I am hoping if I made this a thing maybe more providers would be aware of ridiculous terms and conditions. I will start things off…
Provider supplies DDoS protection but denies allowing DDoS prone usages such as game and voice applications.
Like really do I need to explain why this is insane? Just state how much the filter can do per service and then null route the rest. How hard is that right?
It’s a pretty simple “We’ll protect you, but if you’re a target, we don’t want you in the first place.” policy.
Well, some providers drop UDP on a inbound attack, would be reasonable maaaaybe.
Even if you got AntiDDoS, the attack will still have an impact on your network.
Could be resonable enough, to put that risk to the minimum and put these services onto the forbidden list.
Which could also explain, the quality of the AntiDDoS system, maybe its pure trash and they are afraid that shit will colapse.
Who knows.
Unless you stop advertising it, it’s at least going to hit your core.
Thats why you have big pipes to the CORE or just block it at the upstream.
Which makes so much sense to screw with your commit profile for a $40/mo user? Many of these services are resellers, and don’t have huge pipes. Those that do, don’t really want that user who gets SJWs angry at them, either.
Well, if they resell, they wont have to take care of that mostly.
And if they would setup their own network setup, pretty sure they have a bigger budget.
Its not the usual treudler reseller that goes and setup this.
Besides, you do not need to rent a 10Gbit dedicated pipe, you could get a 10Gbit shared, which should be quite cheaper and still be enough to tank the most DDoS attacks.
…and how many $40/mo 1Gbit uplinks do you expect to offer on that? We’re not talking ColoCrossing resale here.
Oversold, but no idea where you have these figures from.
You’re the one who said a shared 10Gbps service, I suggested a bottom-of-the-barrel (possibly i3 530 class) for about $40/so a month. They might not be great, but they’re not completely loss-leaders, AFAIK.
Most folks don’t do 100 anymore, because they get bitched at. Even if on a 1Gbps shared subnet across a switch of only 24, you’re still barely paying for network, little alone Vox or whatever third party or expensive as hell router/switching setup you have to mitigate this.
Exactly my thoughts, make no sense. There are providers who provide a mere 1Gbps or even less of mitigation. To this day they are still well in business. They just null route when you go over the limit or whatever.
In my opinion in a business sense, if your DDoS protection is “weak” or you think it is, don’t promote it and leave it at that. Or frankly move to a new data center/upstream instead.
Though I am expecting they are promoting it regardless to try to get sales for clients who are “scared” and feels they need mitigation but either it won’t get the job done as well or frankly doesn’t exists.
I have nothing to comment here really.
