New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Seems like your webserver is fcked up again. You should use CF with good WAF rules to protect it
this is what i dont understand, why didnt he from the beggining put web server behind reverse proxy ??? like wtf ? its easier to change reverse proxy ip and hide real server ip, or better to use cloudflare and problem solved on web part ? even free cloudflare protects you better than nothing (plus you dont expose real server ip is a bonus), also you can basically get vpn with dedicated IP with all ports open and port forward from there too lol
Back in the day he tried CF, and other solutions against DDoS attacks, but seems like lack of understanding how to setup it and ignoring help from community explains his current situation
5 year old kid with my guide will set it up under 10 minutes lol (that include purchasing a domain), there is nothing easier as set it up lol, like cmon is he that stupid or ignorant?
Most likely ignorant with too big ego to handle it.
Thanks, you were my 2023 provider I went all in on, means a lot coming from you.
Really just wanted to use some weekend time to try and help between shoveling during a snow storm.
I go back to the old WHT days (pre bought out) where if someone came in genuinely needing help, you offered as much advice as you could until their clients were back online.
It was less helping the provider itself, more keeping another small provider in business, and we all had empathy for end-clients.
Well that's the definition of being stupid actually
Did I imagine a reply from Florian or thread where he realized it might not be a DDoS, rather Orange network issues?
Getting some weird Mandela effect going on here if not.
I swear I saw a reply where he responded saying when BGP is a mix of both ISPs, Orange is at 4.2/2Gbps used, while when it's RCS-RDS only, it's normal at like 150 Mbps-200Mbps and he had posted Cisco stats.
Came back 30 mins later, went to reply and no such thread or replies exist.
Twilight Zone marathon + not enough sleep? Magical thinking perhaps? I know at least @host_c alluded to no DDoS. The fact this whole issue happened during maintenance with Orange, and now just 40% packet loss ensues only on their routing is what I saw this morning and was a little odd...
@Kris Most probality a bad configuration of orange, and we have experienced some similar things to them, and now I am going to start a process following these events, we had many more problems and even a downtime of 4 days at 5x /24 IPv4, the client finally leaving, I expect orange to offer some serious compensation in court, considering that we have a data center business contract with them
In the last 3 years of doing business with them, they are not improving, as it should be, day by day they are getting stupider and they don't have the minimum experience in configuring some networks, I ended up giving them advice at by phone or email, what you need to configure, and tutorials on the forums
Just a example of stupidity from Orange https://lowendtalk.com/discussion/191148/help-ihostart-com-solve-his-networking-issues
Regards
No, you didn't imagined it
https://lowendtalk.com/discussion/comment/3868317/#Comment_3868317
EDIT: Thanks, missed it somehow 2 pages ago
https://lowendtalk.com/discussion/comment/3868317/#Comment_3868317
Ok, so he wasn't getting DDoS'd, the DDoS was coming from inside the building, after Orange completely f-ed his line.
I saw some good old fashion BGP testing like I used to play around with Quagga and his network's fine with RCS/RDS only.
That whole 3 day turn up for DDoS protection is actually 3 day turn-around to un-f*** his network.
Weirdly I didn't see it in his comments, I thought I actually imagined it.
That further confuses me because he said his Orange SA was superior to your old telecom, Orange Romania SA. The same I guess?
Do they both have less than optimal networking departments?
You guys should use someone like OVH to do IP announcements, GRE it back. I'd say some millisecond overhead from OVH inbound only + their DDoS protection, and bog standard bandwidth outbound is better than Orange (either of them seemingly) screwing with IP announcements. So far RCS/RDS for the win in terms of not nearly taking out someones ISP with a line upgrade.
Orange SA and Orange Romania SA it's same retarded guys , just differents names and staff
Regards
There are 2 orange companies in Romania. Orange telecommunications bought Telekom land infrastructure, but they did not get their support team, that was pretty decent.
None of the 3 major companies have decent NOC there, I am battening with RDS for 3 months with my links, at some point they just put me on Congent.
After asking Florian for some adițional info on the timeline, all the events fall under the upgrade he did, and Orange NOC messed it up big time.
I am 100% confident that he has no DDOS, just a really bad config that is out of he’s hands.
All started a few ours before the upgrade of the line went into active state.
Florian, with the bad experience I have over the years signing contracts with Romanian providers , I advise you to get a law consultant ( jurist ) give him/she the contract to read, and ask them to write a notification ( official one ) to orange that if they do not fix the problem within 48 ours, the contract is not valid , as you are not benefiting from it for the past x days for the services they should provide, more, your business is not functional, and you are loosing clients. Either they put you back on the old setup, or they fix this asap. Otherwise you will be stuck for 24 mo on a shitty contract. That will be more expensive than a premium law firm. Don’t waste time with this, as you are under 30 days from the start of the contract, and you still have the upper hand in this. But, you need an official mail to be sent to them , not written by you, but by someone that knows how to put the problem on paper. This is how we did each time, and that 100,200 usd the consultant may ask it will be the cheapest problem of yours if you act swiftly.
For the price I presume the asked, and for the 24 mo contract you signed, I would actually go to court with them if they refuse the notification you will send out.
I'm confused as hell.
Yesterday all day there were a lot of packets/sec on the interface with which I was connecting with Orange.
In the evening, I asked my mother to move the SFP+ plug from Orange to a test server and I said to manually configure the IP address with which I do BGP so I can see what traffic is coming and from where.
Surprise.. on the dedicated server had no traffic at all.
I do not know what to think.
Let's say that Orange did something wrong. Why, however, only when I'm connected to the switch do I have that huge number of packets/sec?
To highlight...
5 minutes ago; 0 traffic on that interface with Orange
5 minutes later, same SFP+ cable plugged into Cisco switch:
Florian, as you have 0 control over this, just du what I told you to do. Or you will end up financing orange for the next 24 mo.
As an example, hope Cave King will not be angry with me on this:
@Calin bought 2 Cisco router for the links he has to orange, and he has no access to the devices payed by him , only orange does. Now fxxx me if this is normal.
If the provider ISP puts he’s devices to give me service, I have no problem that I have 0 access to them, but if he puts me to buy something , I espect at least a read only user on them. As they are my property, they can manage it, but wtf ….
We give read only users to all customers on the devices we implement but we manage. This way it is transparent.
Either they fix the link or move back as you were, and drop the contract until it is not too late.
For gods sake, almost a week in and no service.
At 350 USD you might get a full 980MBPS line at RDS where you are. With another 1-2G from Orange you are good , and of story, and focus on OVH or other colo
The case with the equipment does not apply to me either.
They paid for this new switch from my location theirself, including the new one from their site, necessary for this upgrade from 1 to 2Gbps. (Yes, both my switch at home and the one in the site supported SFP+...but 1Gbps).
I rule out re-contracting Digi because it costs as much as a remote BGP protection.
You mean SFP not SFP+?
SFP before, SFP+ after.
can I still buy VPS from romania, or have you stopped the sales? I can't do looking glass to my DB server via your website.
188.241.240.0/24 seems to be withdrawn from BGP, only 2a0e:8f02:f04f::/48 is reachable
Damn this is a twister
so basically everything is down then? wtf
DNS Amplification does it's job.
1 second of
tcpdumpgenerated 7 such files but look what contains just one of them:Even a 40Gbps link gets saturated easily.
After 15 pages he still doesn't understand the purpose of a DDoS protection that filters the traffic BEFORE entering your network.
At this point there is nothing I can do excepting Arbor implementation by the ISP.
If I use GRE tunnel, when the attacker targets ISP's IP address, GRE is 0.