Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3416 posts

Uber Geek

Trusted

# 81129 8-Apr-2011 12:11
Send private message

As I understand, kordia have a packet storm on their network and its affecting a few isps at the moment




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Professional yak shaver
1599 posts

Uber Geek

Trusted
BitSignal
Lifetime subscriber

  # 456710 8-Apr-2011 12:22
Send private message

Where did you get this info from?




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

1141 posts

Uber Geek


  # 456718 8-Apr-2011 12:36
Send private message

Kordia?




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

 
 
 
 


xpd

Chief Trash Bandit
10158 posts

Uber Geek

Mod Emeritus
Trusted
Lifetime subscriber

  # 456722 8-Apr-2011 12:42
Send private message

raytaylor: As I understand, kordia have a packet storm on their network and its affecting a few isps at the moment


If youre going to make an announcement such as that, please give more info (source would be nice).






XPD / Gavin / DemiseNZ

 

Server : i5-3470s @ 3.50GHz  16GB RAM  Win 10 Pro    Workstation : Ryzen 5 3600 / 16GB DDR4 / RX580 4GB    Console : Xbox One

 

Now on BigPipe 100/100 and 2Talk               Add me on Steam


602 posts

Ultimate Geek


  # 456739 8-Apr-2011 13:39
Send private message

Communications where i work were affected, use kordia for the wan, even now still got issues, started about 11:20 or so



3416 posts

Uber Geek

Trusted

  # 456749 8-Apr-2011 13:53
Send private message

More info:

Source - SafeNZ, an isp for a few of our clients
It was affecting national traffic between safenz, orcon and telecom and they reckon a between a few other isp's.

Has now been resolved.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




BDFL - Memuneh
64980 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 456757 8-Apr-2011 14:02
Send private message

raytaylor: Source - SafeNZ, an isp for a few of our clients
It was affecting national traffic between safenz, orcon and telecom and they reckon a between a few other isp's.


"They reckon" is a bit vague and sounds like "they think it may be the case".

I haven't seen any mention in the NZNOG.





3 posts

Wannabe Geek

Trusted
Kordia

  # 456762 8-Apr-2011 14:29
Send private message

We did have an issue on the Kordia network affecting one traffic queue caused by a broadcast storm on a customer's network. We're investigating why this issue caused impairments to other customers. Our apologies to those affected.

Regan
IP architect
Kordia

 
 
 
 


BDFL - Memuneh
64980 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

42 posts

Geek

Trusted

  # 456777 8-Apr-2011 15:36
Send private message

Rimuhosting have some of our VPS in there, and we got told it was a DoS attack. our servers are under hosting direct network, so this is where we got our information



3416 posts

Uber Geek

Trusted

  # 456789 8-Apr-2011 16:18
Send private message

Sorry.
I wouldn't have posted if I didn't think it was true.
It wasn't a case of an isp trying to place blame on someone else, I had done the traceroutes from a couple of isps that showed something was definitley wrong.

They reckon is a reflection on how I type the same way I talk.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




I fix stuff!
1788 posts

Uber Geek

Trusted
Vocus
Subscriber

  # 456795 8-Apr-2011 16:32
Send private message

velofille: Rimuhosting have some of our VPS in there, and we got told it was a DoS attack. our servers are under hosting direct network, so this is where we got our information


Unrelated issue :-)

42 posts

Geek

Trusted

# 456797 8-Apr-2011 16:40
Send private message

How many issues were there? :O

1332 posts

Uber Geek
Inactive user


  # 456841 8-Apr-2011 20:02
Send private message

Yah, got mail this afternoon:

1. Introduction

The purpose of this email is to provide a time-line and identify the root
cause of the network attack that occurred on April 8, 2011 which affected
all clients at our Piermark Datacentre. The attack centred on the core
network equipment which was bombarded by a DDOS attack originating from China.
Clients experienced a wide range of issues = intermittent or inaccessibility to complete outages
during the network event.

Event Time: 12:30pm - 2:30pm

2. Time-line Summary

At 12:30pm, engineers began to notice severe network latency
within the Managed Hosting network. While troubleshooting the network
latency it became apparent that the latency was part of a bigger issue within the core network and upstream. The Infrastructure team began troubleshooting the fiber links as a possible source of the network congestion. Upon further troubleshooting it was noted an attack originating from China was the root cause of network latency issues. The manner in which this attack worked was to flood our equipment with short byte empty UDP packets of data to the point it became overloaded and saturated.

Within 30 minutes of the attack we had requested our upstream provider to start null routing all IP's that were taking part in the attack.

3. Root Cause Analysis

There were 16 ?B Class? IP's originating from China which were leading the attack on our core network causing network degradation. There were also an array of C class IP's taking part.

4. Conclusion/Q&A

Why did it take 2 hours to resolve?

Hosting Direct maintains a very sophisticated network that utilizes many different types of equipment to deal with different situations. The issue today was down to a series of attacks that were from a vast range of different IP's. Each time progress was made through a corrective or isolation action the attacks presented themselves in another manner. Until all attacker IP's were simultaneously blocked, we were unable to stop the network congestion.

Why did a failure in a redundant network still impact my hosted site?

The issue today was not a ?hard? hard ware failure but a overload of system equipment caused by the network being maxed out by a DDOS attack.

What actions are being taken to prevent this from re-occurring?

In the process of working with our upstream provider, we have taken the plan of action to diversify our upstream providers. At this time, we do not have a scheduled date as to when this will change but we will provide notice as soon as this change has taken place.

Best Regards,
- Hosting Direct Limited

42 posts

Geek

Trusted

  # 456845 8-Apr-2011 20:07
Send private message

"sophisticated network"

Mr Snotty
8940 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

# 456855 8-Apr-2011 20:48
Send private message
 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33


IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07


Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42


MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40


NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15


Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46


Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42


Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.