OVH

Discussion in 'Hosting Advice' started by pole01, May 6, 2018.

  1. People still think that OVH only has 480Gb/s protection - that's incorrect. They have a total capacity of 3Tb/s.
    Link: https://www.ovh.co.uk/anti-ddos/ddos-attack-management.xml (at Mitigation of the attack)
     
    • Optimistic Optimistic x 1
  2. I'm not saying the claim is untrue but it's OVHs own material you've linked. Regardless of OVH's good reputation I still don't recommend believing all claims a host makes about their anti-DDoS systems.
     
    • Agree Agree x 1
  3. They would not lie about their capacity. The only thing you should question is the effectiveness of their filters.
     
    • Agree Agree x 1
  4. Oh, that reminds me. I have to check to see if Paras Jha (dreadiscool) was sentenced yet.
     
  5. electronicboy

    IRC Staff

    Total capacity != the capacity in front of your box.
     
    • Agree Agree x 4
    • Like Like x 1
  6. He already posted it to few hostings, and some like MelonCube now advertise 3Tbps.
     
  7. electronicboy

    IRC Staff

    They will, "we have 3Tbps of DDoS filtering capacity!" vs "our network can handle upto 3Tbps ddos attacks so long as they're not all coming from the same region!" vs "We have 3Tbps of filtering capacity across our entire network!"; Which one sounds more likely to fire the "I NEED THAT!"?
    The 2nd one is the worse, the first and latter one are the best, but the latter hints to what the 2nd one is saying. They're not lying about what they're saying, they're just wording it in a way that your average layman won't entirely grasp what it's saying/hinting at
     
    • Agree Agree x 2
    • Funny Funny x 1
  8. electronicboy

    IRC Staff

    This reaaaallly boils down to basic networking, please tell me all about how they'd stop a 1.3Tbps attack if all traffic was running into the network by say, their Amsterdam POP, or heck, their paris POP. https://www.ovh.co.uk/anti-ddos/surplus-network.xml

    They're not going to route all traffic towards a single point in the event of filtering, latency would drastically increase and mitigate a lot of the point of this system existing in the first place, it would also be stupidly expensive to shove that much traffic across any network. Their mitigation tech is spread across their network between the backbone and their datacenter's networks because that solves having to route traffic to a single location to deal with large amounts of traffic, which once again: would be stupidly expensive.
     
    • Agree Agree x 3
    • Informative Informative x 1
  9. It's concerning for me that hosts like MelonCube just listened to him and now advertise 3Tbps, anyway to clarify this I now contacted OVH and they will surely tell us the truth. :)
     
  10. Thank you for that information

    You're advertising "1Tbs" DDoS protection for your hosting which also is the total capacity of Voxility, so what's wrong with them advertising the total mitigation capacity of OVH?
     
  11. That 1Tbps is the amount they can mitigate at once, and the 3Tbps is not the amount OVH can mitigate at once for one machine.

    That means an OVH server would probably drop at 480Gbps where Voxility is able to mitigate 1Tbps in one attack.
    I'm not saying that OVH has not a total mitigation capacity of 3Tbps, probably, even more, I'm talking about the actual real amount they can mitigate if there is one attack facing one target.
     
    • Like Like x 1
  12. https://www.ovh.com/fr/blog/13-tbps-mitiges-vac-retour-memcached/ uhm? They mitigated a 1.3Tbs attack, were Voxility would've go offline due to the attack size. Also, OVH claims to not have a "size limit".

    They can - they just spread it over multiple data centers like they said here: https://www.ovh.co.uk/anti-ddos/surplus-network.xml
     
  13. How do you know that the customer does not have a special package?
    I know someone who uses OVH to BGP and he has one package with 480Gbps and one with 980Gbps iirc.

    Voxility would have probably survived that attack because it's not hard to block such an attack, "1Tbps+" what do you think the + stands for? ;)
     
  14. There are no "special packages". They only have their regular "AntiDDoS" and "AntiDDoS GAME" which filters L3/4/7 attacks were the regular AntiDDoS doesn't filter L7 atttacks.
     
  15. I'm sure they have special offers for business customers.
    You may want to read this: https://ovhcloud.com/products/security/anti-ddos

    "by the 3 VACs, with a total capacity of 480 Gbps (3x 160 Gbps) of mitigation"

    ---
    Whatever I talked to a friend who is OVH partner and he will tomorrow talk to his rep to confirm what they mitigate.
    What he was able to say is that most of the websites are outdated and OVH themselves do not really know where the limit is.

    Edit: 3Tbps is what they can mitigate in all their 9 datacenters, so if all datacenters are attacked at once with the highest amount possible they would mitigate 3Tbps at once, but not at the same datacenter.
     
  16. That is either outdated or only applies to products sold on ovhcloud.com, not ovh.com.
     
  17. As far as I know the 1.3tbps was no clean mitigation by ovh, i think the miencraft server attacked was not reachable anymore.

    I just can't find source anymore.
     
  18. What? It was no minecraft server? And they fully mitigated the attack. Have you even read the whole article?

    Also @FusionStyleFX I've asked someone of OVH Cloud why they say they have 480Gbs, while it shows 3Tbs on OVH.
    This is what he said "According to the information, the answer is yes. I don't know why the information is different. However, I can find more details about the 480Gbps related VAC strength on the website and let you what this meant exactly."
    They will send me an email about it, I'll link it here once I received it.
     

Share This Page