Just a quick little update on the NMP and our routing stack, we are now dropping traffic from known TOR exit nodes using a public list that is automatically updated once a day. Started seeing a bit of traffic from a few nodes, so went ahead and set this up.
Category: Network
Post dealing with changes to how we route packets and configure our network.
It looks like the amplification attack has let up, so the NOC has restored IPv4 service to IP blocks in the region. We will be keeping an eye on the situation and will reinstate the geoblock if the attack starts up again.
Checking with our registrar, we discovered that some of our NS records were incorrect. This has been corrected and we should no longer be pointing to a ‘dead’ name server in our glue records now.
We are still seeing the attack ongoing and are still dropping IPv4 traffic involving the country of Brazil for right now.
To make an effort to not cut off everyday users who are not the cause of the attack, we have opened up IPv6 queries seeing as the problem does not appear to be affecting that side of our network.
Our volunteers will continue to watch the situation and will restore IPv4 service as soon as we can do so without adding to the attack. We currently have three volunteers watching this.
Alternatively, if you are in Brazil and you are a residential user or a hobbyist, you can reach out to our support center over email with your IPv4 address and we will whitelist you.