EU-Stratum is now attempting to come back online in the EU region rather than a redirect to a US-based proxy.
|
|
|
Someone mentioned this earlier during the main attack but is probably got swamped, is it not possible to whitelist active miners and block everything else during an attack ?
Whitelisting does not work. iptables does not work. Once an attacker is already flooding your pipes, blocking them does not magically remove their traffic that is already hitting your switch. Upstream filtering IS in place at BTC Guild, but this is hitting through Stratum ports. There simply isn't any way to completely block the traffic, outside of having enough bandwidth to absorb it. Then the problem becomes identifying good vs bad traffic. BTC Guild regularly has 25,000-30,000 active stratum connections. It's *extremely* hard to separate the good from the bad.
|
|
|
is this under ddos again ?
Yes, it's under attack. Most users are able to connect and mine again, but there are some limitations being put on the proxy servers which prohibit some miners that run many machines/cgminer instances if trying to connect via the traditional stratum. or eu-stratum. DNS entries.
|
|
|
eleuthria: How is things looking? I had notice the eu server is down.
The servers in EU are still completely down (by IP). The DNS for EU-Stratum is pointed to a US proxy currently, and it's working. There's some extra filtering happening at the moment that may be impacting larger mining farms trying to access the pools via stratum/eu-stratum.btcguild.com where there are multiple stratum proxies or multiple machines connecting individually.
|
|
|
HA! I just solved another block! That's 2 in the past 7 days. Not bad for a guy hashing at a measly 170Gh/s. And this is the universe we're living in, where 170 GH/s is referred to as "measly". When BTC Guild started that was nearly the entire network.
|
|
|
The main effect of DDoSing is that the next difficulty rise will be lower, but every miner is affected by that in the same way.
And don't forget how insignificant this will be towards affecting the next difficulty. BTC Guild lost ~250 TH/s during the attacks. The remaining ~160 TH/s were on the private servers that were online the entire time, and about 30-40 TH/s were able to stay connected during the attacks. Of that 250 TH/s that was lost, close to 100 TH/s showed up on other pools (50BTC, Slush, and p2pool got the biggest bumps). So in the end, only ~10% of network speed was lost (and the longer the attack goes, the less of a % that becomes as more people change pools if they didn't automatically) for about 12 hours. That's ~5% of a difficulty adjustment timeframe, of which only 10% of network speed was lost. VERY little affect on the next difficulty in the long run, and the longer the attack goes the less bang for the buck if the goal is slowing the difficulty climb.
|
|
|
The pool servers seem to have stabilized over the last 45 minutes. Can't be sure the attacks have stopped, but at least they seem to have done so for now.
|
|
|
Things are starting to come back online after 12 hours of fighting with DNS and proxies. Luck has been terrible all night (not just from DDoS, just bad luck in general), which isn't helped by the pool speed dropping 50% during the attacks.
When attacks happen I notice a substantial drop off in my earnings. Why? It seems like the answer is obvious, but I don't get it. If the hash rate of the pool drops because miners can't connect, or leave, or whatever, then I should be receiving more of a share in the earnings. Said another way... The payout of PPLNS is determined by the number of individuals contributing over the last 10 rounds. So why do I always see a drop of in my earnings when a DDOS attack occurs? Because we had bad luck at the same time as the DDoS. Normally losing pool speed wouldn't affect 24h earnings much, because you get a bigger share of each block. But at lower pool speeds, bad luck takes longer to power through. As a result of bad luck DURING the attack, we had 12 hours where luck was just plain awful instead of 3 or 4 hours of bad luck.
|
|
|
From the stats page it looks like things are turning back on. I don't have 200GHs so I can't ask for private server so I'm just watching the public stats page. Can anyone confirm if things are indeed moving?
Things are starting to come back online after 12 hours of fighting with DNS and proxies. Luck has been terrible all night (not just from DDoS, just bad luck in general), which isn't helped by the pool speed dropping 50% during the attacks. Are the attackers trying to contact pool owners? Any demands, or is this just an attack?
No demands, no gloating, nobody even taking credit.
|
|
|
is there anyway to change the ip of the servers? and update the dns. granted i know that the dns can take up to 48hours to update. hmm.. maybe not a good idea.
I've been doing that all night.
|
|
|
Note to users with relatively high speeds (250 GH/s+) historically: You can PM me for information regarding the private server access.
Many users have been given access to private servers over the last year, which is why the pool is still running at 150-180 TH/s. If you've ever contacted me for that IP and forgotten to use it, or updated miners and forgot to use the private credentials, now would be a good time to do so!
|
|
|
eleuthria: any update?
Still under constant attack. Not a whole lot else to say at this point. Attempts to push new servers out as proxies are met with those servers immediately getting hit.
|
|
|
Ack! Seems like difficulty 1 shares got the boot. Was this a recent update? Also stupid DDOS, it's pretty rude to wake up to find that annoying green glow. I'm glad it's mostly sorted out, It's Pretty damned late and eleuthria got it sorted pretty fast.
Difficulty 2 was the default for workers for quite a while now. I did finally drop Difficulty 1 entirely earlier this week as an option, but the pool servers still cached the default difficulty of 1 for most workers that had already been set to diff1. When the servers were restarted, the cache was refreshed and all diff1 workers were updated to diff2.
|
|
|
When it comes to keeping the site/servers up eleuthria is on top of the game. Damn fine job! He probly has some kind of trainhorn or something hooked up to an alert email to wake him up. I've mentioned it in the past. When a server misses it's heartbeat check 5 times in a row, or the users drops well below a reasonable number, my phone tells me. It tells me by playing a terrible techno remix of Steve Balmer screaming "DEVELOPERS, DEVELOPERS, DEVELOPERS, DEVELOPERS!" This continues for 30 seconds. It will then stop for 30 seconds. If the heartbeat is missed again, it plays it again. This repeats until the problem is fixed.
|
|
|
Naw, if it was government you'd just be redirected to fbi/nsa/homeland security. This was just a very big attack that *appears* to have targetted many Bitcoin sites & services. However, it's tough to say since all of Cloudflare was down for a while there.
|
|
|
Mining is down for me atm.
At the url you gave me a while back to set the miners to.
Secondary private DNS has been updated (couldn't update it because Cloudflare went down).
|
|
|
I think it may be a target against cloudflare
I'm actually wondering what the target is. BTC Guild's mining servers were targetted. So was the website. Cloudflare is used for BTC Guild's website. But I doubt one website getting attacked would take their whole system down, so the attack may be targetting large sections of Bitcoin related sites. I doubt it's a coincidence that Cloudflare went down just as BTC Guild's pool servers started coming back online (loading many proxy servers to keep mining going).
|
|
|
Main website is also out. This is an all-out war. Website is down, but mining is back up for most users.
|
|
|
|