Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] iptables rules inefficient

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] iptables rules inefficient


Chronological Thread 
  • From: Hunter 9999 <mail AT hunter-9999.de>
  • To: "discuss AT lists.opennicproject.org" <discuss AT lists.opennicproject.org>
  • Subject: Re: [opennic-discuss] iptables rules inefficient
  • Date: Thu, 23 May 2013 16:56:11 +0200

Am 23.05.2013 um 15:42 schrieb Alex Hanselka <alex AT opennicproject.org>:
> On 5/23/2013 2:19 AM, Psilo wrote:
>> Yes I see a big difference looking at the bandwidth graphs.
>>
>> Without the iptables filters:
>>
>> <mime-attachment.png>
>>
>> Now WITH the iptables filters:
>>
>> <mime-attachment.png>
>>
>> The average output has been divided by 1000.
>>
>> Psilo
>
> Absolutely! It is definitely worth doing. However, if you have a server in
> a location where bandwidth is very expensive, the inbound requests might
> still kill you. This was the case with Julian in fact. I do agree that
> these iptables are worth doing and everyone should use them. Remember, you
> aren't just saving your bandwidth in this case, you are saving the
> recipient of the attack. You are just collateral damage!

With a Root-Server of Hetzner, for 49€ and up per month, in Germany you have
unlimited inbound traffic.
If you have more than 10.000 GB outbound traffic per month your bandwidth
will limited from 100 MBit/s to 10 MBit/s .
For 39€ more per month you get an 1GB-Port with 15TB outbound traffic.


Archive powered by MHonArc 2.6.19.

Top of Page