RcodeZero DNS

Cloudflare Magic Transit protects RcodeZero DNS against DDoS attacks on a global scale

Based in Salzburg and Vienna, Austria, nic.at GmbH is the delegating body (registry) for the .at top-level domain (TLD), as well as the .co.at and .or.at domains. Its sister company, ipcom GmbH, also offers domain name services like the Anycast service RcodeZero DNS. In addition to Internet Service Providers (ISPs) and global enterprises, more than 20 registries with over 20 million domains already depend on RcodeZero DNS and benefit from reliable DNS protection – now additionally secured with Cloudflare Magic Transit. Maintaining the availability of DNS services for these domains is the company’s top priority.

Challenge: Global DDoS attacks threaten to take customer domains offline

In September 2020, RcodeZero DNS fell victim to a DDoS attack that took both its registered domains and its internal operations offline.

“The attack hit one of our link server locations, which is behind the same network as our office network,” explains Klaus Darilion, Head of Operations. “In addition to taking down customer domains, we couldn’t send email or do anything else internally.”

At the time, RcodeZero DNS used a DDoS mitigation service offered by their local ISP, to stop the attack against its office network and bring internal operations back online. However, because this service worked only in Europe, it couldn’t mitigate the attack on RcodeZero DNS’s customer domains; the company had to do that on its own. This required the participation of all operation employees and took about an hour, during which all customer domains were unavailable. While the attack was active, employees were so busy trying to mitigate it that they didn’t have time to keep customers informed timely.

To Darilion and his team, the experience demonstrated that RcodeZero DNS needed a global DDoS mitigation service, especially as it continued to expand worldwide. He decided to implement Cloudflare Magic Transit, which uses Cloudflare’s global network to protect entire IP subnets from DDoS attacks while also accelerating network traffic.

Magic Transit provides global DDoS mitigation to ensure DNS availability and support RcodeZero DNS’s global Anycast DNS cloud.

After deploying Magic Transit on an on-demand basis at the end of 2020, RcodeZero DNS didn’t experience another DDoS attack until April 2021. The attack coincided with a very large network maintenance project that impacted Internet services throughout the Vienna area.

“After two hours of trying to fix the problem with our network, we got hit with a DDoS attack,” Darilion recalls. “It was the perfect storm.”

Fortunately, mitigating this attack was just a matter of logging into Magic Transit and turning the service on. Within minutes, Magic Transit stopped the attack.

“Magic Transit stopped the DDoS attack so quickly, our customers had no idea we’d experienced a problem,” says Simone Binder, Head of PR and Marketing. “The attack was stopped before it could cause issues for our customers.”

“DDoS mitigation is like insurance. Most of the time, you don’t use it, but when you’re under attack, you desperately need it,” Darilion adds. “Cloudflare provides us with peace of mind, knowing that if we have an attack, Magic Transit will handle it.”

Additionally, the RcodeZero DNS sales team has discovered that simply having Cloudflare Magic Transit helps them close sales by providing their customers with peace of mind that their domains will be protected.

“When I have sales talks, prospective customers always ask us about DDoS mitigation, and when I tell them that we use Magic Transit, they recognize the quality of Cloudflare’s services,” Binder says. “Magic Transit essentially upgrades our products by giving customers more confidence about using our services.”

“In addition to its products, Cloudflare is very well known in the tech community for its deep technical knowledge base. Cloudflare’s blog is widely read by system administrators and other IT professionals,” Darilion adds. “Our partnership with Cloudflare has a significant positive impact on our other partnerships and our customer relationships.”