We are experiencing a serious network issue. Our network is partially unreachable from the internet. We are investigating this problem, we will give updates every 15 minutes.
Looks like one of our core routers is under DDoS attack. We're working on a solution.
We can confirm the cause of the outrage was a large DDoS attack to one of our core routers. We where able to mitigate the DDoS. We're working on a more permanent solution to make us less vulnerable for this kind of attacks.
Yesterday evening we received a large DDoS attack targeting the routing engine of one of our primary routers, causing BGP sessions with some upstream network providers to time out. This caused part of our network infrastructure to be unreachable from the internet and it took some time for our network to converge while the attack was ongoing. At the same time we blackholed some attacked IP’s in order to restore connectivity.
We have anti-DDoS measures in place to mitigate most common network attacks. However, the attack we received last night was different in nature and we currently have limited protection against this specific type of attack.
For this reason we have decided to schedule an emergency maintenance window to implement some changes that will help us to better mitigate these attacks.
No network downtime is to be expected while these changes are being implemented, but there might be some increased latency and/or packet loss in case we have to re-route traffic.
Start of emergency maintenance: 19-nov 0:00 (CET / UTC+1)
End of emergency maintenance: 19-nov 3:00 (CET / UTC+1)
We’re terribly sorry for the trouble.
We have implemented several changes to improve DDoS-protection of our core network infrastructure:
- We found some weaknesses in the firewalls of our routing engines (RE) which have now been resolved: All invalid traffic will now be properly dropped before reaching the RE, which will ensure the RE will remain operational when under attack.
- We have added an extra line of defence by policing traffic directed to our core network infrastructure. This will ensure most of the packets will have already been dropped before actually reaching the firewall of our RE when under attack.
The next hour we will monitor performance to ensure these measures don't have any impact on latency.