Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


When owning a Dedicated Server with no DDOS protected IP...
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

When owning a Dedicated Server with no DDOS protected IP...

DillybobDillybob Member
edited July 2015 in General

You usually tunnel to it using a GRE tunnel, right? (Cannot really think of the point of having 1 with no protection)

If not, what's the average amount of flooding that you experienced before being null routed?

Please say the provider's name and what speeds your network/node sustained before the null.

«1

Comments

  • AlexBarakovAlexBarakov Patron Provider, Veteran

    Pretty much, any reasonable provider would null a little over 1gbps (considering you've purchased 1gbps port, which is the most common one atm). Otherwise the overusage fees would most likely be huge.

  • DillybobDillybob Member
    edited July 2015

    AlexBarakov said: Otherwise the overusage fees would most likely be huge.

    Hmm. I'm a little worried about this. What would happen if you just paid them via paypal and didn't setup an automatic billing with them. Could they technically sue you for extra bandwidth usage if you don't pay the overusage fees? Or would they basically send you an invoice? What exactly happens when it gets to that point? I'm guessing the user agree's to that when signing up right?

  • Dillybob said: Hmm. I'm a little worried about this. What would happen if you just paid them via paypal and didn't setup an automatic billing with them. Could they technically sue you for extra bandwidth usage if you don't pay the overusage fees?

    Yes. You owe it to them.

  • KuJoeKuJoe Member, Host Rep

    Most data centers will tell you the overage costs up front either in their agreement or in their billing system, the good ones even have automated alerts when you reach XX% of your monthly bandwidth.

    I've seen a lot of data centers send client accounts to collections, hold data hostage, and in extreme cases they'll result to small claims court for bandwidth overages. In most cases the data centers are willing to work with the client if the overage is extreme also.

    It's also a really good idea for clients to monitor their own bandwidth also so they can see when they are getting close to their monthly limit or if the data center's bandwidth monitor is off you can contest it (I really should take my own advice on this, none of my personal servers have my own bandwidth monitors on them).

  • KuJoe said: I've seen a lot of data centers send client accounts to collections, hold data hostage, and in extreme cases they'll result to small claims court for bandwidth overages. In most cases the data centers are willing to work with the client if the overage is extreme also.

    So, when a provider is null routing, it's actually helping their client's pockets. I didn't think of that way before. It does make a lot more sense. In essense, actual a null route is a way of a provider showing compassion towards a client. Because what if a Systems Admin didn't like a certain client and saw the flood started to happen. The flood didn't effect other nodes on that network, so he just let that flood keep going and going racking up insane amount of overage charges.. I know this seems like it would never happen, but do you think someone hasn't ever done this before? (Imagine Jonny or someone like that personality running a DC or renting out dedi servers).

    However, they are null routing the ip to protect other clients on the network too, right? So it's kind of a win win I'm guessing.

    I am just afraid of buying the dedi, and getting hit with some stupid hackforum ddos stress tester site and boom, it's over. That's why I'm thinking of doing a GRE tunnel through BuyVM to a main dedicated or just within BuyVM.

  • Dillybob said: The flood didn't effect other nodes on that network, so he just let that flood keep going and going racking up insane amount of overage charges.. I know this seems like it would never happen, but do you think someone hasn't ever done this before? (Imagine Jonny or someone like that personality running a DC or renting out dedi servers).

    They have no guarantees that the debt that will be generated will be paid for.

  • KuJoeKuJoe Member, Host Rep

    I've seen a "data center" go out of business because of bandwidth overages before. Nothing surprises me any more.

  • HTMLHTML Member

    I have a dedi server (with no ddos protection) and 2 vpses both with ddos protections so how can i use one of those ddos protected vps to forward all requests (all ports) to the dedi server? I tried iptables but i am getting an error " can't initialize iptables table nat'" does that mean i can't do it because NAT is disabled at server level where the VPS is hosted?

    Is there any other way to achieve it? I want all ports traffic to be forwarded instead of just HTTP

  • @HTML said:
    I have a dedi server (with no ddos protection) and 2 vpses both with ddos protections so how can i use one of those ddos protected vps to forward all requests (all ports) to the dedi server? I tried iptables but i am getting an error " can't initialize iptables table nat'" does that mean i can't do it because NAT is disabled at server level where the VPS is hosted?

    Is there any other way to achieve it? I want all ports traffic to be forwarded instead of just HTTP

    that error would be because you're on openvz and the openvz iptables nat module wasn't loaded found that out recently.

    and furthermore @dillybob try cloudflare if you are that afraid.

