Block any traffic to gateway ip range ? DDOS/UDP Protect

Hello guys,

In the last days we have some UDP DDOS on some ips, we have fastnetmon with blackhole to blackhole ips but the problem is now, this guy who make DDOS it makes now right on the gateway subnet :expressionless:

We set on router firewall all-ping disable but still can UDP the gateways of ower ip ranges.

on the eth5 we have set the gateways.

Is there a way to protect this gateways for not respondig somehow but not to affect ower servers ?
If we blackhole .1 i think the entire ip range will not work, i dint try

Thank you

Hello @CristianD , it will be good to draw a detailed diagram with described IP and attack packet signatures.

Is this DDoS or DOS?

Whell i dont know if is DDoS or DOS to be onest for me both ar same but o show on the providers network i added picture and on fastnetmon i sow

Ban list:
XXXX.88.1/24228 pps incoming

How can i give you diagram and attack packet signatures.? or whant do you mean by diagram for me is a strange word sorry :slight_smile:

You can try to blackhole with distance 254 and tag 666

Route map match tag 666 set community xxx:666(community black hole your isps)

But you can lost management and services such ntp/dns to your host

It’s allow you to connect to the router via LAN network

Yep this is the think we have blackhole but i was afraind to set on the gw

I will test it in the night time to see what is happening if i blackhole it only the gw

I can opt out for anti ddos solution from voxility but its way to expensive :slight_smile: we ar not so big

@CristianD you could check into fastmon they do a community edition for free manages to mitigate to a gig attack but lot of features are not available from the paid version which is a unfortunate.

This is what i didnt understand on fastnetmon the payed one, Licence type 10G, they will mitigate the ddos or just sompting special to mitigate on my solution(providers)

I think i will contact them.

i’d say try the free one out first if you like it get the paid one obviously you’ll have more features to play with like API zabbix integration which i think they should create a integration for ELK too which would be wonderful however check it out my suggestion. :slight_smile:

1 Like

This can be closed, we added DDOS PRotection from Voxility

Thank you