Alibaba Cloud DDoS New BGP High Defense¶
The displayed metrics of Alibaba Cloud DDoS New BGP High Defense include attack protection capability, cleaning capability, response time, and reliability. These metrics reflect the performance and credibility of the New BGP High Defense service when dealing with large-scale DDoS attacks.
Configuration¶
Install Func¶
It is recommended to enable Guance integration - extension - managed Func: all prerequisites are automatically installed. Please continue with the script installation.
If you deploy Func manually, refer to Manual Deployment of Func
Install Func¶
It is recommended to enable Guance integration - extension - managed Func
If you deploy Func manually, refer to Manual Deployment of Func
Enable Script¶
Note: Please prepare an Alibaba Cloud AK that meets the requirements in advance (for simplicity, you can directly grant global read-only permission
ReadOnlyAccess).
Managed Version Enable Script¶
- Log in to the Guance console.
- Click on the 【Manage】 menu and select 【Cloud Account Management】.
- Click 【Add Cloud Account】, select 【Alibaba Cloud】, and fill in the required information on the interface. If cloud account information has been configured before, skip this step.
- Click 【Test】, and after a successful test, click 【Save】. If the test fails, check whether the related configuration information is correct and retest.
- In the 【Cloud Account Management】 list, you can see the added cloud accounts. Click the corresponding cloud account to enter the details page.
- Click the 【Integration】 button on the cloud account details page. Under the
Not Installedlist, findAlibaba Cloud DDoS New BGP High Defense, click the 【Install】 button, and install it through the pop-up installation interface.
Manual Enable Script¶
-
Log in to the Func console, click 【Script Market】, enter the official script market, and search for
guance_aliyun_ddoscoo. -
After clicking 【Install】, input the corresponding parameters: Alibaba Cloud AK ID, AK Secret, and account name.
-
Click 【Deploy Startup Script】, and the system will automatically create a
Startupscript set and configure the corresponding startup scripts automatically. -
After enabling, you can see the corresponding automatic trigger configuration in 「Manage / Automatic Trigger Configuration」. Click 【Execute】 to immediately execute once without waiting for the regular time. Wait for a moment, and you can view the execution task records and corresponding logs.
We collect some configurations by default; for more details, see the Metrics section.
Customize Cloud Object Metrics
Verification¶
- In 「Manage / Automatic Trigger Configuration」, confirm whether the corresponding task has the corresponding automatic trigger configuration, and at the same time, you can view the corresponding task records and logs to check for any abnormalities.
- In Guance, 「Infrastructure / Custom」, check if there is asset information.
- In Guance, 「Metrics」 check if there is corresponding monitoring data.
Metrics¶
After configuring Alibaba Cloud - Cloud Monitoring, the default metric set is as follows. You can collect more metrics via configuration. Details of Alibaba Cloud Cloud Monitoring Metrics
| MetricName | Description | Unit | Dimensions |
|---|---|---|---|
Active_connection |
Active connection count | count | userId,InstanceId,ip |
AttackTraffic |
High-defense IP attack traffic | bit/s | userId,InstanceId,ip |
Back_Traffic |
High-defense IP back-to-source traffic | bit/s | userId,InstanceId,ip |
In_Traffic |
High-defense IP inbound traffic | bit/s | userId,InstanceId,ip |
Inactive_connection |
Inactive connection count | count | userId,InstanceId,ip |
New_connection |
New connection count | count | userId,InstanceId,ip |
Out_Traffic |
High-defense IP outbound traffic | bit/s | userId,InstanceId,ip |
qps |
QPS | countS | userId,InstanceId,ip |
qps_ratio_down |
QPS decline rate | % | userId,InstanceId,ip |
qps_ratio_up |
QPS growth rate | % | userId,InstanceId,ip |
resp2xx |
2XX status code | count | userId,InstanceId,ip |
resp2xx_ratio |
2XX status code ratio | % | userId,InstanceId,ip |
resp3xx |
3XX status code | count | userId,InstanceId,ip |
resp3xx_ratio |
3XX status code ratio | % | userId,InstanceId,ip |
resp404 |
404 status code | count | userId,InstanceId,ip |
resp404_ratio |
404 status code ratio | % | userId,InstanceId,ip |
resp4xx |
4XX status code | count | userId,InstanceId,ip |
resp4xx_ratio |
4XX status code ratio | % | userId,InstanceId,ip |
resp502 |
502 status code | count | userId,InstanceId,ip |
resp503 |
503 status code | count | userId,InstanceId,ip |
resp504 |
504 status code | count | userId,InstanceId,ip |
resp5xx |
5XX status code | count | userId,InstanceId,ip |
resp5xx_ratio |
5XX status code ratio | % | userId,InstanceId,ip |
upstream_resp2xx |
2XX back-to-source status code | count | userId,InstanceId,ip |
upstream_resp2xx_ratio |
2XX back-to-source status code ratio | % | userId,InstanceId,ip |
upstream_resp3xx |
3XX back-to-source status code | count | userId,InstanceId,ip |
upstream_resp3xx_ratio |
3XX back-to-source status code ratio | % | userId,InstanceId,ip |
upstream_resp4xx |
4XX back-to-source status code | count | userId,InstanceId,ip |
upstream_resp4xx_ratio |
4XX back-to-source status code ratio | % | userId,InstanceId,ip |
upstream_resp5xx |
5XX back-to-source status code | count | userId,InstanceId,ip |
upstream_resp5xx_ratio |
5XX back-to-source status code ratio | % | userId,InstanceId,ip |
upstream_resp404 |
404 back-to-source status code | count | userId,InstanceId,ip |
upstream_resp404_ratio |
404 back-to-source status code ratio | % | userId,InstanceId,ip |
Objects¶
The collected Alibaba Cloud DDoS New BGP High Defense object data structure can be viewed in 「Infrastructure - Custom」.
{
"measurement": "aliyun_ddoscoo",
"tags": {
"name" : "rg-acfm2pz25js****",
"InstanceId": "rg-acfm2pz25js****",
"RegionId" : "cn-hangzhou",
"Status" : "1",
"Edition" : "9",
"IpVersion" : "Ipv4",
"Enabled" : "1"
},
"fields": {
"ExpireTime": "1637812279000",
"CreateTime": "1637812279000",
"message" : "{Instance JSON data}"
}
}