service differences

[gdewey]

I am a question.

what is the difference about using the webserver or balancer DoS capabilities vs the proxy DoS service?

is the service HA? is there a date to have it under commercial usage and have a SLA to use it on serious projects ?

regards

 

[NiteWave]

I think the difference is the capability of anti-ddos.

lsws or lslb built-in anti-ddos is effective in practice, efficient for http level Dos or DDos. it prevent one IP to establish too many valid tcp connections or to make too many requests or to consume too many bandwidth. so it's ok to defend against small scale attacks. Also it don't take care of other types of attacks, for example UDP flooding, tcp syn flooding, too many tcp connections for ftp, ssh etc.

the proxy DoS service, on ther other hand, take care of all types of attacking, UDP, syn flooding etc. AND, including above http level protections. it's mainly used to anti-ddos, for normal traffic, only do proxying, not serve static and dynamic http requests directly(which web server will do)

for very large scale ddos, for example, 10G+ bps coming in traffic, lsws built-in anti-ddos feature won't work since it'll exceed 1G bps NIC's capability. one 10G port proxy Dos service can't sustain either. it depends on the proxy Dos service's scalability and the size of the attacks.

it's still in experiment stage ... no ETA yet. But has been in service for some time, succeeded to mitigate some small scale attacks.

 

[gdewey]

reply

so if we have a good firewall in front of the webserver and only port 80 open the anti DoS of the webserver or balancer should be fine to prote t the webserver.

between lsws and the load balancer the anti dos mechanisms are kind of the same?

tks

 

[NiteWave]

yes, it's a good combination --- web server defend against http attack and firewall take care of the rest. lsws or lslb's built-in anti-ddos feature is accurate and efficient against http level attack. yes, no difference between lsws and lslb's anti-ddos feature.