Slashdot Mirror
Libyan Internet Flatlined
dnsdude told us about the latest developments regarding rumored Libyan Internet censorship. It appears that massive censorship is occuring with two of the five .ly root name servers being unreachable. It's difficult to tell if this is because of intentionally bad routes, or the result of actual infrastructure damage.
I've always wondered if using a .ly domain name would come back to bite bit.ly in the arse. I just checked, and it still appears to be up, but if all the .ly servers go down for more than a day, no one will be able to use their service.
are belong to me. The people love me. I am not a leader, I have no position. I cannot step down.
But you have voluntarily given all your base to me. I am divine protector of your base.
I will never leave. Your base is safe with me.
Some young people have taken drugs which caused them to make poor decisions about their base.
The correct decision is to give all your base to me. I will never leave you. The people's councils honor me with their base.
I am forever.
How is registering a completely valid ccTLD "abusing DNS"?
When I trace to bit.ly it stops in San Jose, CA. They probably have mirrors in several countries and this one happens to be closets for us.
Loading...
Root servers for the ly TLD:
All of these would have to inoperable before all .ly domains would stop resolving, and there's still the matter of caching at intermediate DNS servers until the TTL expires for records. Additionally, bit.ly isn't hosted within Libya. In short, I don't expect bit.ly to be going down over this.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
Could there be a way to transfer control of .ly to the Benghazi Provisional Government of Libya?
I, for one, would welcome new overlords of .ly.
I'm not a lawyer, but I play one on the Internet. Blog
Closest, not closets....
Loading...
Data after this point are still being finalized. Interpret them with caution.
If you look at the graph on the google page linked in the summary, and expand it to the left, it turns out that Libya's traffic was about 50% lower a few weeks ago, when the revolution started. It's been improving. The "flatline" is suspicious, especially since 3 of the 5 .ly root servers are still up. It also falls in the area of data that's still being collected by Google, so it might be specious.
I posted what I know here :
http://forum.americafree.tv/showthread.php?p=45045
It looks like the undersea cable is fine and BGP is up, but there is no reachability past the landing site. This indicates that there is probably not physical damage, at least to the landing site and the first hop routers, but a cut somewhere after that. If I had to guess, I would guess that Gaddafi or his minions just told the ISPs to shut it down.
As the only Libyan landing site I know of is in Tripoli, this may also cut off the liberated areas in Cyrenaica.
Redundancy in routing is good - an overland link between Benghazi and Alexandria could be very useful right now.
Well, that's easily solved for us slashdotters. Bit.ly is 168.143.172.53, at least to me here in the southeast UK. Just point your hosts file there.
I agree it's not really "abusing" DNS, but there is something to be said in favor of using your own country's infrastructure - or that of a stable, well-developed country, at the very least. Using a Libyan domain was probably a bad business move, as it counted on the shit never hitting the fan in Libya, and if experience tells us anything, then it's that EVENTUALLY, the shit always hits the fan.
It's going against the planned heirachy. It's like putting all your documents in /var/lib. It'll work, but that's just how it's supposed to be done.
was the wrong word, but these cutesy URLs annoy me in the same way starting a comment in the subject annoys me. Use fields (or ccTLDs) the way they are supposed to be used.
If I can just reach out with my words and touch a butthole, just one, it will all be worth it.
What happen?
What you say?!
You have no chance to survive. Make your time.
(For great justice. Move packets!)
2 of 5 is not a flatline. It's 40%.
They come in the dark, only in the darkest.
Bit.ly is 168.143.172.53
Can you shorten that IP address for us?
It's not really abusing DNS, but it seems really foolish to found a business that relies upon a (at the time) potentially unstable (and now definitely unstable) foreign country's ccTLD.
Google's shortener, goo.gl, uses Greenland's ccTLD, which is quite stable. Austria (.at), Iceland (.is), and other clever-sounding ccTLDs are in stable countries with good infrastructure. Libya...not so much.
Get a life.
Took you 200 words to fall into that irony.
Get a life.
Was that really necessary?
You might want to mouse-over the links in the summary...
Because a country TLD was meant to be used for services run from within that respective country, or directed at that country. .tv for television stuff.
Same goes for all those who abuse
Hell, the whole damn system has been broken for years. .com, .org, . everything there is, barely any of them are used for the reasons they were created.
The wiki article has a list of several ccTLDs that are abused.
ccTLD abuse
This is what happens when guidelines aren't rules. Greed takes over and, well, ^ happens.
And it is pretty much too late to fix it, along with the horrible mess that is the DNS system in general. (mostly because of people lacking in basic computing knowledge)
Newsgroups had it mostly right. DNS as it is now is terrible, and massively open to abuse simply because of the order of sections in the URIs
Flip the whole section around (sans directories) and it would cut out a huge number of problems. Also ditch the stupid 2 character maximum assignment for ccTLDs. 3 has and always will be the standard.
Then allow for much better organizational groups, such as charity, non-profit, e-mail, media, education, search, banking, porn, whatever.
http://ccTLD.sitetype.domainname.subdomains/directories/
Now, doesn't that look a HELL of a lot better than the crap we have now?
Examples
http://us.search.google.images/?some-parameters-here
http://us.news.google/?some-parameters-here
http://us.news.slashdot.yro/story/11/03/04/1732232/Libyan-Internet-Flatlined
And so on. No need for silly abuse of TLDs, much better organization.
That is because only 2 out of the 5 .ly root nameservers are down. The other three will pick up the slack.
Three out of five isn't bad.
I am sure Gaddafi could, at any time, have Libya Telecom & Technology "turn off" the .ly TLD by contacting every root server.
Not sure if/why he'd want to do that, but I think one has to recognize that a TLD in a country run by a dictator is a serious business risk.
I put some comment into your comments so you can comment when you comment.
They should put Quadaffi on "Two and a Half Men" and make Charlie Sheen dictator of Libya.
That'd be cool.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
A few days ago, Comcast stop serving .ly addresses in Chicago for a few hours. Bit.ly told me (via thier Twitter team, who was pretty quick) that it was routing problem with Comcast. I had assumed that some root name servers were down, but at the time, they checked out fine on other ISPs.
I kind of feel like these things might be related, like tinkering with the .ly nameservers to avoid the three in Libya, but I don't know enough about this to ask the right questions. Plausable?
As as aside, while troubleshooting this, bit.ly staff kept sending me shortlinks to solutions that I couldn't load because .ly timed out. Linkrot! Funny/scary.
If I didn't make the correction then someone, probably you, would have made a joke about how I have mirrors in my closets or some stupid shit like that. The one who needs to concentrate on getting a life is the guy that posted a long-winded message about how much it bothers him when people make corrections on their typos.
Loading...
Closest, not closets....
Dude, I'm not the parent.
When I see these pedantic corrections on an internet discussion site, it just hits a nerve with me -
Dude: he was correcting HIS OWN ERROR.
LEARN to read before you try posting.
Sig Battery depleted. Reverting to safe mode.
Heretofore, Libya has been very stable. For about 30 years.
Libya was so stable that our democratically elected president forgot that Libya actually had a constitution, used to hold elections, and he mistook Gaddafi for a legitimate ruler, who only NOW lost his legitimacy due to violence against his own people.
Sig Battery depleted. Reverting to safe mode.
Partial success: Firefox works if I disable proxy, but the Squid I use for caching and ad-blocking doesn't work with decimal-representation IPs.
If you post in a vaguely supportive way about Wikileaks, the law and order jarheads emerge and a robust (but depressing) conversation ensues. Here we have no opposing viewpoint from Qaddafi and his toadies, which removes all the charm from reading /.
