Rust

1.6Tbit/second vs Rust

Jack Cosens

2 min read
1.6Tbit/second vs Rust

This year has already pulled all of the surprises out of the box, or so that's what we thought. Today we are going to explore how Tempest managed to take on not one but two 1.6+Tbit per second DDoS attack directed towards a Rust server.

The best bit? Our client didn't even notice!

What even happened?

On 03/14/2022 at approximately 03:19am UTC our infrastructure detected an attack against one of our clients that quickly scaled to well over 1.5Tbit/s - During this time our on-call engineers monitored the network to learn and document where the attack may of originated and who it's intended target was.

Luckily for their target they were running on a bare metal solution with Tempest. We leverage our parent company Path Network, Inc to provide all of our clients with a premium 10Gbps network port on a network that has the capacity to mitigate attacks in the range of 10+Tbit/second (for reference, that's an attack with a volume 10x the size of this one).

Our mitigation

Our network was able to quickly identify the attack and deal with it using our stateful mitigation technology. This meant this attack was balanced and successfully mitigated on our edge servers across the world.

See the attack blocked by our eBPF/XDP filters for both the first and secondary attack.

The attack was comprised of 99% UDP traffic and was dealt with using our Layer 7 Application filters. Our network put each packet through a strict verification process to ensure it was legitimate traffic before it even reached the bare metal port of our client.

The results were, well outstanding. We were able to fully mitigate these attacks without any downtime to any of our clients. This outcome is only achievable by both our bleeding edge layer 7 mitigation technologies but also our ability to eat through layer 4 floods.

Images showing close to 150Mp/s being caught by our Rust filter and mitigated on the edge.

How is this useful to me?

This year has been a wildcard so far, but one thing is for certain - the threat imposed by denial of service (DDoS) attacks is only growing. As the internet of things continues to expand across the globe the size and sophistication of these attacks are following suit.

Tempest Hosting is dedicated to providing bare metal hosting solutions, offering an ever-growing library of Layer 7 application filters - this means you don't have to just be a Rust host to benefit from our products, in-fact you don't even have to be in the game industry. This vast selection of filters is what keeps us online during these attacks and we can do the same for you.