Next steps re DDoS mitigation

  • Next steps re DDoS mitigation

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?
  • I'm feeling your pain, Honestly the servers are up down up down up down and I've had a gut full ffs just take the game offline for 72 hrs or whatever you deem necessary and get shit in place and sort this crap out once and for all, where not spiteful and I will continue to play in the future no problem but not like this its like telling a kid they can have candy but just letting them see a picture of it, if you need the game offline for a week just do it and get it done so we can move forward for Christ sakes.
  • Elarahis wrote:

    Their plan is obviously to do their best to fight off the DDOS, I wonder why you are even asking. And it is obviously impossible for them to give any ETA for anything or they already would have done so. I don't know why you are assuming that they would be hiding any good knews from us, it would be a very weird thing to do.
    You are true but the OP is too. MMORPG is a specific market, release days are really important for the future of the game. Being unable to solve (should we say quickly ?) a problem like that can kill this game before it had time to rise. They communicated they fixed the ddos problem, server down 20mn later. It is still unplayable now. Add to this the lack of communication, and you lose players (customers) trust, till the no return point. At least the OP is not whining, or flaming, he is just asking some legit communication.
  • Elarahis wrote:

    Their plan is obviously to do their best to fight off the DDOS, I wonder why you are even asking. And it is obviously impossible for them to give any ETA for anything or they already would have done so. I don't know why you are assuming that they would be hiding any good knews from us, it would be a very weird thing to do.
    Why do you assume I think they are hiding anything? They had given us info ("measures are coming") but that info is now outdated (recent measures have failed). I'm asking for an update. Was this failure expected? Are further measures planned? Is a new plan being drawn up? If they have already stated any of this anywhere else, please point me to it
  • Vido wrote:

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?

    Thanks for constructive thread and the great questions. With regards to your points:

    We have put a new set of defenses in place yesterday. They work by separating malicious from normal traffic "up-stream", i.e. before it can actually get to our servers. The challenge right now is - in close cooperation with the external experts that we enlisted - to set up the traffic filters in such a way that they are effective at stopping most of the malicious traffic while letting legitimate traffic through. As we are optimizing the defenses, the performance of the servers under DDOS will constantly improve.

    In addition to that, we are researching and working on additional defense strategies. This is something that we cannot share with a wider audience as the information could directly help the attackers. We cannot share any detailed ETA. However, what we can share is this: we are thinking in categories of hours and days here. Every day, changes and improvements are made. Any day, there is a good chance that we get the situation under control.
  • Korn wrote:

    Vido wrote:

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?

    Thanks for constructive thread and the great questions. With regards to your points:
    We have put a new set of defenses in place yesterday. They work by separating malicious from normal traffic "up-stream", i.e. before it can actually get to our servers. The challenge right now is - in close cooperation with the external experts that we enlisted - to set up the traffic filters in such a way that they are effective at stopping most of the malicious traffic while letting legitimate traffic through. As we are optimizing the defenses, the performance of the servers under DDOS will constantly improve.

    In addition to that, we are researching and working on additional defense strategies. This is something that we cannot share with a wider audience as the information could directly help the attackers. We cannot share any detailed ETA. However, what we can share is this: we are thinking in categories of hours and days here. Every day, changes and improvements are made. Any day, there is a good chance that we get the situation under control.
    I admire your optimism, I believe you are caught in a never ending battle between good and evil. Yes, you CAN improve your mitigation strategies and tactics but your enemies have been at this for years and they also can adjust to your changes.

    IMO, it's a never ending battle as long as gold can be bought for real world currencies. Keep up the good fight. /salute

    The post was edited 1 time, last by Gilsen ().

  • Korn wrote:

    Vido wrote:

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?

    Thanks for constructive thread and the great questions. With regards to your points:
    We have put a new set of defenses in place yesterday. They work by separating malicious from normal traffic "up-stream", i.e. before it can actually get to our servers. The challenge right now is - in close cooperation with the external experts that we enlisted - to set up the traffic filters in such a way that they are effective at stopping most of the malicious traffic while letting legitimate traffic through. As we are optimizing the defenses, the performance of the servers under DDOS will constantly improve.

    In addition to that, we are researching and working on additional defense strategies. This is something that we cannot share with a wider audience as the information could directly help the attackers. We cannot share any detailed ETA. However, what we can share is this: we are thinking in categories of hours and days here. Every day, changes and improvements are made. Any day, there is a good chance that we get the situation under control.
    I might be salty 24/7 but your optimism brings me hope Korn.
  • Korn wrote:

    Vido wrote:

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?

    Thanks for constructive thread and the great questions. With regards to your points:
    We have put a new set of defenses in place yesterday. They work by separating malicious from normal traffic "up-stream", i.e. before it can actually get to our servers. The challenge right now is - in close cooperation with the external experts that we enlisted - to set up the traffic filters in such a way that they are effective at stopping most of the malicious traffic while letting legitimate traffic through. As we are optimizing the defenses, the performance of the servers under DDOS will constantly improve.

    In addition to that, we are researching and working on additional defense strategies. This is something that we cannot share with a wider audience as the information could directly help the attackers. We cannot share any detailed ETA. However, what we can share is this: we are thinking in categories of hours and days here. Every day, changes and improvements are made. Any day, there is a good chance that we get the situation under control.
    I will stand with you! Till the end.
    The unjust shall not prevail!

    8)
  • Korn wrote:

    Vido wrote:

    Ok guys, if the DDoS mitigation measures you had planned are now in place, it's safe to say they have failed to be enough help so far.

    The game is now up for 2 minutes every 10 minutes during attacks, so by some metrics you may already claim it is better... but this can't be considered an improvement in practical terms as it makes the game no more playable than it was before.

    That brings up some new questions, and it's probably better to hear it from you than sort through dozens of pages of speculation, armchair network engineering, and tinfoil hattery, hence this thread to give you an opportunity to tell us.
    • Are we getting some clear, objective communication on what are the next steps you will take?
    • Are there more measures which were part of your original plan but haven't been implemented yet?
    • Or is this failure unexpected and you are going to have to come up with a new plan instead?
    • In either case, are your plans now concrete enough that an ETA can be provided - i.e. can you tell us yet when you expect your game to be minimally playable?

    Thanks for constructive thread and the great questions. With regards to your points:
    We have put a new set of defenses in place yesterday. They work by separating malicious from normal traffic "up-stream", i.e. before it can actually get to our servers. The challenge right now is - in close cooperation with the external experts that we enlisted - to set up the traffic filters in such a way that they are effective at stopping most of the malicious traffic while letting legitimate traffic through. As we are optimizing the defenses, the performance of the servers under DDOS will constantly improve.

    In addition to that, we are researching and working on additional defense strategies. This is something that we cannot share with a wider audience as the information could directly help the attackers. We cannot share any detailed ETA. However, what we can share is this: we are thinking in categories of hours and days here. Every day, changes and improvements are made. Any day, there is a good chance that we get the situation under control.
    Thanks for this - one of the more informative comments I've seen from you guys on this whole issue.

    It also gives me some optimism that you seem to not be putting all your eggs in one basket.