Synthetic Monitoring

Simulate visitor interaction with your site to monitor the end user experience.

View Product Info

FEATURES

Simulate visitor interaction

Identify bottlenecks and speed up your website.

Learn More

Real User Monitoring

Enhance your site performance with data from actual site visitors

View Product Info

FEATURES

Real user insights in real time

Know how your site or web app is performing with real user insights

Learn More

Infrastructure Monitoring Powered by SolarWinds AppOptics

Instant visibility into servers, virtual hosts, and containerized environments

View Infrastructure Monitoring Info
Comprehensive set of turnkey infrastructure integrations

Including dozens of AWS and Azure services, container orchestrations like Docker and Kubernetes, and more 

Learn More

Application Performance Monitoring Powered by SolarWinds AppOptics

Comprehensive, full-stack visibility, and troubleshooting

View Application Performance Monitoring Info
Complete visibility into application issues

Pinpoint the root cause down to a poor-performing line of code

Learn More

Log Management and Analytics Powered by SolarWinds Loggly

Integrated, cost-effective, hosted, and scalable full-stack, multi-source log management

 View Log Management and Analytics Info
Collect, search, and analyze log data

Quickly jump into the relevant logs to accelerate troubleshooting

Learn More

How the Internet could come to a stop

Last week there was an attempt to attack and bring down the DNS root nameservers of the Internet with a large-scale distributed denial-of-service (DDoS) attack. The attack caused major problems for at least one of the 13 root nameservers (ironically the one maintained by the U.S. Department of Defense.)

This is not the first time the root nameservers have been under attack. In October 2002, a smaller attack had a much more noticeable effect, with some sources claiming that as many as two thirds of the root nameservers were affected and the whole Internet actually slowed down significantly.

This leads to some important questions: What would happen if an attack on the root nameservers is successful, and why are they so hard to bring down?

The effect of the DDoS attack on the U.S. Department of Defense G root nameserver.
Image: Graph from from RIPE NCC showing the effect of the DDoS attack on the U.S. Department of Defense G root nameserver.

What would happen if all root nameservers stopped working?
An attack on the root nameservers is essentially an attack on the entire Internet since they are necessary for the DNS to function properly. Hypothetically, if all root nameservers stopped working, DNS lookups would gradually start failing. Local DNS servers only cache domain name information for a certain time before they need to contact the root nameservers again.

Within minutes – Some DNS lookups would start failing.
After an hour – A significant number of DNS lookups would be failing.
After a day – Most DNS lookups would be failing.

What happens when DNS lookups stop working? Surfing the Web won’t work anymore. Sending email won’t work anymore. Everything that uses domain names breaks (which means almost everything). You could technically access the Internet, but only using IP addresses. But how would you normally find those IP addresses? Answer: Via the DNS…

It should be pointed out that it’s extremely unlikely that all root nameservers would fail at the same time. Some would say that with the current setup it’s impossible. Which leads us to…

Why are the root nameservers so hard to bring down?
Back in 2002 there were 13 root nameserver locations in four countries. The attack that year made it obvious that wasn’t enough, so since then the number of server locations has been increased significantly. Though the DNS protocol only allows for 13 actual root nameserver addresses, six of these now use a routing protocol called anycast to distribute requests to a large number of different locations. Currently there are 123 globally distributed root nameserver locations. (An up-to-date list can be found at www.root-servers.org.)

This decentralization of the root nameservers has made them very hard to attack even with a large-scale distributed attack such as the one from last week since any attack is automatically diluted and spread out over many locations. One reason the U.S. DoD root nameserver was affected by the latest attack was because it doesn’t use anycast, so the entire attack on it went to one single location.

Decentralization has always been central (no pun intended) to the workings of the Internet. It even extends to the software and hardware used by the different entities managing the root nameservers. Since a large variety of operating systems, DNS software, and hardware configurations are used, this has basically removed the risk of any one hardware or software bug affecting all root nameservers at once.

Is it safe?
The failure of this latest attack proves that the root nameservers themselves are an extremely hard target to bring down. That said, there is still a risk that someone, somewhere, will figure out a way to effectively attack and crash them all or at least cause considerable damage. It’s the punch you don’t see coming that knocks you out.

SolarWinds Observability SaaS now offers synthetic transaction monitoring

Powerful transaction monitoring now complements the availability and real user [...]

Exit Rate vs Bounce Rate – Which One You Should Improve and Why

Tracking your website’s exit and bounce rates will give you insight into how [...]

Introduction to Observability

These days, systems and applications evolve at a rapid pace. This makes analyzi [...]

Webpages Are Getting Larger Every Year, and Here’s Why it Matters

Last updated: February 29, 2024 Average size of a webpage matters because it [...]

A Beginner’s Guide to Using CDNs

Last updated: February 28, 2024 Websites have become larger and more complex [...]

Monitor your website’s uptime and performance

With Pingdom's website monitoring you are always the first to know when your site is in trouble, and as a result you are making the Internet faster and more reliable. Nice, huh?

START YOUR FREE 30-DAY TRIAL

MONITOR YOUR WEB APPLICATION PERFORMANCE

Gain availability and performance insights with Pingdom – a comprehensive web application performance and digital experience monitoring tool.

START YOUR FREE 30-DAY TRIAL
Start monitoring for free