Droplet Limits

DigitalOcean Droplets are Linux-based virtual machines (VMs) that run on top of virtualized hardware. Each Droplet you create is a new server you can use, either standalone or as part of a larger, cloud-based infrastructure.


  • Some Droplet network traffic is restricted to help prevent malicious actions, like reflected DDoS attacks. We know these restrictions also prevent functionality like configuring direct server return and using Droplets as routers and site-to-site VPN gateways. Future changes to our network will support this functionality. Until then, some workarounds include using a VPN mesh network or overlay network.

    The following types of traffic are restricted:

    • TCP and UDP traffic on port 11211 inbound from external networks (due to the Memcached amplification attacks in March 2018).

    • Multicast traffic.

    • Traffic not matching a Droplet’s IP address/MAC address.

    • SMTP via Reserved IPs and IPv6.

  • Droplets with Premium CPUs have a network throughput limit of 10 Gbps. All other Droplets have a maximum network throughput limit of 2 Gbps.

  • You can’t create more than 10 Droplets at the same time using the control panel or the API.

  • SMTP port 25 is blocked on all Droplets for new accounts. As an alternative, we recommend using a dedicated email deliverability platform, like SendGrid, and generally recommend against running your own mail server.

  • /proc/cpuinfo shows your Droplet plan, either DO-Premium or DO-Regular. You can see which processors each plan uses in Choosing the Right Droplet Plan.

  • Root password resets are not available for operating systems with internally-managed passwords, including Fedora.

  • Droplets cannot have more than one Reserved IP address assigned to them at a time.

Known Issues

  • Due to our network design, traceroute diagnostics between Droplets may display 100% packet loss during the last two hops. The packet loss is expected and does not have any impact on the connectivity between Droplets.