So I selfhost a number of servers in various locations and utilize a DigitalOcean VPS as a hub/gateway to transmit data between these nodes.
I have a consistent issue when running large backups or transfers in which DigitalOcean flags my server for a DDOS attack and sends traffic to a black hole for 3-4 hours.
Customer support has been the absolute worst and does fuck all to help remedy the situation in any way. These events have been consistent over the past 8 months.
Does anybody have recommendations for a solid VPS provider?
Price isn’t too much of a factor. I was running a $8/month server but I don’t mind something more expensive if the company has a good reputation for reliability and privacy.
As mentioned, I primarily use a VPS as a gateway/hub for file transfer services. I’m also hoping to spin up another VPS for static websites.
I’d give Hetzner a try. The VPS they offer come with 20TB of bandwidth and they only count outgoing traffic(bottom of this page is the source -> https://docs.hetzner.com/robot/general/traffic/) One thing to note with Hetzner VPS is the port speed is not guaranteed to be 1G only on their dedicated servers is 1G guaranteed. In my experience with their VPS I always got over 500M so is wasn’t an issue. I’ve since moved to a dedicated server in Finland for the horse power and the flexibility of running my own VM platform(Proxmox)
There’s also Netcup but I’ve never used them so can’t speak to quality but I’ve heard good things about them.
Edit: totally forgot to mention BuyVM. I have one of their 1GB VPS in Luxembourg. Speed is good to Finland but not so great to Canada but that’s not their fault. More to do with latency which is to be expected given the distance.
Maybe not what you’re looking for, but maybe its time to switch to a mesh style VPN, and use your DO VPS’ as coordinator nodes, so they don’t route all that traffic. Tailscale, head scale, netbird, nebula are all options.
Funny you mention that. I was about to make a post about Nebula earlier. I learned about it through YouTuber apalrd a few months back and it seems perfect. I’m still trying to understand some of the complexities when utilizing a service that requires circumventing the mesh network for public access such as Nextcloud. I’ll probably make a post about this after I’ve done some more research. I think there’s some good discussion to be had about such a setup.
I tried to set up a nebula network but it seems like it has trouble when your hosts are behind a VPN service. The VPN must block the port or protocol the lighthouse is connecting with and I can’t figure out a way to bypass the VPN (at least on Mac split tunneling isn’t supported). I’m assuming you’re familiar with mesh networks…do you have any good youtube videos or resources you would recommend? The nice thing about VPN is it’s crazy simple to set up and seems to work with all types of system configurations. Nebula was pretty simple but seems like a pain to troubleshoot so far.
You’re trying to route nebula thru another VPN? That sounds like trouble… Can you not do that?
Ideally I would be able to split tunnel around the vpn but I don’t have the option on mac
This honestly sounds like the best solution to this particular problem.
Try linode, i used to use them in a past and it was faultless.
I currently run a Netcup.eu VPS. Not doing heavy datatransfers with it but never had any problems in the past 3 years.
I could say something similar. I’ve been using one of their VPS for a few years without any surprise.
I have used Vultr and I’m quite happy with them, however I had not moved backup level data into the servers so can’t attest that they’ll work great for you.
I would try Vultr, if DO is being weird. They are awesome and have very similar pricing to DO. Hetzner is ok as well, but they have annoying DDoS filtering.
You could also try AWS ARM EC2, but they’re expensive for bandwidth by comparison.
That’s really unfortunate. I love Digital Ocean and spend about $800/month with them for work.
Can you tell me more about the traffic they are mistakenly flagging as a DDOS? I ask because I have regular DB and file backups happening and if we had traffic shutdown on production assets for 3-4 hours, it would be a big fucking deal.
So each time I get shut down is during a large extended data transfer. I have my VPS server set up as a VPN hub that connects multiple servers. So typically when my traffic gets diverted to a black hole by DO, there was a consistent roughly 35MB/s inbound/outbound vpn traffic stream for 4-5 hours going through the VPS. My server gets shut down for 3-4 hours and I get a email notice that my server was under a massive DDoS attack and they diverted traffic to a black hole. I always respond informing them that it’s not a DDoS and explain the situation. They typically respond with “Utilize a service like Cloudfare which has DdoS protection”.
I’ve been really happy with them as a provider otherwise but this is a dealbreaker for me.
How many servers are you connecting to on the outside? You might have to stagger them for connections and keep the number under their radar.
Though I have to wonder how a primary mirror would handle this for some large distro like Arch.
Hmm, that really doesn’t sound like a traffic pattern that would be confused with a DDoS attack. I would be frustrated as hell too.
What’s concerning is that our traffic would look very similar. We have a VPN dedicated droplet that allows access to our DO private network where the rest of our resources can be accessed. We also have high throughput periods though not as sustained as yours.
I’ve never heard anyone else mention them, but I’ve had really good luck with https://www.ssdnodes.com for the past several years. I don’t recall ever using their support, but I did have a policy question before buying when I first signed up and they were pretty quick to reply. I think I found them on LowEndBox.
as an it certified technician i have an answer but its not the right one or even related to what we are talking about
Throwing in for Dreamhost
Give Oracles always free tier a try. I shuffle over a TB through them every month with no issues.
Just beware of their reclamation policy: