Open Stack

Sean Dague <sean at dague.net> writes:

> #1) do we believe OFTC is fundamentally better equipped to resist a
> DDOS, or do we just believe they are a smaller target? The ongoing DDOS
> on meetup.com the past 2 weeks is a good indicator that being a smaller
> fish only helps for so long.

After speaking with a Freenode and OFTC staffer, I am informed that OFTC
is generally and currently not the target of DDoS attacks, likely due to
their smaller profile.  If they were subject to such attacks, they would
likely be less prepared to deal with them than Freenode, however, in
that event, they would expect to extend their capabilities to deal with
it, partially borrowing on experience from Freenode.  And finally,
Freenode is attempting to work with sponsors and networks that can help
mitigate the ongoing DDoS attacks.

I agree that this is not a decision to be taken lightly.  I believe that
we can effect the move successfully if we plan it well and execute it
over an appropriate amount of time.  My own primary concern is actually
the loss of network effect.  If you're only on one network, Freenode is
probably the place to be since so many other projects are there.
Nevertheless, I think our project is substantial enough that we can move
with little attrition.

The fact is though that Freenode has had significant service degradation
due to DDoS attacks for quite some time -- the infra team notices this
every time we have to chase down which side of a netsplit our bots ended
up on and try to bring them back.  We also had an entire day recently
(it was a Saturday) where we could not use Freenode at all.

There isn't much we can do about DDoS attacks on Freenode.  If we stay,
we're going to continue to deal with the occasional outage and spend a
significant amount of time chasing bots.  It's clear that Freenode is
better able to deal with attacks than OFTC would be.  However, OFTC
doesn't have to deal with them because they aren't happening; and that's
worth considering.

-Jim