how godaddy brought down millions of sites – and how to avoid being a dns outage casualty

© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential

Yottaa Inc. 101 Summer Street Boston MA 02110 http://www.yottaa.com

© 2010 - 2012 Yottaa Inc. All Rights Reserved.

How GoDaddy Brought Down Millions of Sites –

and How to Prevent Becoming a DNS Outage

Casualty

http://www.yottaa.com/�


GoDaddy Outage

2

• Outage started around 1pm ET on Sept 10 2012 • Resolved around 7pm ET on Sept 10 2012 • Lasted about 6 hours • Impact:

• ALL sites being hosted by Internet domain registrar GoDaddy were down • 45 million domains registered on GoDaddy…


What Happened?

3

GoDaddy DNS servers failed to resolve DNS requests… All GoDaddy registered domains use GoDaddy DNS servers by default.


What Caused It?

4

Hacktivist @Anonymous Own3R quickly claimed responsibility


Who Is Anonymous Own3r and Why?

5

• A global hacktivist group • Twitter handles:

• @youranonnews, @anonymous • Site:

• http://youranonnews.tumblr.com/

Who is Anonymous? We are Anonymous, We are legion, We never forgive, We never forget, Expect us.

'Anonymous' typically announces their attacks on twitter and Facebook before hand, especially DDOS attacks. For example, in August, Anonymous brought down many EU government websites to protest for WikiLeaks founder

http://youranonnews.tumblr.com/�


Who Is Anonymous Own3r and Why?

6


What Caused It (Again)?

7

“We have determined the service outage was due to a series of internal network events that corrupted router data tables” The service outage was not caused by external influences. It was not a “hack” and it was not a denial of service attack (DDoS). Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level our customers expect from us and the level we expect of ourselves. We have let our customers down and we know it.

- Scott Wagner Go Daddy Interim CEO

Official statement from GoDaddy on September 11th:


What? Not Me?

8


What Is DNS?

9

• DNS, Domain Name System, is the most fundamental building block of the Internet

• The Internet will not function without DNS

• DNS is responsible for translating domain names into IP addresses • Human beings work at domain name level – you don’t remember a website

by its IP address • Internet routing system only work at IP address level – it knows nothing

about domain names • Connecting between the two is DNS:

• DNS translates human understandable domain names into IP addresses

• DNS is hierarchical

• It is a large distributed database for all Internet records • Organized as a tree structure • Your domain is a node on that tree


Your Domain Records

2nd level

Top level

Root level

10

Your Domain and the Internet

Root

.com

mycorp.com

www Blog mail Boston

www ….

…

.org .net .uk …

3rd level

4th level


How DNS Name Resolution Works

11

• DNS Server (name server) Is the glue for the entire Internet;

• Each level can have its own DNS server • Maintains its own records • Answering calls at this level

Source: http://www.windowsitpro.com/content/content/48527/Figure_01.gif


Your Domain Records

2nd level

Top level

Root level

12

How Do You Manage Your Domain Records?

Root

.com

mycorp.com

www Blog mail Boston

www ….

…

.org .net .uk …

3rd level

4th level

• Your can host your domain DNS records using any DNS service

• Domain registrars provide the default ones


Why and How to Choose A DNS Service


Your Domain’s DNS Server

14

• When you register your domain name • GoDaddy automatically set up GoDaddy DNS server for your domain

• When someone visits a website

• The browser will ask the name server of the domain “who is this domain name”?

• Name server will answer the IP addresses of the domain name • The browser gets the address and connects to it • The visitor sees the returned web page

• When someone sends you an email to [email protected]

• The sender will ask the name server “where is the mail server for yourompany.com?”

• Name server will return the IP address (“MX” record)

DNS failure means the failure of your entire domain

mailto:[email protected]�


DNS Service - What To Look For

• Reliability • Performance • Security

15

• Geographic distribution? – Single location? – Multiple location? – Global locations?

• IP Anycast? • Security

– DNS attack prevention? • Easy of use UI


DNS and Network Stack

16

Source: http://i.technet.microsoft.com/dynimg/IC198104.gif

A DNS query is carried on the TCP/UDP stack, typically over UDP. It is routed as typical TCP/UDP packet


IP Anycast

17

• Multiple locations are needed for Anycast

• Each location share the same Anycast IP address

• Internet Routing (BGP) chooses the closest location


DNS Spoofing

18


DNS DDOS Attack

19

DNS Server


Yottaa Global DNS Service Enterprise-class Anycast DNS network for free


Yottaa DNS

Web

Optimization Network

Global DNS for Speed & Scale

• Global IP anycast • Globally distributed

data centers • Globally redirects request

to closest geographic server

Features:

Benefits: • High performance DNS service • Enterprise-grade traffic

management • DNS Shield for protection


Yottaa Anycast Network

22

Chicago

Atlanta Miami Dallas

Washington, DC

Ashburn New York

Seattle

San Francisco

San Jose

Los Angeles

Sao Paulo (Coming)

Tokyo

Osaka Hong Kong

Singapore

Dublin

London

Madrid Paris

Amsterdam

Frankfurt

Sydney’

North America

South America

Europe

Asia

Australia


Yottaa DNS UI

23


24

Don’t let your website fail you

To Make Your Website Fast, Reliable and Secure

Visit: www.yottaa.com

For More Information Contact: Coach Wei Email: [email protected] Phone: +617.896.7818 Web: www.yottaa.com Twitter: @yottaa

© 2011 Yottaa Inc. All Rights Reserved.


mailto:[email protected]�


how godaddy brought down millions of sites – and how to avoid being a dns outage casualty

Technology

domain records

rights reserved

service outage

anonymous

dns

anonymous

server

internet