-1

We are looking to host a game server. The game we are going to be setting up a server for is subject to DDoS from other servers, players, etc.

Many other server and administrators have pointed out that the game only uses TCP ports and most booters/stressers/DDoS clients only hit UDP, and suggested closing all ports as a measure to mitigate DDOS.

We will need to host a website for the server that includes the registration script (which will need to interact with the SQL server setup on the "game" server), along with other scripts that interact with the DB.

My question is basically this; If I have multiple IPs from the hosting provider, can I close all of the ports except for the one TCP port on one IP (to be used for the game login) and then route the other IP to use as the website IP if all of this is on the same server and OS?

If the website IP gets hit will the other IP go down?

I am the Edit
  • 3
  • 1

1 Answers1

4

If the website IP gets hit will the other IP go down?

It will probably. DDoS works by generating high network traffic with a host, thus consuming all its bandwidth and creating a high CPU or disk load on it: if the traffic arrives on the server machine through any of the IPs it has, the other ones will be affected as well, if they share the same network connection. If you can, you should filter all what you can (e.g., UDP as you mention, but also any unused TCP ports, etc.) as far from your network as possible (e.g. at provider level).

If one of the services is more critical than the other, they should run on separate machines (or at least separate VMs) having IPs connected to different providers.

Ale
  • 1,703
  • 17
  • 25