[Openstack-operators] Best practice against DDoS on openstack
jp.methot at planethoster.info
Tue Oct 24 11:18:30 UTC 2017
We’ve just recently been hit on by a low-level DDoS on one of our compute nodes. The attack was fulling our conntrack table while having no noticeable impact on our server load, which is why it took us a while to detect it. Is there any recommended practice regarding server configuration to reduce the impact of a DDoS on the whole compute node and thus, prevent it from going down? I understand that increasing the size of the conntrack table is one, but outside of that?
Openstack system administrator
Administrateur système Openstack
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-operators