I worked in the networking group for a cloud computing company. You've heard of them. We didn't charge for (some) DNS traffic, so some customers figured out how to use DNS as a transport mechanism to skirt around paying data transfer fees. It would essentially be a DoS attack which affected EVERY customer, so a few could save tiny fractions of their overall spend. A peer team of mine had to deal with the mess. That team had > 100% annual staff turnover, because they just made the oncall staff deal with the problem every time it showed up rather than ever solve the core issue of having a DoS vector masquerading as a feature.

▲

zoky 3 days ago | parent [-]

Wouldn’t the solution be to just start charging for excessive DNS traffic?

▲

lelandbatey 3 days ago | parent [-]

Potentially yes, but that's a business decision which the on-call developer cannot deal make on behalf of the business.

▲

canttestthis 3 days ago | parent [-]

There's a lot of stuff the dev team can do that are not strictly business decisions though. Rate limits, QoS, etc.

	▲	rapind 3 days ago \| parent [-]
		Those can be business decisions too though. It depends on whether or not the real / lucrative customers will notice, or maybe the noisy customers who will be all over twitter because a dev figured they'd make a big change like this on their own. Throttling and tiering can definitely affect more people than you might suspect (like spiky services) and considering data and use are important.