=========================
Warning: Long thread; includes a lot of information to give you some basic understanding of my issues. If you rather not read it, then here are my questions:
1) Does Linux (specifically CentOS 6.5) have any settings that would cause connection timeouts or drop in connection when another service such as DDoS protection increases in traffic OR latency?
2) If yes, where would it be located and how would I fix it?
=========================
I'm currently running a dedicated server using CentOS 6.5 (with default configurations, no network changes or anything) on an extremely stable network. I've been using this datacenter/network for several months (maybe a year or more) without any issues at all. I have networking monitoring on the server and no signs of any issues at all.
About two months ago, I decided to start using this protection service from another provider to fight against occasional attacks incoming. This provider offers protection with Anycast using multiple locations. They use several protection companies such as Staminus, Voxility, Sharktech, Serverius, and others to combine it into one service basically. The first month had issues, but I was able to narrow it down to it being Sharktech and their filtering service. I'm currently on my second month and using only one location of theirs (which is being filtered by Staminus).
For the past couple of days, I've been having connection issues. Note that my server runs a game server with users (ranging from 5-60 connections) on pretty much 24/7. I had checked everything on my end (server, network, software, etc) and nothing was out of the ordinary. Everything was running fine, so I went on to check my protection service since they also provide a network graph. Of course, their graph shows a drop that happened at the same time where the issues occurred. I doubt it was coincidence. So I went on to contact the protection servicer to see what the issue was, but they denied any "outage" and that the network had been running fine for the past month.
From what I am told, their graph does not monitor uptime. Instead, they have several machines that will ping the specified IP and if it is delayed for more than 1 second, it will return as "unsuccessful" which will cause a drop/dip in the graph. After sending in a ticket, they replied saying that the latency increased due to an incoming attack or something (from 100ms to 800ms) and believes that my server or network is causing the issue and not their network going out.
So lets assume there is something that may be misconfigured on my backend server or network to cause a drop in connection when the protection increases in latency. Can anybody help me on how to fix this possible issue? I'm not running any firewalls as far as I know and I have not tweaked or tuned any network configurations...
I would also like to note that I have used other services before for DDoS protection and have never experienced any issues until I moved to my current provider which makes me want to think it's more of an issue from them than something of mine.
Thank you for any help at all!
