Join 3,512 readers in helping fund MetaFilter (Hide)


October 23, 2002
1:26 AM   Subscribe

I generally give little thought to how the Internet works, as long as it does work. Well, on Monday, 9 of the 13 "root servers" that manage traffic on the Internet were hit with a denial of service attack for about an hour. You can see the spike in traffic on one of the servers in this graph. All this made me think about the fragility of the Internet and what I would do with myself if the Internet got knocked out, say, for a matter of days. Maybe I would finally learn to cook something besides pasta... What would you do?
posted by epimorph (37 comments total)

 
I would learn how to make pancakes!
posted by Dennis Murphy at 1:45 AM on October 23, 2002


If root servers are so important to the proper operation of the entire internet, then why aren't there more of them? (A silly, obvious question, perhaps, but I figure it needed to be asked.)
posted by monosyllabic at 1:50 AM on October 23, 2002


I would worry about the company I work for. With every day that passes (and line of code that I write), the company relies more and more on the internet to access centralised systems from all around the world. I guess I'd fear for my job if the net was out for more than a few days. But that won't ever happen. Right?
posted by chill at 1:51 AM on October 23, 2002


I soooooooo want a root server all of my own! How much are they going for these days?

*ducks*
posted by MiguelCardoso at 1:58 AM on October 23, 2002


Yeah, pancakes!
posted by Dan Brilliant at 2:03 AM on October 23, 2002


Can anyone explain what these servers do ? From the info I found, they appear to be 'phone books' of the internet. What would happen when all of them crash ? I will start writing down IP - addresses, just in case...
posted by swordfishtrombones at 2:09 AM on October 23, 2002


Perhaps this article from CNET might help a few people.

The internet (and its DNS information) seems to be distributed so broadly that the root servers would have to be down for an extended period before it became truly noticeable.
posted by saintsguy at 2:14 AM on October 23, 2002


The root servers translate the domain portion of the URL you type into your browser (the DNS, e.g. www.metafilter.com) into an IP address, so that the correct server can be found. These records get filtered to secondary servers all around the world and cached in proxy servers, so it may be that you will still be able to access any web sites in the event of failure. If your computer is unable to resolve the DNS, you may still be able to access a web site using the IP address. However, some web sites share an IP address (i.e. they are on the same physical server), and rely on you having typed in the domain name in order to determine which web site you want to view e.g. www.metafilter.com and metatalk.metafiler.com.
posted by chill at 2:21 AM on October 23, 2002


Does it strike anyone else as amusing in a reflexive klein-bottle-y kind of way that whoever was doing the attacking has been using the internet to knock out...the internet?
posted by stavrosthewonderchicken at 2:23 AM on October 23, 2002


That is amusing Stavros and, in that line, makes me wonder how it can even be done. Furthermore, epimorph better go out and buy some cookbooks instead of using such things as epicurious or marmiton.

For those pancakes, I find the key is melted butter. See the latest edition of the joy of cooking.
posted by Dick Paris at 2:40 AM on October 23, 2002


I made some delicious blueberry muffins yesterday from an Internet recipe. They were good.

I can just see the hordes descending on counselors and mental health workers as they seek relief from TMWS (Traumatic Metafilter Withdrawal Syndrome)
posted by konolia at 3:24 AM on October 23, 2002


Thanks for the link to that graph, epimorph. Illustrates far better than the news articles. What it also shows is that for all the entertainment industry's talk about the problems of cyberspace (and their 'villains' are pretty easy to track if you know what you're doing - just head to some nfo or fxp boards to make a start), this is the stuff that's really worrying. And no one seems to have any clue who's doing it yet... Someone, or a few people, locked away in some secure irc channels will be moving and distributing these bots on computers around the globe and then bam, the attack starts.
posted by humuhumu at 3:40 AM on October 23, 2002


Oh, and learn to cook soup as well as pasta. Nothing is easier to do, and nothing is better than some good homemade soup on a cold day. Main recommendations: sweet potato soup (aforemention potatos, some carrots, stock) or the gorgeous pumpkin soup (basically, some pumpkin slowly cooked in butter, then add some milk once its mushy). Gorgeous...
posted by humuhumu at 3:42 AM on October 23, 2002


Here's the Relevant Slashdot thread. (ot: And holy smoly, Slashdot's gotten really bad since I left it a year ago)
posted by Stan Chin at 4:03 AM on October 23, 2002


