Hi all, We’ve just recently been hit on by a low-level DDoS on one of our compute nodes. The attack was fulling our conntrack table while having no noticeable impact on our server load, which is why it took us a while to detect it. Is there any recommended practice regarding server configuration to reduce the impact of a DDoS on the whole compute node and thus, prevent it from going down? I understand that increasing the size of the conntrack table is one, but outside of that?
Best regards, Jean-Philippe Méthot Openstack system administrator Administrateur système Openstack PlanetHoster inc.
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
