All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Please do not use OVZ6
I use OVZ6 from two different providers and OVZ7 from two different service providers, I only use it for static websites, I can only log in to the server via certificate, then both servers of OVZ6 receive abuse reports, the reports are hacking or DDOS, even after reinstallation and recovery and no longer install any services, it will be compromised for a short time, but OVZ7 has no problem, even more hostnamaste sent me abuse report during my break, I didn't reply within 1 hour of sending the report, so it deleted my service, the other OBHost was restored because I replied in time and reinstalled, the service was restored, and when I detected the traffic increase again, I tried to shut down the IPv4 network and log in only as an IPv6 server, the anomaly disappeared, so far it hasn't I have not found a better solution yet.
Comments
Provider is at fault for offering @eol 'ed platform.
if you get delivered an ovz6 service, chargeback immediately.
Ovz7 released over 5 years ago. It is time to move on from ovz6
OVZ7 also sucks. It was kind of outdated at release time.
hostnamaste is shit, they took my money to get a vps but the quality is very poor(less than 5mb/s io and 30mbps network around the us), I asked for a refund and scolded me, I can not think of a second person to fall for.
And the OVZ platform's IPv6 strategy was also shit.
Inconclusive in regards to the suggestion that vz6 is responsible for a compromised VPS. It's fairly unbelievable that there would be any correlation that could be used to reach the conclusion of vz6 being responsible. It doesn't have any services listening for external connections on its own, and the containerization isn't responsible for the state of the internal software.
2022 and you still use ancient OVZ6 with 2.x linux kernel??? Damn.. you need to live in ancient time..
I could not believe how the client is portraying the issue here with such a lie. Let me clear here, this particular client has bought the KVM VPS and not the OpenVZ 6 or 7 VPS. We had received the 4 complaints from our data center and sent it on "24/12/2021", but client never responded and did not even care to update to any complaints subsequently the security team has suspended the server after a few day as per our TOS since it was not responded and nor provided the justification else the case would be different, but just yesterday after almost 1.5/2 months, the security team has closed the complaints and terminated the VPS. And suddenly, client woke up and responded because it was terminated that he has never received any complaint he/she was on break for (1.5 / 2 months) and never read the emails? Team has also guided that the emails was sent on the mentioned date and you can check from your email history or the from client area > your name > email history, but totally denied and here he/she has uploaded the yesterday's closed complaints emails.
Apart from that, I wanted > @yoursunny said:
I wanted to confirm here, since last couple of months or a year, we are not provisioning new servers on OpenVZ 6 Virtualization node, but there are few VMs still running and those clients are not ready to move / migrate to OpenVZ 7 Virtualization node due to their applications/sites working fine for them, but for other clients we have migrated almost everything.
It's been EOL for about two and a half years, I'd suggest that the time to migrate those customers has long since passed. Far more than "a few months or a year".
If anyone has a hard requirement of not moving, put them in a single tenant openvz host inside a KVM VPS. Problem solved.
OVZ7 uses 3.10...
That being said, we still have quite a few OVZ6 customers which do not wish to migrate. I fail to see issues with it (hacking, spam, etc). When I will see, we will terminate everyone and refund the remaining time.
I think this is a good strategy, only force people out when there is no other way. We stopped selling OVZ 6 a good year before EoL.
I think the main risk is not from OVZ6 itself but the age of the templated OSes offered by providers. Chances are those clinging to OVZ6 are also using EOLed versions of Debian, Ubuntu etc. because there's no upgrade available to reinstall, and that is unwise.
Side loading an up to date OS (say Alpine) and stripping the risk down to just the age of the OVZ kernel seems a reasonable compromise for non critical applications.
CentOS6 has tuxcare ELS support till 2024 and kernelcare is still patching openvz kernel (last update 07.2021).
Yes, but those are paid-support services. Most low-end providers who have (or still offer) OVZ-6 aren't paying for those services.
@hostnamaste well can you provide proof that they were sent months ago?
I doubt this is a problem with OVZ6 itself unless you can provide more evidence. Plenty of other more likely reasons you would get abuse notices.
let's wait for ovz8 available asap
Is there really a good usecase for OpenVZ these days?
Between KVM (or your FV of choice) and docker (or your linux container of choice) what remains for OpenVZ?
i still use ovz7 to create nat vps (shared ipv4 + dedicated ipv6)
not sure how to do it in kvm tho
Proxmox does this great.
I use it for KS which is really weird.
If you have problems with NAT-ing under proxmox directly you can always install a router VM and do nat in it.
Yes definitely, I have uploaded it here "https://ibb.co/1XJHmn9".
Still using Ovz7 till today as our balancer.
The thing is that, this client is fake (lied here as well as used different details while purchased), as he has mentioned about the OpenVZ 6, but he has purchased and used the KVM VPS with Debian 10 OS.
@jerry_me Well the picture @hostnamaste posted shows otherwise
@PieHasBeenEaten
I have found this client's interesting comment today, see the attached "https://ibb.co/L614Gt8", where he/she mentioned clearly about abuse.
To be fair, that comment is on a Terrahost ad for a KVM with 50TB bandwidth.
Right, but in the context of this fake thread started about the abuse complaints, client has mentioned about the usage of the server to not get the abuse compliant, which itself shows the usage of the client for any provider's VPS.
Awesome!
is this correct way to do ?
https://forum.proxmox.com/threads/using-a-container-or-vm-as-a-router.54344/
Yes but it lacks a lot of other info.
If you are ok with using the proxmox itself (which is based on Debian)
then you do something like this:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o vmbr0 -j MASQUERADE
That is enough to so NAT in the whole of host.
You do make a new bridge with 10.0.0.254/24 (or any other RFC 1918 "net") for the containers and VMs alike.
The containers will have IP like 10.0.0.x/24 and 10.0.0.254 as gateway.
In order to forward ports:
iptables -t nat -A PREROUTING -p tcp -d [your ipv4] -j DNAT --to-destination 10.0.0.xx
Then you create containers or VMs and bridge them to vmbr1.
For a range of ports:
iptables -t nat -A PREROUTING -i vmbr0 -p udp --dport 64000:65000 -j DNAT --to 10.0.0.3:61000-62000
You can use 192.168.1.x for example, I use 10.0.0.x because is shorter.
Why would someone use OpenVZ instead of cheap KVM? It's 2022, you can afford a KVM.