New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
He could just get an OVH 10Gbps box (or leverage existing) announce all IPs and be up in hours, but that's 50ms overhead?
Really needs to get DDoS protection provider and GRE it back. Poor man solution but he would get back online.
I wouldn't mind 50ms overhead if it meant my service was online.
Who really goes to mid Romania for the best latency?
Also outbound latency would still be direct out via RCS / Orange @FlorinMarian - Please do something like this.
Fot start I can recommend CBTNuggets, if you can find materials.
I learned it by poking around https://bgp.he.net/ looking at MTRs and finally worked at HostVirtual (now NetActuate) almost a decade ago, helping them become one of the largest peered ISPs in the world today.
If I had the choice at the time, likely would've chosen one of these courses.
At the time they were veering from low end VPS market and going into Anycast, which got me interested in BGP. One IP to anywhere was an awesome theory, and duplicating 1.1.1.1 or 8.8.8.8 (or 4.2.2.4 if you're old enough) was something I wanted to do.
While HostVirtual's main thing was under 10ms to the anywhere, it took a LOT of peering. Using IXReach to get tiny data center locations to numerous nearby IX's. Sometimes you didn't have everyone on route-servers which meant an email to establish a relationship. I created an email template that got around a 75% conversion on turning up peering. This meant we bypassed transit - giving customers not only free bandwidth, but better routing.
Finally, DDoS mitigation was a service where if someone tried to take you out, traffic would be diverted to a scrubbing centre.
I took the very long route of learning it and wouldn't suggest it, honestly Fran at BuyVM offers a service for very cheap now where you can test and setup Anycast.
Also got it implemented while working at Vultr, as it was $$$ at the time, and I felt HV was gatekeeping. Setting up a few BuyVM instances or Vultr + quagga would get you some knowledge and a number of those Udemy courses are great.
I know a lot about communities and prepending, because when building a subnet / ASN that announces to the world, you didn't want sinkholes where Australia would route to LAX, even if you had a PoP in Australia and NZ, so quickly learned prepending is slap-dash and communities are great to engineer traffic. They can keep traffic in a region, not announced to international providers, etc.
Sorry for the long post, but true BGP and Anycast enthusiast and I don't understand how 50ms overhead for a zero-cost solution is better than keeping the DC essentially offline.
https://i.ping.pe/n/P/img_nPBTQbD4.png
Waiting for OVH BYOIP setup for 2nd subnet. This may take up to 3 weeks.
I'd go back and mention DDoS providers like Path and ones @dbContext mentined can LOA and have you up in hours, but do not want to go in circles.
Maybe do some bog standard things like asking Orange to setup an edge firewall for you, add every tor exit node and.... well I've run out of ideas. Get fastnetmon setup (it takes minutes) with whatever flowspect / netflow you have and manually contact the NOC with IPs to null-route, if you aren't getting blanket attacked.
Sorry if I've come off caustic in this thread, but it's really because I don't to see some skid with something as basic as TorsHammer take you offline.
It is very strange what is happening.
On the ports to which I am connected to the ISP, I see a lot of traffic and packets, and the dedicated servers do not receive high traffic at all (below 100Mbps). At the same time, from the servers to the switch, there are many timeouts and pings of the order of hundreds of ms.
fastnetmon (the SaaS service) looks suspiciously cheap for 10Gbit clean traffic
Never mind, it's actually just licensing for the software product.
And what conclusions you are drawing from this? Document this and it to the bachelor thesis.
Depending on what kind of packets are coming in that might not be all that surprising. I could imagine like for example reflected RSTs/SYN-ACKs not making it past the switch while at the same time maximally exhausting it by coming as lots and lots of just about the tiniest packets possible.
<= 97.00% - The customer can request a 30% discount
I guess there will be a lot of discounts for February, @FlorinMarian ?
There's a community edition that can be installed in 10 minutes on a VM. Point netflow / sflow to that server. Boom, you will have grafana statistics.
Idk why he's not given it a shot.
https://github.com/pavel-odintsov/fastnetmon
https://fastnetmon.com/install/
You are like a math teacher trying to teach a housewife what PI is.
Get some sleep instead. Do you think he will thank you, hire you or send you money for your help?
He is in too deep with all his investments. Best to sell it all and colocate
No, I honestly just have been in the hosting field since 2000 (was HostDime's first staff member, worked with manny to make the site readable, all the way to building out a maitland aircraft hangar into DimeNOC, which I coined the name for.)
Owned my own hosting company until the EIG types came by with unbeatable (albeit BS) disk space on plans, and sold my company to go to college full-time.
High school with HostDime were fun times, but now I'm a graybeard angry old man in my mid 30s who's trying to help Romanian closet hosts who have no desire to do anything.
I guess I was just hoping he was a response or two away from realizing the fastest solution is free and literally has a bash script to install. He seemed to be going in the right direction.
Not here for any cash, help, and I have enough anxiety to want to work for him. I care that subnets are down for days and no plan is in site. Prob some neurological thing, but I like things being fixed.
You're ultimately right.
@host_c
Only a few weeks ago I replied to Florin that he shouldn't be asking the price he's asking for the services he's providing. One of the reasons being that other providers are not only better, but actually cheaper by up to 80%. Don't get me wrong, I'm not cheap. I'll gladly pay prem, but for prem quality.
Seeing this thread and how he doesn't care about the customers he currently has, stating that he can always start over ... is just heart breaking for me honestly.
