In this update we'll provide a timeline of the DDoS of today:
08:55 - Initial traffic spikes are detected.
09:05 - The uplink of our infrastructure was overloaded a few times for brief moments. We see spikes of around 100Gb/s. These spikes are too short to trigger the automated mitigations. Because the uplink itself is being overloaded multiple servers are experiencing packet loss.
09:07 - The overload of the uplink has ended but we're still seeing a lot of traffic, around 800Mb/s. We're investigating the nature of this traffic to determine if it's malicious or not.
09:37 - Another short traffic spike causing a brief overload on the uplink.
10:48 - After consulting with our datacenter partner we've deemed the traffic to be malicious and mitigation is started.
11:05 - Initial mitigation is in place and seems to reduce the traffic significantly.
13:54 - One of our subnets becomes unreachable. Multiple customers are affected by this outage. Together with our datacenter partner an investigation into this outage is started.
14:00 - Our datacenter partner disables part of our mitigation and the traffic to the unreachable subnet recovers. Unfortunately we see the uplink being overloaded as a side-effect resulting in packet loss.
14:15 - Focused mitigations are deployed to subside parts of the ongoing attack. We then see a drop in traffic on the uplink and as a result the packet loss is resolved.
14:20 - Further mitigations are deployed which targets the remainder of the malicious traffic.
16:00 - Since the mitigations of 14:20 no new attacks have been detected and the DDoS issue is deemed resolved.
Posted Apr 11, 2024 - 16:02 CEST
Monitoring
Since this morning (08:57) we're noticing several DDoS attempts on our infrastructure in Ede and these have a volume of around 100Gb/s.
We're actively mitigating the attacks, however packet loss can occur during this process as we need to adjust our mitigation to the changing patterns of the attack.
Posted Apr 11, 2024 - 14:20 CEST
This incident affected: Network Connectivity (Internet Uplink - BIT, Ede).