|
Post by account_disabled on Mar 14, 2024 2:28:33 GMT -5
We recorded so many interviews with networkers that we ourselves got confused in them. But in the end today our article is finally published. The only censorship is the attentive hand of a proofreader. We give the floor to Max Yakovlev. Hello Habr. My name is Maxim I head the network engineering department at Timeweb. As you already understood from the title we will talk about our DDoS last year. This is not a standard postmortem but rather a firstperson story. Ill tell you and show you what it was like from the inside living on energy drinks and rebuilding the core Buy Email List of the network in just a couple of months. You most likely knew about Timeweb for some time. And most likely as about hosting which operates on a shared model with subservices such as domain registration website builder etc. There is also a cloud that grew out of hosting this is what we will talk about. In we began to slowly cut up the legacy hosting network and make it similar to the network of an IaaS provider. But in general the architecture at the time of day X several routers a stack of stretched VLANs three transits and a couple of exchangers. In the hosting business the volume of channels is calculated from the volume of total traffic on the network plus a reserve in case of accidents and attacks usually not exceeding x the traffic in the CHN. From here the protection of the infrastructure and clients is built the maximum expected total attack power.
|
|