  • HTMLHTML Member

    @timnboys said:
    that error would be because you're on openvz and the openvz iptables nat module wasn't loaded found that out recently

    is there any way to fix it from my openvz vps? or only the server/node admin can do it? I heard it's because of the custom kernal that vpses use

  • @HTML said:
    is there any way to fix it from my openvz vps? or only the server/node admin can do it? I heard it's because of the custom kernal that vpses use

    well the server/node admin can do that you cannot though because it requires accessing the node and changing the kernel settings for openvz.

    I was able to fix it as I have my own nodes that I have root access to fix all of this.

    but anyway just contact your provider and see if they will enable it.
    otherwise if they won't you're mainly sunk as there is no way to fix it outside of editing the kernel config for openvz on the node itself.

  • HTMLHTML Member

    @timnboys said:
    otherwise if they won't you're mainly sunk as there is no way to fix it outside of editing the kernel config for openvz on the node itself.

    oh ok thanks for the details response i will contact them and if they can't i can get a cheap small ddos protected vps that renew annually with less resources. If i am doing it for packet forwarding it don't need high config vps right? just good bandwidth is necessary ?

  • @HTML said:
    oh ok thanks for the details response i will contact them and if they can't i can get a cheap small ddos protected vps that renew annually with less resources. If i am doing it for packet forwarding it don't need high config vps right? just good bandwidth is necessary ?

    Okay well first of all let me just explain to you what I am getting at what you are trying to do
    what it seems like to me you are trying to do is proxy all traffic through the ddos protected vps correct? if that is correct then what you need is of course enough resources that the proxy server or system or whatever you're using to proxy the traffic doesn't choke
    and furthermore it would be best if you had enough amount of bandwidth to cover all of the traffic coming through including until either the vps's ddos protection activates or the ip is null routed depending on how the ddos protection of the vps works. for example on my ovh nodes some people have actually had some ddos coming into the vps(not going out as if you are sending or doing ddos that is another issue and probably wouldn't be tolerated by any provider) anyway if the ddos comes to one of the vps on my ovh nodes ovh's ddos protection automatically steps in and stops the ddos and then goes back onto "standby" when the ddos attacks stop waiting for the next ddos attack to take action again.
    anyway I would recommend maybe getting a ddos protected vps with a provider with ovh nodes as I think ovh has the best ddos protection for a lowend price though(well atleast they do on soyoustart where I have my ovh nodes from)
    anyway I could offer you a ovh ddos protected vps just open a ticket here:
    https://my.cubedata.net/client/plugin/support_manager/client_tickets/add/1/

    anyway I hope my page long response helps you out with your question.

  • HTMLHTML Member

    @timnboys said:
    anyway I hope my page long response helps you out with your question.

    Yes that's right i was trying to do that. Is OVH and SYS ddor protection better than kimsufi (an ovh company). I had many ddos attacked on my kimsufi server 2 months ago and they were unable to handle it and provide me any support than i searched google and found that OVH can't detect the ddos attacks if they are coming from internal serverx so someone on OVH servers can ddos another OVH user without getting detected? I don't know what kind of attack that was but i was eating the whole 100mps that was given to me by Kimsufi i tried CSF and different methods but still was unable to stop it.

  • @HTML said:
    Yes that's right i was trying to do that. Is OVH and SYS ddor protection better than kimsufi (an ovh company). I had many ddos attacked on my kimsufi server 2 months ago and they were unable to handle it and provide me any support than i searched google and found that OVH can't detect the ddos attacks if they are coming from internal serverx so someone on OVH servers can ddos another OVH user without getting detected? I don't know what kind of attack that was but i was eating the whole 100mps that was given to me by Kimsufi i tried CSF and different methods but still was unable to stop it.

    I would believe so as ovh and sys is the higher tier of ovh's services as kimsufi is the lower first tier of their services.
    as sys and ovh are pretty much alike in the sense sys has more capabilities like for example more than one ip, etc.
    and also sys said if I am not wrong that they guarantee 250mbps on all of their dedicated servers so it isn't exactly a 1gbps like I was expecting but hey it has been working fine though.

    so yes to answer your question I would guess so since sys and ovh are about on the same tier with no tier left to climb to. as kimsufi is just the baby if you want to call it that compared to sys and ovh.

