Multiple Uplink Setup Questions
-
Hello all,
Recently our company has been having some issues with (D)DoS attacks against clients we host for which is becoming a great inconvenience.
All our equipment is hosted in a Tier-4 data center and we're presented to each of our racks with 1x 1Gbps Cat6 uplink which at present we have HP Procurve 2650 switches with our servers having 100Mbps port speeds to the server.
Now typically when a server is targeted the size of the (D)DoS is around 600-800Mbps on average which means it makes the server in accessible for the duration of the attack.
We're looking at ways that we can give priority to the legitimate traffic trying to get through using pfsense whilst people in the NOC work to mitigate the attack further upstream. What we will look to be doing is having 2x 1Gbps WAN uplinks to a core pfsense machine with either 1 or 2 links that would then connect up to a core 24 port gigabit switch which we would then use to distribute uplinks to switches in other racks.
With using this kind of setup would we be able to some how drop packets from the (D)DoS to hold back the illegitimate traffic to let the legitimate traffic through? Or maybe rate limit connections else drop? - Typically at peak time we use around 300Mbps tops so we should have room for over 1Gbps if a (D)DoS does occur.
Any suggestions on what would be the best way of going about this?
Many thanks,
Jordan.