I guess it depends on what you are trying to accomplish here …. are you looking to scrub the traffic clean or just block dirty traffic? How will you determine what traffic is dirty and apply rules on the fly?
Sorry - many questions come to mind here and don’t mean to sound negative but it seriously comes down to expectations. I’m aware of one company that I’ve seen that built their own - they spent three years developing it to their needs with 4 developers working on nothing but it … at the end of the day they spend more money than just buying an Arbor system and still spend considerable dollars trying to maintain it …. > On Jul 18, 2017, at 5:21 PM, Dev <d...@logicalwebhost.com> wrote: > > What is the feasibility of building a DDoS protection box out of a bare Linux > server running a dual-10G/40G NIC inline with iptables handling junk traffic, > and then a third eth for management? Seems like the 10G/40G card could help > scrub traffic before it hits your core? Has anyone built one? I’ve heard > about CCR’s, but my experience with MT has been...weird, they just do weird > stuff from time to time, YMMV, etc. etc., but I’ve had better luck with Cisco > and the usual suspects. It seems like a purpose built vanilla Linux box would > be easily upgradeable, universally supported with vanilla kernel support, > etc. and you could just tweak stuff until you got it dialed, no?
