New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
@hosts that offer DDoS protection
Please include the maximum amount of PPS / Gbps you're willing to mitigate and what happens if the limits are exceeded. If you're using a 3rd party service or a in house service, please mention that as well.
When you leave out that info, it's like saying "this VPS comes with a CPU." Thanks.
Comments
@black Ramnode has ddos protection, it can handle 20Gbps and 1.5 million pps/2 million pps depending on the location. Attacks over 10Gbps will be nulrouted. https://clientarea.ramnode.com/knowledgebase.php?action=displayarticle&id=85
BuyVM also has ddos protection up to 10Gbps and 2 million pps. It's a shared pool so not dedicated.
http://wiki.buyvm.net/doku.php/ddos
Those two are the cheapest that came up in my mind.
I'm not really looking for a DDoS protected host, just that when hosts advertise it, they should say more than just "DDoS protected."
We can offer you 480 Gbit DDoS protection. Our servers are located at Canada.
Ovh. :P
Yes, correct
This is maybe
http://lowendtalk.com/discussion/21751/gforceservers-com-blazing-fast-ssd-vps-7-gb-1gbps-uplink-ddos-mitigation
He say can mitigates attacks up to 20Gbps before being null routed
C'mon guys. Don't you even read previous comments? @black is not looking for a host.
We don't say it because we need to deal with it on a case by case basis.
For example on budget servers it cost less and it is nullrouted faster.
Total clear channel is 200 mbps, maximum 100 mbps per IP under attacked, 10 gbps+ null can happen, over 15 is certain, 2 mill pps is the limit. No shared pool, each IP is given a separate channel of clear traffic. It is still in the tweaking, we use seflow for it.
You only protect 480 Gbit total bandwith data or you can protect 480 Gbit/s speed?
OVH isn't a custom solution and just a protection for the masses, so they probably can't protect you against serious attacks.
Just ad spam. He can't do either. OVH can. Here is more information about OVH DDoS capability. http://www.ovh.com/us/anti-ddos/hoovering-up.xml
"When an attack is global, the mitigation services, which are replicated in 3 OVH datacentres across 2 continents (Beauharnois, Roubaix and Strasbourg), are simultaneously activated to combine their power and absorb the flow. The total mitigation capacity is thus 480 Gbps (3 x 160 Gbps)."
So "total mitigation capacity is thus 480Gbps (3 x 160 Gbps)."... AND
"All OVH servers will benefit from automatic anti-DDoS mitigation by default in the event of an attack (reactive mitigation)."
Take it for it is. I do not advertise it as a feature for various reasons. I have customers who swear by it though.
@Black, sorry to derail this even further. I do agree with your point. If you are going to advertise it as a feature you should be describing what it will handle. Do you handle TCP or UDP or both? Just auto null one or the other? These would be great things to not have to search for if you were interested in it.
Let the facts speak for itself:
The largest attack cloudflare recieved over their network ever was 400Gbps, and thus OVH's network should be capable of handling everything aswell.
Also, in 2013 only 4% of all attacks went over 10Gbps.
Unless someone has seriously pissed off the wrong guys there would be a problem, but untill then, I'm not worried.
Wouldn't you think that at some point OVH's shared DDoS protection will be useless?
everyone who needs a cheap ddos solution is now going to OVH but that increases the amount of attacks they get too eating alot of capacity away. I'm not sure if OVH will be upgrading their DDoS protection when their network gets full, they might have to start charging more $$ at this rate?
Correct me if i'm wrong but thats just how I predict it currently.
They will probably upgrade as soon as it gets too low, because they want their whole network secured, but still as I said It's currently functioning just fine and we get regulary ddosed by testing (pre-)costumers and our services hold up.
Their DDoS Protection was less for their customers and more for them.
I've seen multiple threads claiming that their protection is useless.
@KuJoe has some DDOS protected offers. 10Gbps.
https://securedragon.net/openvz_p.php
Most providers think along the same line.
You dont want your core down during attacks, so you imagine some protection where you route the IP attacked over. If it holds, fine if not, not much problem, the rest of the network is perfectly fine. A provider of this sort has a lot of unused incoming, so they aggregate it to offer protection. and then use some sort of scrubbing to select the good packets from the flood and keep services up.
OVH is big enough, I was wondering why they are so happy to ditch customers which are supposedly attacked when they could have done something like what they do now.
Is that mean your offer have ddos protected from OVH too?
Ransom IT services in Sydney only are DDOS protected via Black Lotus.
This is handled by our upstream provider though so I have no metrics about the level of protection offered unfortunately. It's included with the service at no extra cost for all Sydney plans.
@MCHPhil told me there is DDoS protection but he doesn't advertise it because he's not sure how well it works.
This is 100000% correct. All VM's provisioned on OVH hardware, for any host, will have DDoS protection included. The same is true with the services I offer out of BHS-OVH. (That's transparency, notice I didn't say CA or beat around the bush.) I'm honestly proud of offering KVM VPS out of BHS-OVH because until recently I was the only one brave enough.
I do not advertise it as a feature, per say, of my offering because I have 0 control over it. I like to make these sort of things very distinct. So my awesome customers know what I can fix and what we will need to have DC, in question, resolve.
I also know very little of the specifics of the OVH DDoS protection, just what they let out in ads. So I don't know how they handle TCP or UDP. Autonull one or the other or when that autonull even comes, because it will happen if the attack is too big.
This ties back around into everything, if I don't know the specifics..... How will I judge how effective it is, or better yet answer any sales questions relating to it. :P I wonder how another handles this aspect.
As far as real world usage. I have not had one complaint regarding the DDoS protection provided by OVH. I actually hear more the opposite from customers.