Hello,
I own a small network and I would like to change some equipment: router and switch and I was thinking to buy CCR1036-8G-2S+ as router and CRS226-24G-2S+RM switch.
The router connects to the ISP's (3 isps) and the switch connects to the router (10 gb link). The servers connects to the switch (1 gb link).
I provide some hosting services (like VPS, VDS) and I have the next issue: sometimes, some of the clients that do not wish to continue with the services starts to flood other networks. In general the flood (dos) is not with high traffic (20-30 Mb) but with very high pakets per second (like 100.000 pps).
I would like to stop that clients so they are not able to send, lets say more than 30.000 pps to one destination (one IP). Take into account that putting the port into shut is not an option, because on that port/server there are other clients.
So, it shoud stop traffic that its one-to-one, not one-to-many, because I have clients that are seding more than 90.000 pps and its good traffic.
The non legitim traffic (high pps) should be stop on the switch, because, it happened that one client attacked another client (same /24 subnet).
Are Mikrotik hardware capable of such configuration?
Thank you