Is load a issue when hundreds of i.p.'s or blocked by iptables?

Well I dont find any reasons for server to catch load due to number of IPs blocked..
We have long iptables rules set on all our server... yeah the only problem we face is we have 3 clients a week saying they cannot access their site but others can....

 

Actually, a long iptables list with thousands of IP's in it can definitely cause load issues. It can also cause a slowdown of every service operating over the network (web, smtp, ftp, etc) as every packet has to be compared against every IP address. It can also render a server unbootable, which I've seen on many an occassion.

You should only really ever have a handful of blocked IP addresses in your firewall for current attacks, otherwise you should clean them out very regularly.

 

I agree with chirpy,

Here are my recommendations, take all those out, configure apf to ban people that abuse your server automatically, configure the server to send you that list or remove the blocks on its own.

Also configure traffic shaping so that people who DDos your server don't keep you from SSHing in.

If you really feel you need to have IPbans like that, simply offload them to an external firewall, most NOCs offer them as an addon to dedicateds.

Be aware though that simple router type firewalls, really dont have the ability to do IP bans, nor do they have the memory to store your list.

 

Certian versions of sonicwalls can do flood protection too, and can syslog to a monitoring computer, so that you can be notified when attacks are occuring.