How to avoid DDoSing yourself In the wake of the last month's distributed denial of service (DDoS) attack against Dyn, a DNS management service, Google engineers want to remind application developers that self-harm represents a more realistic risk. Just as US citizens have a greater chance of being crushed by falling furniture than to dying at the hands of …
jitter is best done by applying a random offset, ditto the backoff algorithm. A key part of the Ethernet specification is the random backoff algorithm for packet collisions (for the youngsters, look it up !) to avoid a situation where two stations detect a packet collision, both back off, and then both try again at the same time.
Other than that detail, yes the suggestion is correct - developers (of anything) need to consider the error conditions and how to cope with them.
Both before and during my time at Google. Clearly someone simplified the descriptions of jitter & exponential backoff. But frankly, it sounds like the entire post must have been dumbed down. Merely marking retries will NOT get you out of the thundering herd situation when your server comes back up--and Google has implemented libraries that do what has to be done. Basically, you have to refuse most connections on a client-by-client basis, and increase the number of clients that you serve slowly so as to avoid knocking over your backends. To do THAT, you either need for the clients to detect the problem (which means that you do much more than mere exponential backoff), or to front your backends with servers whose primary job is to reject or forward requests.
Along the lines of, "Well, what the fuck did you THINK would happen?" Netgear hard-coded a few of its router product lines to use the University of Wisconsin - Madison's ("UWM") Stratum 20* time servers as a permanent, single-source time reference. At its peak, junk traffic reached 150 mbits/sec, effectively leaving Netgear routers DDoSing other Netgear routers via a third party, who could only sit back and marvel at the stupidity.
Without explaining why they landed on UWM's NTP servers or, you know, what they were thinking, Netgear sent a $375,000.00 donation to the university.
* An old bedside alarm clock made by General Electric, complete with a paper face backlighted by an orange neon light (I know what you're thinking: oh my god, the technology). Stratum 20 time servers are used by people who really don't give a damn what time it is, including and especially retirees.
Back when Noah was a lad and CORBA was a thing I was tasked to test a pre-production Geographic Information System server. I was given the interface but no documentation ("too difficult to collate"), and instructed to use "dummy values" of the correct types. Finding that I could successfully pass in a null string on one query, I tried it a few times with success: then I wrote a bit of Java to run it multi-threaded. That's when we found out that a null street address (as it was now revealed to be) in the address query (ditto) caused the system to alphabetize every street in the UK and return the list to the client. Server and network became unhappy immediately, tech team shortly afterwards. And yours truly was suddenly supplied with the documentation!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
