RamNode logo
    Sign UpLogin
    Back to Legacy KVM Documentation

    DDoS Protection

    Understanding and activating DDoS filtering

    On This Page

    We provide inbound DDoS filtering options in all of our locations to help protect your services from attacks.

    Important: You Must Order DDoS-Filtered IPs

    DDoS protection is not automatic. You must order a DDoS-filtered IP address to receive protection. This can be done during your initial order or added later through the Client Area.

    Protection by Location

    Atlanta, New York, Los Angeles, and The Netherlands

    Protection provided via GRE tunnel from Psychz:

    • Capacity: Up to 100Gbps or ~40 million packets per second (PPS)
    • Attack Types: Wide array of TCP and UDP attacks
    • Threshold: Attacks exceeding these thresholds may result in a nullroute

    Seattle

    Protection provided via CNServers in our Seattle data center:

    • Capacity: Up to 20Gbps or ~1.5 million PPS for certain attacks
    • Limits: Attacks over 20Gbps will result in a nullroute
    • UDP Floods: Will result in all UDP traffic being temporarily dropped for the target IP (except for certain DNS traffic)

    How to Activate DDoS Protection

    During Initial Order

    1

    Order New VPS

    When ordering a new VPS, look for the DDoS-filtered IP option
    2

    Select Add-on

    Select the DDoS-filtered IP add-on
    3

    Complete Order

    Complete your order with protection included

    For Existing Services

    1

    Log into Client Area

    Navigate to your RamNode Client Area
    2

    View Addons

    Go to Services → View Available Addons
    3

    Select DDoS IP

    Select the DDoS-filtered IP addon
    4

    Choose VPS

    Choose which VPS to apply it to
    5

    Complete Order

    Complete the order

    DDoS Protection vs RamNull

    It's important to understand the difference between DDoS protection and our RamNull automated mitigation:

    DDoS Protection (Filtered IPs)

    • Active filtering of attack traffic
    • Service remains online during attacks
    • Requires ordering a DDoS-filtered IP
    • Additional monthly cost

    RamNull (Automatic)

    • Temporarily nullroutes attacked IPs
    • Included with all services
    • No additional cost
    • Service goes offline during attack

    Learn more about RamNull automated DDoS mitigation.

    Protection Limitations

    Volumetric Limits

    Extremely large attacks may exceed filtering capacity

    Application-Layer Attacks

    May require additional application-level protection

    Zero-Day Attacks

    Novel attack vectors may take time to filter effectively

    Persistent Attacks

    Very long-duration attacks may require additional measures

    Best Practices

    For critical services, consider ordering DDoS-filtered IPs from the start. It's easier to have protection in place than to add it during an active attack. You should also implement application-level security measures and keep your software up to date.

    Under Attack?

    If you're currently experiencing a DDoS attack:

    1

    Order a Filtered IP Immediately

    Through the Client Area
    2

    Open a Support Ticket

    To expedite the process
    3

    Provide Details

    About the attack (type, duration, target)
    4

    Consider Temporary Measures

    Like CloudFlare while waiting for filtered IP activation

    Need Help?

    If you need assistance choosing the right DDoS protection for your needs or activating filtering on an existing service, contact our support team. We're here to help protect your infrastructure.