twitter etc run their own dns :) it's not the first time there has been a long outage | [12:50] |
| mike-burns | Or have a secondary? That'd be a good start. | [12:53] |
| .... (idle for 17mn) | ||
| mercutio | i assume their provider wouldn't allow such a thing
like they have some kind of exclusive agreement | [13:10] |
| mike-burns | That's a hilarious idea. I hope that's what happened. | [13:11] |
| mercutio | cloudflare only allows you to take over dns on normal accounts
but some of the bigger ones want to advertise that the bigger companies rely on them | [13:12] |
| ...... (idle for 29mn) | ||
| JC_Denton | i am glad Dyn is just a secondary for my sites
good secondary dns is so hard to come by these days :( | [13:42] |
| mkb | what you really want is two competely separate servers run by completely separate groups
what people usually get is two servers sitting next to each other configured exactly the same | [13:44] |
| mercutio | haha
you want multiple locations, with multiple servers the problem is how to sync them but as long as you take away order requirements etc it's pretty simple like you take away the requirement to be "in sync" which for things like twitter should be fine and so with your distributed web site, you host your dns on the same servers the master site with proxies from various locations will never be able to match performance wise | [13:44] |
| mkb | I'd like different hardware and even BIND in one place and NSD in the other...
different OSes that's how you stop these pesky software bugs from killing everything all at once | [13:49] |
| mercutio | mkb: appraently knot suggested that you could run nsd and knot
the idea of running bind is uh, ick. bind has had quite a lot of bugs that can crash the server yes | [13:49] |
| mkb | well yeah... I didn't know of any other dns servers | [13:50] |
| mercutio | knot is made by the same people as bird
cz net (net.cz) | [13:50] |
| mkb | I thought isc made bind
ohbird | [13:50] |
| mercutio | https://www.knot-dns.cz/
cz.nic not .net :) writing a dns server is probably as interesting as writing a routing daemon to most people. ie not very interesting, but technically challenging so i suppose it makes sense to make both of them | [13:50] |
| mkb | ``With release version 1.2.0 the project was renamed Bundy to terminate ISC involvement in the project.''
concerning bind | [13:57] |
| mercutio | what | [13:57] |
| mkb | but it's not clear what that means because I thought BIND was already on version 9 | [13:58] |
| staticsafe | BIND 10
BIND 9 is the one everyone should be using if they are using BIND in fack 9.11 just came out with some big feature updates - https://www.isc.org/bind-9-11-new-features/ fact* | [13:58] |
| mkb | ``In addition to DNS service, the BIND10 suite also included IPv4 and IPv6 DHCP server components'' oh god it does everything | [13:59] |
| mercutio | bind 4 is when it was more stable | [13:59] |
| mkb | and what is with writing completely new software and naming it the same as something else | [14:00] |
| mercutio | it happens often mkb
it's called refactoring | [14:00] |
| staticsafe | BIND 10 was supposed to be a refactor yeah | [14:00] |
| mercutio | it often takes years
and then the old version adds features the new version doesn't have | [14:00] |
| mkb | but they're continuing to work on the old version | [14:01] |
| mercutio | adn there are incompatibilities and complications | [14:01] |
| mkb | so they've just made two programs with the same name | [14:01] |
| mercutio | and then peopel say they like the old version better than the new one
often it's becuase someone thinks that everything should be OO | [14:01] |
| mkb | a real refactor is done gradually without a complete fork | [14:01] |
| mercutio | and that things should shift frmo C to C++
maybe add better module system with more injunctions etc leading to confusing code mess i haven't seen any of the source for any bind i looked at some gnu source once though. and i was disgusted :) | [14:01] |
| mkb | yeah the only way to find anything is grep | [14:03] |
| mercutio | i found openbsd soruce much easier to follow than linux source
well with congestion control, initcwnd etc i hacked initcwnd into openbsd for testing myself before there was support heh | [14:03] |
