iNow Posted November 17, 2013 Author Posted November 17, 2013 The problem is back, and it's REALLY bad again. It took me nearly 10 minutes (yes, minutes... not seconds) just to navigate to this thread and make this post. I'm about to submit this post and suspect it will take another minute or two to complete the transaction.
hypervalent_iodine Posted November 17, 2013 Posted November 17, 2013 The problem is back, and it's REALLY bad again. It took me nearly 10 minutes (yes, minutes... not seconds) just to navigate to this thread and make this post. I'm about to submit this post and suspect it will take another minute or two to complete the transaction. I brought this up in the staff thread we have going a few days ago. Word on the street is that load time is slowly creeping back up, but it's especially bad at this time of the morning (US time) while the servers are doing their daily back up. Edit: At last check I think Cap'n was going to look into it when he had a spare moment. Apparently grad school is time consuming. Psht.
EdEarl Posted November 17, 2013 Posted November 17, 2013 The problem is back, and it's REALLY bad again. It took me nearly 10 minutes (yes, minutes... not seconds) just to navigate to this thread and make this post. I'm about to submit this post and suspect it will take another minute or two to complete the transaction. I am finding response times variable for the past few days. Sometimes response is fast and sometimes very slow as iNow said.
Unity+ Posted November 17, 2013 Posted November 17, 2013 Is this server trouble due to just the server lagging a bit or is it because of too many packets coming into the server?
DevilSolution Posted November 17, 2013 Posted November 17, 2013 Just so your aware, ddos isnt the only way to bring a site down, if you edit your packet you can request a callback from the server but extend the time to like 500ms and delete the return to sender ip, if you spam enough of those kinds of packets the server will hold onto them for the full half a second and then throw them out. Basically clogging up your server with long requests rather than instant you dont need a botnet to grind a server down. You can fine tune this in the config files on the server though, i only know the theoretical side of this type of attack. Regards. (i think the packets are udp, if this helps)
Unity+ Posted November 17, 2013 Posted November 17, 2013 Just so your aware, ddos isnt the only way to bring a site down, if you edit your packet you can request a callback from the server but extend the time to like 500ms and delete the return to sender ip, if you spam enough of those kinds of packets the server will hold onto them for the full half a second and then throw them out. Basically clogging up your server with long requests rather than instant you dont need a botnet to grind a server down. You can fine tune this in the config files on the server though, i only know the theoretical side of this type of attack. Regards. (i think the packets are udp, if this helps) I know that, but most of the time it is a DDOS attack. I deal with them all the time when running Minecraft servers.
iNow Posted November 17, 2013 Author Posted November 17, 2013 (edited) While I'm sure he appreciates the attempts to help by speculating with ideas, Cap'n is more than capable of helping with this on his own. The risk is that he's not around. He's the single point of failure, the bottleneck in improving the situation, and there really isn't anyone else on the site staff who's able to back him up when he's otherwise occupied with his studies. Until he comes back to help, we're all just going to have to suffer through this for a while, IMO. EDIT: I recognize that blike can back him up, too, but he's not around either so... Edited November 17, 2013 by iNow
Unity+ Posted November 17, 2013 Posted November 17, 2013 (edited) He's the single point of failure... Now, should we get so harsh one someone who runs the site on his own will? Or am I reading this comment in the wrong way? Edited November 17, 2013 by Unity+
Cap'n Refsmmat Posted November 17, 2013 Posted November 17, 2013 Just so your aware, ddos isnt the only way to bring a site down, if you edit your packet you can request a callback from the server but extend the time to like 500ms and delete the return to sender ip, if you spam enough of those kinds of packets the server will hold onto them for the full half a second and then throw them out. Basically clogging up your server with long requests rather than instant you dont need a botnet to grind a server down. You can fine tune this in the config files on the server though, i only know the theoretical side of this type of attack. Regards. (i think the packets are udp, if this helps) I presume you're talking about Slowloris. We're much less vulnerable to it because we use lighttpd, which doesn't mind having loads of concurrent connections. As for the slowness, it may be the same problem as last time -- another website running on the server has a database table which has grown excessively large, and it tries querying it regularly, slowing the server to a crawl as it sorts through a couple million rows to find the right one. We'll try to fix this and hopefully implement a permanent solution. 2
Unity+ Posted November 17, 2013 Posted November 17, 2013 (edited) I presume you're talking about Slowloris. We're much less vulnerable to it because we use lighttpd, which doesn't mind having loads of concurrent connections. As for the slowness, it may be the same problem as last time -- another website running on the server has a database table which has grown excessively large, and it tries querying it regularly, slowing the server to a crawl as it sorts through a couple million rows to find the right one. We'll try to fix this and hopefully implement a permanent solution. While I'm sure he appreciates the attempts to help by speculating with ideas Is this server trouble due to just the server lagging Well, I was at least partially right. EDIT: This is presuming that he is also right about what is wrong with the server. Edited November 17, 2013 by Unity+
iNow Posted November 17, 2013 Author Posted November 17, 2013 We'll try to fix this and hopefully implement a permanent solution. Thanks. Appreciate it.
DevilSolution Posted November 17, 2013 Posted November 17, 2013 I know that, but most of the time it is a DDOS attack. I deal with them all the time when running Minecraft servers. You can draw a map of the requests you receive. ICMP are common but page requests, when not dealt with sufficeintly, can single handedly bring down a server. I'm only offering another suggestion to check.
Unity+ Posted November 17, 2013 Posted November 17, 2013 You can draw a map of the requests you receive. ICMP are common but page requests, when not dealt with sufficeintly, can single handedly bring down a server. I'm only offering another suggestion to check. I know, I am just saying that most of the time it is a DDOS attack, but there are other possibilities. How does the server feel now? It seems to running faster now. Thanks.
Cap'n Refsmmat Posted November 17, 2013 Posted November 17, 2013 I've never seen a DDoS on SFN, though I have seen a couple unintentional DoSes from poorly coded bots that hammered the server with multiple requests per second until I had it drop their packets. It's pretty easy to tell if there's a DDoS -- I have graphs of all traffic that goes across the network interface.
studiot Posted November 17, 2013 Posted November 17, 2013 I can tell you that between 0811 to 0817 GMT (London time) every morning SF is offline in my neck of the woods. If I have made my tea before 0811 then it starts and suddenly freezez at 0811 and comes back on after I've had breakfast at around 0840. On Wednesday this week it was offline for about one and a half hours at that time.
iNow Posted November 17, 2013 Author Posted November 17, 2013 How does the server feel now?The way it should. Significantly improved. Thank you.
Cap'n Refsmmat Posted November 17, 2013 Posted November 17, 2013 I can tell you that between 0811 to 0817 GMT (London time) every morning SF is offline in my neck of the woods. If I have made my tea before 0811 then it starts and suddenly freezez at 0811 and comes back on after I've had breakfast at around 0840. On Wednesday this week it was offline for about one and a half hours at that time. That's probably when the system is saving database backups. We tried to pick the time with the fewest visitors, but a few people are bound to suffer through it.
studiot Posted November 17, 2013 Posted November 17, 2013 Yeah I aways get the short end of the stick.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now