Requirements

Requirements

aurologic DDoS-Protection stack requires the following components to be available, in order to fully function.

Hardware

We recommend a minimum of the following hardware in order to reliable run the aurologic DDoS-Protection Stack:

• 16-Core processor (e.g. AMD Ryzen 9 7000/9000 series)
• Proper processor cooling, cpu usage may be occassionally high
• 128GB memory (e.g. DDR5 on-die ECC)
• 2x 500GB SSD (can be a consumer model)
• Dualport 100Gbps Nvidia Mellanox ConnectX-6 Network Card with PCIe 4.0 x16 bus bandwidth
• 1Gbps Management Port with at least 10Mbps available bandwidth for external reachability
• IPMI with Virtual Media and Remote Console reachable to aurologic
• /29 IPv4-Subnet with 5 usable ip-addresses

The required processor configuration is dependant on the setup sizing. Meaning, for 100Gbps filter capacity, an AMD Ryzen 9 7950X might be sufficient, while 400Gbps require a better processor to reach higher throughput without packetloss. Higher clockspeed, single processor deployments are better than Dual processor ones with less clockspeed. This is mainly related to the fact, that each packet must traverse the eBPF/XDP stack bound to each active network interface as well as how network cards operate. Each network card has ring buffers with multiple rx/tx slots, slower processing of packets means those rings/slots fill up quicker, which in return, ends up in packets being lost.

An public /29 subnet on a dedicated 1Gbps Management Port is required to make each component (flowanalyzer, flowshield, flowproxy) available for management by aurologic as well as event consumers, programmatically configuring the software stack, e.g. by sending API requests.