Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Seems to be DNS related.

None of the listed facebook nameservers are resolvable or reachable:

a.ns.facebook.com b.ns.facebook.com c.ns.facebook.com d.ns.facebook.com



Looks like the routing is goofed. Loops over and over - DDoS attacking themselves.

mtr -r -c10 -w -b a.ns.facebook.com Start: 2021-10-04T10:02:50-0600 Loss% Snt Last Avg Best Wrst StDev

...

  4.|-- ae-2-rur101.cosprings.co.denver.comcast.net (162.151.51.125)         0.0%    10   12.6  11.9   9.6  19.0   2.9 

  5.|-- 24.124.155.233                                                       0.0%    10    9.3  10.2   9.1  12.4   1.1 

  6.|-- 96.216.22.45                                                         0.0%    10   12.0  14.0  11.6  31.3   6.1
  7.|-- be-36041-cs04.1601milehigh.co.ibone.comcast.net (96.110.43.253)     20.0%    10   14.6  13.5  11.6  20.5   3.0
  8.|-- be-3402-pe02.910fifteenth.co.ibone.comcast.net (96.110.38.126)       0.0%    10   12.2  12.0  11.5  13.2   0.5
  9.|-- 173.167.59.170                                                       0.0%    10   13.8  17.8  12.0  34.7   8.4
 10.|-- 129.134.40.74                                                        0.0%    10   15.3  12.6  11.4  15.3   1.1
 11.|-- 129.134.43.226                                                       0.0%    10   18.9  15.3  12.6  20.3   3.0
 12.|-- 129.134.98.166                                                       0.0%    10   12.5  14.2  12.5  20.4   2.3
 13.|-- 129.134.54.61                                                        0.0%    10   34.2  30.8  28.9  34.2   1.8
 14.|-- 129.134.53.61                                                        0.0%    10   29.8  31.1  28.9  36.5   2.7
 15.|-- 129.134.53.61                                                       90.0%    10   31.9  31.9  31.9  31.9   0.0


Same issue over at b.ns.facebook.com Looping routing creating self-inflicted DDoS

mtr -r -c10 -n b.ns.facebook.com

Start: 2021-10-04T10:28:03-0600 Loss% Snt Last Avg Best Wrst StDev

  1.|-- 192.168.1.1                0.0%    10    0.2   0.2   0.2   0.3   0.0 

  2.|-- 96.120.12.229              0.0%    10   10.2  10.8   8.8  15.7   1.9 

  3.|-- 96.110.149.185             0.0%    10   17.7  13.6   9.8  32.3   7.0 

  4.|-- 162.151.51.125             0.0%    10   10.9  12.2   9.6  15.3   1.9 

  5.|-- 24.124.155.233             0.0%    10   13.0  10.4   9.4  13.0   1.2 

  6.|-- 96.216.22.45               0.0%    10   16.5  16.7  11.2  29.1   6.4 

  7.|-- 96.110.43.241              0.0%    10   17.4  13.6  11.9  17.4   1.6 

  8.|-- 96.110.38.114              0.0%    10   12.5  12.8  12.0  14.0   0.6 

  9.|-- 173.167.59.170             0.0%    10   36.1  19.3  11.6  36.1   9.7 

 10.|-- 129.134.40.76              0.0%    10   13.1  12.3  11.3  13.1   0.6 

 11.|-- 129.134.34.72              0.0%    10   15.3  15.7  13.5  21.3   2.5 

 12.|-- 129.134.102.85             0.0%    10   39.0  39.2  38.0  40.8   1.0 

 13.|-- 31.13.25.13                0.0%    10   30.5  29.8  28.5  31.0   0.9 

 14.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0 

 15.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0 

 16.|-- 31.13.25.13               90.0%    10   30.2  30.2  30.2  30.2   0.0
On a side note... why is it so freaking hard to format line breaks in HN?


In the beginning it responded but gave server errors.


Which seems to indicate a massive infrastructure failure.


Actually I'd argue that the biggest problem would be to wait for the TTL to expire after you've fixed the problem.


The TTL was most likely very low, so I don't see that as being an issue.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: