Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ddos settings

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mbhmirc
      last edited by

      Hi,

      Just learning PFsense and would like some help in regards to ddos.  We had around 10k hosts generating 300k+ pps using syn flood from dsl's/hacked boxes etc.  In the end we null routed the hosting being attacked upstream.  What I want to know is the following:

      Best practices for DDOS prevention

      How to stop the state table filling up

      How to limit the syn packets going to the hosts (spotted the syn proxy but not sure on if it should be a deny or allow rule based on those settings).

      Can you fail over pfsense to another pfsense for high traffic on vm's to deal with a huge increase in load (like autostart amazon aws boxes a client does when extra load comes in)

      Thanks for any and all help on this.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.