In case you're thinking the Internet has been a little slow this last week, rest easy: it has been. The slowness is due to a war between the anti-spam group Spamhaus and a Dutch web hosting company called Cyberbunker. As The New York Times' John Markoff and Nicole Perlroth explain:
The dispute started when the spam-fighting group, called Spamhaus, added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam. Cyberbunker, named for its headquarters, a five-story former NATO bunker, offers hosting services to any Web site except child porn and anything related to terrorism, according to its Web site.
A spokesman for Spamhaus, which is based in Europe, said the attacks began on March 19, but had not stopped the group from distributing its blacklist.
Patrick Gilmore, chief architect at Akamai Technologies, a digital content provider, said Spamhauss role was to generate a list of Internet spammers.
Of Cyberbunker, he added: These guys are just mad. To be frank, they got caught. They think they should be allowed to spam.
CloudFlare, which is the company that provides DDOS mitigation, explains the attack against their client, Spamhaus, and how the tremendous amount of data being sent for the attack slowed down the Internet for everyone else on it.
Anycast means that if the attacker attacked the last step in the traceroute then their attack would be spread across CloudFlare's worldwide network, so instead they attacked the second to last step which concentrated the attack on one single point. This wouldn't cause a network-wide outage, but it could potentially cause regional problems.
We carefully select our bandwidth providers to ensure they have the ability to deal with attacks like this. Our direct peers quickly filtered attack traffic at their edge. This pushed the attack upstream to their direct peers, largely Tier 1 networks. Tier 1 networks don't buy bandwidth from anyone, so the majority of the weight of the attack ended up being carried by them. While we don't have direct visibility into the traffic loads they saw, we have been told by one major Tier 1 provider that they saw more than 300Gbps of attack traffic related to this attack. That would make this attack one of the largest ever reported.
The challenge with attacks at this scale is they risk overwhelming the systems that link together the Internet itself. The largest routers that you can buy have, at most, 100Gbps ports. It is possible to bond more than one of these ports together to create capacity that is greater than 100Gbps however, at some point, there are limits to how much these routers can handle. If that limit is exceeded then the network becomes congested and slows down.
Over the last few days, as these attacks have increased, we've seen congestion across several major Tier 1s, primarily in Europe where most of the attacks were concentrated, that would have affected hundreds of millions of people even as they surfed sites unrelated to Spamhaus or CloudFlare. If the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why.
|To Do Cat: Cat Meme-Inspired To-Do List|
|They Haven't Got Mail|
|Randomly Surf Wikipedia|
|The 50 Most Interesting Articles on Wikipedia You Should Read|
|Internet Explorer 9 to use Mozilla's Firefox code base|
|Where AI is Currently At|
|"You look in the mirror and see your body and your face and you think that’s you—but that’s really just the machine you’re riding in."|
|"A spacecraft may be possible that could maintain a steady acceleration into and through interstellar space without the need to carry along propellants."|
|Religious Loophole to Turn Lights On and Off During Shabbat|
|The End of Doodling|
|"John Deere is the largest operator of autonomous vehicles."|
|"Super-detailed scans of actual human brains that run as models on computers"|
|“Trump is what happens when you fail to understand our global problems in their interconnected, systemic context.”|
|Extinct Alien Civilisations|
|"How advertising has become increasingly persuasive and tailored in the age of big data"|
|"We’ve never before built machines that operate in ways their creators don’t understand."|