Prove anything by multiplying Huge Number times Tiny Number
In other news from Libya protesters where attacked with machine guns and mortars. In know compared to cutting the internet that is minor but just thought I would throw that in. I fear that this one of those cases when I was right and a wished I was wrong. After Egypt I made the comment that I feared that the dictators where learning that they couldn't be just a little evil. Looks like I was right. That and it looks like Regan was right as well. After he had proof that Libya had been behind the terrorist bombing in Germany he ordered a strike. Too bad that SOB Bettino Craxi decided to warn Libya.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
It's not the web host, it's the .ly TLD DNS servers that are having issues. If I had a .ly domain, I would probably be increasing my TTL records to whatever I thought I could get away with. I remember it being something like 2 weeks, before people start ignoring your TTL and using a "sane" default.
http://www.kloth.net/services/dig.php
dig: couldn't get address for 'dns1.lttnet.net': failure
; > DiG 9.3.2 > @localhost bit.ly A +trace ;; global options: printcmd ;; Received 500 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
; (2 servers found)
. 3600000 IN NS C.ROOT-SERVERS.NET.
. 3600000 IN NS D.ROOT-SERVERS.NET.
[snip]
. 3600000 IN NS A.ROOT-SERVERS.NET.
. 3600000 IN NS B.ROOT-SERVERS.NET.
ly. 172800 IN NS dns1.lttnet.net. ;; Received 263 bytes from 192.33.4.12#53(C.ROOT-SERVERS.NET) in 24 ms
ly. 172800 IN NS dns.lttnet.net.
ly. 172800 IN NS ns-ly.ripe.net.
ly. 172800 IN NS auth02.ns.uu.net.
ly. 172800 IN NS phloem.uoregon.edu.
and a second time:
; > DiG 9.3.2 > @localhost bit.ly A +trace ;; global options: printcmd
; (2 servers found)
[snip]
ly. 172800 IN NS phloem.uoregon.edu. ;; Received 263 bytes from 192.203.230.10#53(E.ROOT-SERVERS.NET) in 180 ms
ly. 172800 IN NS ns-ly.ripe.net.
ly. 172800 IN NS dns.lttnet.net.
ly. 172800 IN NS dns1.lttnet.net.
ly. 172800 IN NS auth02.ns.uu.net.
bit.ly. 172800 IN NS ns3.p26.dynect.net. ;; Received 110 bytes from 128.223.32.35#53(phloem.uoregon.edu) in 193 ms
bit.ly. 172800 IN NS ns2.p26.dynect.net.
bit.ly. 172800 IN NS ns4.p26.dynect.net.
bit.ly. 172800 IN NS ns1.p26.dynect.net.
bit.ly. 3600 IN A 168.143.172.53 ;; Received 126 bytes from 208.78.71.26#53(ns3.p26.dynect.net) in 13 ms
bit.ly. 86400 IN NS ns2.p26.dynect.net.
bit.ly. 86400 IN NS ns3.p26.dynect.net.
bit.ly. 86400 IN NS ns1.p26.dynect.net.
bit.ly. 86400 IN NS ns4.p26.dynect.net.
Nope. Google has verified the data. They're getting nothing from Libya. But I suspect that they don't include all .ly root servers in that, since bit.ly is still resolvable. The .ly root nodes that are still working are likely not actually in Libya. Google may understand this and not include traffic to them in their statistics.
The DNS cache will eventually expire without updates from the root. So without Human intervention it should disappear, I don't know if there is a protocol to save the cache in the absence of root or not. But you can manually enter it into your own hosts file.
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
whois lookup for bit.ly is nonresponsive. Just because the SOA records haven't expired means nothing.
Get a web developer
No Internet, cellphones, or any channels. Only the Hostage Citizens Information Service TV. If dozens of countries are so upset, I don't understad why they don't engage in at least a little channel-specific Lies-TV jamming of their own to shut up the fool.
Build your own energy sources from scratch. http://otherpower.com/
Thats better than keeping them in /proc
http://michaelsmith.id.au
Because a country TLD was meant to be used for services run from within that respective country, or directed at that country. .tv for television stuff.
Same goes for all those who abuse
And all those who abuse .com for USA stuff when they should be using .us
http://michaelsmith.id.au
Five? No wonder everyone else is pissed at me.
"Don't be a martyr -- BE THE ONE WHO GOT AWAY!"
I think you're forgetting that Libya does not control the public root. INAIC does, and I somehow suspect the entire ly TLD going dark "because a maniacal dictator said so" wouldn't last terribly long.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
+5 informative.
Loading...
Sure
http://2827988021
Kudos!!!