How to protect from DDoS?

Good day!

From hoster (Hetzner) receive notification about that on my leased server is DDoS attack. Notice the following:

We have indications that your server has been attacked. Those responsible for this have been asked to solve the issue and to give us a statement on the cause of the attack.

> Direction IN
> Internal (here set my server address)

> Threshold of 200,000 Packets packets/s

> Sum 73.186.000 packets/300s (243.953 packets/s), 36.593 flows/300s (121 flows/s), 36,806 GByte/300s (1.005 MBit/s)

> External, 3.236.000 packets/300s (10.786 packets/s), 1.618 flows/300s (5 flows/s), 1,627 GByte/300s (44 MBit/s)

> External, 2.802.000 packets/300s (9.340 packets/s), 1.401 flows/300s (4 flows/s), 1,409 GByte/300s (38 MBit/s)

> External, 2.498.000 packets/300s (8.326 packets/s), 1.249 flows/300s (4 flows/s), 1,256 GByte/300s (34 MBit/s)

> External, 2.272.000 packets/300s (7.573 packets/s), 1.136 flows/300s (3 flows/s) 1,143 GByte/300s (31 MBit/s)

> External, 2.048.000 packets/300s (6.826 packets/s), 1.024 flows/300s (3 flows/s), 1,030 GByte/300s (28 MBit/s)

All letters came in 5 pieces, the time is random and patterns do not reveal as well a list of addresses from which come the requests to the server changes constantly.

Block address pools hoster does not intend to, and attacks take the channel down for 5 to 10 minutes. Block them via iptables is not an option, as the traffic from the ISP router to the server will still be clogged
What better to do in this situation?
March 23rd 20 at 19:36
2 answers
March 23rd 20 at 19:38
They also have DDoS protection, how is dropping the channel? Not tried them to write?
March 23rd 20 at 19:40
Wrap all through cloudfire there or take the second server

Find more questions by tags DDoS protectionHostingLinux