Jump to content
  • Sign Up!

    Join our friendly community of music lovers and be part of the fun 😎

2024 Ticket Buying Tips


parsonjack

Recommended Posts

1 minute ago, assorted said:

I’m confused still and am hoping you could help me. This Reddit post infers it was not an unused server like you are saying but instead just contacting one of the 5 servers directly:

The hack (as posted earlier in this thread) wasn't going to any of those 5 (31.221.3.*) servers.

If someone had done so, they'd have found them equally busy because they were the one serving the Glastonbury ticket sale.

Instead it was to go to one of the 3 servers not involved (167.98.233.90) which bypassed the demand altogether.

  • Upvote 1
Link to comment
Share on other sites

Just now, Nick_ said:

It's OK to nick someone's telly if it's for your own use, but not if you fence it down the market? 😉

Ok fair point, after reading some more comments on here I think the 9:00 out in reg details and 9:30 random groups selected via ballot would definitely work.

Link to comment
Share on other sites

1 hour ago, NotAnInsider said:

 

  • 9am on ticket day: log in, enter up to six registrations into a pre ballot. Individual registrations may only be in one entry and each person may only have one registration each.
  • 9.30: ballots are randomly assigned the opportunity to pay a deposit, with payments processing in order.

 

Looking at things with a wider perspective I don’t see much wrong with the current system, but I fail to see how this isn’t an upgrade.

It’d eliminate the unfairness in the differing amount of connections people have. 

  • Upvote 1
Link to comment
Share on other sites

7 minutes ago, assorted said:

 

I’m confused still and am hoping you could help me. This Reddit post infers it was not an unused server like you are saying but instead just contacting one of the 5 servers directly: 

What happened on Sunday, is that See Tickets DNS was only giving out a small number of their webservers/load balancers for Glastonbury ticket sales.

❯ dig glastonbury.seetickets.com @8.8.8.8

;; ANSWER SECTION:
glastonbury.seetickets.com. 94  IN      CNAME   hosting.seetickets.com.
hosting.seetickets.com. 94      IN      A       13.87.94.169

This returned a single IP address 13.87.94.169 , which was probably getting hammered by 99% of the traffic. Everyone's queuing.

 

As @incidentsays, my understanding is that this isn't quite right, and that what some people did yesterday was amend their HOSTS to point to the URL to the servers that were doing normal Seetickets business, not one of those five, but for whatever reason, that still worked.

Pointing it to one of the Glasto servers wouldn't have had the same result, because those servers are still busy. I don't think 13.87.94.169 was a ticketing server, I assume that is the IP address of the load balancer. I also assume (but have no real idea) that if you amended HOSTS to point to one of the actual servers being used, you might have problems with not having cookies or similar that you would have picked up going via the load balancer.

Link to comment
Share on other sites

Just now, Nobby's Old Boots said:

If they were to track down the tickets bought by the other servers and cancel those orders as some have (rightly in my opinion) suggested, I have absolutely no faith that Glastonbury and Seetickets could pull that off without cancelling legitimate orders along the way, given how this year's sale has gone.

Honestly - it'd be easy and definitive for them to identify those orders. Which server was used will be a core part of the transaction data.

But in doing so they'd create a lot of headlines they don't want, especially as despite (or perhaps, due to) being caught bang to rights people would kick up a huge storm about it, so it's very unlikely to happen.

 

Link to comment
Share on other sites

8 minutes ago, Nick_ said:

Thanks for the clear and patient explanation @mjfromthelane - much appreciated.

Wow.  I had no idea that's what one was meant to - I assumed you got in, and either there was a queue or some kind of random selection process.  This does feel either pointless or immoral, though.  Is there any evidence it does actually increase your chances?  If it does, presumably it is at the expense of people who don't know you are meant to be doing this, or (like nuclear weapons) everyone feels they need to do it because everyone else does.

Either way, if there are people who feel you only "deserve" tickets if you do this, I can't agree with that.

The way the system works is it only lets a certain number of people in at a time, everyone else will get the holding page. So as soon as the sale goes live, some number of people who clicked refresh at exactly the right time will get in and everyone else is left outside.

As soon as 1 of those transactions is completed, that frees up a space for the next person clicking at exactly the right time. So if you're refreshing every second, you're more likely to refresh at the right moment than if you just wait for the 20 second auto-refresh.

Link to comment
Share on other sites

1 minute ago, incident said:

Honestly - it'd be easy and definitive for them to identify those orders. Which server was used will be a core part of the transaction data.

But in doing so they'd create a lot of headlines they don't want, especially as despite (or perhaps, due to) being caught bang to rights people would kick up a huge storm about it, so it's very unlikely to happen.

