Feeds

German net crippled by top level glitch

Die Intertuben sind verkrumpen

  • alert
  • submit to reddit

Remote control for virtualized desktops

Updated Vast portions of the German internet were unavailable for more than an hour on Wednesday, after a snafu with the country's top level .de domain.

According to DENIC, the German net authority, 13.6 million domains use .de. Some reports indicate that all of them were affected, though others say a smaller number experienced problems. German broadcaster ARD says the domain glitch hit all German websites beginning with the letters "a" through "o."

Both websites and email under the affected addresses were unavailable from about 1:30pm German time to about 2:50pm.

Reports indicate that the problem was caused when DENIC uploaded new zonefiles that were completely empty. "There is no definitive answer," said Sean Leach, the CTO of domain registrar name.com and a former DNS maven at recursive provider Neustar. "Best theory right now is an incomplete zone was pushed out."

The blog calling itself TLD Source floats this explanation, and this is word being passed among webmasters. "It looks like they started loading in new zonefiles automatically, having to notice too late that the new zonefile actually didn’t contain any information and that they had therefore technically deleted all .de domain names," says TLD Source.

Emails sent to affected domains during the outage did not reach their destination and will not be delivered. "Responses were getting NXDOMAIN. So the sender of the message would have gotten a bounce," Leach tells The Reg. "If it was a SERVFAIL, the MTA (sender mail transport agent) would have retried later, but not for NXDOMAIN. Invalid NXDOMAIN's are like the kiss of death for DNS for a period of time." ®

Update

With a post to a DNS operations mailing list, DENIC has acknowledged that the problem began around 11:30 UTC and that it lasted to around 13:45 UTC. It's still not clear how many domains were affected. "Several of the authoritative nameservers for the DE top level domain returned NXDOMAIN responses for a yet to be determined number of DE domains that existed in our registration database," the post reads. "At [13:45 UTC], all affected servers had either been disabled or fed with an earlier version of the DE zone. Regular operations were eventually resumed at 15:00 UTC."

Internet Security Threat Report 2014

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.