Avatar

tetech

tetech

About

Username
tetech
Joined
Visits
778
Last Active
Roles
Member, OG
Thanked
317

Comments

  • Borg is good. Very happy with it. Quite fast for large numbers of small files. For VMs, for a few years I've been using a rsync script, and then creating a hardlinked copy each day. This means linux takes care of all the incremental stuff. But generally these days, I'm taking an incremental btrfs snapshot of the entire…
    in What are you using for incremental backups? Comment by tetech July 2020
  • f2b chains don't exist, so clearly nothing is going to be blocked.
    in Securing your VPS Comment by tetech July 2020
  • We already have the POPs, they are not included in the calculation on either side of the ledger. However, it doesn't change the end result. We'll forget Anycast and go with GeoDNS. If another special Anycast offer comes along then we'll cross that bridge if/when we come to it.
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • What type of virtualization? Show iptables-save with your IPs redacted - possible that there's an ACCEPT before the f2b chain?
    in Securing your VPS Comment by tetech July 2020
  • All of that makes perfect sense. I'm doing the same type of cost-benefit on a much more lowend scale. For reference, this was my starting point: https://talk.lowendspirit.com/discussion/comment/8981. To step through my thought process, if I'm going to spend around $5-8 per month on a decent GeoDNS then I'd be happy to…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Use fail2ban-regex to see what is being matched in the logs rather than blindly guessing.
    in Securing your VPS Comment by tetech July 2020
  • I'm sure that's great for a lot of people! Unfortunately, lack of Australia kills it for me, and $30/month is way over my budget. But for someone who needs mitigation it would be good.
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • The list of countries allowed to sign up does not include US, Canada, or any in Europe, which must severely limit their customer base, although of course people can put in fake info. Maybe for some people it works - India, Russia, etc. Best for me to steer clear of it for now though. Shame, it looked interesting!
    in Free Cloud Load Balancer? Comment by tetech July 2020
  • Yeah, that is what I was starting to figure. Quite off-putting for me, to be honest. Not sure what I'm even allowed to send on that network due to export restrictions. But everyone can form their own opinion on that subject. Their terms contain "boilerplate" GDPR provisions. It is a bit messed up because it says "German…
    in Free Cloud Load Balancer? Comment by tetech July 2020
  • Got the following, which is strange for a company with contact info in Germany: Language on signup page defaults to Farsi. https://en.wikipedia.org/wiki/Arvan. What the heck.
    in Free Cloud Load Balancer? Comment by tetech July 2020
  • Looks interesting. Worth giving it a try. They say they "currently offer" free DNS and the page looks like it is written with the expectation this might change in the future, so I don't count on it lasting forever. But a good one to test, thanks for the pointer.
    in Free Cloud Load Balancer? Comment by tetech July 2020
  • I re-checked AWS billing and seems good. By pushing the Hetrix updates to CloudFront metrics, the Route 53 health checks are considered 'AWS endpoints' and thus free of charge. Amazon Route 53 Health-Check-AWS$0.00First 50 Health Checks of AWS endpoints are free of charge0.477 Mo$0.00Amazon CloudWatch$0.00$0.00 per alarm…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Run multiple HAProxy. If you have the budget then use anycast and remove failed nodes. Otherwise return multiple IPs in DNS and update DNS using health checks. To answer the original question, also take a look at https://www.gslb.me/ which has a free tier. They are kinda doing something like the above under the hood.
    in Free Cloud Load Balancer? Comment by tetech July 2020
  • I'm looking for a phone company that provides free ice cream, and an electricity company that will give free shoes.
    in Looking for Domain Registrar with free email hosting Comment by tetech July 2020
  • Today I integrated Hetrix with Route 53. It wasn't too bad, and looks like I've managed to do it on the AWS "free forever" tier (not the "free 12 month trial"). But maybe I should give it a day for billing info to update and not be too confident on that last point. Cost-wise, using external monitors makes Route 53 quite…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • I run one in a DB cluster for less than a month. Limited experience to draw on, but so far no downtime, performance good.
    in GreenKVM reviews , opinions anyone? Comment by tetech July 2020
  • I put in an hour figuring out the Oracle DNS API and integrating Hetrix. Not fun, but better than I thought it would be. Price-wise it is thus a flat $4/M for "traffic director" (i.e. GeoDNS) queries. This might be a short-term solution, but the cost doesn't scale up very well, so I'm still contemplating what to do in the…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Thanks for the link! Good to see more providers with competitive offerings, and nice list of POPs. Probably I need sub-country for US (60% of my traffic is US and I have POPs in West/Central/East, so not necessarily state but at least region). Any timeframe for adding that? Would also be good to get some API info and…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • For on-demand video, may not even need geolocation. I guess my point was that when most people start out with web hosting they just put everything on one web server including large static downloads (software, video, etc.) and that could get expensive if you blindly moved it onto anycast. At least for DNS, it isn't really…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Yeah, "anycast DNS" refers to the property of the DNS server itself, where a single IP takes you to the nearest DNS server to improve latency. If I've got users in Australia then going to the wrong DNS can add 300 ms to the lookup (if not cached etc.) GeoDNS is more about the answers that the DNS server returns, i.e.…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Another option I forgot is Oracle. Their "cloud DNS" has no per-domain charge, $4/M for "traffic director" queries (so 0.7M = $2.80) and their 30 sec health checks are a comparatively reasonable $0.30/month. So 2.80 + 6x0.30 = $4.60 (like AWS their API is a nightmare and it wouldn't be fun to integrate Hetrix). I guess…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Thanks! I have sent you a message. Yearly payment would be fine for a lowend plan. How does it work with your system if one of my VPSes goes down - do you have any sort of public docs or setup guide?
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • You do NOT need a traffic policy to get GeoDNS working with Route 53. Traffic policy is designed for more complex routing rules. Example: if you want GeoDNS that returns multiple values (rather than the nearest IP) then you start to need traffic policy. If you want to balance load across regions, you can 'bias' the geo…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • That is how anycast works. The issue is the granularity. I'm happy to be corrected if wrong, but the way BuyVM implements it is on a datacenter granularity. In other words, if the whole BuyVM location goes down, then anycast works as you describe and all their IPs (en masse) get routed to the next-nearest location. But…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • You might be right that nothing else is competitive! Good to ask though. Especially for the anycast-as-a-service option, I am not sure if I missed other providers. For anycast, if someone did a lowend annual plan (e.g. 200GB for the year) that could be very interesting. I think when you compare Route 53 and Constellix the…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • For Constellix, GTD is their "global traffic director" which is a more advanced thing including RUM - not the same as GeoDNS. The basic pricing is $5 for a domain + $0.06 for each filter rule + $0.60/M geoproximity queries + any health checks. Their API is good enough that I'd probably integrate Hetrix monitoring (OK to…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • I don't/won't use Cloudflre. Anyway, NS1 billing is for an average of 0.7M per month, so the assessment is already done. This means I get charged overage by NS1 ($8/M), but NS1 is still quite OK price-wise. But the issue is not query volume. The main issue with NS1 is that they limit the free plan to one filter chain, and…
    in Lowend anycast-as-a-service or geo+anycast+API DNS Comment by tetech July 2020
  • Get apk-tools-static, mount spare partiton (e.g. swap), run apk.static to install alpine-base onto it, reboot to partition, reformat old partition and repeat process. Never had it fail yet. although Joyent images can be challenging.
    in Securing your VPS Comment by tetech July 2020
  • No time in the near future, so others please take it!
    in Securing your VPS Comment by tetech July 2020
  • I think you are more advanced than me because I am not sure what alpine.virt does. I do everything inside a lowend KVM VPS and hot convert it to Alpine.
    in Securing your VPS Comment by tetech July 2020
  • No. I mean yes. I mean correct. A custom port is going to be found by port scanners eventually. I used f2b for years but in the end discontinued it for a few reasons. First, it is a bit of a memory hog on a super low-end VPS. Second, it loses the chains if you don't restart it after restarting iptables, which is a human…
    in Securing your VPS Comment by tetech July 2020
  • Reduce OS attack surface, e.g. install Alpine. Close all ports with iptables, open only to IPs whitelisted in "KNOWN-IP" chain (automatically updated). At-rest partition encryption with dynamic key fetch on boot. Run inter-VPS traffic through private cloud. Containerize.
    in Securing your VPS Comment by tetech July 2020
  • Thanks mikho for the offer. It was nice for you to do it.
    in Happy Independence Day 2020!! Comment by tetech July 2020
  • My girlfriend tried this when she got out the whips and black leather. "Come here, secondary" doesn't have quite the same ring to it.
    in Happy Independence Day 2020!! Comment by tetech July 2020
  • Ah beat me to it :)
    in June madness thread - throw away the rules - offers, OFFERS EVERYWHERE! [72 hours] Comment by tetech June 2020
  • Because 1GB is not little?
    in June madness thread - throw away the rules - offers, OFFERS EVERYWHERE! [72 hours] Comment by tetech June 2020

© LowEndSpirit 2025

ipv6 ready

This Site is currently in maintenance mode.
Please check back here later.

→ Site Settings