[dns-wg] RIPE NCC Authoritative and Secondary DNS services on Monday 14 December
- Previous message (by thread): [dns-wg] RIPE NCC Authoritative and Secondary DNS services on Monday 14 December
- Next message (by thread): [dns-wg] RIPE NCC Authoritative and Secondary DNS services on Monday 14 December
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Brett Carr
brett.carr at nominet.uk
Tue Dec 15 18:25:33 CET 2015
Thanks for the information Romeo I wonder if perhaps you would consider doing a presentation at the next WG meeting on the issues you encountered and mitigation techniques you used. Thanks Brett -- Brett Carr Senior DNS Engineer Nominet UK > On 15 Dec 2015, at 12:35, Romeo Zwart <romeo.zwart at ripe.net> wrote: > > Dear colleagues, > > Yesterday, Monday 14 December 2015, RIPE NCC Authoritative DNS services > were functioning in a severely degraded state during parts of the day. > > This was due to an attack on one of the ccTLDs for which the NCC hosts a > secondary DNS service. The attack traffic started around 08:00 UTC. RIPE > NCC staff applied various countermeasures during the day. These > mitigations were effective for some time. However, after implementing > each of these mitigations, the traffic patterns were modified to evade > them. Towards the end of the day, the volume of the attack traffic > targeted at our servers had increased to such a level that it was > overloading our incoming links and our mitigation measures were no > longer sufficiently effective. > > At that time we were forced to contact our upstream peers to assist us > with mitigation measures. Apart from the ccTLD service for the attacked > domain, normal services were restored at around 18:30 UTC. > > The attack is ongoing, and we continue with mitigation measures in order > to provide the best service possible under the circumstances. > > We note that attacks like this rely on spoofing source addresses in the > attack packets. Therefore, Source Address Validation and BCP-38 should > be used wherever possible to reduce the ability to abuse networks to > transmit spoofed source packets. > > Kind regards, > Romeo Zwart >
- Previous message (by thread): [dns-wg] RIPE NCC Authoritative and Secondary DNS services on Monday 14 December
- Next message (by thread): [dns-wg] RIPE NCC Authoritative and Secondary DNS services on Monday 14 December
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]