New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
well then there is new one i think:
https://www.abuseipdb.com/check/188.241.241.3
It is the supreme arrogance in the face of utter failure for me...
If he would admit he fucked up and needs some hands to help, nobody would roast him. But yes, he‘s that guy who gets face punched, lying on the floor with a broken nose in a ufc fight and is still screaming: hahhaha, try harder, you cant‘t beat me, i‘m stronger!
For some reason I feel that entity responsible for this incident is reading this thread and lol'ing outrageously.
the laptop?
127.0.0.1 along with ::1.
As soon as the NOC and engineers find out one house is causing 3-5% packet loss at DE-CIX for them, and congesting transit, you may have a nasty surprise. Just watching ping.pe, DE-CIX is really only how any traffic's getting to you, their transit's congested.
You're gonna find out how much a residential customer is really worth if you start causing network congestion to other customers.
Anyway, link me Romania PACER equivalent when it hits.
I am not on a residential line but on a dedicated line with guaranteed bandwidth.
Dont worry, they will just upgrade the uplink at DE-CIX.
I am most certain that all ISPs in RO including Orange and RCS have a clause in the contract similar to "if we, for any reason, are unable to further provide the service to the client, the contract closes automatically ".
Would be interesting to see what Orange has to lose.
I tried to help you, I wrote you in DM a few days ago but you didn't reply. Maybe you missed it
7 Billion $
Does it mention what happens if you cause loss of service to other customers, their bandwidth, intentional or not?
It may not have been noted and you may end up in court, but I guarantee you if you start causing packet loss to others, even in your neighborhood, or if you actually cause problems with their DE-CIX port, OR if you cause problem with transit providers, your ass is outta there.
An engineer who's trying to keep the ASN's ship from listing and sinking isn't going to say "Oh crap, he has a contract? Nm, let's take the L"
Once any of the above happens, they're probably gonna disconnect you faster than your (now well working UPS) flips from line to battery.
also ovh at big loss too
Considering that there are barriers at the firmware level and I have the guaranteed bandwidth, I don't know how your scenario can happen.
Amen.
Bruh's out here thinking since he's got a 2Gbps contract, they're going to upgrade their DE-CIX line or transit providers.
Engineers who are at the level of looking at issues with the overall network will not be looking for contract verbiage, they will do the needful ASAP, and let legal sort you out after the fact.
I'm just giving the honest truth.
Also, why not just buy a beefy box at OVH, move all your BYOIP over there, then GRE your subnets back to Romania? Few ms overhead, and a cheap-mans proper DDoS solution, as even @dbContext knew of a provider cheaper than path for proper BGP mitigation, but zero interest it seems.
It just sucks seeing a hobbyist I rooted for go down like this. And also don't announce when you're single homed 150Mbps guaranteed, I think I mentioned that like 10 pages back, but... yeah.
How tf can a firmware save you from this?
I already have a server at OVH with 10Gbps, but the latency is 50ms, much too high not to cause trouble
When you become a burden that it would take thousands just to cater to one account, they are unable to serve you anymore, and would simply sever ties, letting the lawyers deal with you.
I seriously hope it doesn't happen, but I don't know of many ISPs that would tolerate what's going on without some effort by the end-user / enough knowledge to mitigate, or send communities upstream.
If you're getting attacked on a single IP, tag it 8953:666 - it's the same at many ISPs.
Get fastnetmon installed. With flowspec or Netflow (they actually were kind enough to get netflow lite integrated) you can get an eye inside your network so you aren't guessing who is getting attacked.
It doesn't need to be setup to do RTBH, rather can give you an eye inside your network.
Playing jingle bells for example.
Shit is still fucked up, but at least you're a very happy mothafucka.
I'd take 50ms overhead over zero connectivity. Don't you already have BYOIP? Announce them all there, get a beefy 10Gbps server and let actual DDoS filtering do the needful with a handful of extra filters until you can get Voxility BGP.
This would be a perfect bandaid until you can get setup with Voxility. Even there you could just rent a box, announce your subnets, and do the same? What's MS overhead to nearest Voxility DC?
Tonight I asked the people from NOC Orange to tell me the community for the blackhole.
They told me that this is a separate service and directed me to the commercial consultant.
The same story with extra payments and long waiting times.
I tried to blackhole an IP of mine from OVH, but the respective community is ignored.
Scenario is real if orange or its transit will receive complaints from other customers. Not only you feel this attack, transit and orange it-self must deliver this junk traffic to you.
Let's stop speculating here. Let's see what happens. As I said previously, skid will drain you. Now it is a question of persistence. Who gonna quit first: you or skid.
And voxility is not the answer. They have knowledge and hardware for nullroutes. Your subnet would be on constant null route rotation. You need active filtering.
How much the Voxility > @Kris said:
Voxility is expensive
Don't ask your NOC, they seem to be idiots.
Tag an IP upstream 8953:666 and see if's routable from internet.
You can further use these to keep a line up from Voxility (or Path.net) primary, and only use Orange if everyone else is down, like 8953:1003 8953:1050.
Voxility is 2010 filtering. You need @dbContext guys or Path which can actively filter Tbps of attacks via sheer amount of locations, and Gbps commits they have.
As I said, I tried but that community is ignored.
Didn't see that, thought you just put a ticket it. It would be very advantageous for them to open that up to you.
Other note: seems like you know much about bgp. Any advice for good learning material?