Re: "....big names including GitHub, Twitter, Reddit, Netflix, AirBnb ...."
For me it took out our company's website. Even the euro hosted version. The dyn servers in europe were hit hard too as my monitoring for europe website originates at only european locations.
Add to that our external notification system pager duty was hit hard too and unable to function. Was getting a lot of calls from them (automated) with no content others said they just heard the message "applocation error"
West coast US dyn was hit as i wqs quering west coast servers for pager duty dns but got no response.
Users couldn't login to datacenter vpn because well dns was out. I happened to be physically on site (one of two trips per year). Our chat app is slack and maybe coincidence but could not login to slack on my computer from our data center for 30mins it just hung with no error message.
Management is considering adding a 2nd dns provider I told them obviously if we do that than a 2nd CDN provider is needed and would be a good idea to have a 2nd external monitoring provider as well. All comes down to costs.
Dyn's track record is practically flawless over the past 15 years(I've been an enterprise dyn customer for 7 of those). They know what they are doing. Myself anyway has to cut them some slack. They do have a 15 second SLA though ddos may be an exception to it.
It's also obvious they will be doing tweaks to their strategy to help combat this better in the future, and obvious not to expect this can't happen again. Other than IoT botnets it's impressive to me dyn has lasted thisnlong without serious outages. Amazon became a dyn customer roughly 6 years ago after a massive ddos on ultra dns. (They still use both today though there are more dyn servers in their whois record than ultradns when I looked yesterday )
Fortunately at the end of the day the attack was little more than an annoyance for me personally. I am more facinated by the scale of this attack than anything else.
All in all dyn responded quite well. I have been involved in outages that have stretched more than 30 hours (and being awake on it the whole time). So I have battle scars and a few hrs of disruption doesn't make me blink anymore.
My org was involved in collateral damage from another round of ddos that targeted internap earlier in the year. That took probably 2 weeks before it was completely dealt with? That too was by far the biggest ddos impact i had seen from internap (who has a 100%uptime sla though ddos not covered) in being a customer for 10 years.