It's only my problem to the extent that I'm with CISP. Other than that it's not my problem and I don't care about the reasons etc. Its annoying as hell that this is the 2nd weekend I've lost because I'm with CISP. Fortunately for all of us, we aren't beholden to 1 road in your analogy. There are many many routes to get to the Internet/Sandton. I'm going to sell up and go to a neighbourhood where I don't need to live in a fortress, and where tanks don't roam around the streets trying to find my fortified house.
In summary, CISPS problems are not my problems. I only have 1 care on the internet, and that is reliable service. If they cant sort their problems out and give me what I'm paying them for, I can sort my problem out and leave and give the money to someone who knows how to handle this stuff better. That's all there is to it.
My post does not diminish the impact that you feel as the end user or how it affects you.
Great long post that actually missed the entire point.
The internet doesn't operate like a freaken road, glad you drank the coolaid when every tom dick and harry company tried to play the road game to justify their pricing.
The DDOS attacks and I am suspecting CISP is being affected in this way is usually targeting exploitable networks more than just throwing random traffic at the network.
Stuff like DNS flooding, SYN flooding etc. does not actually mean the attackers send 500Gbit of traffic, it is just the receiving routers translate the traffic into 500Gbit due to exploitation such as packet splitting that translate in extra overhead traffic so as much of a pain a DDOS is the fact of the matter exploitable networks will suffer from these attacks over and over.
Has nothing to do with exploit-ability, but rather physical limitations of physical network connections.
My analogy is a lose simplified example which explains a DDoS in la mans terms.
The single highway analogy is an example of any of their physical links which connect to their office (routers), be it local or international. At some point all traffic across the internet has to converge and enter the "CISP" network and it does this at their BGP peering points (on ramps to their network, physical links or "highway")
Once all this traffic converges at their peering points, be it 1 or 100 peering points, the physical link down into the router has a physical speed limitation. Currently the maximum generally supported speed is 100Gbps per physical port.
You can't push 500 Gbps down a 100Gbps physical link, the same was you can't force the vaal dam down a hosepipe all at once. The link cannot work faster than 100Gbps the same as a hosepipe can't push 5 million liters of water a second.
The moment they start bonding or adding additional 100 Gbps physical connections, they area adding lanes to the "highway" or "getting a bigger hosepipe" or "more capacity on the CISP network".
There are 2 options, get more physical connections "lanes" so that you have say 1.5 Tbps of capacity and absorb the attack. It's very easy to stay up when the attack is smaller than your physical peering connections.
The is expensive and would involve buying a lot of new really expensive hardware and all this cost is going to reflect in their pricing, no company can sustain a business at a loss.
They could invest in DDoS scrubbing providers who have DC's around the world. (extremely expensive) and once again the cost of this would then reflect in your pricing. Keep in mind, even these DDoS providers have a physical network capacity limit.
It doesn't take a genius to find targets either, there are multiple online network exploitation scanners that even the dumbest "hacker" can utilize to find their targets.
There is zero chance that CISP network was just directly selected as a direct target from day 1 and more likely their network got caught up with these exploitation scanners as a viable target. The attackers probably didnt and perhaps still doesn't even know who CISP is.
The are hitting exactly the same networks that were hit in the last round of attacks, it's very selective and its not cheap to fund attacks like this. The attacks are very precise and calculated. These attacks are not some mickey mouse dude in a food stained shirt who is having a lol in his computer chair, I know that you think they are, but they not.
My analogy is lose example which explains a DDoS in la mans terms and the fact that a fast flood attack is designed to completely congest your physical links.
The single highway analogy is an example of any of their physical links which connect to their office (routers), be it local or international. At some point all international traffic coming from multiple networks across the world has to converge and enter the "CISP" network and it does this at their BGP peering points.
Once all this traffic converges at their peering points, be it 1 or 100, the physical link down into the router has a physical speed capacity. Currently the maximum generally supported speed is 100Gbps per physical link.
You cant push more than 500 Gbps down a 100Gbps physical link, the link cannot work faster than 100Gbps.
The moment you start bonding or adding additional 100 Gbps connections, you are adding lanes to the "highway" in my analogy.
There is not one single provider in the world who cannot be taken offline if the attack is large enough. Amazon, Microsoft, Blizzard, Github, Godaddy, Ovh have all been taken down by very large DDoS attacks, even with the smartest people in the industry working there and all the money they have to throw at DDoS protection, If it's large enough and coordinated enough, they will go down.
I'm not saying that customers should not be upset or frustrated, I am also a CISP customer, I'm affected by this just as much as you all are. The guys and girls in CISP are just as upset / frustrated are you are, probably more because this is affecting their bottom line, their sleep, family time, etc.
What I am saying that CISP and all other providers that are being attacked are doing all they can do, direct your anger at the people attacking. If they didn't attack providers, we wouldn't be having this issue in the first place.
Sign up with Google
