[Romania's National Day] Special LE packages 🎁

cybertech

@FlorinMarian said:
Ladies and gentlemans, please ask for refund if you feel that you can't use our NAT service.
I feel horrible due of long talks with Datacenter Staff which is unable to provide high quality connections for non-EU customers.
Tomorrow is somehow last day when I can issue refund for transactions because later they will be paid to my business bank account and I'll have to pay taxes for that income.
I will come here with an update but I'm too dissapointed to do it right now.
Best regards, Florin.

will you consider relocate to a better DC with IPv6 ?

yoursunny

@cybertech said:

@FlorinMarian said:
Ladies and gentlemans, please ask for refund if you feel that you can't use our NAT service.
I feel horrible due of long talks with Datacenter Staff which is unable to provide high quality connections for non-EU customers.
Tomorrow is somehow last day when I can issue refund for transactions because later they will be paid to my business bank account and I'll have to pay taxes for that income.
I will come here with an update but I'm too dissapointed to do it right now.
Best regards, Florin.

will you consider relocate to a better DC with IPv6 ?

With IPv6, and without the UDP-blocking mitigation.

2Q9l7

I missed your Black Friday flash deal, but I'm looking forward to your new NAT HDD VPS offer.

FlorinMarian

@cybertech said:

@Andrews said:

@user123 said:

@FlorinMarian said:

@RedSox said:
@FlorinMarian what's the HDD manufacturer and what's the models? Thanks

You might want to redact the HDD serial number in case someone tries to use it for a nefarious purpose...

...and what would happen to this already over 6 years old Seagate 4TB hard drive???

don't be so paranoid

omg its a used drive? from @cociu ?

Hi!
All HDD drives that are used currently on NAT VMs are on RAID10 7 years old and over 50k running hours. Anyway, all the customers are very satisfied with their speed and also all of them have 0 error rate.
And please, don't mix our brand with cociu, not even as a joke. We buy parts only from UK, there is our main supplier.
Best regards, Florin.

cybertech

@FlorinMarian said:

@cybertech said:

@Andrews said:

@user123 said:

@FlorinMarian said:

@RedSox said:
@FlorinMarian what's the HDD manufacturer and what's the models? Thanks

You might want to redact the HDD serial number in case someone tries to use it for a nefarious purpose...

...and what would happen to this already over 6 years old Seagate 4TB hard drive???

don't be so paranoid

omg its a used drive? from @cociu ?

Hi!
All HDD drives that are used currently on NAT VMs are on RAID10 7 years old and over 50k running hours. Anyway, all the customers are very satisfied with their speed and also all of them have 0 error rate.
And please, don't mix our brand with cociu, not even as a joke. We buy parts only from UK, there is our main supplier.
Best regards, Florin.

good information.

seeing that you are one of the more commited .ro provider, i do apologize for the cociu reference, even as a joke.

looking forward to the next deal

brueggus

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Fritz

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Agree on this. I don't want to use OVH Network.

If I want to have good connectivity for the rest of the world I would pick up London/Germany.

FlorinMarian

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Thank you for feedback!
DC struggle because they don't want any of their IPs unprotected by Voxility (remote AntiDDoS). Voxility has very unpermissive rules which are triggered also by a simple iperf3 test.

FlorinMarian

@Fritz said:

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Agree on this. I don't want to use OVH Network.

If I want to have good connectivity for the rest of the world I would pick up London/Germany.

Romanian IP address will not be cut-off but OVH will be as an alternative for who cares about UDP and also data privacy (being stored in Romania, not in OVH datacenter).
Best regards, Florin.

brueggus

@FlorinMarian said: DC struggle because they don't want any of their IPs unprotected by Voxility (remote AntiDDoS).

Fair enough. They most likely don't have much local capacity so that DDoS attacks may bring down their whole DC. Still, blocking all UDP (and apparently ICMP?) traffic seems a bit over the top to me. I know that @alwyzon and @meerfarbig use Voxility for transit but don't have these issues. I don't know if they use their DDoS protection, though.

Anyways, keep up the good work

Fun fact: (Some) domestic traffic doesn't go via Voxility already.

