On Thu, 18 Sep 2003, John Fraizer wrote: : As has been stated by others, UltraDNS, like the roots and other TLD hosts : is under nearly constant attack. Perhaps your local nodes were effected : by an attack. IE; the pipe was full but the service was still alive so the : anycast prefix wasn't retracted. Bummer. Sucks to be you. Sucks to be anyone trying to use the service whose routers pick those nodes as the only ones available. That's the fault of the implementor, not the client. The major issue here is that no *gTLD*, particularly one of the Big Three, should be subject to a SPOF -- even if it's only a regionally visible SPOF due to anycast selection. It should *always* be possible to attempt queries to more than one physical location's servers for a gTLD. Yet last night, I could not query .ORG from several different locations in the continental US, even though there were perfectly functional servers available (in the same country, no less). BGP errors happen (everyone here should be able to attest to that readily), and they did. What's to stop some other boneheaded DoS or oversight from causing this again? And again? This particular outage was in the late evening in what appeared to be the affected area from my probing, which is why people like you don't appear to care; it "didn't affect you". What about when it happens in the middle of the day in your neck of the woods? : Doesn't really matter to me though. Bitch and moan all you like. : Demonstrate your lack of experience and understanding. Uh-huh. Quite a few people here know better; they also know I am surrounded by <cloak/> on this list and others. If my public resume were up to date and filled in more detail, you'd know otherwise. Don't try to speak for my experience from your pedestal when you don't have the information to make that kind of baseless judgment. On the other hand, if you can't see the fatal flaw in a major Internet infrastructure service depending on a single point of failure, I can point you at a few books that could enlighten you. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com>