For a while I administer a large server with online up to 150 people.
It has been decrease the flow of network traffic while decreasing the amount of incoming data packets if server online increasing for over 80 people.
I have analyzed some packets in this flow.
most are found, UDP packets:
(60 bytes) - server info check
(160 bytes) - steam player connection establish
first one have small body size and need small (80-120 bytes) and undemanding to network resources answer from server
second, more demanding to network, load the server CPU and requires significant delay in response, about (1000 + bytes)
It seems that we need to make connections and respond to them in the first place =/
how we can bypass that?
The first thing that came to mind - is to filter incoming UDP connections
but then we cut off a request to the server availability and game data from players ?!?!
And second, game server uses Windows server, we need iptables or linux kernel for shaping IP protocols and network packets.
Ok, and I do that:
1. Setup Hyper-V on our Windows 2008 Server.
2. Add VyOS router virtual machine on the same with game server IP network.
3. Add NAT rule in VyOS to forward game port to router external port.
4. With runing game server Add VyOS router IP to the Next default Windows gateway.
5. Change temporarily Windows router table to put all traffic from game IP to router IP (without delete old entry!)
So, now We have:
All first UDP connections will go to our old server IP, but windows routing table resend answer from another gateway and new IP from VyOS router. And connected player communication go to new IP (DDoS bot does not require confirmation).
So we divided the primary incoming connections with all game traffic
sorry for my lack of professionalism
but it works! =)
P.S. After server reboot We need repeat 4-5 articles.
Anti-DDoS solution for Rust
Discussion in 'Rust Discussion' started by not777, Feb 16, 2016.
-
We need to try this but it's a bit over my head
[DOUBLEPOST=1455666541,1455648518][/DOUBLEPOST]Any chance you could do a clearer guide on this for us? Major DDOS issues right now on OVH.... -
DDoS attacks continue, but it does not have so much effect on the server
I will try to write a detailed guide in the coming days
a lot of work =/
some links:
Setting up VyOS for Hyper-V 2012 (R2) or Windows 8 (8.1)
User Guide - VyOS
Manage the IPv4 Routing TableLast edited by a moderator: Feb 18, 2016 -
-
-
-
-