This entry was inspired by a conversation I recently had with someone from DALnet. The basic debate was the user showing concern over the increased difficulty of connecting to DALnet vs DALnet's attempts at not being as affected by the attacks.
The user's view (as I understood it)..
DALnet has made it too difficult for the average user to connect. Loyal, long term users cannot connect anymore due to the limited availability of servers. The few "filtered" servers appear to only be for some areas and there are loyal users who aren't attacking elsewhere who can't connect. They furthered the issue with explaining that they did not understand the answers given as to how to get their ISP to coordinate with DALnet to no longer be affected by the filtering. Additionally, attempts at comming up with alternate solutions submitted by not just this user, but others to DALnet seem to be met with resistance instead of openly accepting the proposals.
My response (not necessarly "DALnet's view")..
DALnet's current response to attacks has made the most progress in reducing their effects, both to the ISPs that are donating the servers and to the servers themselves as well. When DDOS attacks against IRC servers first started, it was simple, the server would get flooded, it would return to normal later when the flood stopped. Later the ISPs figured out to "turn off" the routing for the IRC server to save their network.. the IRC server would go 100% unreachable, however the business would be saved. The new approach to only allowing connections from ISPs that agree to help track floods and to limit the damage by only peering with some ISPs for each server has helped the most. Servers no longer go 100% unreachable and are available to the majority of the population. The evolution of this method came with years of input from network administrators, router gurus and people experiencing the attacks. Unfortunately the average user's suggestion were the same suggestions suggested years ago and for whatever reason, either not used, or tried and failed. It is difficult at this point to hear a new "fresh" idea.. not to mention one that's possible... as was the problem with the last suggestion from the user which suggested that the filtering be undone for certain subnets with loyal users on them.. however that would require the ISP's involvement.. which brings us back to the same problem that the user had to begin with.. their ISP did not understand basic routing and was unable to work with DALnet to come to an understanding.
As with most of these conversations, when I responded that the user's request was unreasonable, they came back with consipracy theories about "cloak and dagger" operations and indicated that it was DALnet's unaccepting attitude that was the cause for all of these problems to begin with... and I responded with explaining that the user's ignorance was just as typical... unfortunately I doubt we will ever see eye to eye.. I do understand the frustration with the connections, however the user fails to see that if we don't take these steps to limit the impact of attacks, ALL servers would be gone and there would be NOTHING left... it comes down to a choice of "limiting damage" or simply being destroyed.
I felt the need to write this mainly so that it's understood that although it may seem that "we" don't care about the user or that "we" don't take other people's suggestions seriously, that there really has been a LOT of research done over the years, people from DALnet have given speeches at some of the largest network conventions about the growing DDOS problem and have written presentations outlining ideas, technology choices and methods at dealing with the issues.. it doesn't mean that the solution will work perfect for everyone, it does mean that there IS EFFORT being made to find the solutions though. ..and no, if I didn't care, I wouldn't have taken the time to write this, nor would I have gotten upset at the idea that DALnet wasn't doing what it could to stay online, reachable and there for the users.
Hopefully someone will get something out of this article and realize that there are 2 sides to every story. Unfortunately we don't always hear the answer we want.. that's life.. sometimes that answer simply isn't possible..
Disclaimer: The views here are those of Aaron, not of DALnet (I never really asked what DALnet's views are nor am I on the routing committee and I don't make the final decisions and I don't have 100% of the facts, but I think I have most) ..and yes, I have several family members who use DALnet and chat to me nightly using the public servers... so my view of DALnet stability etc does not come from a 100% biased view of "can I talk to my oper friends? yes? ok, then it's all fine" .. on an amusing related note, the conversation took place on DALnet while the user had at least 2 clients connected that I'm aware of as did a few others in the same channel. On a side note, DALnet turns 10 this month.