On Sun, Mar 03, 2013 at 09:10:30PM -0500, Rich Kulawiec wrote: > On Sun, Mar 03, 2013 at 04:13:26PM -0500, Griffin Boyce wrote: > > If the problem is limited to DDoS attacks, you might find that Cloudflare > > offers some relief. > > I agree, but: this thread (dating from today) may be of interest: > > Cloudflare is down > http://mailman.nanog.org/pipermail/nanog/2013-March/056564.html
Yes, I'm following up my own message. The reason is that I think a particular comment in that thread is worth quoting. This comment provides, in my opinion, sufficient reason to immediately rule out Cloudflare from any further consideration whatsoever. > From: "Constantine A. Murenin" <[email protected]> > Date: Mon, 4 Mar 2013 12:33:42 -0800 > Subject: Re: Cloudflare is down > > The issue I have is not with their network. > > The issue is that they require ALL of their customers to hand over DNS > control, and completely disregard any kind of situation as what has > just happened. > > * They don't provide any IP-addresses which you can set your A or AAAA > records to. > > * They don't provide any hostnames which you can set a CNAME to. > (Supposedly, they do offer CNAME support to paid customers, but if you > look at their help page for CNAME support, it's clearly evident that > it's highly discouraged and effectively an unsupported option.) > > * They don't let you AXFR and mirror the zones, either. > > So, the issue here, is that a second point of failure is suddenly > introduced to your own harmonised network, and introduced in a way as > to suggest that it's not a big deal, and will make everything better > anyways. > > [snip] -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
