New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
i use royalehosting to front my own gameservers using a vps and a /29 but thats not in your region
Yeah unfortunately they are not present in Singapore. Anything else?
Maybe @EricB from Sucura
Hi @AdiOnLET
we have remote ddos protection via VXLAN/GRE/EOIP in DE (FRANKFURT), 10Gbit Port
find now
sorry i didn't read singapore
They are present in Singapore? Can't find it on their website. Thanks btw
also tagging @MikeA
Thanks! Do you have any PoPs closer to SEA? Frankfurt latency might be too high for my playerbase in Singapore (Philippines particularly)
No worries
sorry man, at the moment no, i hope you find your need here
Understood, thanks tho
Tunneling for the sole purpose of being a low-cost DDoS shield for non-protected networks isn't allowed on my stuff. He needs a company that caters to that really.
Anyone on your mind who might be the solution for me? Thanks
Yes, you can select location during order, Singapore should be available there.
The attack bursts every 15mins with peak volume of ~7.5Gbps. just adding it here if it helps with anything
For asia region no, I don't really know any company that markets that service. If you end up hosting the actual service on the provider you use for DDoS protection then I can help in the future.
Even for personal game servers? I didn't realize this may be against TOS. Is it more of a like, it's rude to front your own expensive compute resources with someone elses bandwidth using a small VM kind of deal? For example my physical gameserver hosts are in my own rack in my garage.
I think its because DDoS protection is not cheap + clients who are usually looking for GRE DDoS protection are often big targets of attack. Either they realize they need protection because they have none after getting hit or the one they have already with their existing provider is not strong enough.
Mike as any other provider profits from servers (compute), and DDoS protection is only a neat addon. (Ab)using protected network while not paying fair share of bills while being targeted isn't a desired clientele.
Well for me it was different, my provider recently discontinued DDoS protection services and now I am looking for remote protection due to being constantly hit by around 7.6Gbps
Well OP is looking for a GRE tunnel service. So I can only answer this as one offering protected VPS. Normally people that use VPS for tunnels to unprotected networks end up getting the cheapest service possible (no fault to them, you only need bandwidth, nothing else for a tunnel!), and ends up being the most problematic. Nobody wants to tank a terabit DDoS for a few dollars, just to protect another network that has no protection. What if the remote network they are protecting has a network or routing problem? You get blamed for it usually. What if 10 Mbps of traffic causes their game server to go down? You get blamed for it, even if you mitigate 99.9% of the traffic. And basically no GRE/protection services have asia for the reason that it's just expensive.
Generally you just want people to actually host stuff with you, not just use your network to protect cheaper ones.
Then Maybe:
https://stormwall.network/products/servers-ddos-protection
Since they have Singapore & Hong Kong in their Global Scrubbing Network. Ask them.
yea having DDoS Protection with a server is like last resort thing. If you happen to get hit, it can help but you can never guarantee it will stop the attacks. Sometimes there are posts on LET asking about DDoS Protection and then it leads to can I test your ddos protection?
Totally understand your concerns and they are all valid. I'm not looking for someone to tank a terabit, my attacks peak at ~7.5Gbps burst-style every 15mins. Not sustained. I'm not going to blame anyone for routing issues on my end, what I need is just a temporary 3-4 weeks breathing room while Eric from Sucura gets their own colo ready. Even if 10% of the traffic bleeds through, it's still better than having zero protection. I'm not looking for perfect protection just something that will reduce the impact temporarily
I'm not talking about you, just the general situation how it goes most of the time. (and yes, your attacks that you mention are basically nothing, lower than the port speed on most servers)
Oh okay then, Given my situation, is there anything you're able to offer ? It would be really appreciated if you can provide something untill I can find something permanent
Fair. I use wireguard and accept that this is entirely my own design of a setup. My most common, lets call it networking ordeal, is that I route an entire /48 ipv6 prefix over wireguard to my house network and then for on the VPS from the provider use firewalld rich rules to dnat for ipv4. I found this to be highly effective for me to host things at home on my hardware. So ipv6 is fully routed, ipv4 is handled on the vps. both over wireguard. i run opnsense at home but carve out /64's from a /48 for my home subnets. I obviously wouldn't operate a carrier grade network like this or front commercial services, I would never recommend that. If i were to want to do anything "commercial" I would want to colo hardware with someone who does have upstream filtering and obviously not operate the hardware out of a big metal-framed cube in a block garage with HVAC. It's just a silly project with friends that went too far.
Also, it would take more money in monthly cloud costs than I can afford to possibly host my self-hosted services and game servers with a cloud provider's compute and memory.
I'm curious...super off topic. But lets say I use a VPS on someones network as a VPN concentrator/aggregation point to route between a bunch of site to sites with friends. This is bandwidth but not cpu or memory intensive, is that rude to the provider? Nobody ever gave me any trouble about it before. The use case is that there is bad peering and routes from my friends to me but we all have great peering and routes to the cloud provider.
But, I'm a very reasonable person and would never even consider getting snotty with a provider over things that I build or operate. I think that should be common sense but I get many are greedy and rude so providers have to deal with that. If a provider I work with reached out and said, hey, youre consuming a ton of bandwidth for this service cost, can you take a look? I would handle that without an issue. But, I also don't push heavy bandwidth either. If I did I would hope we could work something out so I could stay a customer. I've never had these issues though.
EvoShield Remote DDoS Protection is available in Singapore.
If you need game protection, please consider Level 2, which is priced at €20/month and can block 17Tbps attacks.
Clouvider has DDoS protection also on their VPS line. Maybe open a ticket with them and see if they would tolerate this usage on a VPS that could front your services. You would have to build your own tunnel and all, but IMO thats trivial work...
Thanks I'll take a look at their prot services
Hmm, let me create a support ticket
Not really. If you're familiar with setting up GRE and all that yourself then you can get a server and try, but I don't have custom filtering for game serves either way, so if they're small attacks mimicking real game traffic I probably couldn't help anyway.
@unsafetypin I don't care if people are using it for what you mention. Plenty of people run personal VPNs which is basically the same.