[openstack-dev] Proposal to move from Freenode to OFTC
Jay S Bryant
jsbryant at us.ibm.com
Tue Mar 4 23:43:40 UTC 2014
From: Brian Cline <brian at linux.vnet.ibm.com>
To: openstack-dev at lists.openstack.org,
Date: 03/04/2014 12:29 PM
Subject: Re: [openstack-dev] Proposal to move from Freenode to OFTC
On 03/04/2014 05:01 AM, Thierry Carrez wrote:
> James E. Blair wrote:
>> Freenode has been having a rough time lately due to a series of DDoS
>> attacks which have been increasingly disruptive to collaboration.
>> Fortunately there's an alternative.
>> OFTC <URL:http://www.oftc.net/> is a robust and established alternative
>> to Freenode. It is a smaller network whose mission statement makes it
>> less attractive target. It's significantly more stable than Freenode
>> and has friendly and responsive operators. The infrastructure team has
>> been exploring this area and we think OpenStack should move to using
> There is quite a bit of literature out there pointing to Freenode, like
> presentation slides from old conferences. We should expect people to
> continue to join Freenode's channels forever. I don't think staying a
> few weeks on those channels to redirect misled people will be nearly
> enough. Could we have a longer plan ? Like advertisement bots that would
> advise every n hours to join the right servers ?
>> 1) Create an irc.openstack.org CNAME record that points to
>> chat.freenode.net. Update instructions to suggest users configure
>> clients to use that alias.
> I'm not sure that helps. The people who would get (and react to) the DNS
> announcement are likely using proxies anyway, which you'll have to
> unplug manually from Freenode on switch day. The vast majority of users
> will just miss the announcement. So I'd rather just make a lot of noise
> on switch day :)
> Finally, I second Sean's question on OFTC's stability. As bad as
> Freenode is hit by DoS, they have experience handling this, mitigation
> procedures in place, sponsors lined up to help, so damage ends up
> *relatively* limited. If OFTC raises profile and becomes a target, are
> we confident they would mitigate DoS as well as Freenode does ? Or would
> they just disappear from the map completely ? I fear that we are trading
> a known evil for some unknown here.
> In all cases I would target post-release for the transition, maybe even
Indeed, I can't help but feel like the large amount of effort involved
in changing networks is a bit of a riverboat gamble. DDoS has been an
unfortunate reality for every well-known/trusted/stable IRC network for
the last 15-20 years, and running from it rather than planning for it is
usually a futile effort. It feels like we'd be chasing our tails trying
to find a place where DDoS couldn't cause serious disruption; even then
it's still not a sure thing. I would hate to see everyone's efforts to
have been in vain once the same problem occurs there.
brian at linux.vnet.ibm.com
+1 I have not seen this as a frequent problem. I have been aware of it
seems a bit excessive to move to a possibly less equipped provider.
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev