I remember last year, our guild war to the critical moment, the server suddenly stuck into the PPT, voice curses, and then check the logs found to be a group of red-eyed rivals with DDoS directly whacked down - this kind of thing in the game industry is like a common occurrence, I've been in the industry for ten years, I've seen too many teams because of the server did not choose a good one, overnight! Users run out, reputation collapse.
Today I will break open the rubbing talk, the game high defense server in the end how to choose, do not believe that those smallpox advertisements, the pit in the head of more than can fall dead a cow.
First of all, let me tell you the truth: game servers and ordinary web servers are not the same thing, you get a virtual host to put the official website no problem, but the game? Especially MMO or competitive class, real-time interactive data sea to go, the delay of more than 50ms players will be able to your ancestors eighteen generations of cursing all over, not to mention the kind of persistent DDoS attacks, a minute to let your server resources are exhausted, directly downtime.
I have tested a number of vendors, some labeled “high defense”, in fact, the set of a basic firewall, the traffic immediately came to the original form, this kind of thing you dare to use? Don't believe those who brag about the “unlimited protection” nonsense, the server has to rub their eyes.
Where is the core of the problem? The first is that the type of attack has become tricky, the earlier years DDoS may figure a cool, and now more competitors maliciously mess, or extortion gangs target you, the means of development from simple traffic flooding to the application layer CC attacks, specializing in simulating the real player request, consume all your CPU and memory.
The second is the cost pressure, really high defense means that the hardware investment, bandwidth resources, but many small teams have limited budgets, easy to choose some cheap second-hand dealers, the results of the protection of the same as a sham, I've seen a case, the monthly cost of only a few hundred dollars of servers, vendors directly unplugged from the attack, and not even a notice.
The third is performance balance, protecting too hard can accidentally kill normal players or introduce extra latency, you have to walk a tightrope between security and experience, and that's not something you can do with a few clicks of the mouse.
How to break the game? Don't worry, I share a set of their own stepping on the pit summarized shopping strategy, according to do at least can avoid eighty percent of the mine.
The first assessment of their own needs: the type of game determines everything, such as cards on the latency requirements of the lower, but FPS or MOBA? latency must be pressed to 30ms or less, at the same time have to predict the peak number of people online, don't wait until the server burst before regretting it, I generally recommend that the expected maximum value of 1.5 times to prepare the resources.
The protection ability to be dismantled to see, do not just listen to sales blow, directly ask the vendor these questions: D protection peak how much? Is it a single IP protection or a full network segment, and what is the strategy for recognizing CC attacks? There is no real case data?
I'm in the habit of asking for test reports, such as the example configuration below, which I picked up from a reliable service provider who uses clustered protection to automatically filter malicious traffic:
Hardware and bandwidth are hard indicators, CPU at least Intel Xeon Gold to start, memory do not stingy search, 32GB is the bottom line, SSD hard disk to speed up data reading and writing, bandwidth, exclusive than shared a hundred times stronger, I recommend choosing at least 100Mbps exclusive, otherwise the players a lot of card into a dog.
Speaking of bandwidth, have to mention the BGP line, this thing can be intelligent routing, so that telecommunications, Unicom, mobile users are smooth, measured with BGP than single-line delay average drop 20ms, but the price is also more expensive, the budget is sufficient if you have to go.
Let's talk about the choice of service provider, the water here is even deeper, I have seen many teams being “international brands” fooled, in fact, the protection strategy is not suitable for the domestic environment.
When picking a service provider, it is better to look at the qualification than to look at the actual response, such as technical support is not 24 hours a day, how fast is the response to the work order? Once our server was attacked in the middle of the night, customer service ten minutes to intervene in the cleaning, this degree of reliability than what certification is useful.
Price, don't try to be cheap, high defense server market a penny a penny, the monthly fee is less than a thousand dollars you have to be vigilant, it is likely to be a pit, but it is not the more expensive the better, more comparison of a few, look at the hidden costs, such as how to calculate the excess traffic? The first thing you need to do is to get your hands on a new one, and then you'll be able to get your hands on one.
By the way, as a random aside, when I recently helped a friend choose a server I tried the08hostThis one, they specialize inGame High Defense ServersThe highlight is the global Anycast network, latency control thief stable, I measured the Asian nodes, the average latency is only 25ms, and the protection strategy is quite intelligent, can automatically learn the attack mode, eliminating a lot of manual configuration of the trouble - of course, this is just my personal experience, you have to combine their own situation when you choose.
Once the configuration is taken care of, the testing session should not be skipped, I would recommend simulating the attack with a tool such as Siege to do a stress test to see where the server limits are:
Data comparison is very important, I compared three service providers last year, the same configuration, the protection effect is quite a bit worse: a cleaning success rate of only 85%, the other to 99%, but the delay is slightly higher, the final compromise selected a cleaning rate of 97%, the delay of 40ms of the program, the line will have to trade-offs.
Don't be sloppy with daily maintenance, regularly update system patches, close useless ports, analyze the logs diligently, once I found an abnormal IP segment from the logs, and added a blacklist in advance to avoid a large-scale attack.
Finally, a reminder, the backup program must have, the server and then high defense may also have an accident, I used to use the mirror function weekly backups, at the same time to prepare a cold standby node, the real thing can be quickly switched, the player is almost imperceptible.
To summarize, the game high defense server is not to buy the end of the matter, it is a systematic project, from the needs of the assessment to the later operation and maintenance, each step must be solid and attentive, the industry pits, but as long as you according to the actual needs of the heavy protection is more important to the experience, you can definitely pick the right one.
In the end, the players do not care how complex your back-end, they only need a smooth and fast experience, we do technical, we have to be behind the scenes to carry these dirty work and tired work, after all, who do not want to do their own game fire it?
I hope this long-winded experience helps, and if you have specific questions, feel free to chime in - in this business, it's better to pull each other up than to go it alone.