BTW if nothing else about this company was a big red flag for you, this should definitely be.
He states that he doesn't care, that's it's cheaper to start over. He's arrogant and blatantly refuses or ignores possibly good suggestions. Hell, he received offers for help for FREE from knowledgeable people in the industry (something he doesn't deserve imho) and he just DGAF
After all this, his main concern is about latency?! Like fully timing out or a fully unreliable network is waaay better than +50ms!? Yeah, because Romania is the network hub of Europe with excelent ping with the whole world, LOL.
He insists to talk with his provider, even though they send him to walk the dog (Romanian expression for go kick rocks) instead of going the faster routes (like other said, getting set up in minutes...)
My brain just can't handle the logic of this human being.
Honestly, his business has/had a bad business plan from the ground up. Building any type of data center/data room has an insane ROI and you just can't compete with others. Not within the budget he had/has. (Maybe I'm wrong though)
All of this could've been avoided greatly and he could've been way richer now if he would've just bought hardware, bought IPs and negotiated some sweet colocation deals. I know at least 2 providers within LEB budget that offer 10G dedicated for colocation. DDoS protection included. Or hell, even renting rack space probably would've had a better ROI than whatever he did. (Maybe I'm wrong though)
The only thing that has some logic in my mind is if he somehow got funded and just burned through the cash, like those handouts for startups or something from the government/EU. (Maybe I'm wrong though)
That’s because it’s the wrong way around, you block the destination not the source.
The price has nothing to do with the current situation. If I sold cheaper, I would only have more affected customers at this moment, nothing more.
Come on seriously, how can you accuse someone of carelessness when he's active here and respond to relevant messages and do everything he can according to his own strength and knowledge all day long?
It is. In all my other threads I talked about advanced DDoS protections from the most famous providers and suddenly it turned out that I lied.
Brother, when you are a taxi driver and at some point a wheel breaks on the car with the customer in the car and the passers-by tell you "Call a helicopter!" or "Call a plane to take him to his destination!" you're just stupid if you do it because that's what people say.
You try to take your client to the destination, but not without taking into account how much the client pays you and how much you have to pay in turn to do this.
You missed the part with BYOIP whose installation takes 3 weeks, more or less on purpose.
The earlier plane is definitely the fastest. So the client pays you $7 and the plane costs
$70000.
Now the lack of DDoS protection is felt, but the price per TB/month and per KW/h is still at prices far below the market price. You talk about competition as if I had made a master plan with 100 racks available in the location, but what can you see, I only filled one.
There is no such thing in Romania. If you don't believe me, counter me with an offer for 10U, 1200KWh/month and 2Gbps symmetrical guaranteed and unlimited under 750 EUR.
Only Calin and his stories have cheap and very very very good colocation.
>
Cool conspiracy but it doesn't make sense.
All investments are from own funds out of passion and desire for knowledge, the rest are stories.
LET needs a down vote button, not a flag button, a down vote button for irritating posts
Should Florin be stripped of his Provider Tag? Or atleast make a tag that says Basement Provider.
Coming up next: Florin does a virmache style LET quit and fly unchallenged under admin protection in LES
don't you worry about that.
“The monthly value of the SLA index (Service Level Agreement = service availability) will be the value reported for a maximum uptime of at least 3 (three) of the following independent monitoring services: (…)”
and
“The absence of the report of at least 3 (three) of the monitoring services listed above concludes a 100% availability.”
@yoursunny
This is not funny, I was one of the first that contacted Florin to give him a hand, don't be a dick.
Even that this is a competition among providers for sales, when one gets DDOS-ed, others step in to help ( just read thru the post's )
Your network being fuked up is something that we do not wish for others to happen. I would rather battle in prices, products, services than to see any provider fail/go under because of this. That is a fair battle/competition, not shit that makes you network non operational, and makes client services unusable, that is trash in my opinion.
But Bro has to understand, that it is time for him to take he's setup to the next level, and train himself to be prepared for Disaster Scenarios.
PS: Florian, pleas do not post any more info with detail. Like for now we all know Your Uplink Ports name, one is for RDS and 1 is for Orange, they are called TenGigabitEthernet1/50 and GigabitEthernet1/1, we also know the make and model of your device. If you post the version also, then the one doing this can search for version vulnerabilities. Stop feeding sensitive info, just edit out the port names, and equipment name next time.
Offer is still on the table, just like @c1vhosting and others, just say if we can help, and with what.
he is trying to impress !
This morning I discovered an amazing thing.
In addition to the DDoS attack, Orange also has something badly configured at the network level because:
I'm waiting for their NOC to respond to the incident, but it's phenomenal how easily they send you to buy something more every time you ask them to investigate something.
Evidence:
Florian,
Get in touch with RDS NOC, they can apply filters in this case, and can handle DDOS much better than Orange. If you leave the traffic on RDS, at some point their filters will eventually kick in by default.
Hey!
I'll do this but this time Orange has it's own issued.
I remember that Calin had recently issues with vlan changes and same kind of issue with lot of unexpected traffic.
Orange has problems at tehnicians, I told you, remember, RDS is better, but not the best.
@Calin has so much shit on he's network, that even Voxility would tell him to go home
Sorry bro it is true 
. But yes, he has routing issues at ISP Orange level.
For the moment, try your luck with RDS NOC, I will PM you their e-mail.