All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DDoS Protection via GRE Routing in Germany
dotmanagedeu
Member
Hello altogether,
we are working in cooperation with Voxility for some months now and want to start some offers for routed DDoS Protection today!
At the moment we are operating our own routing equipment at a local Datacenter in Frankfurt am Main, DE - the Central Internet Exchange Point for Germany and Europe.
We have a direct connection to Voxility with capacity of about 10 GBit/s. All traffic will be washed in Frankfurt am Main in the Interxion datacenter and clean traffic will be redirected to our Datacenter via GRE Tunneling.
Test IPv4: 89.44.8.103 (Ping & Traceroute)
What do we offer?
We offer you the possibility to create a direct GRE Tunnel between our routing equipment and your server. We do not care about the distance to your server, but be informed that the latency will be affected by the distance between our servers.
According to your needs we will assign IPv4 Addresses to your Tunnel and route traffic over it.
You will have full control over the routing, and will be able to use all ports and protocols.
What are the prices?
Our pricing model is divided into three parts: tunneling, addresses and traffic. All prices are in EURO and will be charged monthly!
(1) GRE Tunnel
100 MBit/s limit: 5,00€
1000 MBit/s limit: 9,00€
(2) IPv4 Addresses
1 IPv4 Address: 1,40€
5 IPv4 Addresses: 6,00€
10 IPv4 Addresses: 10,00€
(3) Traffic
500GB for free
+ 1TB: 10,00€
+ 2TB: 18,00€
+ 5TB: 40,00€
The cheapest product will be around 6,40€ per month and includes a 100MBit/s limited Tunnel with 1 IPv4 Address including Voxility DDoS Protection, advanced IDS and IPS (and additional WAF, if you wish).
This offer is limited to a small number of orders. If you like, what you read, be quick enough to be one of the lucky people!
If you have questions, you are welcome to post them below. Orders will only be accepted via Mail ([email protected]). Payments can be processed via PayPal or Direct debit (Europe only).
I hope some of you will be happy with this service. If our test succeed, we will start development for a automated system.
Kind regards,
Christopher Mäuer
Notes:
IDS = Intrusion Detection System - Snort is capable of detecting several thousands of known intrusion attempts and network anomalies
IPS = Intrusion Prevention System - We will automatically prevent attacks identified by the IDS
WAF = Web Application Firewall - This firewall is able to secure your web servers, by protecting them from threats like SQL Injections, Flooding Attacks, several Bugs and Exploits. This service is free and can be activated if you wish!
Comments
Your test IP is at weesly, and as far as I know, they are in iNTERWERK, not in Interxion.
Routing path is as follows: Interxion (Voxility) -> Weesly (iNTERWERK) -> us (Accelerated), if you read properly:
"All traffic will be washed in Frankfurt am Main in the Interxion datacenter and clean traffic will be redirected to our Datacenter via GRE Tunneling."I wrote the traffic will be washed in the Interxion datacenter.
Another point: did you read the rules or ask a mod before posting this? You need to be in the providers group to post offers as far as I know.
I did this some months ago, yes.
Edit: And I contacted mkpossen about this issue now. Thanks!
and... why? There is a direct fiber link between Interxion FRA1-5 and Accelerated. Saying Interwerk quality is "sub-par" is still giving them far more credit than they deserve.
This is currently our only possibility to minimize the costs.
so let me get this straight:
You rent a server at Vox in InterXion FRA1-5 - Then GRE to Interwerk - Then GRE to Accelerated? How do you know that the tunnel and hardware in the middle is even able to sustain high PPS?
If I read it right Vox is the entry point, only clean traffic should be going over the tunnel.
Yes, but what if attack leaks... GRE is now not really known for being able to sustain high PPS and Vox not really known to not leak sometimes (see BuyVM)
No we do not have servers neither at Interxion nor at iNTERWERK! Traffic comes via BGP from Voxility to iNTERWERK and from there via GRE to us.
Seems more like they rent a server at weesly who provides Voxility Protected Servers in the Interwerk, and tunnel from this one to their location. They (weesly) also write they got only 1x an 10 GBit/s uplink to Voxility
Than I rather get a 2€ VPS @ iNTERWERK and setup the tunnel myself...
Then do so, nur when you need subnets, our solution might be cheaper.
Vox is pretty good but yeah, they aren't immune to leaks or certain floods. GRE handles the traffic just fine if you have NIC acceleration on each side (or your routers do it in hardware, etc).
Francisco
No one is immune, even Verisign leaks sometimes - Cannot really be prevented, especially on new attack types
Everyone leaks something at some point. You should know that dealing with awknet, cnservers and staminus prior to vox.
GRE works fine if you tune MTU / TCP properly. Always better to go with VPLS though, Vox has a lot of POPs.
"hey that's pretty okay"
"uhhh..."
facepalms
...
@Francisco, side node - did you try l2tp instead of gre? Should be better in some aspects
I've done L2TP/IPSEC for a few customers but we weren't pushing much traffic over it (an mbit kinda deal). It's popular for our windows customers that need something similar to a GRE.
Francisco
Don't you just love the steady flow of botnets? Amazingly, some have 100+ GBPS of power yet only costs around $10/hour.
Imagine that DDoS protection is basically just a tiny dam... and guess what? Larger attacks cause the dam to overflow, causing issues for legitimate users. They're unstoppable uneless someone develops a "perfect" filter for attacks. With the amount of bandwidth, you'd need many 100 GBPS backbones to every peer you have just to keep a website online during large attacks
Might me come back to topic please? Any thread-related questions?