New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
BuyVM VPS + Filtered IP vs RamNode + BuyVM Filtered IP
Read my post below. Bought a BuyVM VPS + BuyVM Filtered IP
Hi.
I have a site that is the victim of a DDOS attack every few days.
I was thinking of
A.
Hosting it at RamNode on a $5/m 512MB Ram VPS.
Buying a $15/year BuyVM VPS with a $3/m DDOS Protected IP and GRE Tunneling it to the RamNode VPS.
If we go this route, what BuyVM + RamNode location would be the best combo?
Or
B.
Should I just buy the $5.95/m 512mb BuyVM VPS with a $3/m DDOS Protected IP.
Has anyone here ever tried Gre tunneling a BuyVM Filtered IP to a RamNode VPS and running a Webserver on it?
Approx much latency did it add? Did it make the site load slower?
Comments
Which locations for BuyVM and RamNode? Although even if they are in same datacenter, it's simpler to stick with one provider, you won't have to debug issues with the GRE tunnel and such.
And is the reason to use BuyVM DDoS filtering because you are afraid that RamNode's DDoS filtering won't be able to handle the attack?
Also if it's a website, using CloudFlare or a similar system means you wouldn't have to worry at all about network-level filtering. And network-level DDoS filtering like the type offered by BuyVM and RamNode generally isn't effective in protecting against application-layer attacks, like HTTP request flood.
buyvm latency + ramnode latency = total latency to your location
unless it's a gameserver that is more sensitive to latency, other users should not notice
Any reason you don't want to use RamNodes DDoS Protection?
Any location is fine for me, I was thinking about New Jersey (BuyVM) and New York (Ramnode), they seem to be pretty close.
I don't want to use RamNode's DDOS filtering because it is kind of pricey. $5 compared to $3, will cost me $24 more a year.
Why would you GRE-tunnel anyways. There only has to be one leaking flood and your ramnode vps would still be nullrouted.
If you go that route, install nginx and use it as a reverse proxy.
I do use Cloudflare.
My current setup is Cloudflare --> OVH Nginx reverse proxy --> webserver.
Attackers attack my site, then Cloudflare disables the protection because it's too much, then they get my reverse proxy ip, and attack it and shut it down making my site go offline.
Ne'er mind.
CloudFlare protects you against network-layer attacks (like UDP flood) since your IP addresses are hidden; HTTP request flood will still pass through unless you pay a lot more. However, network-level filtering will not help you very much with HTTP floods. Depending on BuyVM's Voxility filtering for that is not a good idea. I'd suggest look into better caching systems to prevent these attacks from taking down your website, and stay with your current setup with CloudFlare.
(unless you are saying the attacker is able to push so much HTTP traffic to your VM via CloudFlare that it is overloading your provider's network port; in that case you are pretty much fucked: if attacker is doing TCP handshake and performing requests that look legitimate, and that traffic volume adds to 1gbps+, then network-level filtering won't help really).
Ramnode has ddos protection why not use theres?
@Mun I asked that already, he said it's too expensive :P
@xaitmi sorry I didn't understand that they are actually getting your VM's IP. How does that work? CloudFlare changes DNS back to your IP if they get too much traffic? Didn't know they did that if that's the case.
do you know the size of the DDOS attacks?
There are certain methods attackers can use to force cloudflare to disable their service on your domain temporarily.
It's the same thing as you going into your cloudflare and hitting pause/deactivate.
It will make all your ips public.
There are also "cloudflare resolvers" on the internet that can tell you what IP they are protecting.
I don't know the size unfortunately.
It is 5$ a month ???
Does he not understand it will probably cost more to buy the buyvm on top of the Ramnode ???
BuyVM VPS + Filtered IP = $107 a year
RamNode VPS + BuyVm Yearly VPS + DDOS Protected IP is $111 a year.
RamNode VPS + Filtered IP = $120 a year
With 2TB traffic monthly
With 500GB of traffic monthly
With 2TB traffic monthly
You need to look at the whole picture when comparing your apples with your oranges
possible to compare banana?
OK thanks for your input guys.
Decided to keep things simple and just use BuyVM VPS + BuyVM Protected IP.
I've only used RamNode for production websites up till this point (Over 10 sites hosted @ RamNode) scattered across 6 VPS's
Hopefully it'll be all smooth sailing with BuyVM.
It's been ~ 5 mins so far, says pending.
I guess they have to manually review payment and stuff
Just get a BuyVM VPS and ditch ramnode?
Update: VPS just got activated.
Time to check it out.
Can't wait for your BuyVM refund and Aldryc's adventures thread.
Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.
BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
Thanked by 1xaitmi
Why would I want a refund. o_O
You've been nothing but negative.
I've been using their shared reseller hosting for close to a year now with no issues, I use it mainly for dev/testing sites.
My RamNode VPSs perform slightly better than BuyVM's, but it'll still work fine for the site I have to host on it.
Been fine-tuning my nginx conf for the past 30 minutes.
Stallion is amazing.
All's good, carry on.
is this kinda like reverse psychology technique / promotional method?
Interesting to know more details if possible:
Based on my limited experience, the HTTP flood is pretty expensive from the attackers' perspective: you need fullfil the TCP handshake for an attack.
Most of the attacks we have seen are UDP attacks, with some amplification, such as NTP, DNS, SSDP, see here. I will be disappointed that Cloudflare could not defend the UDP attack.
Layer 7-XMLRPC attacks do the trick. After 10-15 minutes of a large Layer 7 attack CF will disable their service on your domain and you will be left naked.
There's also a Cloudflare Exploit that lets attackers find the IP that you are trying to hide with Cloudflare which I found out about on google. CNAME exploit.
More info on that here: http://hackforums.net/archive/index.php/thread-4811061.html
Was going to say send me a PM and we'd work something out but sounds like you've moved forward already. Hopefully you factored in our 10% discount for annual payments in your price comparison.