Caravan, Serverclub and QRATOR. History, experience, pitfalls
Greetings.
After the events of March 31, we finally decided to move from the Caravan.
For those who do not know or have forgotten, one of the most famous Russian data centers on March 31 de-energized their “patients” several times in a row. Among them were Habr, Freelance, Lepre, and others, among whom were we. And since we kept the DNS records on our server, considering that the server was in safe hands, we were left without projects for almost a day.
A sign at the entrance to the DC. For me, one of the founder of the company 2 Partner, it is positive. But for dozens of customers who visited the DC on the night of March 31, it evokes not very pleasant memories.
This article is not "paid advertising", I call things, companies and people by their names.
Thanks to the habrasoobshchestvu, many of the tips "where to go" were very "in cash". Once again I caught myself thinking that it was easier and cheaper to rent quality servers abroad than to buy and place servers in Russia. Surprisingly, for renting a 1U server with 8 gigabytes of RAM, xone and a gigabit channel in Holland, I give $ 152 (the CBR rate is now 27.9, that is, 4436r) per month. Whereas for hosting my server and renting a port of 100mb in the Caravan almost 5300 rubles.
After much thought, taking into account the experience of users and the views of the syadmin, I was more inclined to hetzner.de . Until I received an interesting personal message from the user:
“Greetings, but move us to Holland, the ping will be excellent and we will give you a discount and admins will help you to move. serverclub.com or here habrahabr.ru/company/serverclub/blog/115169/ " .
')
By the way, lyrical digression. We bought a DoDa protection service from the caravan for half a year. Almost, it is + 30k per month. The manager, Sergey Korsunov, assured that this service implies connecting a tsiska, which guarantees protection against an attack of 1 Gigabit. After half a year of renting this thing, an attack of 100+ megabits came to us (roughly in cycles, the admin was ahead of 150 megabits). We lay down. At first, the caravan could not answer the question “why?”, Then answered “the tsiska is not set up, the attack is not blocked,” then answered “the fact is that the attack is more than 100 megabits, more than your channel”, but still settled on the version “ the tsiska was not tuned correctly. " On my attempts to get records of conversations with the manager, the caravan answered “we are not recording”
In the caravan we kept our 2 servers. One was under the base, the other under the front + back. In the serverclub, I took 2 servers under the front + back and one for the base. The fronts got the simplest configurations, the base got a cool server. The money turned out a little more than in the Caravan, but I was very attracted by gigabits, Dell branded servers and it was just interesting. It should be noted that I am not a fan of brands, for me the cheaper, the better. I really don’t understand why taking a brand server out there and overpay for a brand, when you can build a non-brand one from component parts and get the same result almost twice cheaper. Yes, you need to know the subtleties of the components, who and with whom plows better, but this is not worth x2 cost. But for such a price as abroad ... it’s like buying a liter of Jameson in Duty Free for 700 rubles, while in Russia I found the cheapest for 1000 kopecks (wholesale supplier). A nice bonus for it was the built-in KVM module. Those. Server server data from the server club was equipped with a KVM module, which meant that I could always and always connect to KVM, completely free of charge. At one time, this remember came from SUN servers. It is worth noting that on March 31, in the caravan, when he was a full zvizdets, the queue at KVM reached several hours, while KVM remained a paid service. We could afford to come to DC and figure out on the spot with the server, which in fact simply pushed some of the filesystem and waited for the manual start of the fsck due to an emergency power outage. And what about, for example, regional customers? wait a few hours for KVM, pay for it and either run it in manual fsck mode, or say goodbye to your file system? Caravan - you freaks.
In general, I was pleased with the choice and gave the task to the administrator to transfer everything to the "Serverkleb". The transfer was not without complications. The serverclub quickly and easily allocated the server under the fronts, but pulled with a powerful server under the base. Initially, he was not in the DC, then he turned out to be set up wrong. The guys immediately identified the "analog" a little less than a weak configuration, they say, first here, and how to set up one - move. Hemorrhoids, but in general it is pleasant ... experiencing ...
I was worried about ping for a long time, but in the end I saw that he was not so different from Russia to stay in the country. For example, if in the caravan the response time of requests was an average of 80ms, in the Serverclub from American servers the response time of the server was 200ms. A little more than 2 times, but for the user completely unnoticed.