  • HTMLHTML Member

    @timnboys said:
    so yes to answer your question I would guess so since sys and ovh are about on the same tier with no tier left to climb to. as kimsufi is just the baby if you want to call it that compared to sys and ovh.

    Thanks for the detailed replies tim! my love for LET is increasing every day by learning new things every day i should have joined LET early!

  • FrankZFrankZ Veteran

    @HTML By the by. IPtables can forward the protected VPS IP to the unprotected one, but you will also need a tunnel between the two, and routing table entries on the unprotected VPS to send the traffic back out through the protected VPS's IP.

  • HTMLHTML Member

    @FrankZ said:
    HTML By the by. IPtables can forward the protected VPS IP to the unprotected one, but you will also need a tunnel between the two, and routing table entries on the unprotected VPS to send the traffic back out through the protected VPS's IP.

    Can i send all type packets through all ports not only HTTP? and will i able get the real ip of user? i heard nginx and litespeed server can do reverse proxy but they only forward HTTP traffic

  • NexHostNexHost Member
    edited July 2015

    KuJoe said: It's also a really good idea for clients to monitor their own bandwidth also so they can see when they are getting close to their monthly limit or if the data center's bandwidth monitor is off you can contest it (I really should take my own advice on this, none of my personal servers have my own bandwidth monitors on them).

    I had 30 machines with LSN several years ago. had 1 box not use anywhere close to the amount of Bandwidth I had. But due to the estimated Bandwidth usage being so High. They decided to charge me a $12,000 overage fee and shutdown every single machine..

    So now I'm in a $12,000 + Debt with LSN.

  • @jmckeag12 said:
    So now I'm in a $12,000 + Debt with LSN.

    Trolling or serious? Proof? (s/s of collections or something)

  • FrankZFrankZ Veteran
    edited July 2015

    HTML said: Can i send all type packets through all ports not only HTTP? and will i able get the real ip of user? i heard nginx and litespeed server can do reverse proxy but they only forward HTTP traffic

    Yes. If you need help PM me and I will set you up. As setting it up the first time, if you are unfamiliar with it, can be kind of a PITA. That maybe why many just suggest cloudflare.

    EDIT: You will need a KVM or openVZ with GRE enabled for it to work.

  • DillybobDillybob Member
    edited July 2015

    HTML said: Can i send all type packets through all ports not only HTTP? and will i able get the real ip of user? i heard nginx and litespeed server can do reverse proxy but they only forward HTTP traffic

    Yeap even teh websockets <3 GRE Tunneling

    Edit: Cloudfare doesn't support websockets that's why I cannot use :(

  • @Dillybob said:

    Trolling or serious? Proof? (s/s of collections or something)

    Being serious..

    They won't even get back to me anymore. so if you can get a REP to check against my name they can confirm it. why would I be trolling?

  • madtbhmadtbh Member

    Try using a GRE Tunnel, BuyVM have a good write up @ http://wiki.buyvm.net/doku.php/gre_tunnel

  • HTMLHTML Member

    @madtbh said:
    Try using a GRE Tunnel, BuyVM have a good write up @ http://wiki.buyvm.net/doku.php/gre_tunnel

    Thanks for sharing! So Nat is necessary for GRE Tunneling right?

  • @jmckeag12 said:

    $12,000 seems like a small claims court type of deal, have they gone that far? What have they done to you, like legally? Or have they just told you over WHCMS invoices? :P

  • NexHostNexHost Member
    edited July 2015

    @Dillybob said:
    $12,000 seems like a small claims court type of deal, have they gone that far? What have they done to you, like legally? Or have they just told you over WHCMS invoices? :P

    I'm not sure how much the debt is. It was either $12,000 or to upgrade the Bandwidth Allocation. so they was forcing me to upgrade it by 10TB Additional Traffic but there was no option there as it was 2TB away from resulting in overages. would of rather them of shut that machine offline but they would not.

    Anyway it's over and done with. we are talking 8 years ago and Bandwidth was costly back then.

  • madtbhmadtbh Member

    @HTML said:
    Thanks for sharing! So Nat is necessary for GRE Tunneling right?

    NAT is used to pass data over the GRE Tunnel.

  • HTMLHTML Member

    @madtbh said:
    NAT is used to pass data over the GRE Tunnel.

    Thanks for explaining

  • catalystiumcatalystium Member
    edited July 2015

    Just done a gre tunnel yesterday on a BuyVM openvz vps, had to contact support to have them enable that part (iptables nat). Something about it being a bug in openvz and they can enable it with a reboot for you.

Sign In or Register to comment.