                                       Packets               Pings
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 188.213.49.1                      0.0%    75    1.1   1.4   0.3   3.2   0.4
 2. 10.192.57.225                     0.0%    74    9.0  24.1   2.7 146.8  16.8
 3. 10.220.130.9                      1.4%    74   24.1  34.3  16.4  49.2   6.3
 4. 10.192.59.28                      2.7%    74   30.5  33.4  15.6  51.8   6.8
 5. 171-1-static.softserver.ro        1.4%    74   18.6  33.9  16.9  45.6   5.1

FlorinMarian

UPDATE
DC staff confirmed that they asked Voxility to change the way how mitigation performs on our single NAT IP and now ICMP/UDP drops should become history.
Waiting for your feedback

P.S. I love how resource consumption looks like (still everybody on same RAID group, we'll start to split customers very soon)

Best regards, Florin.

FlorinMarian

@Fritz said:

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Agree on this. I don't want to use OVH Network.

If I want to have good connectivity for the rest of the world I would pick up London/Germany.

UPDATE
DC staff confirmed that they asked Voxility to change the way how mitigation performs on our single NAT IP and now ICMP/UDP drops should become history.
Waiting for your feedback

P.S. I love how resource consumption looks like (still everybody on same RAID group, we'll start to split customers very soon)

Best regards, Florin.

Fritz

@FlorinMarian said:

@Fritz said:

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Agree on this. I don't want to use OVH Network.

If I want to have good connectivity for the rest of the world I would pick up London/Germany.

UPDATE
DC staff confirmed that they asked Voxility to change the way how mitigation performs on our single NAT IP and now ICMP/UDP drops should become history.
Waiting for your feedback

P.S. I love how resource consumption looks like (still everybody on same RAID group, we'll start to split customers very soon)

Best regards, Florin.

I haven't touch the VM much. Just login, YABS and logout.

What do you mean by splitting customer? Are you going to give either dedicated IP4 or IPv6 as well?

Andrews

@FlorinMarian I see on screenshot that you are still using Proxmox 6.4 so consider updating to 7.1 during next maintenance works on node

DewlanceVPS

Nice offer. Price is very affordable.

FlorinMarian

@Fritz said:

@FlorinMarian said:

@Fritz said:

@brueggus said:

@FlorinMarian said:

@Fritz said:
@FlorinMarian

Are you going to move the server to OVH DC?

To be honest, I like your your VM, Prem even OpenVZ 6 but big no with OVH.

We're not moving with OVH.
We're just using their network to avoid connection issues between Romania - Rest of the world.

Just keep in mind that we had cases in the past where people got upset when they ordered a server in country X and got an IP geolocated in country Y. Customers may also encounter other weird issues with the GRE tunnel due to the smaller MTU. In addition, you will increase the latency for domestic traffic.

No offense, but if people need a VPS in Europe good connectivity to the "rest of the world", they shouldn't buy a server in Romania rather than in Frankfurt or Amsterdam.

Where are the issues you're trying to fix come from exactly? Is it the Voxility filtering? Do you need the Voxility filtering? If not, can the DC not just change their announcements for your /24 so that the majority of the inbound traffic gets routed via RCS/RDS?

Agree on this. I don't want to use OVH Network.

If I want to have good connectivity for the rest of the world I would pick up London/Germany.

UPDATE
DC staff confirmed that they asked Voxility to change the way how mitigation performs on our single NAT IP and now ICMP/UDP drops should become history.
Waiting for your feedback

P.S. I love how resource consumption looks like (still everybody on same RAID group, we'll start to split customers very soon)

Best regards, Florin.

I haven't touch the VM much. Just login, YABS and logout.

What do you mean by splitting customer? Are you going to give either dedicated IP4 or IPv6 as well?

Nope, at this moment all ~ 100 disks are on same 4 physical disks.
From today we have 2 newer RAID groups, each with other 4 disks.
I'm pretty sure load avg. will decrease after this step.

@Andrews said:
@FlorinMarian I see on screenshot that you are still using Proxmox 6.4 so consider updating to 7.1 during next maintenance works on node

Hi, Andrews!
We'll try to keep Proxmox as it is if there wouldn't be a critical security issue because also on whmcs we stopped at last 7.10.x version for some internal reasons.

Best regards, Florin.

FlorinMarian

One small update.
I've tried some iperf3 tests to see if IP goes under mitigation again (this step triggered mitigation very fast until today) but seems to be fine.
Also I can see that they accidentally/or not, they increased port speed from 1Gbps to 10Gbps (without notification).

Fritz

Hi @FlorinMarian

Please check if there is an abuser on the node. I get constant load of 4.5-5 even idling.

Maybe a massive disk usage for torrent/ someone is storing their backups at maximum.

yoursunny

@FlorinMarian said:
One small update.
I've tried some iperf3 tests to see if IP goes under mitigation again (this step triggered mitigation very fast until today) but seems to be fine.

