Cool Ideas Fibre ISP – Feedback Thread 2

[r00igev@@r]

 

[TheRoDent]

@TheRoDent if CISP was allocating IPv6 DHCP addresses instead of only IPv4, would IPv6 help reduce the effects of DDoS attacks?

Our IPv6 projects are well under way considering that Afrinic predicts IPv4 depletion by March next year.

We would have to NAT some IPv4 until all providers are onboard with IPv6, but IPv4 isn't going away....

As for the attack surface, IPv6 would maybe reduce it a bit, but we would still have to offer IPv4 in some fashion, so an attack would still be relevant on the IPv4 space.

 

[TheRoDent]

If you guys only had HE as a upstream provider, would that mean cisp international traffic would have been cut off completely?

If true those who want to move away make sure your new isp doesn't use HE exclusively.

Exactly this. Read between the lines in our announcement circa Feb 2019.

We are more well connected to the internet than just two upstream providers, if you review our peering at https://bgp.he.net/AS37680#_peers and https://bgp.he.net/country/ZA but obviously that doesn't help if your major Tier 1 providers are flooding you.

We strive to keep a well-connected AS and it shows.

 

[TheRoDent]

Wow.

Congrats then for dealing with, as far as I know, the biggest ddos attack in SA's history.

I wish I was fudging the numbers, but it's what went down. Between two Tier 1 upstreams with varying announces they saw ~200-300Gbps of traffic each at times, but what's a few gigabits between friends ?

 

[r00igev@@r]

yes. i saw that. here's what it could have said:

Why should I, as a customer, be confident that you've taken steps to defend against this?

<insert answer here>

What will you be doing when this happens again? What can I expect from you and what's your commitment to that?

<insert answer here>

How are you planning to communicate with your community going forward?

<insert answer here>

How have you communicated in the past, and what are you learning from that?

<insert answer here>

What does it mean for me that you're under a targeted - and seemingly highly specific - campaign of attacks, continuing over months? Is there a reason you think that's happening?

<insert answer here>

What's your contingency plan to keep my service active? What unique and innovative steps, if any, are you taking?

<insert answer here>

What's your promise to me and how do I keep you honest to it? How are we going to hold each other accountable?

<insert answer here>

Reasonable and balanced set of questions to have but it amounts to what is the expectation and what is the level to how that expectation can be met.

The difference in the above forms the core of most problems in any transnational engagement.

 

[AfricanTech]

I wish I was fudging the numbers, but it's what went down. Between two Tier 1 upstreams with varying announces they saw ~200-300Gbps of traffic each at times, but what's a few gigabits between friends ?

Friends? Haven't you heard, you have no friends - all business is based on contracts only, relationships mean nothing in this cruel, cold world...







Fk'n well done on the weekend mitigation

 

[CrypticZA]

Now that the **** storm is over can we get the discord voice in Cape Town working found multiple people all having issues and i'd log a ticket but my last ticket still has not been updated since 11/11/2019 11:59 AM

Also during the weekend using my VPN i had no discord voice issues so it's not Vumatel...

 

[Yster21]

I don't know what all the fuss is about. Google/Youtube/Netflix/anything local all still worked like normal, and I could use a VPN (as someone stated in a muuuuch earlier post) to circumvent the international issues. /shrug

 

[dotdan]

I don't know what all the fuss is about. Google/Youtube/Netflix/anything local all still worked like normal, and I could use a VPN (as someone stated in a muuuuch earlier post) to circumvent the international issues. /shrug

Yes, and for this reason I must commend CI. My kids could still stream Youtube or Netflix., I couldn't game, but I didn't bitch about it, I just went and did other things around the house. Whatever. I don't live for my internet.
(I can understand those coming from a work perspective and that they have all right to be upset)

I appreciate the comms, I think it worked better this time around. Mitigation was better even though it was a much larger attack.

I see that you are showing some technical information, if I may ask, are you guys considering Arbor?

Just stay humble, keep doing what other ISP's don't which is build a community with their customers, even if your niche is seen as a gamers ISP (which I think is cool) and keep striving to be the best.

 

[Hunted]

Good Morning @PBCool & @TheRoDent

Just to check, can you please confirm if the gaming pings have been sorted as yet? Last night at 23:00 it still showed a 300ms ping to the EU.

 

[CrypticZA]

Good Morning @PBCool & @TheRoDent

Just to check, can you please confirm if the gaming pings have been sorted as yet? Last night at 23:00 it still showed a 300ms ping to the EU.

What game?

