Topic: Recent lag / network issues / etc. (2012.01.19)
I guess everyone noticed the recent hiccups in the game connection in the last few days, dropouts, lag, etc.
Now, I'll say this first that I'm not a network expert so my conclusions might be wrong but here's how I saw the situation: Every now and then the login-server would get a huge (sometimes up to 80MB/s, though I suppose this includes TCP/IP overhead) burst of external traffic for about 15 minutes or so, and then it would go back to normal. I did some testing with a variety of network tools, and found out that the traffic is mostly aimed at port 139 (NetBIOS) which we have firewalled out, but still it would cause such a network congestion that it'd cause some connections to time out. This traffic came from thousands of endpoints all over the world, including countries where we have no (awareness of) players from (Peru, Egypt, etc.).
In short, from what I can deduce with my fairly modest knowledge about networks, we just got DDOS'd. Because our cluster works with a login server (which is a single point of failure), we were sitting ducks. Our firewall, on inspection (and contrary what I may have been saying earlier) was configured just fine, but the network itself became a bottleneck for the incoming traffic, something we couldn't do anything about.
We're currently in contact with our provider to see if they have some sort of protection service they can offer (early hardware firewalling, etc.).