i think to make ip transit with 1-4 isp,
and build a tunnel(when ddos happen,i want to advance the connection to ddos protection service provider,and lwt the connection go to my vyos/network via the tunnel.) on it.
the normal bandwidth is about 100M now,
but i hope it can load about 1G connection well all the time without issue.
with those three hardwares,
are they fine to handle them well ?
@orya If the attack will be to the VyOS, it load CPU to 100% in any case.
You must understand that with full CPU utilization and full load bandwidth it will be difficult to establish tunnel or bgp-session.
For normal traffic (without ddos) I think it will be enough.
If the attack will be to the VyOS, it load CPU to 100% in any case.
<<< will only software router have the issue ?
or cisco and juniper also have the same issue ?
Without firewall cisco and juniper will have similar behavior.
Differenece only with ddos to router or through router (or to VyOS ot through VyOS).
It related to ddos from 1 MPPS and more…
This means that the firewall can smooth out the attack on all routers include VyOS.
In the case when traffic is addressed directly to the system, more processor time is needed to process the packets.
In the case of traffic passing between interfaces, less processor resources are needed.
P.S. Juniper depending on the model can have separate control plane and data-plane with own interface ASICs which handle and forward traffic.