 

Unless I am misunderstanding (quite likely), all transactions would be via one of the "back" servers, and what they would need to be identifying is tickets bought in sessions that connected to them directly rather than coming via the load balancer?

Link to comment
Share on other sites

3 minutes ago, stuartasmith85 said:

As @incidentsays, my understanding is that this isn't quite right, and that what some people did yesterday was amend their HOSTS to point to the URL to the servers that were doing normal Seetickets business, not one of those five, but for whatever reason, that still worked.

Pointing it to one of the Glasto servers wouldn't have had the same result, because those servers are still busy. I don't think 13.87.94.169 was a ticketing server, I assume that is the IP address of the load balancer. I also assume (but have no real idea) that if you amended HOSTS to point to one of the actual servers being used, you might have problems with not having cookies or similar that you would have picked up going via the load balancer.

Yes.

13.87.94.169 was the load balancer. Those 5 addresses (31.*) were the real servers handling the sale that the load balancer was directing people to (or more commonly, not).

Bypassing the load balancer and going direct to one of the 31.* addresses may have provided a very slight advantage but probably not much (full disclosure - I did try that on one connection, and didn't get through).

Link to comment
Share on other sites

Just now, orelean said:

Confirmed that Seetickets have patched yesterday’s method FYI

I don't think it's possible to definitively say that.

From my perspective all they've done is put their systems back to normal, non event sale, mode (with the usual 5 servers handling all traffic for all of their various sites).

Link to comment
Share on other sites

2 minutes ago, incident said:

Yes.

13.87.94.169 was the load balancer. Those 5 addresses (31.*) were the real servers handling the sale that the load balancer was directing people to (or more commonly, not).

Bypassing the load balancer and going direct to one of the 31.* addresses may have provided a very slight advantage but probably not much (full disclosure - I did try that on one connection, and didn't get through).

If they cared enough, I assumethey could firewall the transactional servers so that connections were permitted only via the load balancer

Link to comment
Share on other sites

1 hour ago, DeanoL said:

 

Auto refresh.

Problem is it's not, it's pretty rudimentary which is why it's a problem.

In 2013 if I'm remembering right, you could "ping" the sales page, which basically means saying to the server "hey, what IP addresses are you on?" and it would return two different addresses. But if you put the URL in the browser, you only ever got sent to the one address. So people figured "why not force it to the other one?" and that worked. I remember checking it myself at the time as no way was I just going to force connect to a random IP address because anyone could just set up a website that looked like the Glasto one and use it to harvest card details.

This time around people used an address that SeeTickets used elsewhere and it just so happened to work. I appreciate it's a subtle difference, but the difference is that in 2013 the system was literally advertising the second address, it was publicly available information. But then the load balancer was pointing people in just one direction. It's sort of like if you're in a (real life) queue and there are big signs up saying "USE BOTH LANES" and then someone is stood there directing everyone to the left. If you ignored them and went to the right... bit cheeky but it did say "USE BOTH LANES". 

This year is more like people going to the "5 items or fewer" lane in the supermarket with a trolly full of 20 things. You can do it. It does work. You're very unlikely to be challenged. But at the same time, you are breaking the rules.

 

As i remember is, 2013 was a misconfiguration. Four IPs were set up to handle the traffic, but they messed up one of the IPs and left it routing locally, people worked this out...

For example (not proper ips):

Server 1 - 123.456.789.10
Server 2 - 123.456.789.11
Server 3 - 123.456.789.12
Server 4 - 192.168.789.13

People saw the 192.168..., realised they had misconfigured it (192.168 is for your own computer locally, not a web address) and then correctly guessed that if they used (in this example) 123.456.789.13 - they would get straight in to an empty server. I remember it vividly as i didn't get a ticket whilst i knew mates who got multiple groups of 12 (at the time).

This year is slightly different as people have host hack targeted other see servers that were never intended to be used for the sale. 

Link to comment
Share on other sites

6 minutes ago, Xeph1995 said:

Seriously nothing bad was actually done here btw. It was a clever use of networking that’s all and unfortunately some of us know more about that than others and some feel hard done by because of that. 

time to move on. 

I think the lesson I am taking away is that Glastonbury prefers to have customers who are in groups, preferably large extended groups, than it does single ticket buyers.  It's their festival, and they can do what they want.  I can see reasons why they might want to reduce the number of attendees like me, who have never been before and come on their own.

Edited by Nick_
Link to comment
Share on other sites

3 minutes ago, Nick_ said:

If they cared enough, I assumethey could firewall the transactional servers so that connections were permitted only via the load balancer

Please don't take this the wrong way, but you understand transactional servers, load balancers and firewalls, but don't understand the importance of refreshing every second vs waiting for 20 seconds?

Reminds me of Peep Show - “Didn’t get four across ‘boat’ but aced ‘solipsism.’ Who was this person?”

