# How can I fix packet flooding



## Sonwebhost (Nov 4, 2014)

The server has been shut due packet flood

5 minute input rate 802000000 bits/sec, 121896 packets/sec
5 minute output rate 50000 bits/sec, 6 packets/sec

How can I fix this on a dedicated server is there software I can load to prevent the switch form overloding. Thanks


----------



## splitice (Nov 4, 2014)

At 100kPPS+ unless you have very good hardware (and a company willing to let you run wild on the switching hardware) your best bet is to get DDoS protection.


There is no way to reduce the load on the upstream switching hardware by way of software.


----------



## rds100 (Nov 4, 2014)

If a switch can't handle 100k pps it shouldn't have been born as a switch in the first place.

Your provider is probably more concerned about the 800Mbps going towards your server.

But as @splitice said this is not something you can do yourself in software. Find a DDoS protected service.


----------



## splitice (Nov 4, 2014)

@rds100 Correct in an ideal world. That kind of hardware should be on a trash heap but often isnt. From my experience alot of the switches on the edge are quite old and poorly specced with a lot of companies (of course not everyone runs their network in this manner). Until recently one company I had servers with had switches that topped out well under 500kPPS (since replaced) and handled poorly when they got close to that, even relatively cheap managed switches available today that have 1.4M PPS specifications probably have similar issues (spec != real world).

I wouldn't want a heap of people pushing this through the ports next to mine. Latency could easily be problematic (noisy neighbour).

Anyway, its likely the limit of his server anyway. Most Realtek network chips tend to max out around 80-100kPPS. Even some decent Intels top out at 120k odd (some such as 82576's go much higher).

Of course you are correct to mention the bandwidth bills at 800mbit sustained if you haven't got that set up in your plan....


----------



## texteditor (Nov 4, 2014)

Build a packet dam


----------



## DomainBop (Nov 4, 2014)

texteditor said:


> Build a packet dam



...or license a PacketDam for $2k-$5k


----------



## fixidixi (Nov 4, 2014)

[off]

what's hosted on that server? :% / do you know why are you getting this?

[/off]


----------



## sshgroup (Nov 4, 2014)

i'm sorry ddos attacks mostly you can't do anything about them unless datacenter have good hardware and ddos protection


----------

