Slashdot Mirror


Akamai DNS Outage Messes up Net

katre writes "Checking all my favorite sites this morning, I saw that about half a dozen seem to be offline. Trying to figure out why, I found an interesting article on the front page at http://isc.incidents.org/. Seems that the problems at Akamai are screwing over Yahoo, Google, Microsoft, Fedex, Xerox, Apple, and others. Whatever happened to my decentralized net with no single point of failure?"

14 of 522 comments (clear)

  1. Well . . . by Maradine · · Score: 4, Insightful
    Whatever happened to my decentralized net with no single point of failure?


    Its still there, and you're using it. The only organizations affected by this are those who chose to use a service that acts as a single point of failure.

    --

    trustedworlds.net - gaming, security, and the gunk that lives in between

    1. Re:Well . . . by Bob9113 · · Score: 4, Insightful

      Whatever happened to my decentralized net with no single point of failure?

      Its still there, and you're using it. The only organizations affected by this are those who chose to use a service that acts as a single point of failure.


      You said it brother (and beat me to the punch). This is a clear talking talking point for anyone who is attempting to justify avoiding a monoculture. When you brings up Microsoft, around which revolve a number of good examples of the dangers of monoculture, you risk the debate turning political and will almost certainly be discounted as a Linux/Apple/Unix zealot by at least some in the listening audience. It is very worthwhile to have other examples besides Microsoft and cotton when explaining the risks.

  2. Re:I'm definitely not a technical guru... by Malc · · Score: 5, Insightful

    How many *think* they can't live without web access? Offline working can be surprisingly productive, and as it often forces more thinking and planning (e.g. in preparation for being back online, and just thinking through what would happen of you could be online) the results end up being better.

  3. Re:I'm definitely not a technical guru... by MindStalker · · Score: 5, Insightful

    You mean decentralized?
    Anyways butting both DNS records on the same point of failure breaks standards. These companies deserve to be hit hard (PR wise) for not building a roburst network.

  4. Whatever happened to your decentralized net? by YetAnotherName · · Score: 4, Insightful

    The web happened my dear friend, and it was based on the predominant distributed computing model at the time: client/server. Even DNS, with its highly distributed spread of processing and data, has a set of (overloaded) root servers with the commensurate single points of failure. The solution? Peer-to-peer.

    Too bad even the term P2P raises so many red flags with certain Associations of America. :)

  5. Root servers not decentralized? by Otto · · Score: 5, Insightful

    It's not truely decentralized...
    The root nameservers are the most obvious example...


    The most obvious example? The fact is that there are 13 of them, in widely scattered locations across the globe, and it's not decentralized?

    Damn man, what exactly would you consider "decentralized" then?

    Root servers go down all the time. It's not particularly unusual. There's THIRTEEN of the things. Up to 8 have been down at once with no major effects on the network, IIRC.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
    1. Re:Root servers not decentralized? by sys49152 · · Score: 4, Insightful

      I'm sorry, my friend, but thirteen servers does not mean decentralized it means replicated. The fact that they are geographically dispersed doesn't matter. Furthermore, the root servers just redirect to the authoritative server, so your "company.com" search goes to Verisign for resolution. What happens when Verisign, oh, I dunno, decides to send back the IP address of a cheesy search engine instead on an error code for domain names that don't exist. I tell you what happens, the Internet breaks.

      To be truly decentralized not only do we need more than 13 overloaded root servers, but no one entity should be authoritative. How that's done is left as an exercise to the reader.

  6. Lack of multiple points of failure by bastardadmin · · Score: 5, Insightful

    I can see the logic that went into this plan:
    "Well, Akamai has a few million DNS boxes, if we put everything there we'll be fine! That's not a single point of failure!"
    Yeah, about that... multiple vendors may have been a good idea in retrospect instead of just one monolithic provider.
    Time to re-examine the definition of Single Point of Failure.

  7. Re:I'm definitely not a technical guru... by fish_in_the_c · · Score: 5, Insightful

    you can still get to all those sites. You just have to REMEMBER the ip instead of depending on the computer to look it up for you ;). TCP/IP was designed to have not centeral point of failure and still does it's job well. DNS was not quite designed in such a way.

    --
    âoeTolerance applies only to persons, but never to truth. Intolerance applies only to truth, but never to persons.
  8. Re:I'm definitely not a technical guru... by AKnightCowboy · · Score: 5, Insightful
    How many *think* they can't live without web access?

    *Live* and *work* are too entirely different things. I could not get any of my work done with network access.

  9. Re:I'm definitely not a technical guru... by bluethundr · · Score: 4, Insightful

    ...how many *think* they can't live without web access? Offline working can be surprisingly productive, and as it often forces more thinking and planning (e.g. in preparation for being back online, and just thinking through what would happen of you could be online) the results end up being better.

    F'real. To think, they did all that even before the Altair was a twinkle in Ed Roberts' jockey shorts!

    --
    Quod scripsi, scripsi.
  10. Correction by PhuCknuT · · Score: 4, Insightful

    Akamai didn't mess up the net. Akamai messed up some web sites that are akamai customers. Remember kids, www is only a subset of the internet, and akamai customers a small fraction of the www.

  11. "DNS was not quite designed in such a way" by Ernesto+Alvarez · · Score: 5, Insightful

    you can still get to all those sites. You just have to REMEMBER the ip instead of depending on the computer to look it up for you ;). TCP/IP was designed to have not centeral point of failure and still does it's job well. DNS was not quite designed in such a way.


    DNS was designed to be robust enough. Not one root server but many (ok, that's the weak point, we've all seen many DDoS against them, but it's not THAT bad). All zones are handled by their own servers, and (in theory) multiple servers for each zone. All in all, it's not a bad design.

    If what happened was that someone put all the servers behind one link, it's not DNS' fault, the BOFH there screwed up (and considering it's akamai, they should not have done that).

    (If that's not what happened, sorry, I couldn't RTFA, it's slashdotted or there's some sort of DNS problem there too).
  12. Re:Uh by Slime-dogg · · Score: 5, Insightful

    It is misleading to refer to the box as a "Linux" box. Was it really the kernel that was at fault for the machine being cracked, or was it a bug in one of the daemons that the machine was running? There are differences between a Linux box that runs BIND and another that runs EZ-DNS (or whatever).

    How about this: Instead of labelling the Akamai boxes that have problems as "Linux" boxes, label them as "BIND" boxes, or whatever DNS server it is that it runs. Perhaps there's a FreeBSD machine in there that is having similar problems.

    It is allowable, though, to refer to a Windows box as just that. MS ships an all-in-one product, and seldomly do admins use Windows to run BIND, Apache or other OSS servers.

    All of this hand-ringing in an effort to paint "Linux" as bad, or as "just as bad" is dopey. One might as well point a finger at the administrator of the machine that was hacked, the services that were running on it, etc. Most Windows problems are caused by the same thing too. It is wiser to point at the admin (and the services one chooses to run) than to point at the OS, or the kernel.

    --
    You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.