Free Tool
Packets Per Second (PPS) Calculator
Convert between bandwidth and packets per second. Understand what DDoS attack volumes look like in PPS and plan your infrastructure capacity.
Bandwidth to PPS
PPS to Bandwidth
Common DDoS Attack Thresholds
| Attack Size | PPS (64B packets) | PPS (1500B packets) | Severity | Impact |
|---|---|---|---|---|
| 100 Mbps | 148,810 | 8,333 | Low | Saturates small VPS links |
| 1 Gbps | 1,488,095 | 83,333 | Medium | Overwhelms most single servers |
| 10 Gbps | 14,880,952 | 833,333 | High | Saturates datacenter uplinks |
| 100 Gbps | 148,809,524 | 8,333,333 | Critical | Requires upstream mitigation |
| 1 Tbps | 1,488,095,238 | 83,333,333 | Critical | Largest recorded attacks |
Understanding Packets Per Second
Packets per second (PPS) is a critical metric for understanding network throughput and DDoS attack volume. While bandwidth (Gbps) measures total data volume, PPS measures how many individual packets your network equipment must process. Many DDoS attacks use small packets (64 bytes) to maximize PPS and overwhelm firewalls and routers that have per-packet processing limits.
The formula is straightforward: PPS = Bandwidth (bits/sec) / (Packet size in bytes x 8 + 20 bytes Ethernet overhead x 8). For example, 1 Gbps of 64-byte packets generates approximately 1.49 million PPS, while the same bandwidth with 1500-byte packets generates only about 83,000 PPS.
Why PPS Matters for DDoS Detection
Flowtriq monitors PPS every single second on each protected node. A sudden spike from your baseline of 50,000 PPS to 500,000 PPS triggers an alert within 1 second, even if bandwidth utilization appears normal. This is critical because many DDoS attacks (especially SYN floods) use minimal bandwidth but extremely high PPS to exhaust server resources.
FAQ