Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Voxility, create GRE tunnel?
New on LowEndTalk? Please Register and read our Community Rules.

Voxility, create GRE tunnel?

jmginerjmginer Member, Provider

Hi, I want create a GRE tunnel in a Voxility antiDDoS server and filter my traffic in other locations,

anybody has tried?

Seems his antiDDoS is only available in Romania?

Thanks!

★ OFFER! ☛ VPS in Spain ★ We accept Bitcoins! ★ DMCA ignore ★

Comments

  • The DDoS Protection is available on their other Locations too as i know.

    |Ixam-Hosting.com - Offshore VPS

  • @IxamHosting do you provide dedicated offers?

  • NyrNyr Member
    edited November 2013

    Yeah, you can do that, I can't see why not.

    Not sure, but they probably offer the DDoS protection at their other locations too, since much of their capacity isn't local to Romania.

    Anyway, ask them.

  • WilliamWilliam Member, Provider
    edited November 2013

    and, if the attacker knows that, he can just ddos your real network or your upstream to sh*t entirely avoiding the protection.

    Thanked by 1tr1cky
  • SplitIceSplitIce Member, Provider
    edited November 2013

    It is not possible to GRE out BGP for announcements to third parties from servers at Voxility. They make good money off recurring announcement fee's so it will most likely never possible. They also have a more expensive / enterprise upstream protection program and allowing BGP over GRE is one of its selling points. http://www.voxility.com/shop/security/anti-ddos/isp

    EDIT: I see now it is possible to get some form of BGP access on new setups (from their wholesale page), I don't recall that being an option 6-12mo ago.

    There is no problem with GRE/IPIP, you may need to make tweaks to firewall rules in the DC level filter as well as any level 2 hardware you are leasing / colocating (such as the Rioreys in our setup).

    If you plan on going Voxility direct you will most likely need something to act as a level 2 filter. Their filter either has to run on a "high" (and be over sensitive) rulset or "low" and let floods through. The best approach we have found is low + rioreys. Now we see patterns like (http://puu.sh/5gxA5.png) for many floods. Rioreys handle detection and mitigation of complex patterns but most of the time as can be seen with those spikes they can be used to create blocklists for the upstream firewall. You will need to develop these rules and interface yourself if you choose to go down that path.

    Thanked by 1XIAOSpider97
    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • Voxility upgraded their DDoS protection in the last months (dont remember exactly, could have been 6 months since). They have own solution, built inhouse by directly programming some ASICs. It is expected to go better in time as they can see patterns and adapt on the go while with most hardware tools you are limited in some ways at least.

    Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

  • SplitIceSplitIce Member, Provider
    edited November 2013

    ASICs are not that flexible ASICS are set at the time they are cast, unless you are referring to FFPGA's (or kin) which are not ASICs. Software is far more flexible. ASICs are performant.

    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • WilliamWilliam Member, Provider
    edited November 2013

    Hm, own ASICs, that will be nicely easy to circumvent - They don't have the knowledge for that.

    I doubt it's FPGA, not very fast with currently available hardware unless you design a lot yourself.

Sign In or Register to comment.