Due to a DDoS Attack bypassing our Anti-DDoS Filters, the NIC of EPYC01-VHOST was not able to handle the amount of packets, which caused in packetloss and decreased network performance. Unfortunately our monitoring did not immediately report any issues to us. At 10:30 AM GMT+2, our team noticed packetloss on EPYC01-VHOST.
At 10:45 AM GMT+2, our team implemented changes to mitigate the issue. We increased ring-buffers on the NIC, increased the max conntrack and contacted our Upstream to mitigate the Attack. After the changes were made, we saw restoration of normal traffic levels and packetloss went back to 0%.
We are suspecting that the DDoS Attack was able to bypass the Anti-DDoS Filters, since some of the traffic was originating from an internal DDoS.
To prevent this issue from occuring in the future, we will apply these changes to all Hostsystems.
