

GitHub connectivity issues  - electic
https://status.github.com/

======
vonklaus
wow I knew it. Everything _is_ absolutely crawling. I am trying to push up my
repo and get some packages. I could tell something was definitely up. Damn it.
Thanks for the update.

------
sgloutnikov
Couldn't push, so came here to find out it wasn't only me. 'Server aborted the
SSL handshake'

Edit: seems back to normal now

------
andrewguenther
What I actually find more interesting is the spike in hook delivery time that
correlated with the spike in exception rate.

My guess would be that some hooks were timing out which possibly causes an
internal exception? Maybe? It is interesting that they would include timeouts
of external services in their exception count. Purely speculation though.

~~~
adrianmacneil
Ruby with resque/sidekiq will definitely cause an exception if an http call
fails or times out. This is what causes it to end up back in the job queue.

------
slacka
00:38 Eastern Standard Time All systems reporting at 100%.

[https://status.github.com/messages](https://status.github.com/messages)

------
TuringNYC
I'm working on GMT+3, and our work-day starts at 7am. Sort of sucks to have my
core work hours be the typical SFO downtime slot...

------
smaili
Looks like I wasn't the only one! Wonder who's behind this one.

------
msoad
It's completely unusable for me :(

------
titomc
works for me now.

------
rubiquity
How do we know it's a DDOS and not some sort of operational failure? Mods
should change the title until it is confirmed.

~~~
dang
Ok, we changed the title from "GitHub under DDOS."

~~~
cft
Look at the traceroute. This is a DDoS mitigated via Prolexic.

~~~
BradRuderman
Wouldn't the traffic run through to Prolexic regardless if it was under a DDOS
or not?

~~~
cft
Typically, DDoS mitigation services offer a limited number of 48-72 hour
mitigations per year (can be a large number, depending on the contract).
Outside of these periods the traffic is not routed via them.

~~~
BradRuderman
How does that work? Does the DDOS mitigation software change DNS and if so how
can it change the DNS in the middle of an attack assuming the attackers?

~~~
cft
Only very basic DNS mitigations services have you change DNS and proxy through
them. Predictably GitHub is not using one of those.

If you really want to protect your service (your own DNS or say SMTP,
WebSockets, TCP), then you need to change the internet routing. This is done
via BGP announcements of your IP subnets, such that you announce your
_inbound_ routes via the mitigation providers. The providers scrub the traffic
and deliver clean traffic via a GRE tunnel to your routers. The outbound
traffic is routed directly via your upstream providers.

