Explanation of dreamhoststatus.com?


#1

The state of dreamhoststatus.com has been mentioned in other threads – I think it deserves focus in it’s own[thread].

Like many others, I was under the impression that dreamhoststatus.com was kept entirely separate from Dreamhost administered network(s). Now, I’m not so sure. Perhaps the scale of this recent outage just sent a server-breaking flood of requests to that domain? Or there is in fact a link to a DH network? Or?

I’d like to know. And I’m guessing others would like to know too. In due time, after the fires of the present of course.


jt


#2

I agree! Whois indicates that they are using DreamHost nameservers for dreamhoststatus.com, so when DreamHost has DNS problems it can effect dreamhoststatus.com

I’m sure that such a flood could well be part of what’s happening, but the MySQL error messages visible when the domain resolves make me also suspect that DNS again might be the problem if DreamHost DNS has to resolve the MySQL hostname (and that DNS is borked).

So would I. Hopefully some forensics will be forthcoming which things calm down a bit.

–rlparker


#3

Oh my… well that already disabuses any notion that the site is independent of Dreamhost administered network(s), eh?

Follow on effects could be many as you point out.

Perhaps an additional question arises here – why not make dreamhoststatus.com completely independent of any DH network/services?


jt


#4

Because apparently, they have no clue about having a diverse network, much less, a single website that doesn’t rely on their primary DNS for resolution. God forbid if they actually use someone elses parent DNS just in case for a single website.


-Lyle


#5

Let’s see …

===============================

Linux tea 2.6.18.1-grsec e f6b gr219 opt c4a gr2b-grsec #1 SMP Thu Oct 19 12:50:29 PDT 2006 i686 GNU/Linux
_
| |_ ___ __ _
| / _ / ` |
| || __/ (
| |
___
|_,|

Welcome to tea.dreamhost.com

Any malicious and/or unauthorized activity is strictly forbidden.
All activity may be logged by DreamHost Web Hosting.

[tea] ~ $ traceroute dreamhoststatus.com

traceroute to dreamhoststatus.com (208.96.10.218), 30 hops max, 38 byte packets
1 core02 (66.33.192.3) 17.385 ms 3.803 ms 4.069 ms
2 64.209.105.25 (64.209.105.25) 3.357 ms 4.102 ms 3.654 ms
3 Yipes-Palo-Alto.ge-4-3-0.ar3.PAO2.gblx.net (208.51.142.178) 11.514 ms 12.777 ms 10.884 ms
4 border-core1-ge3-0.sfo2.servepath.net (209.213.192.123) 11.791 ms 14.687 ms 11.517 ms
5 customer-reverse-entry.208.96.31.6 (208.96.31.6) 274.848 ms 381.466 ms 389.088 ms
6 customer-reverse-entry.208.96.10.218 (208.96.10.218) 427.430 ms 288.743 ms *

[tea] ~ $ nslookup tea.dreamhost.com

Server: 66.33.216.127
Address: 66.33.216.127#53

Non-authoritative answer:
Name: tea.dreamhost.com
Address: 208.97.171.16

================

The connection seems to go out of the datacenter DH uses, but the IP of dreamhoststatus.com - 208.96.10.218 - is relatively to the IP of tea.dreamhost.com - 208.97.171.16. Also this looks strange “customer-reverse-entry.208.96.10.218” - does this somehow redirect back to DH?

I would think that DH had registered some random hosting package with another random host, somewhere across the country, but it doesn’t seem so. Even though it would have been very easy. Maybe they’re to proud to host with another company, other than themselves.


Promo-Code: [color=#CC0000] SAVEMONEY97 [/color] - Save [color=#CC0000]$97[/color] on your first year of hosting.


#6

[quote]Maybe they’re to proud to host with another company, other than themselves.

[/quote]

If that’s true, we’re the ones paying for their arrogance.


#7

It’s being attacked:

! Critical Announcement! Please Read!
We are still experiencing DNS issues for a large number of our domains. After the network problems yesterday, a lot of dns records were somehow dropped from our ns servers, the cause of which we’re looking into.

We’ve been regenerating all dns since last night, but it’s a very slow process, slower than we’d like, and there are still a lot of domains not up.

On top of it all, it seems as though our remote dreamhoststatus.com server is under a DDOS attack, taking it down.

Please rest assured we’re doing everything we can to fix this situation. If you’d still like to contact us about it, please use the form below as usual.

You can keep updated at dreamhoststatus.com… assuming we stop the DDOS soon. Otherwise, we’ll just be updating the message on this page. (posted 18 mins 55 secs ago)


#8

Ummm, yeah, it was a DDOS attack, yeah, that’s what it was.


#9

[quote]You can keep updated at dreamhoststatus.com… assuming we stop the DDOS soon. Otherwise, we’ll just be updating the message on this page. (posted 18 mins 55 secs ago)

[/quote]

And WHAT would be so hard about starting a thread here and posting information on this forum? Or within the control panel? Or under a new domain? Or all all of the above?

Duh?

It can’t be that hard to get the message out to their customers, unless they choose to make it so.


#10

[quote]Jem

[/quote]

http://blog.dreamhost.com/wp-content/uploads/2007/07/unplug.jpg

You can’t fool us, “Josh: Everybody’s Master”. Damn you, you unplugged the Internet! :wink:

http://www.google.com/search?hl=en&q=site:blog.dreamhost.com+jem


$1 for me << [color=#00CC00]SE7ENOF9[/color] | [color=#CC0000]SE7ENOF97[/color] >> All for you


#11

It’s a coincidence that the IPs look close together. You can go to www.arin.net and lookup what company is assigned a given IP address. It turns out that the dreamhoststatus IP is owned by a company located in San Francisco, which is why the traceroute goes through Palo Alto.

(As it happens the SF datacenter was knocked out by a power failure a few weeks ago, which also took a bunch of popular sites off line. It just shows that no datacenter is immune from problems.)

Larry