Should I stick with ELB? How bad is a DDoS attack of 2 million packets per second?

Question

I have an Elastic Load Balancer (ELB) on Amazon Web Services under DDoS attack (specifically a SYN flood) that Amazon has said occasionally hit over 2.4 million packets per second. While it hasn't taken the site down, it has been marginally effective at occasionally taking out a single ELB instance (there are 6-12 instances in the load balancer group) over the last week.

My obvious thought is- how bad is that level of traffic? Should I consider deploying my own load balancer solution on EC2 if ELB can't handle this much traffic? Or is this a pretty significant attack and would you say they are doing a pretty good job of mitigation?

That is significant, but what would your counter measures be? — toppledwagon, Mar 02 '14 at 22:14

score 1 · Answer 1 · answered Mar 03 '14 at 01:08

2.4 million packets per second is quite significant
(It'd be flagged as a major attack in my environment).

If your site has not gone down, they are doing a very good job.

You should be speaking to AWS about this, in case you haven't already.
They need to know that you are being attacked, as there may be further options for mitigation.

Should I stick with ELB? How bad is a DDoS attack of 2 million packets per second?

1 Answers1