One Attack High CPU Load Getting Down

abakisensoy · May 1, 2017, 9:29pm

Hi All;

We are experiencing DDoS UDP Attack from a single ip. The IP is already in drop list. However, we are still getting down due to high CPU load on one single core.

Here is the Screenshot:

We set up an allowed ip list. we store all legit user ips in there. Our usu[/img]al CPU Usage is 30%. Our users lost connection after getting one ip flood attack due to high cpu usage on single core. However, Not all our users lost connection only users whose ips pogress or checking by the cpu that reach 100%.

How can we handle this situation or fix it.

Thanks in advance.

p3rad0x · May 2, 2017, 11:03am

Hi,

Go add that IP in the raw firewall list.

Then the connection does not go in the connection tracking.

Also on what what port is the incoming attack?

abakisensoy · May 2, 2017, 4:56pm

We add two ip in raw firewall list. We get hit from two ip and our one single core reached %93 with two ip flood hit.

how can i divide cpu usage. its like not multi threading.

p3rad0x · May 3, 2017, 7:25am

Also did you disable allow remote requests under your DNS?

abakisensoy · May 7, 2017, 12:09pm