Internet-based services are used without any problem. The traffic passes through the backbone of our network then arrives at the datacentre. Finally, it is handled by the server that sends back the responses over the internet.
the attack is launched via the internet and on the backbone. Given the surplus capacity of the bandwidth on the backbone, the attack will not cause saturation on any link. The attack reaches the server, which begins to handle the initial attack. At the same time, analysis of the traffic flags up that an attack is underway and thus triggers the mitigation.
Between 15 and 120 seconds after the attack has begun, mitigation is activated. Incoming server traffic is vacuumed by the 3 VACs, with a total capacity of 480 Gbps (3x 160 Gbps) of mitigation, hosted in three OVH data centers. The attack is blocked with no duration or size limit, regardless of type. Legitimate traffic passes through the VAC and arrives at the server. The server responds directly without going back through the VAC. This process is called auto-mitigation.
Generating an attack is costly, and even more so when it is ineffective. After a certain time has passed, the attack will come to an end. Auto-mitigation is maintained for 26 hrs after the attack has ended. This means any new attack that occurs within a few minutes, a few hours or 24 hours will be blocked. After just 26 hours, auto-mitigation is disabled but it remains ready to be reactivated on detection of a new attack.