Note that the internet is still fully functional, the only thing that got knocked out is DNS. If all DNS servers were knocked out, you could still access www.metafilter.com except you'd have to use 209.10.108.210. Which, as mentioned before, is a nuisance to sites sharing an IP, but the actual network is still fully functional.
posted by PenDevil at 4:06 AM on October 23, 2002


afaik, if you're running linux then you could use "bind" to implement a local dns cache. that way you're guaranteed to have access to sites that you use regularly.

liquidisers (blenders in the usa?) are great for making soup quickly. pumpkin and almost any other veg (broccoli, for example) makes great soup. sour cream also helps (best added just before serving). a little fresh chillie is also good (if you add too much keep cooking - the heat dies away with time). and what is there to learn in cooking pasta?!

oh, and afterslash is the best way to read slashdot.
posted by andrew cooke at 4:07 AM on October 23, 2002


I guess having a few days away from the internet won't hurt, unless it translates to an increased cell phone bill or you should find yourself suffering from some form of withdrawal symptons . In which case, you may want to seek out the Internet Addiction Support Group or like this article " Bringing Online and Offline Living Together " suggests, you can meet your online friends offline. Or you can learn to cook. :-)
posted by taratan at 4:08 AM on October 23, 2002


stop COLLECTING porn and begin USING it.
posted by quonsar at 4:18 AM on October 23, 2002


stop COLLECTING porn and begin USING it.

"I built an igloo out of porn, and it keeps my family warm all winter!"

"I've squeezed all the oil out of my porn, and use it as an alternative fuel for my SUV!"

"I use porn as teaching aid in my inner-city classroom, and the kids are responding like never before!"
posted by stavrosthewonderchicken at 4:32 AM on October 23, 2002


OT, this thread has inspired a coupla taglines i gotta share.

Metafilter - Using the internet to make pancakes.
Metafilter - Using the internet against itself.
Metafilter - All the internet you can handle.
posted by pekar wood at 4:42 AM on October 23, 2002


If the root servers really were down for an extended period, the major ISPs could simply rely on their cached DNS servers for an extended time, and the downstream ISPs would rely on them -- as they already do. (And non-trivial companies would rely on their own, internal DNS servers.) It wouldn't be disastrous, just difficult. There aren't "more" root servers for the simple reason that a pyramid has to have a point. ("Not to overintellectualize this, but there has to be a Last Muffin.") The main reason there are 9 is redundancy, of course, but also because they have different input streams around the world, which they then share with each other.

There are worries about DNS hacking; the basic infrastructure is heavily reliant on implicit trust. But this example of a distributed denial-of-service attack does show that there may be good reason to require individual PCs on the net to meet basic standards of security. Most of the attacks probably came from always-on cable-modem PCs whose owners still have no idea their computer was compromised.
posted by dhartung at 4:43 AM on October 23, 2002


But this example of a distributed denial-of-service attack does show that there may be good reason to require individual PCs on the net to meet basic standards of security.

a la Steve Gibson's possibly relevant, possibly slightly out-there rantings about WindowsXP raw sockets.
posted by stavrosthewonderchicken at 4:47 AM on October 23, 2002


I'm bookmarking this thread so that if the Internet does become unusable for an extended period of time I'll have a source of things to do.
posted by DBAPaul at 5:15 AM on October 23, 2002


From the C|Net article:
1. Requests only rarely consult the root servers.
2.The "F" server responds to more than 270 million domain-name service queries each day, according to its site.

It seems this dude has a different concept of 'rare' than I do.

And, if I remember, you can technically run your own name server on your computer and have it be the first lookup point, so all the sites you want to be able to access could still be accessible. Plus, you could probably just mess around with your hosts file on linux or Win2k to keep track of a few of your favourites. (The reverse of how you can use it to block banner ads.)
posted by Fabulon7 at 5:47 AM on October 23, 2002


It seems this dude has a different concept of 'rare' than I do.

