Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Lowcost anycast solutions review: Francisco vs Rage4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Lowcost anycast solutions review: Francisco vs Rage4

umiumi Member
edited September 2020 in Reviews

1 ipv4 ip address. Locations:
BuyVM:LasVegas+NJ+Luxembourg
Rage4:Many(really!) but Seattle+Chicago+Frankfurt was selected for the test.
Price:
BuyVM: USD$6/mo for 3 vps (2 of them on Ryzen) with anycast ip included free. Traffic unmetered!
Rage4: EUR10/mo for 1 anycast ip basic plan with 20GB traffic (In+Out + EUR0.1/GB overage) + 3 vps (USD$3+EUR3)/mo.
Under the hood:
BuyVM hides all the complexity behind the control panel. Fast and simple. All you need to do is attach that additional anycasted ip to your network adapter. I added it as eth0.0
Rage4 uses zerotier network to deliver traffic to your nodes. And that adds quite a level of complexity to the whole system which I don't like. Once you got zerotier up and running you can use usual bgp4 client to annouce your ip to their's nearest router/(Linux box as a router more likely). I used bird.
Network upstreams:
BuyVM uses Gogent+HE mix
Rage4 uses mainly Vultr's network that gives a slight edge for some locations.
Latencies:
Almost comparable. BuyVM's mix of providers seems just attached LasVegas to L.A. and all the traffic goes via L.A. first no matter where it comes from. That adds ~20ms to the central U.S. originated traffic that did not go to NJ.

Pros:
BuyVM: price and price once again for unmetering traffic,really simple to setup,low cpu usage (no traffic encryption), can handle ddos (+few bucks/mo via CF magic transit).
Rage4: Locations are dotted over the globe. I was able to bump up the usual lack of regional connectivity of OVH vps in Singapore.
Cons:
BuyVM: needs Asia/Australia node badly.
Rage4: expensive and it will get crazy expensive when traffic is increased. Even cheap US&EU traffic is billed at crazy EUR0.1/GB. Complexity and CPU usage. Each packet must be delivered to userspace for decryption/encryption. I would prefer simple GRE tunnel without encryption to make it all handled in kernel fast.

Suggestions:
To put user controlled firewall on provider's side. Especially for Rage4 which will encrypt (and possibly bill) and pass it to your nodes all those network cr*p that hits your ip.

All in all for anycasted DNS usage they are nicely compliment each other as two independent rings of PoPs with different mix of providers. Both are doing great work. Thanks!

P.S. I'd be happy to review anycasted ip as a service of geeksolutions.ca when they finally roll it out. Or any other similar service.

Comments

  • ClouviderClouvider Member, Patron Provider

    Isn’t Rage4 DDoS protected ? Perhaps worth asking them.

  • umiumi Member
    edited September 2020

    Rage4 offers DDoS protection on custom anycasted ip plan only. The price for that is not even published. It will be more than EUR100/mo for sure and cannot be considered as lowend. This zerotier setup will quickly eats all your cpu up when traffic spikes to ddos conditions. They'll nullroute it though well before it happen, leaving Francisco+CF do all the mitigation stuff on another anycasted DNS ip.

  • @umi said: BuyVM: needs Asia/Australia node badly.

    That would be amazing

    Thanked by 1Abd
  • For AnyCast DNS, Rage4 or Zilore have a decent DNS solution. And almost nobody (save CloudFlare) uses AnyCast for anything other than DNS.

  • umiumi Member
    edited September 2020

    @AC_Fan said:
    For AnyCast DNS, Rage4 or Zilore have a decent DNS solution. And almost nobody (save CloudFlare) uses AnyCast for anything other than DNS.

    Yep. I need it for DNS only. But it has to be very clever DNS which simply is not a case for lowend price tag. If you are aware about DNS provider where I can have more control about which ip to return I'd be glad to check them. Ideally I need a bitmask of all /24 networks and the ability to set it via api. That level of control seems not available right now.

  • @umi said:

    @AC_Fan said:
    For AnyCast DNS, Rage4 or Zilore have a decent DNS solution. And almost nobody (save CloudFlare) uses AnyCast for anything other than DNS.

    Yep. I need it for DNS only. But it has to be very clever DNS which simply is not a case for lowend price tag. If you are aware about DNS provider where I can have more control about which ip to return I'd be glad to check them. Ideally I need a bitmask of all /24 networks and the ability to set it via api. That level of control seems not available right now.

    Would something like CloudFlare Workers work for you? You could run a simple Worker for redirection and store redirect URL per client IP/ASN etc. in the Workers KV Store.

  • umiumi Member
    edited September 2020

    What is the price tag of that solution will be? Need 50000 key+value pairs at the moment and the number keeps raising fast...

  • AC_FanAC_Fan Member
    edited September 2020

    @umi said:
    What is the price tag of that solution will be?

    Minimum 5 dollars per month (10 million requests included, .5 USD per million afterwards, along with 1GB of KV storage).

    @umi said:
    Need 50000 key+value pairs at the moment and >the number keeps raising fast...

    You should find a way to optimise your redirection, because I truly doubt that you have 50k unique redirections.

    Thanked by 2umi webcraft
  • Can it be attached to a free CF tier?

  • @umi said:
    Can it be attached to a free CF tier?

    I believe so, yes. CF Workers are independent of the main CF plan.

    Thanked by 1umi
  • Any ideas about latency of KV storage? 1GB limit implies that it is not memory based...

  • NeoonNeoon Community Contributor, Veteran

    Overkill, besides you got a TTL of 1.