When I encountered UDP blocking issue, I run iperf3 server in data center and iperf3 client in my residential network.
You are using YABS that runs iperf3 client in data center, which is a different traffic pattern.

Also I can see that they accidentally/or not, they increased port speed from 1Gbps to 10Gbps (without notification).

Having a send speed above 1Gbps doesn't mean you have a 10G port.

FlorinMarian

@yoursunny said:

@FlorinMarian said:
One small update.
I've tried some iperf3 tests to see if IP goes under mitigation again (this step triggered mitigation very fast until today) but seems to be fine.

When I encountered UDP blocking issue, I run iperf3 server in data center and iperf3 client in my residential network.
You are using YABS that runs iperf3 client in data center, which is a different traffic pattern.

Also I can see that they accidentally/or not, they increased port speed from 1Gbps to 10Gbps (without notification).

Having a send speed above 1Gbps doesn't mean you have a 10G port.

I had idea about that I'm connected to 10Gbps port and also my NIC is 10Gbps capable but doing tests using YABS always obtained exactly 1Gbps before.
Best regards, Florin.

FlorinMarian

@Fritz said:
Hi @FlorinMarian

Please check if there is an abuser on the node. I get constant load of 4.5-5 even idling.

Maybe a massive disk usage for torrent/ someone is storing their backups at maximum.

Solved.
Thank you for report!
Just restart your coninter and everything will run smoothly.
Best regards, Florin.

brueggus

@FlorinMarian said:
I've tried some iperf3 tests to see if IP goes under mitigation again (this step triggered mitigation very fast until today) but seems to be fine.

Now that we got this sorted, let me know if you'd like some help to get an IPv6 subnet routed to your server. We would need to use a tunnel, but that's better than nothing, esp. for the NAT services.

swat4

May I ask if the public ip and ports have changed?

Many thanks @FlorinMarian

FlorinMarian

@swat4 said:
May I ask if the public ip and ports have changed?

Many thanks @FlorinMarian

No, they're are not changed.
If you can't use SSH for your service after reinstall check your email because you have right there two steps to recover SSH access over NAT.
Best regards, Florin.

FlorinMarian

I don't know how that sounds for you, but we ordered right now a new OVH Game (this time real OVH, not SyS), even if it had 1Gbps not 250Mbps coming with NVMe instead of SATA SSD and Ryzen instead of Intel as we had before.

We had to do this step because we would like to improve our best-seller (NAT Storage Container) giving dedicated IP address from OVH routed to our NAT boxes.

We decided to do this step because OVH has better global connection than our NAT and also it's much better for each user to have their own IP address instead of some random ports on a shared IP address.

At the end, we'll be able to store your data in Romania having also benefits of OVH's Game filters over your service.

We hope those changes will fit your usage model.

Best regards, Florin.

yoursunny

@FlorinMarian said:
We decided to do this step because OVH has better global connection than our NAT and also it's much better for each user to have their own IP address instead of some random ports on a shared IP address.

node.latency++;
node.location = "France";
node.dmca.enforced = true;

FlorinMarian

@yoursunny said:

@FlorinMarian said:
We decided to do this step because OVH has better global connection than our NAT and also it's much better for each user to have their own IP address instead of some random ports on a shared IP address.

node.latency++;
node.location = "France";
node.dmca.enforced = true;

if (Customer->location == Europe)
      Latency += 1;
else
      NoProblem();

if (ExposedDmcaComplianceData() == true && UsingOvhIP())
     Die();
else
     UseStorageAsItWasDesigned();

Andrews

@FlorinMarian said:

@yoursunny said:

@FlorinMarian said:
We decided to do this step because OVH has better global connection than our NAT and also it's much better for each user to have their own IP address instead of some random ports on a shared IP address.

node.latency++;
node.location = "France";
node.dmca.enforced = true;

if (Customer->location == Europe)
      Latency += 1;
else
      NoProblem();

if (ExposedDmcaComplianceData() == true && UsingOvhIP())
     Die();
else
     UseStorageAsItWasDesigned();

Die() {
    i = 1;
    do {
        pushup();
    i++;
    } while (i != 0);
    print("Your sin was overflowed. Go, and from now on do not sin anymore");
}

FlorinMarian

What could be better than a SLOW OVH Game server fresh delivered?
Even my old SyS performs better and it was advertised as 250Mbps.

Murv

Grabbed myself a NAT LXC VPS back in Black Friday. Loving it so far.
The only inconvenience for me so far is the lack TUN/TAP support...

Would it be possible enable TUN or WireGuard for the LXC containers?