Tuesday, March 24, 2026
[Incident Report #031][NET] Connectivity Issues with 2602:F992:EC::/46
Update:
Appears our static route did not get migrated to the new hardware
at the data center. This has been resolved and our services should
be back online momentarily!
What Happened?
Our upstream provider performed some upkeep on the data center on
Mar 20th and since then our routed subnet has not be working properly.
We are looking into this as it affect our IPAM, NMS, PBS and a few other
services that assist us with managing our network.
This is also affects our secondary name server, as it currently does not
have IPv6 service.
We are seeing the following issues:
- No IPv6 connectivity for NS2, affecting private and public resolution request
- No PBS backups for either MFN, FurrIX or Maows.Gay
- No NMS accounting or error tracking
- No status graphs on our website are updating
What are we doing to work on this?
- We have performed internal and external networking checks
- We have reached out to our upstream provider with our findings
At the moment, we will have to wait to hear back from the data center.
Monday, March 2, 2026
[Incident Report #027][DNS] Name Server Attack
What Happened?
From around 0000 to 0400EST last night, our name servers were
hit with a large amount of traffic originating from a data center
in the Netherlands. The traffic was spread across multiple IPv6
subnets and volume was high enough the it saturated the virtual
bridges that our name servers are operating behind. This is the
third attack of this kind that our network seen in the past two weeks.
What damages Resulted?
During the attack, we saw the following issues:
- Accounting service lost contact with both NS1 and NS2
- Shell access was slow or non-responsive
- Legitimate name lookups were being dropped or timed out
- The NMS lost SNMP contact entirely with NS1
- High CPU load on Nardoragon router
What are we doing to deal with this?
Going forward, the following steps will be taken to try and maintain
the usability of our name servers during similar attacks:
- Deploy a separate virtual bridge and network interface for management
- Tightening per subnet rate limits and mask sizing
- Banning AS numbers that partake in attacks like this
- Increasing virtual bridge bandwidth to allow for more throughput
- Redirecting recurring problematic subnets and AS ranges to null
Tuesday, February 24, 2026
Control of the LIR Subnets Assumed
As of this morning, FurrIX has assumed control of what was MFN’s
subnets. WHOIS and operational information has been updated, but
name server zones for PTR will have to be updated as time permits.
We are also in the process of redoing our agreement with MFN to
ensure that they can transition to a nested environment and stay
operational as a community web and game server host.
As part of the network changeovers, FurrIX is looking to renumber
and reconfigure the network as well as creating full documentation
of how each router, subnet and member connection is configured and
maintained.
We will release more information as plans finalize.
Sunday, February 22, 2026
Releasing Domains and Ongoing Amplification Attacks
FurrIX has chosen not to renew the domains ‘birb.rest’ and ‘avali.rest’ for cost reasons.
These domains are not a core part of our network stack and were only used for personal
splash pages and a handful of user subdomains that have not seen lookups in some time.
This should not affect our operations, or that our members, in any meaningful way.
We are also dealing with a DNS amplification attack that is abusing ANY queries and will be
temporarily dropping any IP address that cross over 40 request per second until the incoming
traffic targeting the domains starts to ease up. This has been going on for several hours and
we are working to limit the amount of traffic crossing or originating from our network.
Saturday, January 17, 2026
NMP is Up!
Our Network Management Policy is live in its first version. It will be revised over
the next few weeks as we start gearing up more towards the network and
exchange provider role.