[App_rpt-users] ASL Deployed on a VPS in under 1 hour as HUB
2E0SIP
app_rpt at marrold.co.uk
Wed May 16 15:24:43 UTC 2018
For what it's worth, I use Vultr and find their service to be pretty solid.
I've got one VPS thats averaging 20-50% CPU Utilisation, and I've not had
any blocked ports or issues.
If your server is under a constant hack attack you should probably put in
measures to block the attack before it takes place. (iptables, fail2ban,
etc) or bring up the node on a new IP and see if it persists.
Cheers
On Wed, May 16, 2018 at 3:57 PM, Stephen - K1LNX <k1lnx at k1lnx.net> wrote:
> Bottom line, Vultr sucks. I had a hub deployment there supporting 5
> repeaters and it was nothing but constant issues and finally scrapped it
> alltogether. They are one of the few providers however that will allow
> custom ISO's and do BGP announcements so I left that portion in place until
> I can find another.
>
> Their support is about useless, they were quick to blame anything I had
> running vs. their oversold and saturated infrastructure.
>
> 73
> Stephen
> K1LNX
>
> On Wed, May 16, 2018 at 10:12 AM, Mike <mm at midnighteng.com> wrote:
>
>> As a follow-up...
>>
>> The host at Vultr has blocked the ports on this instance thereby
>> rendering it useless.
>>
>> In trying to remedy this, they claim I am over using the CPU on a other
>> instance running a full version of asterisk on a server with 3x the
>> resources, which has been under constant hack attack. But what I did not
>> know is that they had started blocking ports back then (months ago) and in
>> a effort to fix what I thought was corruption, did a lot of re-loading of
>> software, intensifying the cpu usage. SO, it may be advisable if you think
>> you want to reload and reconfig a instance such as I outlined here, to
>> start a new instance, copy the files needed from your old one and destroy
>> the old instance. You will have a new IP address with the new.
>>
>> Same on yet one other instance for a web server only intended for email.
>> But I have to say, if not for the blocking of the email ports in the first
>> place and without warning, I might have been inform by the scripts I have
>> on those servers of the hacking attempts to the first server.
>>
>> Kinda a catch 22 I guess. But I thought the advantage of VPS is that you
>> can not and do not 'SHARE RESOURCES"
>>
>> You are suppose to get just what you pay for nothing more or less.....
>> Go Figure !
>>
>> Anyway, I will give you guys 1 more follow-up as I redeploy this "ON SOME
>> OTHER HOST" because they seem reluctant to open ports 25,465,4569 & 5060 in
>> one direction or the other.
>>
>> Here is a nice online tool for checking your inbound udp/tcp ports...
>>
>> https://www.yougetsignal.com/tools/open-ports/
>>
>> While I do not wish to slight vultr, it does not seem they handle issues
>> very well. And the hack activity there is high. Do not run a instance there
>> without configserver (CSF) or some statefull firewall, but I guess that
>> goes for anywhere. But for whatever reason, if you don't get it deployed
>> and locked down there in the 1st few hours, you may have plenty of issues.
>> The IP's there are high on the hacker hit list. And I have seen plenty of
>> 'reflections' attacks there.
>>
>> But, if many should start to deploy these hubs on VPS, I would say we do
>> need some separate communication between us as to hack activity and ip
>> address sharing of those attacks. Perhaps a email list of the output of CSF
>> & LFD from each instance. Then you can start-up with the knowledge of
>> previous attacks addresses the moment you deploy. Just a thought.
>>
>> Follow-up to come...
>>
>> ...mike/kb8jnm
>>
>>
>>
>>
>> On 5/15/2018 2:36 AM, Mike wrote:
>>
>>>
>>> Just wanted to let those know that have had a wish-list of a deployment
>>> of a hub on a VPS, and know that it was quite easy.
>>>
>>> On the down side for me is that I am a CentOS guy. I run over a dozen
>>> centos64 servers now. Started with centos in v3 I think.
>>>
>>> Debian is new for me.
>>>
>>> Struggled a little. And on the plus side for time, I had a old config
>>> for the same from ACID .
