Gordon Weakliem posted about the spectacular failure of the online ticket sales for Rockies World Series tickets yesterday. The Rockies and their infrastructure vendor, Paciolan claimed in news reports yesterday that their system crashed due to a "malicious external attack", which does not seem likely to me.
A denial of service attack from a single IP is easy to identify and stop. A distributed denial of service attack is harder to handle, but the symptoms I am seeing don’t look like that at all. It still looks like they simply don’t have the capacity or architecture to handle the load.
Selling reserved tickets (whether for a baseball game or for an airline flight) is a harder technical problem to solve, because it is critical that you don’t sell the same seat twice. This usually means pessimistic rather than optimistic locking at the database level, which really hurts concurrency.
So far, Round Two does not seem to be going any better than yesterday’s attempt. My guess is that they are seeing blocking and timeouts at the database level. That is not an easy thing to fix.