I did Apex (145ms)/Overwatch(160ms) and both were normal

 

[DuckKnuckle]

What game?

I did Apex (145ms)/Overwatch(160ms) and both were normal

Normal for you maybe. I’d take fixed EU latency and switching to TS3 with a broken discord over my 180 EU latency any day

 

[CrypticZA]

Normal for you maybe. I’d take fixed EU latency and switching to TS3 with a broken discord over my 180 EU latency any day

I'd say it's weird how our pings can be so far different but then i get 175 to an Amsterdam server and then a server in the same data centre i get 159ms to so doesn't surprise me in the end. TS3 ew no thanks it's not 2009 xD

 

[DuckKnuckle]

I'd say it's weird how our pings can be so far different but then i get 175 to an Amsterdam server and then a server in the same data centre i get 159ms to so doesn't surprise me in the end. TS3 ew no thanks it's not 2009 xD

mIRC maybe?

 

[CrypticZA]

mIRC maybe?

Ah mIRC the good old days where pickup CoD 4 games were organised and games were not full of micro transactions and silly cosmetics

 

[Hunted]

What game?

I did Apex (145ms)/Overwatch(160ms) and both were normal

Sorry, it was for PUBG... My son said his ping was fortnite was fine though. We are few clan members that are on CI and all of us had 300ms+ pings to the EU...

We had to use a VPN to JHB to get a 198ms ping, which is more than we usually get ex CPT.

 

[CrypticZA]

Sorry, it was for PUBG... My son said his ping was fortnite was fine though. We are few clan members that are on CI and all of us had 300ms+ pings to the EU...

We had to use a VPN to JHB to get a 198ms ping, which is more than we usually get ex CPT.

Someone was mentioning they were routing via SACS to Brazil servers (PUBG puts you on the lowest ping servers), i have had this happen before (in Overwatch) when i play on American servers were it puts me on Brazil servers because it sees it being the lowest (in that region) but i go via London to get there since it doesn't take the SACS route which resulted in me getting 300+

I would say get them a trace route to see whats going on it might be doing something similar to what i experienced in the past.

 

[darste]

@PBCool, @TheRoDent, after what has to have been an incredibly challenging weekend, well done to you and the other CISP techs who sorted the problem.

While the outage didn't affect me much, it's perhaps pertinent to explain the thoughts that went through my mind (as a not-very-IT-minded member of the public) because of CISP's communications this weekend. It's also sensible to bear in mind that not every CISP customer knows about this thread - their main source of information would have been your Facebook page, Twitter feed and the Cool Zone, all of which weren't exactly well-attended.

When the first SMS rolled around circa Saturday morning: "Oh, FFS, again? Haven't these dudes learned from September?"
During Saturday while I wasn't home: "Still not fixed? Must be one helluva problem. But where're the protection measures after September's brouhaha?"
Upon digging around online (at my office) during Sunday: "Still no comprehensive details, they're obviously busy trying to fix it but reassure people that it's something bigger than they've ever dealt with and they're not sleeping until it's sorted out? Speak!"
Upon reading MyBB during Sunday: "Lots of pissed-off people, detailed communications urgently needed."

CISP communicated ineffectively in a technical way and in layman's terms. The way out, as I see it, is simple: get a PR-minded person to handle Facebook, Twitter and the Cool Zone; there, keep it easily understandable ("We're really trying, this is the biggest attack we've ever faced, we're doing everything we can"). Then, get a recently-graduated, knowledgeable technical chap to update the channels where people want more than "We're really trying..." (you can't be expected to employ a highly-experienced, highly-expensive technician just to post messages on the MyBB forums). Said graduate can learn on-the-job in unusual situations like this.

What do you think?

 

[Hunted]

Someone was mentioning they were routing via SACS to Brazil servers (PUBG puts you on the lowest ping servers), i have had this happen before (in Overwatch) when i play on American servers were it puts me on Brazil servers because it sees it being the lowest (in that region) but i go via London to get there since it doesn't take the SACS route which resulted in me getting 300+

I would say get them a trace route to see whats going on it might be doing something similar to what i experienced in the past.

I did that post earlier to state that we are now routed via SACS due to the PUBG system see it as the lowest ping region.

It now makes sense why our pings is 300ms to EU since it run via South America to the EU now.

I did log a call about this so hopefully they can do a routing change for us.

 

[jannier]

All looking good over here this morning, Thank you @PBCool and @TheRoDent , what a hectic weekend.
1Gbps, Vuma Trenched, Brackenfell, CPT.

Single:


Multi: