We all know that Linode isn't a DDoS mitigation provider, nor does it offer any services in that area. That's OK. The question is, what happens when your wonderful project you've developed on Linode gets targeted for some unreasonable motive and you don't have the funds to get a dedicated protection solution (which isn't cheap)?

I got in touch with Linode support recently to ask if they could divulge any numbers regarding their capacity to handle DDoS attacks, and was told that it's something they don't disclose. The most I got was that Linode operates something that can detect and mitigate DDoS attacks, but that if it starts to adversely affect other customers the VPS will be null rooted.

Has anybody managed to glean through experience/observation what kind of capacity Linode might have in place, and how adequate it'd be to withstand your average attack? I haven't experienced one yet, but with my next project featuring user-generated content it's entirely possible someone will offend someone.

If we're looking at 'some kiddie with $10 can bring down the server with an automated paid-for attack' then I'll likely set this particular project up on OVH instead, as they have a moderately crazy 460Gbps of mitigation capacity for all products. Unfortunately they don't have a proper Asia location yet, which is important for this project. But I'd rather lose Asia than potentially be forced offline for several days, really.

From experience, a TCP/UDP flood at even less then 1Gbps can take you down, as for TCP packet floods such as SYN, ACK and so on, someone using a 100Mbps uplink can take you down easily by maxing out the PPS on its connection (if not even less).

Those are the tests I personally conducted on my Linode, of course, did not harm any other customer (hopefully), as those were 1-2 second tests, at decently low rates.

Hope this helps.

By the way, BuyVM has VERY nice DDoS protection, I had the pleasure to test they're protection when I had a VM with them, took a sustained 8Gbps UDP flood seamlessly, and a very heavy TCP SYN flood resulted in around 2-3KB/s of that to get trough the protection, which is basically nothing, haha

This project requires at the very least a US and EU location sadly, as I was otherwise interested in BuyVM. Ideally Asia too, which is what limits the options a bit.

That is very good information though, and definitely highlights that Linode really isn't the best fit for this particular project.

If its a web/HTTP-based project, just use CloudFlare, easy on the pocket DDoS protection

Else, I have no hosts to suggest at the moment, unfortunately :/

Ryan,
We had a problem last year. We thought it was a DDoS but it turned out to be a DNS amplification attack on three of our IP addresses. All three were on the same VPS with each one attached to a client's SSL.

The attack was significant (millions of hits per hour) for the 1GB VPS those sites (and a dozen others) were on. Though it slowed our VPS down a bit until we blocked port 53 and killed BIND, it did not knock us off line (though I did reboot once before I was able to nail down what was causing our issues).

Linode support was cooperative and helpful, though they told us they could not block the traffic without sending us to down the null root drain. They gave us the option and we chose to ride it out. Our VPS never went down.

Are you anticipating an attack based on the type of project you're implementing or are you just trying to make sure a small wind won't blow your house down?


James