Re: IETF Service Outage

Glen <> Wed, 23 March 2016 13:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 07CD912D635 for <>; Wed, 23 Mar 2016 06:27:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -104.231
X-Spam-Status: No, score=-104.231 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id e52mvVuC4a8Q for <>; Wed, 23 Mar 2016 06:27:53 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 732D212D6B4 for <>; Wed, 23 Mar 2016 06:13:45 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTPS id 042CB1E5D58 for <>; Wed, 23 Mar 2016 06:13:22 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTPSA id D05BC1E5D4F for <>; Wed, 23 Mar 2016 06:13:21 -0700 (PDT)
Received: by with SMTP id xj3so11721176obb.0 for <>; Wed, 23 Mar 2016 06:13:45 -0700 (PDT)
X-Gm-Message-State: AD7BkJJhequu9KNUcHliEI/FLGC/GuIOyUlJLNVtRyBI4EhhAnsPCW2KlGDJLDepVJhvoxXdFr6evcMrA7ATjw==
X-Received: by with SMTP id sd7mr1322491oec.77.1458738812167; Wed, 23 Mar 2016 06:13:32 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Wed, 23 Mar 2016 06:13:12 -0700 (PDT)
In-Reply-To: <>
References: <> <>
From: Glen <>
Date: Wed, 23 Mar 2016 06:13:12 -0700
X-Gmail-Original-Message-ID: <>
Message-ID: <>
Subject: Re: IETF Service Outage
To: Eliot Lear <>
Content-Type: text/plain; charset=UTF-8
Archived-At: <>
Cc: ietf <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 23 Mar 2016 13:27:56 -0000

On Wed, Mar 23, 2016 at 5:50 AM, Eliot Lear <> wrote:
> I'm curious- do you have sufficient data to perform an analysis to
> determine the source of the service degradation?

Hi Eliot -

We're still looking, but, at the moment, no, it does not appear that way.

Our servers run Linux, our switches are Cisco, and log levels on
everything are quite high.  Our logs are full of noise about all kinds
of other, unrelated, server activities; but, as often seems to be the
case, the logs are silent about things related to this issue.  To my
great frustration.

Our engineers are always looking at additional ways of monitoring
things, but whether this was some kind of denial-of-service attack
against a physical host, or an OS failure of some kind, or maybe just
a bad network cable, we can't yet tell.

When things like this happen unexpectedly, we only want to take a
minimal amount of time to try and perform testing mid-event.  Having
done a number of tests, checks, and localized reset procedures, we
were just about to do a reboot of the physical host when the network
just came back to normal, all by itself.  So, this time, so far, I am
unable to determine a source, which, of course, is probably the most
frustrating outcome possible.

Glen Barney
IT Director
AMS (IETF Secretariat)