Here is a simple solution and everybody is happy: re-enable it every hour, if DDoS continues, disable again.
Everybody is probably "happy" then: Customer-> their unusable DDoSed server is disconnected, but wasn't reachable anyway. But once the DDoS is over, it's back online.
Provider -> they have their traffic routed to null. However, they will have to do some more work to get this working too. And not to mention happier customers.
Everybody is probably "happy" then: Customer-> their unusable DDoSed server is disconnected, but wasn't reachable anyway. But once the DDoS is over, it's back online. Provider -> they have their traffic routed to null. However, they will have to do some more work to get this working too. And not to mention happier customers.