8 comments

[ 2.8 ms ] story [ 31.2 ms ] thread
It is not down. Just the inbound connectivity has issues. Here is a response from them:

We are currently aware of the a DoS attack that is impacting the resolvers in the Fremont datacenter. Our administrators are currently working to resolve the issue.

Call it what you like. A DDoS hit linode causing many servers on linode to no longer field requests from the public.
You are right. I have 3 servers with Linode. 2 are working fine, 1 of them is not able to serve content.
(comment deleted)
The problem is at Linode’s DNS resolvers. For my own servers, I worked around it by changing to Google DNS, and ensuring it was listed before Linode’s own DNS servers. https://gist.github.com/natesilva/11409605
Note this applies to Fremont. I have no idea about the other DDoS attack affecting Newark.

And even though this got my servers back up, they are responding slowly. At least requests are being served.

Add redundancy by removing external dependencies like third party resolvers. Running your own local resolver is as simple as:

  apt-get install unbound
  echo "nameserver 127.0.0.1" > /etc/resolv.conf
If you want to take advantage of a shared cache by using a third party resolver, shove this at the bottom of your /etc/unbound/unbound.conf:

  forward-zone:
      name: "."
      forward-addr: ip.of.recursive.resolver
      forward-first: yes
The "forward-first" option means that it will attempt to contact ip.of.recursive.resolver to do the query first, and if it fails because it is down, then it will do the lookup it's self.