Tunnel for ddos service

hello everyone

i9 9900k
16 ram

can handle 10gbps traffic and
can handle +2m pps on gre tunnel ?

hello sponner,

it’s blackholed at the upstream based on anomalies or else depending how the provider mitigates, commonly BGP blackhole then you got triggers etc. VyOS supports fastnetmon.

yes but i dont want use blackhole i keep attacks on my second firewall router

note: i have real 1m pps traffic and i want to get +1 , +2m pps from gre tunnel its possible on vyos ?

Hello @sponner , do you use GRE without encryption?
Which 10G NIC are you using?

i using without encryption
i using x520-da2

i have second question to you

i closed my xx.xx.xx.15 wan ip icmp and its closed succesfully but i can see this ip address on traceroute

how i can hide my router ip on traceroute ?

my router ip is public i need to hide for ddos attacks

Because for traceroute and ping Linux/Unix hosts use UDP instead of ICMP and wait ICMP as reply. Try to drop ICMP for output and local packets.

Thank you sir i wll try tomorrow