My network has fallen and it can’t get back up….

On October 21, 2016 there was a distributed denial of service attack (DDOS) against the DNS provider Dyn on the eastern seaboard of the US. The impact was fairly consistent (and pretty bad) in the am with the attack slowly falling off in the afternoon. It shows the traffic weakness I’ve argued about for the past 10 years. You can choke any one segment of the Internet and cause problems for the entire world.

Back in the dark ages of computing we had a concept called Beaconing in the Token Ring world, basically Token Rings has maximum’s for devices. When you reached that maximum then the next device attempting to connect over the maximum would knock the first inactive device it found off the network. This would cause massive problems on the Token Ring eventually bringing it to a standstill.

The DDOS attack on Dyn carries that one step further attacking a single point on the network that has lots of traffic bound to it. It would be like shutting down all the traffic lights along Broadway in New York City. It would force a manual override, and cause massive congestion. The problem with massive congestion is the reality of why DDOS attacks work. Computers keep trying even if they cannot connect. Plus, the reality of the world is the number of devices out there.

First off the rumored use of IoT devices in this DDOS attack is interesting. Interesting because I think as more and more devices move into homes, there will be more accidental DDOS attacks on the home network than people are going to like.

As in your home network goes from fast and fun to slow and sluggish. The various news channels (I was watching MSNBC at lunch) were talking about lost connectivity to Amazon’s store, Netflix and other’s. I heard a reporter lament, what will I do this weekend without Netflix. The value of broadcast TV suddenly appears. Home bandwidth is going to shrink.

What can you do? Well you have a number of interesting problems as you wander down the path of home networking. In fact, you should probably understand what your requirements are, first.

1. Do you work from home?

2. Do you consume Netflix?

3. Are you considering a Smart Home for automation?

4. Solar panels, wind turbine to power your home?

5. Gamers in your house?

Those three are the quick questions to start with. Your network needs to be different if you work from home, but the value of working from home is today, most neighbors have their lowest consumption during the day (and very late at night) so you are in luck, you will be closest to your maximum inbound and outbound available network bandwidth. Your router won’t be the choke during the day. Unless you go crazy with home automation.

Netflix and all the other streaming services consume a lot of bandwidth. The more computers, TV’s and gaming consoles you have connected to Hulu, Netflix and other’s is the bandwidth you are consuming. Friday nights I have two family members watching different streamed video feeds. My available bandwidth (up and down) is pretty content and 110 to 115 MPs up and down. But the two streamer son a Friday night consume 40% of the available bandwidth. If we add a third streamer we push the network to 65% utilization. The more utilized a network is the more likely you are to have a failure. Every failure causes the device that failed to resend and request the same information again.

So the first thing you can do? Put a second router into your hosue. I have one today that is set-up for one purpose, all the IoT devices in my house connect to the second router. The second router is connected directly to my internet connection. In between my ISP provided router and my Internet connection is a firewall. That is more than most people need, but I am nervous about security so added that extra layer.

I also, in the second Wi-Fi router for IoT, got a router that speaks both Zigbe and Zwave. Those being the two main device connectivity protocols used in the Home Automation world. That allows my router to connect to the majority of IoT devices and do the interpretation in the hosue rather than waiting until the data is in the cloud.

If I get a corrupt or a hacked IoT device, I can simply shut off the routers connection to the Internet and watch the protocol gateway on the disconnected Wi-Fi router. One by one you turn off your IoT devices until you find the one that is hacked and remove it.

Personally based on my estimates I see the average person have between 15 and 20 devices connected and of course the more people in your hosue the more devices you will have (family of 4 having between 60 and 80 deployed devices).

I haven’t talked about the last two bandwidth problems coming, but will cover those soon.

.doc

When networks fall, who picks them up?