If it's UDP you can just get your datacenter to ACL UDP to all your ports. Since UDP will be blocked you will have to use some external DNS service(like afraid.org).
@damon, out of curiosity, does CloudFlare block UDP to port 80? It can help you to stop most of heavy attacks nowadays.
@damon, out of curiosity, does CloudFlare block UDP to port 80? It can help you to stop most of heavy attacks nowadays.