High-defense DDOS server generally refers to the server with hundreds of G's traffic defense capabilities. The hardware firewall owned by the high-defense DDOS server can resist 200G-500G traffic attacks. The high-defense system used by chess and cards generally requires BGP three-line one-one , China Unicom, the high -defense DDOS server of the three networks of Telecom, because the players playing chess and cards basically use mobile data of mobile phones, and the use of the three -net -to -one line will reduce the delay. It is a more popular player to play games.

　　The protection of the BGP high -defense DDOS server is 100G, and the attacks of more than 100G are basically unavoidable. The CDN technology now uses its own high defense system to achieve the defense 1T traffic attack.

　　So how to build a DDOS traffic attack protection system?

　　First of all, we need to build our own domain name analysis system and use the CNAME value to automatically switch. We can also set a automatic switch -assigned SDK. First of all, the architecture of the high defense system: mobile, China Unicom, telecommunications, and then transfer Go to the traffic cleaning module, forward the module, IP traceability module, carry out defense deployment according to the attack, after cleaning, and then forward the normal player's IP to the background source server. By forwarding the module, you can play a good role. You can tell the player's real IP to tell the back end of the server, let it communicate with the communication and add it to the white list system, and the attack IP can be reposted directly to the high defense system for defense.

　　The high -defense DDOS servers of the game are reposted by 4 layers of traffic. The 4 -layer forwarding generally uses several IP -ends of the high -defense DDOS server to allocate.

　　The traffic cleaning module needs to be used with the attack detection module. First of all, the attack detection module statistics are counted on the high defense server IP into the database. Flow attack, the PPS protection value will automatically turn on the cleaning mode when it reaches 8000. For the cleaning method of the cleaning module, the cleaning ability of a server is limited. Generally, it is 50G cleaning. You can go to hundreds of G's traffic cleaning capacity. For HTTP access to the general load of 80,000 QPS, the cluster high -defense DDOS server can reach 800,000 HTTPS requests.

　　The rest is the forwarding system. For the normal IP of cleaning, forward it to the real APP game server, and add a white list. The monitoring of each cluster server must reach commonly used monitoring, such as CPU, export bandwidth monitoring, and export bandwidth monitoring. Monitoring of memory occupation, monitoring of hard disks, read and write data monitoring.