DNS Vulnerability affecting DrayTek

As per the various news reports there is a DNS Vulnerability affecting DrayTek routers. Over the past few days we have been auditing clients who have vulnerable models and a valid maintenance contract with ourselves. Work is already underway to patch devices in this instance however, we would advise all clients with Draytek hardware to check if there device is affected and update firmware as required:

Please see below 3rd party link for full details.

DNS Vulnerability Strikes Popular DrayTek Broadband ISP Routers

As a measure we will be blocking the DNS server used for the exploit on our network. However this could result is a loss of service should your device already be compromised. This unfortunately is a better option than using the compromised DNS server as detailed in the above news report.

If you have any questions please do not hesitate to contact us.

31/05/2018 – Broadband Supplier Maintenance 00:01 till 06:00

We have been advised our suppliers will be performing essential works on our interconnects which will cause a large number of circuts to lose their connection.

Work is anticipated to start at 02:00 and impact is expected to be 1 hour.

Our suppliers have advised this could be extended to 4 hours downtime.

Not all circuits will lose connectivity. However, if session disconnects during the work, they may not be able to reconnect until the work is complete.

We apologies for any inconvenience this may cause.

17/05/2018 – Ethernet Leased Lines – Migration – 20:00

As part of our planed network migration to Telehouse North and our own facility. We are now ready to migrate existing Ethernet fibre and EFM services from Goswell Road to Telehouse.

This work is planned to take place from 20:00 tomorrow night and is expected to take around 1 hour to complete with each service seeing around 5 minutes of downtime while VLANs are moved around the network to there new home.

Customers with backup ADSL or FTTC are unlikely to notice the drop as services will automatically re-route for the duration. Customers that have dual leased lines are also unlikely to notice a service drop as the move is being done in groups, so no 2 services are in the same migration window.

Updates to be posted on the night. Existing test services have been transferred so we do not expect any problems.

UPDATE01 – 19:45
Engineers are getting ready to start

UPDATE02 – 20:00
Work has started

UPDATE03 – 20:10
A problem has been found in our suppliers scripted code. They are attempting to fix this. Unfortunately this does mean additional downtime for the affected circuits.

UPDATE04 – 20:22
Code has been fixed however we are seeing MTU issues. They are being sorted for both this batch of migrations and the 2nd set.

UPDATE05 – 20:30
Stage 1 has been migrated and BGP sessions are back online. Stage 2 will now start.

UPDATE06 – 20:45
Stage 2 is complete, however there is a problem with 2 circuits.

UPDATE07 – 21:10
This work is now complete and all circuits are showing as online.