A few days later we completely moved and healed in Holland on high-quality Gigabit American channels. The guys from Serverklab, having crossed, continued their work. I am not the easiest client and actively used the "individual approach" to customers. Low bow to the managers, they got it in full ... But we moved. Happiness knew no bounds. Suddenly ... competitors woke up. We are quite unique service in RuNet. We have only 3-4 competitors that appeared later. We provide a taxi order exchange service for taxis in Moscow, St. Petersburg and other regions and are the largest taxi exchanger. On the day that we did not work and the next day of unstable work, customers partially migrated to competitors. We are not mad, this is normal. For example, if mamba.ru closes, everyone will switch to loveplanet.ru and that's fine. However, as soon as we started back, the competitors again “sank” to their usual numbers, and this, apparently, did not like them.
DDoS attacks went on us ...
The server server stat recorded 1 gigabit of incoming traffic. More stats could not physically fix. The guys from the serverclub said that at that moment the total input to the server increased by 4-5gigabits per second.
I have long thought to give protection from DDoS to professionals, but I wanted to win the DDoS myself. By tuning the code and nginx and in general it worked out until the attack grew wider than the channel.
It was 10 pm. And the qrator.net address was typed not for the first time. The guys said they worked seven days a week, around the clock) it was a good way to check.
Earlier, I heard about the curator, more precisely about MGUshniki, who free of charge protect servers from DDoS by studying attacks. Now they have grown into a paid service curator.net, which is generally logical. My first question, when I got through to them, was “Why do you need us?” I really did not realize how much an attack at 4 gigabits could cost and, most importantly, who has such resources. Manager question threw into a stupor. After half an hour we had already agreed on everything, and after about an hour we stood up under their protection. The attacks did not stop for another two weeks, but they were no longer the main problem and faded into the background.
The thing is that we were terrible clients not only for the serverclub, but also for the curator. Imagine ... One service, useful attendance of 500 (!!!) unique users per day. Not 500k, but 500. Less than classmates.km.ru has 3 servers and a channel in gigabits. And just do not need to tell me about the optimization code, base and so forth. I kept attendance at 1 million hits on nnm.ru on a relatively weak server at the time. And these 500 hosts had to be filtered from hundreds of thousands of bots.
The curator did not cope with his task, he now and then blocked out useful customers. Whether it is worth repeating that having only 500 useful hosts, everyone was important to us. The co-owners of the resource insisted on the rejection of the "Curator", but still the joint actions of our developers and the curator's researchers gave their results. At the moment (about a month), all our clients receive service without any problems, while all bots go through the forest. The curator sometimes fixes attacks, but they do not affect the performance of the resource, which is incredibly nice.
By the way, whoever did not use the services of the “Curator”, I will make a small “review”, at least that which interested me.
Bezlim to gigabit costs 17k rubles a month. In this case, under the gigabit, I will enter the “useful” traffic. The site also states that the additional dedicated IP is almost 2 times more expensive, it is not. In fact, an additional IP costs 5k rubles. Well and, accordingly, if you have several projects on one server, you do not need to start for each IP. The curator's IP binds to your IP or IP array (2,5,10, not important). If you have 100 projects on one server, all 100 will be protected for 17k rubles per month.
However, connecting during a DDoS attack costs + 6k rubles. The guys explain this by saying that they also pay for traffic, and until their classifiers learn to ignore the left traffic, they pay for it. And, accordingly, if it is there initially, it is impossible to learn how to filter it every second. There are no complaints.
Upset only paid API. The curator has an API, you can manage white and black lists. However, this pleasure is worth the money. 5k connection and 3k per month. When the curator blocked the useful users, we were set up to take the API, but common sense suggested that paying for anti-DDoS + for preventing users from blocking is not correct. As a result, he gave the command to the developers at each POST authorization to add IP to the white list through the personal account. In your account, you can add IP to the white lists.
It is probably worth noting that the curator copes with standard projects with a bang. We supported and support the site of the movie " Burnt by the Sun 2: The Citadel " and from the first days hung them under the protection of the curator. Survived several serious attacks and not a single complaint from users about the unavailability of the project.
Today, May 16, a month and a half has passed since we seriously thought about it and moved from Russian DC to foreign. During this time we have experienced a lot. The anger and threats of the "Caravan", a pleasant surprise to the prices of foreign DCs, DDoS attack of 4 gigabits and experience with the "Curator".
In fact, the experience is pleasant in a short time. But seriously, it is very disappointing when the famous Russian DC is easily turned off the power without warning and considers it the norm. When renting a tsiska ends with the excuse "oh, we forgot to set it up", while our service "lies." When for a project of 500 hosts in Russia, you need to think about a gigabit port and an Anti-DDoS attack, since "Competitors are not asleep." And that you have to buy a voice recorder in case “we draw your attention to improve the quality of service, all conversations with the operator are recorded” is a lie.
After the events of March 31, we finally decided to move from the Caravan.
For those who do not know or have forgotten, one of the most famous Russian data centers on March 31 de-energized their “patients” several times in a row. Among them were Habr, Freelance, Lepre, and others, among whom were we. And since we kept the DNS records on our server, considering that the server was in safe hands, we were left without projects for almost a day.
A sign at the entrance to the DC. For me, one of the founder of the company 2 Partner, it is positive. But for dozens of customers who visited the DC on the night of March 31, it evokes not very pleasant memories.
This article is not "paid advertising", I call things, companies and people by their names.
Thanks to the habrasoobshchestvu, many of the tips "where to go" were very "in cash". Once again I caught myself thinking that it was easier and cheaper to rent quality servers abroad than to buy and place servers in Russia. Surprisingly, for renting a 1U server with 8 gigabytes of RAM, xone and a gigabit channel in Holland, I give $ 152 (the CBR rate is now 27.9, that is, 4436r) per month. Whereas for hosting my server and renting a port of 100mb in the Caravan almost 5300 rubles.
After much thought, taking into account the experience of users and the views of the syadmin, I was more inclined to hetzner.de . Until I received an interesting personal message from the user:
“Greetings, but move us to Holland, the ping will be excellent and we will give you a discount and admins will help you to move. serverclub.com or here habrahabr.ru/company/serverclub/blog/115169/ " .
Serverclub.com
Looked, got acquainted with the services, it became interesting. Most of all, of course, I was pleased with the quality channel in 1Gb and the “individual approach”. The admin was against, preparing that hetzner is cheaper, and the channels there, though 100MB, but high-quality. I was interested in gigabit rather than because it was necessary, but it was just interesting. In addition to the fact that DDoS attacks often came to us, it was just interesting to see, “how is it?”.')
By the way, lyrical digression. We bought a DoDa protection service from the caravan for half a year. Almost, it is + 30k per month. The manager, Sergey Korsunov, assured that this service implies connecting a tsiska, which guarantees protection against an attack of 1 Gigabit. After half a year of renting this thing, an attack of 100+ megabits came to us (roughly in cycles, the admin was ahead of 150 megabits). We lay down. At first, the caravan could not answer the question “why?”, Then answered “the tsiska is not set up, the attack is not blocked,” then answered “the fact is that the attack is more than 100 megabits, more than your channel”, but still settled on the version “ the tsiska was not tuned correctly. " On my attempts to get records of conversations with the manager, the caravan answered “we are not recording”
In the caravan we kept our 2 servers. One was under the base, the other under the front + back. In the serverclub, I took 2 servers under the front + back and one for the base. The fronts got the simplest configurations, the base got a cool server. The money turned out a little more than in the Caravan, but I was very attracted by gigabits, Dell branded servers and it was just interesting. It should be noted that I am not a fan of brands, for me the cheaper, the better. I really don’t understand why taking a brand server out there and overpay for a brand, when you can build a non-brand one from component parts and get the same result almost twice cheaper. Yes, you need to know the subtleties of the components, who and with whom plows better, but this is not worth x2 cost. But for such a price as abroad ... it’s like buying a liter of Jameson in Duty Free for 700 rubles, while in Russia I found the cheapest for 1000 kopecks (wholesale supplier). A nice bonus for it was the built-in KVM module. Those. Server server data from the server club was equipped with a KVM module, which meant that I could always and always connect to KVM, completely free of charge. At one time, this remember came from SUN servers. It is worth noting that on March 31, in the caravan, when he was a full zvizdets, the queue at KVM reached several hours, while KVM remained a paid service. We could afford to come to DC and figure out on the spot with the server, which in fact simply pushed some of the filesystem and waited for the manual start of the fsck due to an emergency power outage. And what about, for example, regional customers? wait a few hours for KVM, pay for it and either run it in manual fsck mode, or say goodbye to your file system? Caravan - you freaks.
