Just a little bit crazy...
X4B DDoS Protection is proud to announce that we are almost ready to launch our next generation Anycast DDoS Protection product. We are seeking your help and feedback.
The terms, how do I enrol?
Shoot me a PM or Reply here and I'll add you to the list. Once there is a slot available. I will create you a service expiring in 14-days. Provide some feedback and this will be extended by an additional 46-days free of charge (2 months FREE).
Please be honest in your feedback, we need to fine tune our product.
The beta service setup will be a 50GB clean bandwidth service unless you request more. During the Beta period we are limiting mitigation to 100Gbps, however upon renewal outside of the Beta window you will receive an upgrade.
AS136165: The network
- Amsterdam, Netherlands
- London, United Kingdom
- Dallas, TX, USA
- Los Angeles, CA, USA
- Asburn, VA, USA
The 20 Questions:
An anycast network is more redundant, and fault resilient than a regular single PoP network. By announcing in multiple distinct locations we gain redundancy against network and server failure. In the events of most interruptions the PoP can fall offline without any interrupting existing connection by way of failover to the next closest PoP (until the failing PoP is restored).
Anycast also allows for an increase in Mitigation capacity (particularly Layer 7) and overall throughput per service.
Is this more complicated than a regular filtered service?
There are a few more knobs available, however we hope to make this as easy to use as our regular services. We will keep working based on feedback and planned features to make this so throught the beta period.
Anycast Documentation is currently being written and will be rolled out after the beta period.
Can I point one or more Anycast PoP at a single server?
Yes you can select which Anycast PoP should be forwarding to each defined backend.
Can each PoP communicate with my server direct?
Optionally with GRE Tunnelling you can also choose to have all PoPs pointed at a single backend, and for that backend to communicate with the appropriate PoP all via a single internal IP address; or you can define only a single tunnel (the choice is yours!)
This is an Anycast IP, can I connect out?
We have worked hard to build a solution that is able to function in every way like a regular Remote Protection service. With a GRE tunnel you can make outgoing connections. There may be a small delay for the first few packets while we create an optimized route through the network.
How can I continue after the beta period?
We are after feedback and bug reports, send me a PM with your username and some feedback and you will be able to continue using the Anycast service for a special offer of $7/month (including the protected IPv4, and all backend IPs). Additional bandwidth at a reasonable cost, I'll try and work something out for you. Any special offers made are non-transferable unless otherwise stated (sorry).
What about Support?
During the beta period support is best effort, paying customers will be prioritized over Anycast beta services. You may be able to get quicker support from the community by asking in this thread for certain types of questions.
The Technical Stuff
- Redundant internal backhaul, resilient against communication failures
- Internal Mesh network, ingress traffic at one PoP and egress it at another (no complex configuration required!)
- Direct Server Return (DSR) from the first filtering hop wherever possible for minimal latency
- Able to handle all kinds of PoP switches, rejoins and splits without interruption
- Support for tunnels to one or more filtering PoPs (with or without BGP) for redundancy
- China Telecom optimized routes in L.A
- Multihomed w/ Telia and Tinet and Peering