Portal Home > Knowledgebase > Pre-Sales > Do you provide DDoS protection? How does it work?


Do you provide DDoS protection? How does it work?




We provide inbound DDoS filtering options in all of our locations.

Atlanta / New York / Los Angeles

Protection in Atlanta, New York, and Los Angeles is provided via GRE tunnel from Psychz. Their system can filter up to 100Gbps or ~40 million PPS for a wide array of TCP and UDP attacks. Attacks over these thresholds may result in a nullroute.

The Netherlands

Protection in The Netherlands is provided via GRE tunnel from KoDDoS. Their system can filter up to 100Gbps for a wide array of TCP and UDP attacks. Attacks over this threshold may result in a nullroute.

Seattle


Protection in Seattle is provided via direct connection to CNServers in our Seattle data center. Their system can filter up to 20Gbps or ~1.5 million PPS for certain attacks. Attacks over 10Gbps will result in a nullroute. UDP floods will result in all UDP traffic being at least temporarily dropped for the target IP (except for certain DNS traffic).

How to Activate DDoS Protection

You have to order a DDoS-filtered IP in order to receive DDoS protection. This can be done on the initial VPS order form or in the Client Area. To order from the Client Area, go to Services > View Available Addons. Select the filtered IP Addon and the VPS to which you want it applied, then complete your order. Please give us up to 24 hours to assign your filtered IP after payment is received. You will be able to find your IP in the SolusVM CP once we email you that it is ready. You can open a ticket if you need the IP more urgently or if you want to pay for it on a different cycle.

Other Information
  • You should open a ticket if you receive a RamNull alert email regarding your filtered IP. That would indicate that attack traffic has leaked through the filtering and reached our network.
  • We suggest not using CloudFlare DDoS protection with our DDoS protection in parallel. The two separate mitigation systems can cause issues when combined.
  • All outbound traffic goes through our normal carriers to maximize performance.
  • We recommend that you set your DDoS filtered IP to be secondary (not the Main IP) in the SolusVM CP.
  • Attacks against non-filtered IPs will always result in nullroutes. We do not offer any guarantees with the filtering systems at this time. Also, ordering a DDoS-filtered IP does not mean you can ignore our AUP. The items prohibited in the AUP are prohibited whether you have a filtered IP or not.
  • For non-filtered DDoS mitigation (not protection), please see this article about our automated RamNull system: https://clientarea.ramnode.com/knowledgebase.php?action=displayarticle&id=87


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
What is a /64 IPv6? (Views: 5771)
rsyslog CPU Usage (Views: 11610)
Enabling GRE/IPIP (Views: 3805)