270 million is a pretty small number when you consider that EVERY time a request is made over the internet (http requests, ftp, etc) a DNS lookup is done. DNS works because it uses caching. If every DNS lookup had to go through the root servers it just wouldn't be feasible.
posted by turacma at 6:06 AM on October 23, 2002


I tried this recipe twice, and the second time I did not have enough chicken broth (about half what's needed), so I cooked two chicken breasts, shredded them and put them in the soup along with the cooking juices and fat. It was so much yummier than the original...
posted by titboy at 7:03 AM on October 23, 2002


Maps of the Internet (the backbone's connected to the rootserver, the rootserver's connected to the...)
posted by Frank Grimes at 7:58 AM on October 23, 2002


well, i just installed + configured dnscache. the default config calls (one of, randomly) the 13 root servers directly, although i changed it to go through the servers provided by my isp. anyway, if that configuration is normal then it looks like the hierarchy is pretty shallow, with just three levels:
- normal machines that connect to caches at the isp
- isp caches that connect to the root servers
- root servers
posted by andrew cooke at 7:59 AM on October 23, 2002


Maps of the Internet (the backbone's connected to the rootserver, the rootserver's connected to the...)
posted by Frank Grimes at 7:58 AM PST on October 23


Exactly one year ago......spooky.
posted by saintsguy at 8:05 AM on October 23, 2002


I'm bookmarking this thread so that if the Internet does become unusable for an extended period of time I'll have a source of things to do.

Just remember, Paul, to bookmark http://209.10.108.210/mefi/21008 or you're screwed :P

DNS Hackery and Chicken Broth in one thread. Where else?
posted by armoured-ant at 8:07 AM on October 23, 2002


all this information makes my head hurt. I prefer to think that the internet operates via magickal spells cast by technopagans at the druid rings of the 21st century: cybercafes.
posted by tolkhan at 8:37 AM on October 23, 2002


God, I'm such a geek, so I just have to take a shot at this.

You tell your computer;

"Bring me www.metafilter.com"

Machines find each other by IP address, not names, so your computer queries your local domain name server;

"What IP address is associated with www.metafilter.com?"

If the domain name server doesn't have the answer already cached, your domain name server sends a query to a root server;

"What information can you tell me about the domain metafilter.com?"

A root server will tell your domain name server the IP addresses of machines that store the information associated with the domain metafilter.com;

"The information I have claims that 67.119.7.91(and three other machines for redundancy) store the information you are seeking about the domain metafilter.com."

Your domain name server then queries 67.119.7.91(or one of the three other machines listed as authoritative for metafilter.com);

"What is the IP address for www.metafilter.com?"

67.119.7.91 replies;

"209.10.108.201"

Your domain name server can now answer your computer's initial query, and all is blue. Your domain name server then caches that information for an amount of time specified by whoever configured the metafilter.com domain(looks to be 24 hours for metafilter.com). It won't have to query the root servers about metafilter.com for that time that it's cached, reducing the load on the root servers.

Root servers do not store name information on all machines on the internet, they just store where you can get name information on any machine on the internet. It's really all rather meta, actually.

And I'm willing to bet that all I did was just confuse a bunch of innocent bystanders that weren't interested in the first place. Forgive me, I can't help myself.
posted by dglynn at 8:53 AM on October 23, 2002


dglynn: Actually, as an innocent bystander I found that very helpful. Thanks.
posted by languagehat at 9:39 AM on October 23, 2002


dglynn : you did well. now i can close up HowStuffWorks (which btw if you search for root server on the site, it will also get you "What is Root Beer ?") *grin*
posted by taratan at 9:39 AM on October 23, 2002


I would get day-sweats if the internet went down.
posted by stbalbach at 9:47 AM on October 23, 2002


root server... sounds like the punch-line to a stupid joke, i.e. What do you call a prostitute frequented by computer geeks?

OK soup. You want delicious? Simmer 3 or 4 cut-up and de-seeded golden bell peppers in chicken broth until tender. Pass through a blender with a quarter cup of roasted pine nuts. Hmmmm, like liquid butter.

You want easy, cheap, nutritious, filling and low fat? Try Mexican Soup From Cans:

1 can of chicken broth
1 can of refried beans
1 can of black beans
1 can of corn
As much salsa as you want

Heat everything together. Want to make it special? Add melted cheese and broken-up tortilla chips to the top.
posted by Secret Life of Gravy at 5:15 PM on October 23, 2002


Thank you for all those recipes, I might just give them a try. I knew that MeFi was good for something!
posted by epimorph at 6:05 PM on October 23, 2002


« Older a flash rubik's cube....  |  President Bush is in fact doin... Newer »


This thread has been archived and is closed to new comments