    Thanked by 1umi
  • AC_FanAC_Fan Member
    edited September 2020

    @umi said:
    Any ideas about latency of KV storage? 1GB limit implies that it is not memory based...

    It's stored mainly in 1 US and 1 EU location, and cached at the edge as necessary. And it's not a limit per se, merely the included storage in the plan (which should be more than enough for you).

    Thanked by 1umi
  • umiumi Member
    edited September 2020

    @Neoon said:
    Overkill, besides you got a TTL of 1.

    Yep, TTL of 1 is nice to have but it's a crazy expensive thing.

  • @AC_Fan said:

    @umi said:
    Any ideas about latency of KV storage? 1GB limit implies that it is not memory based...

    It's stored mainly in 1 US and 1 EU location, and cached at the edge as necessary. And it's not a limit per se, merely the included storage in the plan (which should be more than enough for you).

    So if answer is not cached it has to wait for KV to load from the remote storage? That's not a good thing for a dns request...

  • @umi said:

    @AC_Fan said:

    @umi said:
    Any ideas about latency of KV storage? 1GB limit implies that it is not memory based...

    It's stored mainly in 1 US and 1 EU location, and cached at the edge as necessary. And it's not a limit per se, merely the included storage in the plan (which should be more than enough for you).

    So if answer is not cached it has to wait for KV to load from the remote storage? That's not a good thing for a dns request...

    It's cached within the first few requests of a day, and loaded via the internal CF network.
    There are many things to be worried about, I don't believe read performance of a commercial, distributed KV store is one of them.

  • Could you please provide average dns response times on both networks from West coast, central US, east coast, and an EU location or two?

    Thanked by 1umi
  • The biggest two issues for me with BuyVM is lack of locations (especially Australia/NZ) and that their determination of up/down is made on a node/DC level. Thus if your VPS crashes for some reason or service fails to start but the host node is still "up", traffic still gets routed to it. Both these are not an issue with Rage4 since you can control the announcement for yourself.

    However, as noted, Rage4 is way more expensive than BuyVM. Lack of a sub-10 Euro plan is a killer for me, and traffic overage makes it completely impractical to use for more than DNS.

    In short, I generally agree with the review.

    Thanked by 1umi
  • umiumi Member
    edited September 2020

    @FrankZ said:
    Could you please provide average dns response times on both networks from West coast, central US, east coast, and an EU location or two?

    With nodes selected on both coasts the dns requests are well within 30-40ms if user located on either of them. EU is even faster. The US-Central is the slowest with 40-60ms. The dns delays almost mirror the ping times that are given on the picture. One packet came, one packet sent.

    Thanked by 1FrankZ
  • SplitIceSplitIce Member, Host Rep

    If anyone needs an affordale Anycast solution for hosting a DNS service we will soon be offering DNS caching at our edge (active and passive modes). Should be out this year, currently up to building the customer UI. For anyone not needing the customer control panel we welcome testers.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    Thanks :)

    @tetech said: The biggest two issues for me with BuyVM is lack of locations (especially Australia/NZ) and that their determination of up/down is made on a node/DC level.

    That's what happens with shared anycast. Users can do HA though via keep-alive or whatever. My concern with locations is that i'd be forcing a new cost on active anycast customers. Maybe some would be fine with that, but users that are wanting more to tinker would not like it.

    My hope is that our BGP roll out bridges that some.

    For what it's worth our anycast IP ranges will be using Cloudflare Magic Transit very soon. We got notice from them just last week that they'll have a prototype ready for us to test shortly.

    Francisco

  • @Francisco said:

    @tetech said: The biggest two issues for me with BuyVM is lack of locations (especially Australia/NZ) and that their determination of up/down is made on a node/DC level.

    That's what happens with shared anycast. Users can do HA though via keep-alive or whatever. My concern with locations is that i'd be forcing a new cost on active anycast customers. Maybe some would be fine with that, but users that are wanting more to tinker would not like it.

    You've certainly picked the most important locations, and the more exotic you become the more people would be unhappy with adding a new VPS - I get that. My issue there won't affect everyone, maybe not even a majority.

    For me, that's where anycast starts to become most useful. A DNS lookup time saving of 10-20 msec between the two US locations is not a huge "sell" but once you add Australia the time saving becomes 200+ msec.

    What might be cool is to have a "reflector" VPS plan, e.g. 256MB paid yearly, which just sends traffic to the next-nearest DC. This way the burden on people who don't care much about the location but just want the VPS to meet the anycast requirement isn't that high. The old 128MB OVZ yearly plan played a kind of similar role.

  • FranciscoFrancisco Top Host, Host Rep, Veteran
    edited September 2020

    @tetech said:
    You've certainly picked the most important locations, and the more exotic you become the more people would be unhappy with adding a new VPS - I get that. My issue there won't affect everyone, maybe not even a majority.

    I haven't decided yet if I'll push Anycast on Miami. I think it'd do well to cover South America though.

    As for Asia, I've talked to a few datacenters in the region.

    Censorship/freedom of speech laws are near the top of my priority list. Thing is, places like Singapore, while popular, are restrictive on speech. Tokyo has similar speech laws to the USA, but then it has the whole porn censoring stuff. If you quietly listen you can hear @raindog308 crying in the distance. Australia is a decent choice but would have to work to get a lot of peering to stop the AU->US->APAC routes.

    Francisco

  • raindog308raindog308 Administrator, Veteran

    But tentacle hentai is legal in Japan and that’s all you need.

    What about Bangalore? Or Seoul?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    Questionable freedom of speech/censorship laws.

    They also have the whole noisy neighbor issue.

    Francisco

Sign In or Register to comment.