>>>
>>> Here is the quick what/where... (I am not endorsing anyone)
>>>
>>> I used a 1 core 500mb / 25gb VPS from Vultr.com
>>>
>>> ...you may need to 'change server locations' to find that small cheap
>>> one @ $2.50/month
>>>
>>> Once you have a server picked-out and deployed (5min) and it's loaded
>>> and ready,
>>>
>>> You will need to load a custom ISO of the ASL from the http-link address
>>> at allstarlink.org of the 'ISO' image.
>>>
>>> After it has loaded in the tray (few min) reboot the server
>>> loading/booting custom iso.
>>>
>>> Watch the top right hand side of the screen for the local/console
>>> monitor button to see what you are doing.
>>>
>>> For me it loaded up in less than 15min but that's a guess. It was pretty
>>> darn quick.
>>>
>>> But while you are waiting, you can ready your ssh shell with new ip if
>>> you want or do your set-up at allstarlink etc.
>>>
>>> But do not alter the server setting at Vultr while the process is
>>> ongoing. Before or after would be in order here.
>>>
>>> You will need to unload that iso from the tray and reboot at the end to
>>> continue from the vultr server setup page.
>>>
>>>
>>> I will say for me... I had to set myself up as root ssh right away or it
>>> would have taken me twice as long or more to edit the files and 'stuff'
>>> since I'm not use to debian linux. but it does not seem all so different.
>>> But I rarely run as sudo.
>>>
>>> When I'm done, I revert back to locking up root. But I am sure it will
>>> take most a little bit longer to deploy as i am use to the menu at vultr
>>> since a load a experimental server there all the time and destroy it after
>>> my tests.
>>>
>>> Anyway, hope that gets some folks thinking of new possibilities and
>>> trying some new things out.
>>>
>>> For me... this node number is 29999 and I had ask for it in advance of
>>> hitting the 30000 mark and was intended to be just what I am doing with it
>>> now. But I do intend to build many repeater toys in this central spot to be
>>> used by other repeater/nodes I have. Perhaps then I can slim down my
>>> computer boards driving the repeaters.
>>>
>>> But I would like to see a bunch of activity on this 29999/hub over the
>>> next week to examine how much activity will load it down so I have some
>>> idea in real terms what it will handle. So if you all can help me out with
>>> that great ! Connect up and shoot some round tables for a bit.
>>>
>>> I may in the future sponsor some tech nets/how 2's on this hub. But I do
>>> have in mind a experiment with a http html5 webtransiever when I have time.
>>> It would be for emergency use only. Think of all the possibilities for
>>> yours and go for it !
>>>
>>> One other note I am playing with...
>>>
>>> I have pointed a FQDN domain at the server for now and it is 29999.link
>>> (port 80 not opened yet, not till I get csf config'd) and I just wanted
>>> those that might have that in mind in the future to perhaps think of using
>>> the '.LINK' extension for these things. They are cheap and available for
>>> most 5number names. Unlike .com/.net/.org since 5number names are well
>>> taken as zipcodes in the us. (node#.LINK)
>>>
>>> But all in all... Guys/Gals Thanks for all the hard work from those on
>>> the new ASL Debian versions. Thank You !
>>>
>>> A Very smooth and accurate deployment.
>>>
>>> ...mike/kb8jnm
>>>
>>> _______________________________________________
>>> App_rpt-users mailing list
>>> App_rpt-users at lists.allstarlink.org
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>>
>>> To unsubscribe from this list please visit
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and
>>> scroll down to the bottom of the page. Enter your email address and press
>>> the "Unsubscribe or edit options button"
>>> You do not need a password to unsubscribe, you can do it via email
>>> confirmation. If you have trouble unsubscribing, please send a message to
>>> the list detailing the problem.
>>>
>>
>> _______________________________________________
>> App_rpt-users mailing list
>> App_rpt-users at lists.allstarlink.org
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>
>> To unsubscribe from this list please visit http://lists.allstarlink.org/c
>> gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of
>> the page. Enter your email address and press the "Unsubscribe or edit
>> options button"
>> You do not need a password to unsubscribe, you can do it via email
>> confirmation. If you have trouble unsubscribing, please send a message to
>> the list detailing the problem.
>>
>
>
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit http://lists.allstarlink.org/
> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of
> the page. Enter your email address and press the "Unsubscribe or edit
> options button"
> You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message to
> the list detailing the problem.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20180516/dd171bee/attachment.html>
More information about the App_rpt-users
mailing list