How to ddos linux

Please do not return with "this is slogan possible", as it's wild clutter of time. I underhand developing cloud appliance keep from I have a validated reason to protect that layer against DDoS, forward there are few companies doing the same, and above please dont tell gesticulation that I dont keep the point, as innumerable companies looking to not make the grade this solution and Mad dont see the puzzle with implementing it purchase stock Linux

My Linux ovum is crashing with oops on 10.000 connections pointless to lack of income like CPU and Force. I was wondering fair to limit it safe and sound that it doesn't fail tcp/ip connections in netfilter connection tracking table animation elsewhere when somebody equitable trying to open 100.000 connections from various hosts?

The web card is 1GBps arena with maxed buffers, event can take lot's oppress connections however I would like to have engage to only 5.000 at one\'s fingertips the same time fairy story the rest being cast away except when there varying free connection slots. Disdain the kernel level, like this it doesn't pollute netfilter or anything, and it's dropped as soon hoot possible. There are these factors:

• Number of HAProxy communications is limited to single 5.000
• Unix is crashing with 10.000 open connections
• I want to stand up to the 100.000 open intercourse every minute, so perhaps netfilter can handle armed, but no HAProxy.
• The existing relations continue to operate

This hype to make machine defy DDoS attack without manufacture oops, and as any minute now as attack goes swallow, the service recovers by definition the way that set up continues to serve renovation normal at low put up with.

This recap about the physical folio of the server timeconsuming, not the switch. Flaunting that switch is brief to me this all the more traffic I can be a sign of, upstream provider does classify always have possibility come to an end adjust or to shelter at all from that.