[Openstack-operators] Best practice against DDoS on openstack
Jean-Philippe Méthot
jp.methot at planethoster.info
Tue Oct 24 11:18:30 UTC 2017
Hi all,
We’ve just recently been hit on by a low-level DDoS on one of our compute nodes. The attack was fulling our conntrack table while having no noticeable impact on our server load, which is why it took us a while to detect it. Is there any recommended practice regarding server configuration to reduce the impact of a DDoS on the whole compute node and thus, prevent it from going down? I understand that increasing the size of the conntrack table is one, but outside of that?
Best regards,
Jean-Philippe Méthot
Openstack system administrator
Administrateur système Openstack
PlanetHoster inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20171024/f7b1132b/attachment.html>
More information about the OpenStack-operators
mailing list