[cpqq]

Work in IT. Server was stable & online for 189 days before the 25th, knew them for stability.

No notification from them, just a handful of downtime alerts during time with the family. They were completely gone from BGP tables in Newark.

Used backups and moved sites to OVH. Don't know who they pissed off, I suspect another NJ competitor, who is known for taking cheap shots at other VPS companies.

It's a pain in the ass, but at the same time, how is their network so fragile? You would think at least some of the fragile systems being attacked would be firewalled or at least ACL'd off from the public net.

This is what happens when you don't run your own network and rely on other ASN's and uplinks to do the work for you. When it comes to other customers being affected, they will simply null you. Unlike your network ops who would be trying anything they could from OOB to rectify such.

[StanAngeloff]

What you are saying has been somewhat confirmed in Linode's latest update on the Atlanta outages [1]. I can't help it but to wonder if Linode were prepared or had a plan in place in case of a DDoS? It appears their upstream provider cuts them off completely once an attack starts/resumes and gradually puts them back on. The cycle then repeats.

We are also duplicating in OVH, read good things about their built-in DDoS protection on HN.

[1] http://status.linode.com/incidents/cbbcjnhhpkgm

[cpqq]

Wow.

I mentioned FastNetMon to them, but I just read the status update. They're blocking entire continents by communities... Holy shit. This is not some skiddie, this is likely state sponsored or BTC ransom.

Worrisome how the attacker knows so much of their infrastructure, makes me think ex-employee as he knows where to hit their servers, etc.

So glad I replied 'nope' to taking the cheaper SysAdmin position, after hand feeding them how I did mitigation. They asked me how, and were very interested in why. This was a week before this happened.

It's all making sense now. But even FastNetMon couldn't help this, you need a shitload of bandwidth (OVH size) and thousands (hundreds in cases for arbor) of equipment to match.

They need to GRE their /24's from Voxility or some large ass provider, as this is beyond fucked. I just read the status, they're cutting off parts of the internet to VMs. What in actual fuck.

I've worked in cloud for 10 years, and recently left, and will not be going back. Bare metal and OVH FTW. I can understand the 'going above and beyond' during holidays, but the lawyers I work for just want their 'f email online NOW' (direct quote)

[gingerlime]

What kind of VPSs are you guys using with OVH? I had a look at OVH, but to be honest got really confused with too many options to choose from... (not to mention I wasn't sure which site I should sign up to, the .com / .co.uk - is this based on the VPS location in any way?).

Linode clearly wins on simplicity and clarity. I guess under the current circumstances, I'd be willing to compromise simplicity for better availability though.

[StanAngeloff]

(I work in IT as well. Not affiliated with Linode / OVH)

Linode wins on simplicity, agreed. We are in the same boat, OVH has too many offerings. We are looking at their VPS SSD plans [1]. Last thing we want is to be offline again. As such we are also looking for anti-DDoS which is included in the plans. I intent on spinning up a few nodes to try them out first.

[1] https://www.ovh.ie/vps/vps-ssd.xml

[cpqq]

Whoever has the most transit wins the mitigation game. You need to take in that traffic, then process it with a shitload of power.

OVH has 3 large datacenter PoPs to absorb attacks and do just that, then push the traffic clean back to your server.

They may blow at support and response times, but once I have a dedicated server from them, their Manager is intuitive enough to get going.

Add the fact I can get 64G server on a brand new E5 chassis with 255 free IPs for VPS of my own, and I've been moving more and more sites there as hosts get arbitrarily hit.

Piss off some competitor or skiddie and you get tested. It's ridiculous, but sadly DDoS mitigation is becoming a must.

Good time to leave being a SysAdmin in cloud and go back to web design full time as I watch a lack of best practices and SPOF take over.

Finally, I backup everything to 2 off-site locations and hope for the best.

[pmontra]

All OVH servers are in the same data centers regardless which country's domain you buy from.

They have 3 data centers in France and one in Canada, east coast. Status and network map at https://www.ovh.co.uk/community/status/

About the options, I don't know. They updated their products on Q4 2015 and I still didn't have to buy another VPS from them so I didn't investigate.