All Products
Search

This Product

    Anti-DDoS:Configure a traffic scrubbing threshold

    Document Center

    Anti-DDoS:Configure a traffic scrubbing threshold

    Last Updated:May 07, 2024

    If the service traffic of an asset that is assigned with a public IP address exceeds the normal service traffic, Anti-DDoS Origin scrubs the attack traffic to ensure service availability. This topic describes how to configure a traffic scrubbing threshold.

    Background information

    Anti-DDoS Origin uses artificial intelligence (AI) to analyze and scrub attack traffic. You can configure a traffic scrubbing threshold based on your normal service traffic. Then, Anti-DDoS Origin uses the big data capabilities provided by Alibaba Cloud to learn the normal service traffic and uses algorithms to identify DDoS attacks.

    Anti-DDoS Origin scrubs attack traffic only when Anti-DDoS Origin identifies DDoS attacks and the attack traffic reaches the traffic scrubbing threshold that you configure. This prevents traffic scrubbing by mistake due to a fixed traffic scrubbing threshold. For example, if your normal service traffic fluctuates and exceeds the fixed traffic scrubbing threshold, traffic scrubbing may be triggered by mistake.

    Procedure

    1. Log on to the Traffic Security console.

    2. In the left-side navigation pane, click Assets.

    3. In the top navigation bar, select the region in which your asset resides.

    4. Click the tab based on the type of assets that you want to manage. For example, you can click ECS.

      Note

      On the Others tab, you can configure anti-DDoS diversion instances of Anti-DDoS Origin. You cannot configure traffic scrubbing on this tab. For more information, see Enable traffic rerouting to an anti-DDoS diversion instance.

    5. In the IP address asset list, click the IP address that you want to manage. In the IP Address Details panel, click Traffic Mitigate Settings.

    6. In the Traffic Mitigate Settings dialog box, specify Scrubbing Threshold for the IP address and click OK.

      You can the Scrubbing Threshold parameter to one of the following values to configure a traffic scrubbing threshold:

      • Default: Anti-DDoS Origin adjusts the traffic scrubbing threshold based on the throughput of your Elastic Compute Service (ECS) instance.

      • Manual: You can select specific thresholds for the throughput and packets per second (pps).

        Note

        If DDoS attacks are detected and the throughput or the pps reaches the selected thresholds, traffic scrubbing is triggered.

        If you select Manual take note of the following items:

        • Configure a traffic scrubbing threshold that is slightly greater than the actual throughput and pps. If the threshold is significantly greater than the actual throughput or pps, the protection effect is compromised. If the threshold is significantly less than the actual throughput or pps, normal traffic may be scrubbed.

        • If service traffic is scrubbed, we recommend that you increase the traffic scrubbing threshold.

        • During large promotions or activities for a website, we recommend that you increase the traffic scrubbing threshold.