| mkb | and they know how to do long-term refactors correctly too | [14:05] |
| mercutio | yeah
openbsd is very good in that respect | [14:05] |
| ......... (idle for 42mn) | ||
| nathani | If you were twitter, why wouldnt you swap out the name servers to an alternate backup provider
I mean they must have a copy of their own zone | [14:47] |
| staticsafe | github did that
I guess Twitter just decided to wait it out or didn't have a contingency plan in place :> | [14:57] |
| nathani | reddit also? | [14:58] |
| mercutio | twitter and reddit are working fine for me | [15:04] |
| brycec | Reddit's hosted on Route53 according to my lookup just now, same as what Github switched to. (I don't know what Reddit was using before today) | [15:12] |
| mercutio | an iphone 7 exploded
i thought reddit was on cloudflare hmm reddit is on fastly? | [15:13] |
| brycec | I just looked at the whois :p
Plain and simple | [15:18] |
| mercutio | i'm pretty sure reddit used to be on cloudflare | [15:18] |
| brycec | (It's not even a recent nameserver change according to whois, reddit.com's last registrar update was 7 September. | [15:19] |
| mercutio | i can't say i've checked often
i really don't know how they compare cloudflare do dns fastly don't github uses fastly too | [15:19] |
| ........ (idle for 36mn) | ||
| *** | Seji has quit IRC (*.net *.split)
mjp_ has quit IRC (*.net *.split) yuicat has quit IRC (*.net *.split) reardencode has quit IRC (*.net *.split) forgotten has quit IRC (*.net *.split) nathani has quit IRC (*.net *.split) joepie91_ has quit IRC (*.net *.split) _iwc has quit IRC (*.net *.split) qbit has quit IRC (*.net *.split) fIorz has quit IRC (*.net *.split) dne has quit IRC (*.net *.split) sjackso has quit IRC (*.net *.split) toeshred has quit IRC (*.net *.split) gizmoguy has quit IRC (*.net *.split) neish has quit IRC (*.net *.split) mike-burns has quit IRC (*.net *.split) karstensrage has quit IRC (*.net *.split) mhoran has quit IRC (*.net *.split) toddf has quit IRC (*.net *.split) KILLALLHUMANS01 has quit IRC (*.net *.split) awyeah has quit IRC (*.net *.split) pjs has quit IRC (*.net *.split) carvite has quit IRC (*.net *.split) mrsaint has quit IRC (*.net *.split) eryc has quit IRC (*.net *.split) tooth has quit IRC (*.net *.split) mkb has quit IRC (*.net *.split) jcv has quit IRC (*.net *.split) RandalSchwartz has quit IRC (*.net *.split) trobotham has quit IRC (*.net *.split) hive-mind has quit IRC (*.net *.split) ant has quit IRC (*.net *.split) tabthorpe has quit IRC (*.net *.split) dj_goku has quit IRC (*.net *.split) JC_Denton has quit IRC (*.net *.split) mjp has joined #arpnetworks | [16:01] |
| mjp is now known as 17SAAC40T
hive-mind has joined #arpnetworks ant has joined #arpnetworks tabthorpe has joined #arpnetworks yuicat has joined #arpnetworks reardencode has joined #arpnetworks forgotten has joined #arpnetworks nathani has joined #arpnetworks joepie91_ has joined #arpnetworks awyeah has joined #arpnetworks pjs has joined #arpnetworks carvite has joined #arpnetworks mrsaint has joined #arpnetworks eryc has joined #arpnetworks tooth has joined #arpnetworks _iwc has joined #arpnetworks qbit has joined #arpnetworks dj_goku has joined #arpnetworks JC_Denton has joined #arpnetworks fIorz has joined #arpnetworks dne has joined #arpnetworks sjackso has joined #arpnetworks toeshred has joined #arpnetworks gizmoguy has joined #arpnetworks neish has joined #arpnetworks mike-burns has joined #arpnetworks karstensrage has joined #arpnetworks mhoran has joined #arpnetworks toddf has joined #arpnetworks KILLALLHUMANS01 has joined #arpnetworks tepper.freenode.net sets mode: +o toddf RandalSchwartz has joined #arpnetworks trobotham has joined #arpnetworks | [16:06] | |
| mkb has joined #arpnetworks
jcv has joined #arpnetworks Seji has joined #arpnetworks | [16:13] | |
| ............ (idle for 56mn) | ||
| qbit has quit IRC (Quit: WeeChat 1.5)
qbit has joined #arpnetworks | [17:11] | |
| ....................... (idle for 1h50mn) | ||
| nathani | thats interesting ... amazon.com uses dyn as some of it NS
in combination with ultradns | [19:05] |
| mkb | because they don't want their website to go down when aws gets attacked | [19:13] |
| up_the_irons | LOLZ | [19:14] |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |