Traffic for the service goes through the protected path, with BGP, GRE or project-specific integration.
Anti-DDoS protection
CubixServ Anti-DDoS protection powered by Peeryx Network
At CubixServ, Anti-DDoS is not a marketing badge. Traffic passes through Peeryx Network infrastructure, built to absorb, analyze and filter massive attacks before they reach your services.
- Upstream Peeryx Network mitigation
- High-performance bridge-mode filtering servers
- BGP FlowSpec generated within milliseconds
- Gaming profiles and post-filtering rules
Peeryx Network
15 Tbps
displayed Anti-DDoS capacity, backed by over 50 Tbps of upstream transit capacity
Explained mitigation
The page makes layers, capacity and rollout visible instead of staying at slogan level.
Layers
L3/L4/L7
Capacity
15 Tbps
Delivery
GRE/BGP
15 Tbps
displayed Peeryx Anti-DDoS capacity
>50 Tbps
upstream capacity via Peeryx transits
500+ Mpps
possible processing per filtering server
Marseille
strategic low-latency PoP
Network bridge filtering
Traffic crosses Peeryx mitigation servers before reaching the protected infrastructure. This network-edge position allows packets to be analyzed and cleaned before your VPS, servers, games or applications.
Continuous behavioral analysis
Outside attacks, the system observes ports, protocols, packet sizes, usual volumes and normal variations. When an attack starts, mitigation compares the flow with the expected profile to block hard without breaking legitimate traffic.
BGP FlowSpec within milliseconds
When a volumetric attack is detected, selective BGP FlowSpec rules can be generated automatically. Part of the dangerous traffic is then blocked at transit-provider level before it even reaches Peeryx.
Specialized gaming profiles
FiveM, Garry s Mod, Rust, Minecraft, Hytale and real-time services do not behave like a simple website. Gaming profiles protect UDP, TCP, specific ports and latency-sensitive behavior.
Peeryx Anti-DDoS protection
How CubixServ absorbs, filters and lets real users through
Traffic first reaches Peeryx 15 Tbps network capacity. Volumetric attacks are reduced upstream, suspicious packets are filtered, then only legitimate traffic reaches your VPS, dedicated server, FiveM proxy, Minecraft service or IP transit.
15 Tbps
displayed Peeryx Anti-DDoS capacity
>50 Tbps
upstream capacity via Peeryx transits
500+ Mpps
possible processing per filtering server
Marseille
strategic low-latency PoP
Traffic path
An attack should not arrive raw on your machine
Protection combines capacity, network rules and filtering profiles. Each step removes noise before the final service is touched.
Abnormal volumes, UDP/TCP floods, scans and inconsistent packets are isolated to separate attack traffic from useful traffic.
The 15 Tbps capacity absorbs volume before your machines, with upstream attack reduction when needed.
L3/L4/L7 rules, gaming profiles and application signatures clean what remains before delivery.
Legitimate users keep reaching the service while the real infrastructure stays less exposed.
What really protects
Not just an Anti-DDoS badge: a readable defense chain
Layers are separated so the setup stays understandable: network capacity, protocol filtering, application inspection and tuning by use case.
Large attacks are absorbed on the Peeryx backbone before saturating your port or tunnel.
Protected routing helps apply upstream rules and deliver cleaned traffic.
FiveM, Minecraft and public services benefit from rules built around their ports, protocols and behavior.
When attacks target HTTP, APIs or proxies, the application layer completes network filtering.
Peeryx backbone
A network built to absorb large spikes
Attacks are filtered upstream on Peeryx 15 Tbps capacity. CubixServ then carries clean traffic to your VPS, servers, games and web services.
France
Belgium
Switzerland
Italy
Spain
Portugal
Germany
North Africa
Peeryx network
Peeryx upstream, CubixServ integrated
Peeryx provides the Anti-DDoS network base. CubixServ integrates it into VPS, dedicated server, FiveM, Minecraft and IP transit offers so protection is understandable before purchase.
CubixServ relies on the Peeryx network to provide Anti-DDoS protection that is visible, credible and explained. The goal is simple: absorb large attacks upstream, clean traffic before your machines and keep players and clients online.
Visit PeeryxThe Peeryx network is directly cited so the protection feels traceable and verifiable.
Every Anti-DDoS characteristic links back to this page to explain the number and the system.
Visitors quickly see why CubixServ feels stronger than a generic hosting offer.
Carrier-grade infrastructure
What happens before the attack reaches your machine
Protection combines network capacity, high-performance dataplane, behavioral analysis and filtering tuned to real usage. The goal is to cut the attack, not your users.
Network bridge filtering
Traffic crosses Peeryx mitigation servers before reaching the protected infrastructure. This network-edge position allows packets to be analyzed and cleaned before your VPS, servers, games or applications.
- Network bridge mode
- DPDK dataplane
- Very low latency
- Clean traffic delivered afterward
Hardware sized for packets
Filtering servers are built to process huge packet rates, with NVIDIA / Mellanox ConnectX-6 and ConnectX-7 cards, Threadripper PRO 9995WX CPUs, RSS load distribution and PCIe layouts designed for port throughput.
- ConnectX-6 / ConnectX-7
- Threadripper PRO up to 96 cores
- RSS load distribution
- Over 500 Mpps depending on scenario
Continuous behavioral analysis
Outside attacks, the system observes ports, protocols, packet sizes, usual volumes and normal variations. When an attack starts, mitigation compares the flow with the expected profile to block hard without breaking legitimate traffic.
- Normal traffic profile
- Deviation detection
- Lower false positives
- Automatic tuning
Distributed multi-transit capacity
Peeryx Network uses several points of presence, 100G/400G ports and IP transit providers. A large attack is not handled by one isolated link: it is reduced upstream, then cleaned more precisely.
- Interconnected PoPs
- 100G / 400G ports
- Over 50 Tbps upstream capacity
- No systematic blackhole
Marseille point of presence
CubixServ uses the Peeryx Network Marseille PoP, strategic for France, Italy, Spain, Germany, Switzerland, Portugal, Algeria, Morocco, Tunisia and the Mediterranean area.
- Low Europe latency
- Strong southern Europe reach
- Mediterranean route
- Protection without sacrificing stability
BGP FlowSpec within milliseconds
When a volumetric attack is detected, selective BGP FlowSpec rules can be generated automatically. Part of the dangerous traffic is then blocked at transit-provider level before it even reaches Peeryx.
- Fast detection
- Selective rules
- Upstream reduction
- More precise local cleaning
Specialized gaming profiles
FiveM, Garry s Mod, Rust, Minecraft, Hytale and real-time services do not behave like a simple website. Gaming profiles protect UDP, TCP, specific ports and latency-sensitive behavior.
- FiveM
- Garry s Mod
- Rust / Minecraft / Hytale
- UDP, TCP, floods and scans
Post-filtering firewall
After mitigation, rules can reduce remaining exposure: block unused ports, restrict flows, protect administration or adapt security to a precise service.
- Unused ports blocked
- Allowed protocols
- Administration better isolated
- Rules adapted to the need
Summary
Protection built to hold pressure without cutting real users
CubixServ chose Peeryx Network to combine large capacity, automatic reaction and intelligent filtering. If your game server, website, application or sensitive infrastructure is targeted, the goal is simple: absorb, clean and keep the service available.
Talk to an engineer
High-performance DPDK filtering servers
High-end NVIDIA / Mellanox network hardware
Behavioral analysis of legitimate traffic
Automatic upstream BGP FlowSpec
Peeryx transit capacity above 50 Tbps
Gaming and real-time profiles
Customizable post-filtering firewall
Marseille PoP for latency and stability
Frequently asked questions
Does CubixServ blackhole the attacked IP?
The protection logic first reduces the attack upstream, then filters locally. The objective is to avoid voluntary cut-off and keep legitimate traffic reachable.
Why mention DPDK and Mpps?
Large attacks are not only about Gbps: they can send massive amounts of small packets. DPDK and Mpps capacity show that filtering is designed at packet-processing level.
Does protection add a lot of latency?
Mitigation is designed to stay transparent. The Marseille PoP and bridge-mode processing aim to preserve low latency for players, visitors and legitimate users.
Are game servers filtered like websites?
No. Gaming uses can rely on profiles adapted to FiveM, Garry s Mod, Rust, Minecraft, Hytale and real-time protocols to limit false positives.
What happens during a very large volumetric attack?
BGP FlowSpec rules can reduce volume directly at transit-provider level. Peeryx servers then perform finer cleaning of the remaining traffic.
Can filtering be adapted to my service?
Yes. Post-filtering rules can block unused ports, limit specific flows or strengthen administration services according to real usage.
Targeted by attacks? Move to infrastructure built to absorb them.
We do not just show an Anti-DDoS logo: we show the technical chain behind the protection, from upstream capacity to application-aware filtering.