BGP & protected transit resources
FlowSpec, GRE/BGP, protected IP transit, routing models and handoff choices.
Connect content to offers
The blog should point back to strong service pages so editorial authority turns into qualified pipeline.
IP Transit
Protected IP transit with BGP, clean traffic handoff and operator-grade compatibility.
DDoS Protection
Pillar page explaining mitigation, saturation risks and protection models.
Anti-DDoS Router VM
Router VM for customers who want to keep their own XDP, eBPF or routing logic behind Peeryx.
Anti-DDoS Dedicated Server
Protected dedicated server for teams building their own filtering stack behind volumetric mitigation.
Infrastructure
Architecture, handoff and high-PPS design choices explained.
Network Blog
Resources about XDP, DPDK, high PPS, filtering and network architecture.
Peering vs transit for DDoS protection: what changes during an attack?
Peering and IP transit do not behave the same way under DDoS pressure. This guide explains the routing, capacity, economic and operational differences for protected networks.
Read articleMulti-upstream DDoS protection: why one transit provider is rarely enough
A multi-upstream DDoS design combines several transit providers, routing policies and mitigation layers to reduce single points of failure. This guide explains what it solves and what it does not solve by itself.
Read articleUpstream filtering DDoS: stopping attack traffic before it saturates your infrastructure
Upstream DDoS filtering protects a service before the attack reaches the customer port, firewall or server. This guide explains when it is useful, how it differs from blackholing and how to combine it with clean traffic delivery.
Read articleIP transit latency: how routing, PoPs and DDoS protection affect performance
IP transit latency is not only a matter of distance. BGP decisions, PoP location, return path, tunnels and mitigation design all influence how users experience a protected service.
Read articleHow BGP works: prefixes, AS paths, routing decisions and DDoS impact
BGP is the protocol that lets networks announce reachability to each other. Understanding prefixes, AS paths, communities and route preference is essential before buying protected transit.
Read articleBGP Blackhole vs BGP FlowSpec: choosing the right DDoS filtering tool
Blackholing saves capacity by sacrificing a destination. FlowSpec can remove attack traffic more precisely, but only when rules are short, measurable and reversible.
Read articleAnycast DDoS protection: when it helps, when it does not
Anycast distributes traffic toward several points of presence, but it is not a magic shield. The clean delivery model after mitigation still decides latency, stability and customer experience.
Read articleRoute hijacking and DDoS: how BGP incidents can turn into outages
A route hijack can divert, intercept or blackhole traffic before packets reach your infrastructure. DDoS planning must include routing security, monitoring and fast withdrawal procedures.
Read articleBGP FlowSpec packet length filtering: when size-based DDoS rules help
Packet length filtering can remove repetitive floods with stable sizes, especially UDP reflection or garbage floods. It becomes dangerous when legitimate protocols share the same size profile.
Read the articleBGP FlowSpec TCP flags: using SYN, ACK and RST matches without breaking real traffic
TCP flags can make FlowSpec rules precise against SYN, ACK or RST floods, but they become risky when they ignore connection state, asymmetric routing and legitimate protocol behavior.
Read the articleBGP FlowSpec limitations: what it can filter and where it becomes dangerous
BGP FlowSpec is powerful for upstream relief, but it is not a full mitigation engine. Its limits appear around state, context, provider support, rule scope and false-positive risk.
Read the articleDDoS protection over VXLAN or IPIP: when should you use them?
VXLAN and IPIP do not solve exactly the same clean traffic delivery problem after DDoS mitigation. This guide explains when each one makes sense, which limits matter and how to choose a model that matches your topology, edge design and operations. It also helps compare VXLAN, IPIP, GRE, clean handoff and post-mitigation traffic delivery with an operator-grade architecture, operations and buying logic.
Read the articleBGP, GRE, IPIP or VXLAN: which method should you choose to receive clean traffic?
A protected IP transit guide to choose between BGP, GRE, IPIP, VXLAN or cross-connect after Anti-DDoS mitigation without breaking latency or operations.
Read articleBGP Flowspec for DDoS: useful or dangerous?
What Flowspec does well, what it should never do alone and how to fit it into a safe multi-layer strategy.
Read the articleProtected IP transit: understand the model
Link saturation, 95th percentile, blackholing, asymmetric routing and clean traffic delivery: the fundamentals before comparing providers.
Read the articleGRE, BGP or protected IPs: which model fits best?
The strengths, limits and deployment cases of the main anti-DDoS delivery models depending on topology and network control.
Read the articleLatency, asymmetry and clean traffic delivery
Why the traffic path, local egress and handoff model matter as much as raw mitigation capacity.
Read the articleOperator buying checklist for Anti-DDoS and protected transit
A practical checklist for hosters, operators and technical buyers comparing Anti-DDoS providers, handoff models and protected transit offers.
Read articleClean handoff design after DDoS mitigation
Clean traffic delivery is only useful if the handoff stays readable, supportable and aligned with the customer topology.
Read articleTalk to an engineer
FlowSpec, GRE/BGP, protected IP transit, routing models and handoff choices.