Heads-Up: GoDaddy Broke the Interwebs...
drew.weaver at thenap.com
Wed Sep 12 20:13:15 UTC 2012
I just wanted to make one quick point.
Cloudflare is not a competitor of GoDaddy in any sense except that they are "involved in DNS" and they both have a web site.
CloudFlare has also been known to "give up" and dump small to medium sized PPS attacks onto the end target without notification and there doesn't seem to be any threshold or policy in place for when they do that.
From: Naveen Nathan [mailto:naveen at lastninja.net]
Sent: Wednesday, September 12, 2012 2:44 AM
To: nanog at nanog.org
Subject: Re: Heads-Up: GoDaddy Broke the Interwebs...
> we do not know what happened. we have an apology, not an explanation
> or reasonable post mortem. all else is conjecturbation.
Agreed. And as Chris and Kyle pointed out, there is no indication that the problems were present in the BGP DFT, and the issues could've occured over iBGP. I completely concur with this, and do not preclude it as an explanation.
But I would just like to put this out there.
In the past, GoDaddy has clashed with the Internet due to their initial stance on SOPA, which resulted in a noticeable loss of customers and generated a significant amount of bad press.
Now, there's a lot of conjecture as to what caused their outage.
But the most harm to GoDaddy would be reporting that they had a security breach or DoS/DDoS attack which would instill fear in their customer base.
The major media outlets had already picked this up and started to report foul play by Anonymous, denial of service attacks, or whatever.
To save face, it would make the most sense not to mention that a security breach or DoS/DDoS attack occured. Indicating a security breach would be immediate concern for any customer. If it was a DoS/DDoS attack, they're basically admitting that they don't have an infrastructure capable of withstanding or mitigating such attacks (which competitors such as Cloudfare do claim). So the best option would be to spread disinformation if either occured, and offer /generous/ service credit to earn back customer goodwill and confidence.
This is simply why I remain skeptical. And as I said earlier, it would be nice to receive more information of what actually happened, if GoDaddy, or anyone in the know with GoDaddy, would oblige.
More information about the NANOG