Could be # concurrent connections or who knows what else. Try to connect directly bypassing the firewall eventually if you have no clue about fw specs / rulesets in use
Marco Padovan Chief Technical Officer http://www.hiperz.com On Tue, Nov 26, 2013 at 8:46 AM, arnold lam <arnoldla...@hotmail.com> wrote: > So there is a firewall in between. But it shouldn't slow traffic down > because if there is incoming DDOS, it will Blackhole/null route the ip. > Basically it won't reach my server. Therefore it is still a bandwidth > issue. > > I want to know what is restricting the bandwidth. I can download upload > files at a high speed. 1 gig download 100mbps upload. But srcds can only > use 13.5mbps. Basically everyone has the same amount lag no matter they are > overseas or locally. > > Sent from my iPhone > > On 26 Nov, 2013, at 6:19 am, "ritual" <rit...@vsritual.com> wrote: > > To be honest it's a bit of a cop-out answer as most script-kiddie DDOS > attacks are from UDP SYN Flooding which are can be stopped by hardware > firewalls. If it was a firewall issue, there would be more than one system > affected and therefore more people complaining. I think we've narrowed down > the problem here to limited bandwidth and that it is now up to his vendor > to see if it is possible for them to provide more. Lowering tick and > limiting players are all temporary fixes to the over-arching problem. > > Good luck with the vendor. > > > > > > On Mon, Nov 25, 2013 at 12:01 PM, Marco Padovan <e...@evcz.tk> wrote: > >> Maybe then the issue relies on the hardware firewall. >> >> Post the specs and rulesets in use >> >> Marco Padovan >> Chief Technical Officer >> http://www.hiperz.com >> >> >> On Mon, Nov 25, 2013 at 4:29 PM, arnold lam <arnoldla...@hotmail.com>wrote: >> >>> It has hardware firewall, that's why ip tables is not needed. Btw >>> basically I'm the system administrator, they can't do much. >>> >>> Sent from my iPhone >>> >>> On 25 Nov, 2013, at 11:17 pm, "Marco Padovan" <e...@evcz.tk> wrote: >>> >>> You are running without any firewall rule?!? O.o >>> >>> To me that is not good, nor normal. >>> >>> Ask your system administrator to setup a proper firewall ruleset and >>> then to debug your performance issues, probably it's just something not >>> setup/properly setup >>> >>> Marco Padovan >>> Chief Technical Officer >>> http://www.hiperz.com >>> >>> >>> On Mon, Nov 25, 2013 at 2:33 PM, arnold lam <arnoldla...@hotmail.com>wrote: >>> >>>> iptables: >>>> root@arnold:~# iptables -L >>>> Chain INPUT (policy ACCEPT) >>>> target prot opt source destination >>>> >>>> Chain FORWARD (policy ACCEPT) >>>> target prot opt source destination >>>> >>>> Chain OUTPUT (policy ACCEPT) >>>> target prot opt source destination >>>> >>>> cat /proc/net/udp >>>> >>>> >>>> sl local_address rem_address st tx_queue rx_queue tr tm->when >>>> retrnsmt uid timeout inode ref pointer drops >>>> 816: 00000000:6915 00000000:0000 07 00000000:00000000 00:00000000 >>>> 00000000 1000 0 27068500 2 ffff880213985080 0 >>>> 920: 00000000:697D 00000000:0000 07 00000000:00000000 00:00000000 >>>> 00000000 1000 0 27068478 2 ffff880213982300 0 >>>> 930: 00000000:6987 00000000:0000 07 00000000:00001680 00:00000000 >>>> 00000000 1000 0 27068477 2 ffff880213980380 615 >>>> 951: 00000000:699C 00000000:0000 07 00000000:00000000 00:00000000 >>>> 00000000 1000 0 27068499 2 ffff880213983100 0 >>>> 2640: 0100007F:0035 00000000:0000 07 00000000:00000000 00:00000000 >>>> 00000000 0 0 13057 2 ffff880212031180 0 >>>> >>>> >>>> >>>> >>>> Is this normal? >>>> >>>> >>>> >>>> >>>> ------------------------------ >>>> Date: Mon, 25 Nov 2013 10:19:03 -0200 >>>> From: x30...@gmail.com >>>> >>>> To: csgo_servers@list.valvesoftware.com >>>> Subject: Re: [Csgo_servers] Huge loss problem >>>> >>>> Maybe it's just a firewall limiting the number of packages per seconds, >>>> very common solution to block DDOS. >>>> >>>> You can check the status of udp sockets throgth this command: cat >>>> /proc/net/udp >>>> >>>> Then convert the local_address column to int(hex->int) match your >>>> server port, if you are using the default config(port 27015), will be >>>> something like this: XXXXXXXXX:6987. Then check the drops column in the >>>> same line. >>>> >>>> If is low(less than 2000 running at least 1 hour, with players), >>>> probably isn't a server problem, maybe a firewall, ddos protecion false >>>> positive, etc. If is too high, you have a problem in your dedicated server >>>> configuration. Check your firewall rules( sudo iptables -L). >>>> >>>> >>>> _______________________________________________ Csgo_servers mailing >>>> list Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>>> _______________________________________________ >>>> Csgo_servers mailing list >>>> Csgo_servers@list.valvesoftware.com >>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>>> >>> >>> _______________________________________________ >>> Csgo_servers mailing list >>> Csgo_servers@list.valvesoftware.com >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>> >>> >>> _______________________________________________ >>> Csgo_servers mailing list >>> Csgo_servers@list.valvesoftware.com >>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >>> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> Csgo_servers@list.valvesoftware.com >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > > _______________________________________________ > Csgo_servers mailing list > Csgo_servers@list.valvesoftware.com > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list Csgo_servers@list.valvesoftware.com https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers