rssLink RSS for all categories
 
icon_red
icon_green
icon_red
icon_red
icon_blue
icon_green
icon_green
icon_red
icon_red
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_green
icon_orange
icon_red
icon_green
icon_red
icon_red
icon_green
icon_red
icon_red
icon_red
icon_red
icon_orange
icon_green
 

FS#2831 — FS#6790 — protections on DNS

Attached to Project— Network
Modernization
Whole Network
CLOSED
100%
Thereafter the multiple attacks on DNS of our customers (with true DNS requests which do not have any objective other than to saturate the DNS server) we have set more protections on the port 53 (DNS) for the group of servers of our customers.

We are limiting up to 500kbps (with a burst of 320KB) the traffic generated by an IP root to the group of our network on the port 53.

The limit is high enough to avoid false positives as of many DNS consumers and extremely high to limit the attack impact on the servers of our customers.

If you have further question, please do not hesitate to contact us (me) (oles@ovh.net).

Date:  Wednesday, 30 May 2012, 00:28AM
Reason for closing:  Done
Comment by OVH - Wednesday, 30 May 2012, 00:25AM

The interco with google is not concerned.


Comment by OVH - Wednesday, 30 May 2012, 00:28AM

The limit allows to make about 50 req / sec (we are referring to one of the attacks which despite the limitation continues to 50 req / sec in condition that the attack is targeted to the attacked IP only.
If other IP then it is + than 50req/sec).