Virtual Server Network Policy
This page covers the network specifications, recommended settings, and security policies for Virtual Server.
Network Specifications
| Item | Detail |
|---|---|
| Instance bandwidth | Up to 25 Gbps |
| Backbone | Dedicated backbone, 800 Gbps+ |
| Routing | AnyCast, Korea-optimized paths |
| DDoS mitigation | Included by default |
| Traffic | Monthly allowance divided into a daily limit; throttled when exceeded |
For traffic pricing and routing profiles (General / China Optimized / China Direct), see the Plans page.
AnyCast Routing
PacketStream uses AnyCast to deliver traffic over the path closest to each user.
- Low latency: Automatic routing to the nearest edge
- High availability: Automatic failover when a path degrades
- Load distribution: Traffic spread across multiple points
- DDoS absorption: Attack traffic absorbed across multiple points
MTU Settings
Because AnyCast paths add tunnel encapsulation overhead, we recommend lowering the MTU.
| Setting | MTU | Fragmentation | Notes |
|---|---|---|---|
| Recommended | 1400 | None | Best throughput and stability |
| Acceptable | 1476 | Low | Generally usable |
| Standard | 1500 | Possible | May degrade on some paths |
Why MTU 1400 is recommended:
- Accounting for tunnel overhead (~20–100 bytes), packets are not fragmented along intermediate paths.
- Removing fragment reassembly improves throughput and TCP efficiency.
- Performance stays consistent even when the AnyCast path changes.
Port Policy
Some ports are restricted to prevent abuse. A few can be unblocked after you justify the intended use.
Blocked by Default (can request unblock)
| Port | Protocol | Service | Unblock Condition |
|---|---|---|---|
| 25 | TCP | SMTP | After justifying sending purpose |
| 137–139 | TCP/UDP | NetBIOS | Business file sharing |
| 445 | TCP/UDP | SMB | Business file sharing |
| 1688 | TCP/UDP | Windows KMS | License management |
Permanently Blocked (cannot be unblocked)
| Port | Protocol | Service | Reason |
|---|---|---|---|
| 17 | TCP/UDP | QOTD | Prevent DDoS amplification |
| 19 | TCP/UDP | Chargen | Prevent DDoS amplification |
| 1900 | TCP/UDP | SSDP | Prevent UPnP abuse |
| 11211 | UDP | Memcached | Prevent DDoS amplification |
| 53413 | UDP | Netis backdoor | Block known vulnerability |
ASN-based Restrictions
Networks with frequent abuse are subject to communication or rate limits.
| ASN | Network | Restriction |
|---|---|---|
| AS202425 | IP Volume Inc | Rate Limit |
| AS399471 | SERVERION | Communication limit |
| AS213035 | SERVERION | Communication limit |
| AS207566 | changway-as | Rate Limit |
Contact
For network configuration questions or port unblock requests, use the ticket system in the console or contact support.
- Support: [email protected]
- Console: portal.packet.stream