Warning: This article is considered legacy. It is either obsolete or references old unmaintained software. Please use your best judgement as to the relevancy of this article.

The system we employ in Romania is more complicated than the one employed in our other PoPs. This article will give an overview of the technologies and methods used to achieve cost effective DDoS mitigation in our first European location.


Level 1

First all traffic is filtered by Voxility SRL before being routed to our network. This mitigates non diverse attacks as well as large UDP Amplification floods. This is not capable for handling every possible attack and is primarily deployed for amplification filtering. We have 500Gbit of filtering capability at this level for handling the largest of attacks. Rules at this level are not overly granular so we employ another level of automated filtering for most incidents.

Voxility 500Gbit Filtering

Level 2

This layer provides our general 10Gbps protection and we use the best hardware filters on the market ( Riorey ) to achieve this. We have a burstable filtering capability of up to 80Gbps at this level.

Riorey 80Gbps Filtering

Level 3

For HTTP requests on port 80 we utilize a cluster of Nginx servers to mitigate Layer 7 attacks such as RUDY, Slowloris etc.