Build & maintain complex distributed systems
October 1–2, 2017: Training
October 2–4, 2017: Tutorials & Conference
New York, NY

The phone book is on fire: Lessons from the Dyn DNS DDoS attack

Lex Neva (Heroku)
3:50pm4:30pm Wednesday, October 4, 2017
Resilience Engineering
Location: Gramercy Level: Intermediate
Average rating: ****.
(4.50, 4 ratings)

Who is this presentation for?

  • System administrators, systems engineers, SREs, networking engineers, and technical managers

Prerequisite knowledge

  • A basic understanding of DNS concepts

What you'll learn

  • Learn how to set up redundant nameservers correctly
  • Understand how DNS works and how to find the correct answer to tricky technical questions when no one else knows

Description

When the DDoS attack crushed Dyn last October, did your DNS fail? Heroku’s sure did. In response, Lex Neva deep dove into everything DNS to learn how to implement resilient DNS properly—reading RFCs, asking questions of pros, and performing real-world experiments when no one knew the answers. Join Lex to find out what does work and all the crazy details of DNS that he uncovered.

Opinions on how to react to a DDoS against your nameservers vastly differ. Some companies lowered the TTL for their in-zone NS records to make it easier to add a new nameserver in a crisis. Lex shares empirical proof that this doesn’t work.

Adding a redundant DNS server in advance is a good solution, but it can be much harder than it sounds. What can you do if your DNS records are heavily dynamic and your provider doesn’t offer AXFR support? Lex walks you through the options.

Even if you’re a seasoned DNS pro, you’ll be surprised by what you learn.

Photo of Lex Neva

Lex Neva

Heroku

Lex Neva is a site reliability engineer at Heroku. Lex originally trained in computer science, but he found that he most enjoyed applying his software engineering skills to operations. Previously, he kept large services running at Linden Lab’s Second Life and DeviantArt.com. A veteran of many large incidents, Lex has strong opinions on incident response, retrospectives, on-call sustainability, and good development and release processes.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)

Comments

Picture of Lex Neva
Lex Neva | SRE
06/28/2017 6:53am EDT

I intend to allow recording of this session.

Picture of André Morrow
André Morrow | SPEAKER MANAGER
06/09/2017 8:01am EDT

Sessions are included in the conference’s video compilation if the speaker allows. We will not be able to confirm that this talk will be included until just after Velocity NY.

zeroBS GmbH Germaine Adelt |
06/08/2017 11:05pm EDT

is there / willl there be a recording of that event?