Comment by dan_wood
4 years ago
I don't think OVH is viable in this case, they do mitigate the attack but in my personal experience they also mitigate legit traffic during the attack.
Mind you, this is a process using a single port, with only around 100 active connections. You'll easily see half if not more lose connection during a DDoS attack.
I feel like I have to throw OVH a bone here.
From running a service with 50-100k concurrently active connections on a single VPS on OVH that has shrugged off a lot of attempted DOS attacks over multiple years, I have the impression that OVH handles DOS attacks exceptionally well. Specifically I've never seen it drop (a lot) of legitimate traffic.
In comparison to OVH, Hetzner (which this game seems to be using), is utter garbage when it comes to responding to any kind of incident well, or at least predictably. Their responses range from doing absolutely nothing, to nullrouting you, to terminating your service. With OVH I at least know how they'll respond to various things and they're (with few exceptions) professional about it, even if I don't like it.
I'd say you get what you pay for, but OVH (when comparing dedicated servers) aren't much more expensive.
Funnily enough our experience has been much the reverse. Hetzner will let us use the 1g dedicated link they promise however we want. Most other hosters will put blanket filters that are too broad or their smart ddos filtering will kick in, which it turns out is not smart enough to learn an arbitrary protocol :)
OVH has consistently been filtering legitimate traffic for us each time we tried them and we’ve tried almost every tier of service they offer.
I did notice that a few years back, but now when the filter activate I no longer see any drop in bandwidth usage or any customer complaints. How long ago did you experimented with their filter?
Hmm good point, I haven't had any complaints for awhile. Maybe I'll look into it again see what happens.
Thanks for the heads up :)