- GoDaddy experienced a 6-hour outage in September 2012 that brought down 45 million websites registered through GoDaddy. This was caused by internal network events that corrupted router data tables, not by an external attack. - DNS (Domain Name System) is crucial infrastructure that translates human-readable domain names to IP addresses, allowing websites and email to function. GoDaddy hosts DNS for domains registered through them. - When choosing a DNS service, factors like reliability, performance, security, and geographic distribution should be considered to avoid a single point of failure bringing all sites down.

1. How GoDaddy Brought
Down Millions of Sites –
and How to Prevent
Becoming a DNS Outage
Casualty
Yottaa Inc.
101 Summer Street
Boston MA 02110
http://www.yottaa.com
© 2010 - 2012 Yottaa Inc. All Rights Reserved.
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential

2. GoDaddy Outage
• Outage started around 1pm ET on Sept 10 2012
• Resolved around 7pm ET on Sept 10 2012
• Lasted about 6 hours
• Impact:
• ALL sites being hosted by Internet domain registrar GoDaddy were down
• 45 million domains registered on GoDaddy…
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 2

3. What Happened?
GoDaddy DNS servers failed to resolve DNS requests…
All GoDaddy registered domains use GoDaddy DNS servers by
default.
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 3

4. What Caused It?
Hacktivist
@Anonymous Own3R
quickly claimed
responsibility
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 4

5. Who Is Anonymous Own3r and Why?
'Anonymous' typically announces
their attacks on twitter and
Facebook before hand, especially
DDOS attacks.
For example, in August, Anonymous
brought down many EU government
websites to protest for WikiLeaks
founder
Who is Anonymous?
We are Anonymous, We are legion, We
never forgive, We never forget, Expect us.
• A global hacktivist group
• Twitter handles:
• @youranonnews, @anonymous
• Site:
• http://youranonnews.tumblr.com/
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 5

6. Who Is Anonymous Own3r and Why?
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 6

7. What Caused It (Again)?
Official statement from GoDaddy on September 11th:
“We have determined the service outage was due to a series of
internal network events that corrupted router data tables”
The service outage was not caused by external influences. It was
not a “hack” and it was not a denial of service attack (DDoS).
Throughout our history, we have provided 99.999% uptime in our
DNS infrastructure. This is the level our customers expect from us
and the level we expect of ourselves. We have let our customers
down and we know it.
- Scott Wagner
Go Daddy Interim CEO
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 7

8. What? Not Me?
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 8

9. What Is DNS?
• DNS, Domain Name System, is the most fundamental building block of the
Internet
• The Internet will not function without DNS
• DNS is responsible for translating domain names into IP addresses
• Human beings work at domain name level – you don’t remember a website
by its IP address
• Internet routing system only work at IP address level – it knows nothing
about domain names
• Connecting between the two is DNS:
• DNS translates human understandable domain names into IP
addresses
• DNS is hierarchical
• It is a large distributed database for all Internet records
• Organized as a tree structure
• Your domain is a node on that tree
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 9

10. Your Domain and the Internet
Root
Root level
.com .org .net .uk … Top level
mycorp.com 2nd level
www Blog mail Boston … 3rd level
4th level
www ….
Your Domain Records
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 10

11. How DNS Name Resolution Works
• DNS Server (name server) Is the glue
for the entire Internet;
• Each level can have its own DNS server
• Maintains its own records
• Answering calls at this level
Source: http://www.windowsitpro.com/content/content/48527/Figure_01.gif
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 11

12. How Do You Manage Your Domain Records?
• Your can host your domain
DNS records using any DNS
service Root
• Domain registrars provide Root level
the default ones
.com .org .net .uk …
Top level
mycorp.com
2nd level
www Blog mail Boston … 3rd level
www …. 4th level
Your Domain Records
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 12

13. Why and How to Choose A
DNS Service
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential

14. Your Domain’s DNS Server
• When you register your domain name
• GoDaddy automatically set up GoDaddy DNS server for your domain
• When someone visits a website
• The browser will ask the name server of the domain “who is this domain
name”?
• Name server will answer the IP addresses of the domain name
• The browser gets the address and connects to it
• The visitor sees the returned web page
• When someone sends you an email to yourname@yourcompany.com
• The sender will ask the name server “where is the mail server for
yourompany.com?”
• Name server will return the IP address (“MX” record)
DNS failure means the failure of your entire domain
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 14

15. DNS Service - What To Look For
• Geographic distribution?
– Single location?
• Reliability
– Multiple location?
• Performance
– Global locations?
• Security
• IP Anycast?
• Security
– DNS attack prevention?
• Easy of use UI
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 15

16. DNS and Network Stack
A DNS query is carried on the TCP/UDP stack, typically over UDP. It is
routed as typical TCP/UDP packet
Source: http://i.technet.microsoft.com/dynimg/IC198104.gif
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 16

17. IP Anycast
• Multiple locations
are needed for
Anycast
• Each location share
the same Anycast
IP address
• Internet Routing
(BGP) chooses the
closest location
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 17

18. DNS Spoofing
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 18

19. DNS DDOS Attack
DNS Server
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 19

20. Yottaa Global DNS Service
Enterprise-class Anycast DNS network for free
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential

21. Global DNS for Speed & Scale
Yottaa DNS
Features:
• Global IP anycast
• Globally distributed
data centers
Web
Optimization
Network
• Globally redirects request
to closest geographic server
Benefits:
• High performance DNS service
• Enterprise-grade traffic
management
• DNS Shield for protection
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential

22. Yottaa Anycast Network
Europe
North America
Amsterdam
Dublin
Seattle Chicago
Frankfurt
San Francisco Ashburn London Asia
San Jose New York
Madrid Paris
Washington, DC
Los Angeles Tokyo
Atlanta Hong Kong
Miami Osaka
Dallas
Singapore
South America
Australia
Sao Paulo
(Coming)
Sydney’
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential
22

23. Yottaa DNS UI
© 2010 - 2012 Yottaa Inc. All Rights Reserved. Company Confidential 23

24. Don’t let your website fail you
To Make Your Website Fast, Reliable and Secure
Visit: www.yottaa.com
For More Information Contact:
Coach Wei
Email: coach@yottaa.com
Phone: +617.896.7818
Web: www.yottaa.com
Twitter: @yottaa
24
© 2010 - 2012 Yottaa Inc. All Rights Reserved.
© 2011 Yottaa Inc. All Rights Reserved. Company Confidential