Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


raytaylor

3468 posts

Uber Geek

Trusted

#81129 8-Apr-2011 12:11
Send private message

As I understand, kordia have a packet storm on their network and its affecting a few isps at the moment




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
magu
Professional yak shaver
1599 posts

Uber Geek

Trusted
BitSignal
Lifetime subscriber

  #456710 8-Apr-2011 12:22
Send private message

Where did you get this info from?




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

Beccara
1287 posts

Uber Geek


  #456718 8-Apr-2011 12:36
Send private message

Kordia?




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

 
 
 
 


xpd

xpd
Im a pirate
10808 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

  #456722 8-Apr-2011 12:42
Send private message

raytaylor: As I understand, kordia have a packet storm on their network and its affecting a few isps at the moment


If youre going to make an announcement such as that, please give more info (source would be nice).






XPD^ / DemiseNZ

 

Blog         Free Games        Twitter      My TradeMe Goodies

 

Pirating in Sea Of Thieves

 

Coming Soon - BBS door games - all the classics!

 

 


skewt
643 posts

Ultimate Geek


  #456739 8-Apr-2011 13:39
Send private message

Communications where i work were affected, use kordia for the wan, even now still got issues, started about 11:20 or so

raytaylor

3468 posts

Uber Geek

Trusted

  #456749 8-Apr-2011 13:53
Send private message

More info:

Source - SafeNZ, an isp for a few of our clients
It was affecting national traffic between safenz, orcon and telecom and they reckon a between a few other isp's.

Has now been resolved.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




freitasm
BDFL - Memuneh
68897 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #456757 8-Apr-2011 14:02
Send private message

raytaylor: Source - SafeNZ, an isp for a few of our clients
It was affecting national traffic between safenz, orcon and telecom and they reckon a between a few other isp's.


"They reckon" is a bit vague and sounds like "they think it may be the case".

I haven't seen any mention in the NZNOG.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletcricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


rhughes
3 posts

Wannabe Geek

Trusted
Kordia

  #456762 8-Apr-2011 14:29
Send private message

We did have an issue on the Kordia network affecting one traffic queue caused by a broadcast storm on a customer's network. We're investigating why this issue caused impairments to other customers. Our apologies to those affected.

Regan
IP architect
Kordia

 
 
 
 


freitasm
BDFL - Memuneh
68897 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #456763 8-Apr-2011 14:30
Send private message

Thanks for the update!





 

 

These links are referral codes

 

Geekzone broadband switch | Eletcricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


velofille
42 posts

Geek

Trusted

  #456777 8-Apr-2011 15:36
Send private message

Rimuhosting have some of our VPS in there, and we got told it was a DoS attack. our servers are under hosting direct network, so this is where we got our information

raytaylor

3468 posts

Uber Geek

Trusted

  #456789 8-Apr-2011 16:18
Send private message

Sorry.
I wouldn't have posted if I didn't think it was true.
It wasn't a case of an isp trying to place blame on someone else, I had done the traceroutes from a couple of isps that showed something was definitley wrong.

They reckon is a reflection on how I type the same way I talk.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Sounddude
I fix stuff!
1850 posts

Uber Geek

Trusted
Vocus
Lifetime subscriber

  #456795 8-Apr-2011 16:32
Send private message

velofille: Rimuhosting have some of our VPS in there, and we got told it was a DoS attack. our servers are under hosting direct network, so this is where we got our information


Unrelated issue :-)

velofille
42 posts

Geek

Trusted

#456797 8-Apr-2011 16:40
Send private message

How many issues were there? :O

1080p
1332 posts

Uber Geek
Inactive user


  #456841 8-Apr-2011 20:02
Send private message

Yah, got mail this afternoon:

1. Introduction

The purpose of this email is to provide a time-line and identify the root
cause of the network attack that occurred on April 8, 2011 which affected
all clients at our Piermark Datacentre. The attack centred on the core
network equipment which was bombarded by a DDOS attack originating from China.
Clients experienced a wide range of issues = intermittent or inaccessibility to complete outages
during the network event.

Event Time: 12:30pm - 2:30pm

2. Time-line Summary

At 12:30pm, engineers began to notice severe network latency
within the Managed Hosting network. While troubleshooting the network
latency it became apparent that the latency was part of a bigger issue within the core network and upstream. The Infrastructure team began troubleshooting the fiber links as a possible source of the network congestion. Upon further troubleshooting it was noted an attack originating from China was the root cause of network latency issues. The manner in which this attack worked was to flood our equipment with short byte empty UDP packets of data to the point it became overloaded and saturated.

Within 30 minutes of the attack we had requested our upstream provider to start null routing all IP's that were taking part in the attack.

3. Root Cause Analysis

There were 16 ?B Class? IP's originating from China which were leading the attack on our core network causing network degradation. There were also an array of C class IP's taking part.

4. Conclusion/Q&A

Why did it take 2 hours to resolve?

Hosting Direct maintains a very sophisticated network that utilizes many different types of equipment to deal with different situations. The issue today was down to a series of attacks that were from a vast range of different IP's. Each time progress was made through a corrective or isolation action the attacks presented themselves in another manner. Until all attacker IP's were simultaneously blocked, we were unable to stop the network congestion.

Why did a failure in a redundant network still impact my hosted site?

The issue today was not a ?hard? hard ware failure but a overload of system equipment caused by the network being maxed out by a DDOS attack.

What actions are being taken to prevent this from re-occurring?

In the process of working with our upstream provider, we have taken the plan of action to diversify our upstream providers. At this time, we do not have a scheduled date as to when this will change but we will provide notice as soon as this change has taken place.

Best Regards,
- Hosting Direct Limited

velofille
42 posts

Geek

Trusted

  #456845 8-Apr-2011 20:07
Send private message

"sophisticated network"

michaelmurfy
/dev/null
9639 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News »

Vodafone enables 5G roaming - for when international travel comes
Posted 30-Oct-2020 15:03


Spark awards funding to Kiwi businesses in 5G funding initiative
Posted 30-Oct-2020 14:58


Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.