September 10, 2012. If you are wondering why many of the sites you want to visit seem down today, it may be due to a widespread attack on Godaddy’s DNS servers.
Godaddy is one of the largest domain name registrars in the world, and hosts millions of websites for businesses and organizations.
I’ll try to explain how DNS works, and how your site might be affected, even if your site isn’t hosted with Godaddy. This is a fairly critical piece of national infrastructure that today failed due to an attack by hackers.
Godaddy’s DNS Outage Affects Millions of Websites.
Basically, attackers today successfully hacked Godaddy’s DNS (Domain Name Server) system.
In a nutshell, if you type in a domain name (i.e. www.CustomerParadigm.com), the DNS system translates the domain name into a series of numbers (in our case, 18.104.22.168) called an IP address. Your computer uses this IP address to actually make the connection to a website.
For sites you visit a lot (such as Facebook, CNN.com and others), your computer will “cache” or save the IP addresses, so that your computer, iPhone, iPad or other device doesn’t have to go and look up the IP address each and every time.
Caching can take place on your computer, at your router (such as a wi-fi hub) or even at the level of your ISP (Internet Service Provider), such as Comcast.
That’s why a website that you visit a lot will load right away (because you have the IP address cached), but a site that you don’t visit often requires a DNS lookup, and is failing.
Your site might load for you (because you theoretically visit it a lot), but it might not load for your customers. We have disabled all of our inbound advertising until this is resolved.
What can be affected by DNS outages:
1. eCommerce sites can’t take orders.
2. email might not get through.
3. People can’t visit your website.
4. Online appointment scheduling systems may not work.
5. Doctors might not be able to view xray, MRI and other medical information. This actually happened to one of our hospital clients many years ago when a DNS server went down, and doctors were scrubbed in but not able to perform surgery.
What You Can Do:
Right now, not much. Millions of people are affected, and we unfortunately need to wait until Godaddy is back up and running.
One thing you can do is take to the social media to let your customers know this is a major outage and not your company’s fault. We’ve posted on Facebook, Google+, LinkedIn and Twitter to let people know; we’re also emailing everyone, too (although it might not get through to everyone).
More Information How DNS lookups work:
1. You type in a website address, such as www.CustomerParadigm.com
2a. If you’ve visted this site before, your computer knows the IP address (it’s saved it in its cache). In this case you go right to the site.
2b. If you haven’t visited the site before (or it’s been more than a few days), you computer sends a query out to find the right IP address to help you connect to the website.
3. The first part of the query finds the domain name servers (DNS) that are associated with your domain name. A domain name server (DNS) might be something like ns1.i6cp.net or ns64.domaincontrol.com.
4. After finding the correct name server, your computer asks the proper domain name server (DNS) what the IP address should be for the site you’re trying to visit. (These name servers are the one affected by Godaddy’s outage.)
5. The name server responds with an IP address, such as 22.214.171.124.
6. Your computer, iPad, iPhone or other device is then connected automatically.
Technically, this is the exchange:
customerparadigm.com. IN A
(This is your computer asking for Customer Paradigm’s A record or IP address.)
customerparadigm.com. 3600 IN NS ns64.domaincontrol.com.
customerparadigm.com. 3600 IN NS ns63.domaincontrol.com.
(This is where your computer finds the domain name server for the domain.)
ns63.domaincontrol.com. 28745 IN A 126.96.36.199
ns64.domaincontrol.com. 28745 IN A 188.8.131.52
(This is where your computer finds the IP address for the domain name servers in question.)
customerparadigm.com. 3600 IN A 184.108.40.206
(Finally, the IP address for the website is resolved.)
Query time: 64 msec
(In this case, the entire lookup process took 0.064 seconds – 6/1,000 of a second – to complete. Some Olympic events have been won in about 1/1,000 second.)
Is mail affected by the outage?
Yes. email uses what are called MX (Mail Exchange) records to route mail properly. During this downtime, email may not get through (or may be significantly delayed).
How the domain registration process works.
When someone registers a domain name, you have to go to a site like Network Solutions or Godaddy.com. Godaddy cut the price of a domain name registration from $35 to less than $8; millions of people became customers. You might know Godaddy from their SuperBowl ads featuring race car drivers.
In December of 2009, there were over 192 million domain names registered. As of July 2012, the .com top-level-domain has had more regisrations than all of the others (.org, .net, .biz) combined.
During the registration process, a person searches for the domain name that will be the address for their business or organization. After giving their credit card information, the user usually has a couple of options:
– Park the domain. You’re not going to do anything with this; just keep the name on file for now, and show a generic page when someone visits the site. Not a huge deal if the site doesn’t load today.
– Use Default Hosting Name servers. If you are also going to host your website at a place like Godaddy, you just need to let them know, and they will take care of all of the technical details for how to point your domain name to the proper location. This is one of the things that is failing.
– Use Total DNS Control Name servers. You might want to host the site with Godaddy, or might want to host at another web hosting company, such as Michigan-based Nexcess.net for an eCommerce Magento site. In this case, you use Godaddy’s DNS servers, but you are able to specify the individual records that tell a user where to go when they type in something like www.CustomerParadigm.com. Because of the Godaddy DNS outage, many servers are not returning valid results.
– Use Alternative DNS servers. You can specify a different set of DNS servers, such as ns1.i6cp.net. Before the web hosting and domain name registration space matured, we often routed website DNS lookups through some of Customer Paradigm’s DNS servers. The reason we moved away from this, was because Godaddy’s DNS servers have been (at least for the last few years) very reliable. More reliable than anything a small company could provide. However, even
if you are using alternative DNS servers, the record of the DNS server is still hosted at Godaddy, meaning it could fail.
What Should You Do?
Unfortunately, there’s not that much that can be done right now. As of writing this, Godaddy’s website remains down. Which means that you can’t switch to alternative domain name servers. Frustrating :(