Forum Discussion

Nick_Matthews's avatar
Dec 13, 2024
Solved

DDoS protection with APM module

Hi, I’m hoping someone can help point me in the right direction regarding an issue we’re facing. Our main website has been experiencing increasingly frequent DDoS attacks, which currently require m...
  • Hi Nick_Matthews

    I recommend using Connections limit feature in VS and ( Eviction policy ) in context of virtual server. 

    the PoA: 
    1- Create a custom Eviction policy ( System > Configuration > local Traffic > Eviction policy list > Create new ) 
    use this Article to guide you which Biases algorithms : https://my.f5.com/manage/s/article/K15821

    and this as well: https://my.f5.com/manage/s/article/K15822#vs

    use for example the low water level > 90% and High water mark > 100%

    2- Go to the targeted Virtual server and set the connection limit to 3000 and assign the created custom eviction policy. 


    Now What is the effect for this change ! I'll let you know below : 

    here some clarifications I added regarding your scenario: 


    Also I wanna add this Article for a sample of log that you encounter when aggressive sweeper mode reached on eviction policy: 
    https://my.f5.com/manage/s/article/K13302777


    Feel Free to set your values 
    you can use Low water > 90% and High water 95% for example. 
    I just wanted to explain the idea of eviction policy in Virtual server Context. 

    So I see It's more efficient than iRules as it consumes alot of processing and will take much to configure a rate limiter iRules. 
    So Go through this and let me know 😉

     

    Thanks