What's new

DDOS protection on ASUSWRT-Merlin

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

pirx73

Senior Member
Hello colleges.

Have been wondering what exactly DDoS Protection setting does in case of my router - RT-AC68U.
I understand what is DDoS and basic means of prevention but my question is - how it works in my router?
Tooltip only warns that router load will increase (obviously) but it does not gives any information what actions router will perform if DDoS Protection is enabled.
Maybe someone here knows? At least in broad sense? Is it worth enabling?
 
Last edited:
I dont know but whenever i have tried to enable it i got massive slowdowns in web browsing and transfer of files between computers, printing etc...
 
It activates rules in the firewall that rate limits certain types (SYN, RST, ICMP) of incoming traffic. See the iptables SECURITY chain.


P.S. Can you please remove the "Release" prefix from your thread title as you are not announcing a new release of something. Thanks.
 
Last edited:
Done. Sorry about that tag. I did not looked into iptables because i assumed it is something more sophisticated and connected to TrendMicro engine thus closed source.
 
I dont know but whenever i have tried to enable it i got massive slowdowns in web browsing and transfer of files between computers, printing etc...

I didn't on the AC86U and AX86U I have now with it enabled. Must be a processor/memory capability thing as obviously faster in these models.
 
It activates rules in the firewall that rate limits certain types (SYN, RST, ICMP) of incoming traffic. See the iptables SECURITY chain.

Asus explains DoS protection at How does DoS protection work? | Official Support | ASUS Global.

It doesn't say if it's a good thing/bad thing (just a feature) and is not enabled by default. In times past I have enabled it, thinking "why not?".

Though recently reading some of @L&LD's recommendations I see that he recommends disabling it. So recently I did.

Ultimately does it matter? And if so when would it matter?
 
IMO, you're better off to NOT enable it. And if you find yourself under attack, contact your ISP. He is *much* better equipped to manage it than your lowly router. In fact, he may already be protecting you! He has just as much reason to prevent it as you.
 
IMO, you're better off to NOT enable it. And if you find yourself under attack, contact your ISP. He is *much* better equipped to manage it than your lowly router. In fact, he may already be protecting you! He has just a much reason to prevent it as you.
I vaguely remember someone in times past making that argument about NOT having your consumer router try and handle such attacks. That answer makes sense to me!
 
Last edited:

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top