Link to comment
Share on other sites

However people try to justify using hacks or whatever you want to call it -because you can - doesnt make it right. Because others are doing it and why not- doesn't make it right. Because the system is broken to people who know what they're doing doesnt make it right. People can justify anything to themselves if it enables them to get what they want but it ultimately stinks for those who havent got these advantages. 

Yes the people who are trying just in twos or solo would probably still miss out but a level playing field to start with at least would be fair.

  • Upvote 2
Link to comment
Share on other sites

Just now, danmarks said:

However people try to justify using hacks or whatever you want to call it -because you can - doesnt make it right. Because others are doing it and why not- doesn't make it right. Because the system is broken to people who know what they're doing doesnt make it right. People can justify anything to themselves if it enables them to get what they want but it ultimately stinks for those who havent got these advantages. 

Yes the people who are trying just in twos or solo would probably still miss out but a level playing field to start with at least would be fair.

But life’s not fair

Link to comment
Share on other sites

5 minutes ago, Nobby's Old Boots said:

Please don't take this the wrong way, but you understand transactional servers, load balancers and firewalls, but don't understand the importance of refreshing every second vs waiting for 20 seconds?

Reminds me of Peep Show - “Didn’t get four across ‘boat’ but aced ‘solipsism.’ Who was this person?”

🤣

Link to comment
Share on other sites

33 minutes ago, Jack.194 said:

Some of these comments are astonishing, and would almost certainly not be made had the person making them been successful with tickets.

I don’t see an issue with people using the DNS thing for personal tickets, however I do see a huge problem with people charging for this as a service, which is essentially disguised touting. However, all accounts of which have been purely annecdotal by the way, seems a bit like chinese whispers to me. Everybody seems so frantic about the issue.

And to those calling for a ballot/lottery, it essentially is that already, you’re either lucky enough to get through, or you’re not. There’s very little that can be done to raise your chances of getting tickets other than joining a syndicate, which seems pretty morally neutral to me.

None of us are owed tickets, regardless of how long we’ve been going, how much we love the festival, or even how much effort we put in.

Literally all of this ^^

I don't see why people would not want a situation that is gamed by more effort, more devices, more friends trying etc.

To leave it in the hands of a lottery would decrease your individual chances.

Link to comment
Share on other sites

6 minutes ago, stuie said:

Literally all of this ^^

I don't see why people would not want a situation that is gamed by more effort, more devices, more friends trying etc.

To leave it in the hands of a lottery would decrease your individual chances.

Eh?  Surely it's a zero sum game - if you are increasing your chances, you are decreasing someone else's?

I am not in a position to recruit dozens of friends to help buy the single ticket that I want. So, if you increase your chances, as someone with lots of friends willing to help, you decrease mine.

Now, as I said earlier, it's their festival, and if they want to structure ticket buying in a way that reduces the number of first-time, solo attendees, that's their choice.  But it doesn't me I necessarily *prefer* that method.

Edited by Nick_
  • Upvote 1
Link to comment
Share on other sites

33 minutes ago, Nobby's Old Boots said:

If they were to track down the tickets bought by the other servers and cancel those orders as some have (rightly in my opinion) suggested, I have absolutely no faith that Glastonbury and Seetickets could pull that off without cancelling legitimate orders along the way, given how this year's sale has gone.

My friend (well, not a friend but someone in our wider group) got through 6 times and bought tickets for 36 of us in our spreadsheet. I am afraid to ask whether any nefarious efforts were used and the others in my group (who aren't eFesties/across online festival chatter) are just like "wow that's amazing, you're so lucky!"... I guess what I'm saying is, would it be fair to cancel all tickets bought on those servers if people didn't even know this method had been used to acquire their tickets? All we were told by the person that got our tickets who was in the wider group was that he'd managed to get through 6 times, that was it. It's only after the fact that I'm seeing all this stuff about backdoors and piecing things together and feeling concerned.

Edited by ProperTea
Link to comment
Share on other sites

1 minute ago, Nick_ said:

Eh?  Surely it's a zero sum game - if you are increasing your chances, you are decreasing someone else's?

I am not in a position to recruit dozens of friends to help buy the single ticket that I want. So, if you increase your chances, as someone with lots of friends willing to help, you decrease mine.

Regardless of your number of friends, you can still hit F5 over and over and over or use another device at the same time.  By doing so, you'll increase your chances. 

In the case of a lottery, your odds of getting a ticket are fixed and there's nothing you can do to increase your odds.

I'd have thought most people would prefer a system whereby the amount of effort you make could pay off. 

In the nicest possible way Nick, people care about their own chances - not yours!

* disclaimer - I don't buy a ticket for myself. 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...