We put the AX load balancing boxes back on with a new software release. the new release manages the slowloris
Update(s):
Date: 2013-03-19 12:48:54 UTC We think we have an attack planned on 5-6 IPs of shared hosting every morning between 7:30 and 9:30. Attacks are perfectly well managed by the Cisco ACE and explode AX5100 devices of a10 networks.
Why do we test AX5100 again? We are validating the technical choice for equipment orders that will be used to geocache. We therefore asked a10 whether they have fixed the bug of slowloris and if we can test the new software version. I think we checked a10 and we will keep ACE, which works very well but lacks a bit of flexibility in configurations.
Date: 2013-03-19 12:44:37 UTC The attack started again this morning and the devices don't support the load. We removed (very late) the AX devices from routing and put the traffic on ACE as before.
Date: 2013-03-19 12:41:21 UTC With the a10 support, we changed some settings to improve performances and we started 2 devices.
No more problem.
Date: 2013-03-19 12:40:42 UTC We realised that we had attack precisely on slowloris and that the device does not support the load. We removed AX from the routing.