DNSMadeEasy under major (over 50Gbps) DDoS Attack out of China

I'm interning at a major managed DNS provider and this actually happens more often than you think. Most of the time it ends by working with telcos like level3, cogent etc, blackholing routes, sacrificing a certain geographical location in favor of keeping others alive and basically just waiting it out. It's interesting how because of the nature of the internet, DDoSes are hard to deal with.

I'm wondering what the implications of DDOS are for website owners. What if you're on EC2 for example, will you be charged for the 300 TB of traffic? If so that would be an easy way to bankrupt a startup.

No wonder most of my sites were down or not functioning very well this morning. Hope they get everything operational soon, DNSMadeEasy is a great provider.

Can someone please explain to me what DNSMadeEasy actually does?<p>Is a domain provider like 1and1 a client of theirs or is my hosting provider a client?<p>This entry on Hacker News led me to wikipedia where I went from an article about Level3 to an article about Tier 1 Network to Internet Backbone. I feel like I'm on the verge of understanding more about how the internet works but it's all a bit above my head.

What motivates an attack like this?

Can anyone give an idea of how large, compared to other DDOS attacks, 50 GBPS is?

(Brief) discussion on webhostingtalk:<p><a href="http://www.webhostingtalk.com/showthread.php?t=970837&#38;highlight=china" rel="nofollow">http://www.webhostingtalk.com/showthread.php?t=970837&#38;hi...</a><p>Another 30 gbps attack, discussion on webhostingtalk.com:<p><a href="http://www.webhostingtalk.com/showthread.php?t=966658&#38;highlight=china" rel="nofollow">http://www.webhostingtalk.com/showthread.php?t=966658&#38;hi...</a><p>Edit: interesting thread, apparently the reason it's 30gbps is that it's maxing out the link from China telecom, so legitimate Chinese customers are getting traffic dropped. FBI are involved. Suggested solution by some is to get traffic routed over more intercontinental links possibly via peering agreement with China Telecom, and beyond that political pressure.

I wonder if, long term, DDOS attacks will be to net neutrality as spam was to nice-and-easy e-mail setups. Now ISPs are running spam blacklists, blocking entire other ISPs at times, and it's a nightmare to run your own SMTP server and deliver mail reliably without jumping through hoops. If DDOS attacks become more and more annoying, they could be used as an excuse to violate net neutrality.

I wonder if they're going to change the text on their website: "A DNS service with a 99.9999% uptime history is just the start! DNS Made Easy is so confident of it's uptime record that we offer the best service level agreement in the industry. That is why all businesses that require stable DNS decide to use DNS Made Easy. We have an industry leading 100% uptime gaurantee and will credit all accounts 500% of the downtime."<p>Maybe its a rival DNS provider behind the attack?

The GFW of China has a known vulnerability to amplify a UDP traffic to 2x to 3x as much.