

Large DDoS hitting CloudFlare - sgehlich

Cloudflare confirms that a big DDoS is going on right now: https:&#x2F;&#x2F;twitter.com&#x2F;CloudFlareSys<p>There are a lot of people out there talking about the DDoS as well, some of them are talking about 400+ Gbps:
https:&#x2F;&#x2F;twitter.com&#x2F;search?q=ddos
======
crystaln
CloudFlare, a product supposed to increase uptime, has been my product's only
source of downtime for the past several months.

~~~
tmarman
CloudFlare also caused huge performance issues on a side project which I
didn't notice until recently. I was consistently getting 1.2s+ responses on a
couple of pages, and 600ms on a completely static page.

So, not only did CloudFlare not help on the pages that were truly static, it
was actually making everything worse across the board. Hitting the same site
with my direct.* DNS cut from 1.2s+ to under 500ms.

CopperEgg and others also kept reporting that my site was down or otherwise
super slow when on CloudFlare. I'm not sure if this is because of throttling
or something else that might have been in place with the CF service, but
either way I was often unable to reproduce the "down"/"more than 6s" that
CopperEgg kept reporting.

In short, I think CloudFlare's services sound good in theory, but I'm not sure
they have figure out all the issues with scaling and performance yet. So, I
cut them out... and certainly not going to be paying any time soon.

~~~
parksy
I've been on the free account for a while now, and when I received a surge of
traffic they responded to 460,000 of the 500,000-ish HTTP requests and served
48gb of the 50 that were requested over the course of about 12 hours. My
server load sat at 0.01 the whole time and I could not have been happier. The
concept is absolutely sound in theory and in practice.

You raise a great point about reliability however. The above example was a
personal project so I don't really lose much if there's the odd down-time here
and there. I'd love to recommend this for the enterprise-level clients where I
work but the idea of a point of failure out of one's direct control is a bit
alarming, and I am surprised and disappointed to see them succumb to a DDOS
that affects what (I assume?) was their entire network - even paying
customers.

I notice even now my homepage is taking seconds to load, when usually it
responds instantly. My guess is that they're prioritizing access at this stage
due to the DDOS, if it's still ongoing.

------
joshfraser
This is why most CDNs avoid taking on controversial customers like 4chan,
kaddafi.hk and other sites trafficking in illegal content. Due to their
decision to accept anyone, Cloudflare is a constant target for DDOS attacks
and their legitimate users occasionally share the brunt of those attacks.

~~~
fnordfnordfnord
4chan "trafficking in illegal content"? I don't think that's a fair
assessment. They specifically censor much less than most website operators but
they aren't "trafficking" any more than highway underpasses "traffic" in
illegal graffiti.

~~~
joshfraser
I was referring more to the numerous sites they host like kaddafi.hk which
sells stolen credit cards online. 4chan has a recurring problem with child
porn (which their moderators do their best to prevent), but I agree with your
distinction regarding trafficking.

------
xxdesmus
The attack directed at CloudFlare has been mitigated at this time. Performance
should be back at normal levels now.
[https://twitter.com/CloudFlareSys/status/433017584670093312](https://twitter.com/CloudFlareSys/status/433017584670093312)

------
pouzy
I've had to move my blog away from EC2 because Cloudflare was killing it (it
was a very simple wordpress install). Other more custom sites on other servers
are doing fine though.

They manage so much stuff that any downtime they have will make a lot of
people unhappy. It already happened once ([http://oneurl.me/cloudflare-broke-
the-internet](http://oneurl.me/cloudflare-broke-the-internet))

------
dewey
And here I was wondering why my internet (Germany) was very unstable an hour
ago.

Looks like it's related:
[https://twitter.com/CloudFlareSys/status/432997463562022912](https://twitter.com/CloudFlareSys/status/432997463562022912)

------
robbiet480
Here at 1355 Market, the Twitter building, AboveNet is entirely down. They are
claiming it's a main router issue. No ETOR.

------
invalidka
networksolutions.com is down... As well as a large merchandising site I'm
working with that's DNS goes through network solutions...

------
csense
Is there an economic incentive for DDoS attacks? Or is it just some bored
script kiddie with nothing better to do?

~~~
pavel_lishin
My theory is that some of them are proof-of-concept attacks: "We took down X
for forty eight hours; give us $Y and we'll do the same to anyone you name."

------
sparrish
We're seeing an increase in 'down' notifications in general here at NodePing.

------
toomuchtodo
I would kill for a Null Route REST API at peering points/network upstream
providers.

~~~
dsl
The reason the internet is still online is because people who would ask for
this type of thing don't have access to it.

Routers shouldn't speak HTTP. People who don't know how to use blackhole
communities have no business controlling them.

~~~
erichocean
_People who don 't know how to use blackhole communities have no business
controlling them._

What's a "blackhole community"? (I did Google, but found email messages from
2003 on page one. Surely there are better references?)

~~~
toomuchtodo
[https://www.nanog.org/meetings/nanog32/presentations/soricel...](https://www.nanog.org/meetings/nanog32/presentations/soricelli.pdf)

~~~
erichocean
Thank you, commenters like you are why the HN community rocks.

~~~
toomuchtodo
You're welcome! Not a problem at all.

------
callesgg
We would people try to do a ddos on them. A ddos is a temporary thing. Only
time it is worth it do do a ddos is when there is some kind of event thing.

Like if some one wants to get a site down today so people can't vote.

And cloudflare does not really have anything like that. Their customers yes,
them no.

~~~
PhasmaFelis
> _We would people try to do a ddos on them._

The same reason anyone ever DDOSes anything: because they're assholes.

~~~
CrowderSoup
This is the most succinct and accurate assessment of anyone who DDOSSes
anything.

------
leoplct
It's not me! :)