In general, I was pleased with the choice and gave the task to the administrator to transfer everything to the "Serverkleb". The transfer was not without complications. The serverclub quickly and easily allocated the server under the fronts, but pulled with a powerful server under the base. Initially, he was not in the DC, then he turned out to be set up wrong. The guys immediately identified the "analog" a little less than a weak configuration, they say, first here, and how to set up one - move. Hemorrhoids, but in general it is pleasant ... experiencing ...
I was worried about ping for a long time, but in the end I saw that he was not so different from Russia to stay in the country. For example, if in the caravan the response time of requests was an average of 80ms, in the Serverclub from American servers the response time of the server was 200ms. A little more than 2 times, but for the user completely unnoticed.
A few days later we completely moved and healed in Holland on high-quality Gigabit American channels. The guys from Serverklab, having crossed, continued their work. I am not the easiest client and actively used the "individual approach" to customers. Low bow to the managers, they got it in full ... But we moved. Happiness knew no bounds. Suddenly ... competitors woke up. We are quite unique service in RuNet. We have only 3-4 competitors that appeared later. We provide a taxi order exchange service for taxis in Moscow, St. Petersburg and other regions and are the largest taxi exchanger. On the day that we did not work and the next day of unstable work, customers partially migrated to competitors. We are not mad, this is normal. For example, if mamba.ru closes, everyone will switch to loveplanet.ru and that's fine. However, as soon as we started back, the competitors again “sank” to their usual numbers, and this, apparently, did not like them.
DDoS attacks went on us ...
Qrator.net
At first there was a child attack up to 100 megabits. We looked, neighing. Then came 300 megabit bots. The fronts survived without problems, but we felt some strains associated with the free space on the disk. After making sure that we are coping with DDoS attacks, we once again breathed a sigh of relief. But it was not there…The server server stat recorded 1 gigabit of incoming traffic. More stats could not physically fix. The guys from the serverclub said that at that moment the total input to the server increased by 4-5gigabits per second.
I have long thought to give protection from DDoS to professionals, but I wanted to win the DDoS myself. By tuning the code and nginx and in general it worked out until the attack grew wider than the channel.
It was 10 pm. And the qrator.net address was typed not for the first time. The guys said they worked seven days a week, around the clock) it was a good way to check.
Earlier, I heard about the curator, more precisely about MGUshniki, who free of charge protect servers from DDoS by studying attacks. Now they have grown into a paid service curator.net, which is generally logical. My first question, when I got through to them, was “Why do you need us?” I really did not realize how much an attack at 4 gigabits could cost and, most importantly, who has such resources. Manager question threw into a stupor. After half an hour we had already agreed on everything, and after about an hour we stood up under their protection. The attacks did not stop for another two weeks, but they were no longer the main problem and faded into the background.
The thing is that we were terrible clients not only for the serverclub, but also for the curator. Imagine ... One service, useful attendance of 500 (!!!) unique users per day. Not 500k, but 500. Less than classmates.km.ru has 3 servers and a channel in gigabits. And just do not need to tell me about the optimization code, base and so forth. I kept attendance at 1 million hits on nnm.ru on a relatively weak server at the time. And these 500 hosts had to be filtered from hundreds of thousands of bots.
The curator did not cope with his task, he now and then blocked out useful customers. Whether it is worth repeating that having only 500 useful hosts, everyone was important to us. The co-owners of the resource insisted on the rejection of the "Curator", but still the joint actions of our developers and the curator's researchers gave their results. At the moment (about a month), all our clients receive service without any problems, while all bots go through the forest. The curator sometimes fixes attacks, but they do not affect the performance of the resource, which is incredibly nice.
By the way, whoever did not use the services of the “Curator”, I will make a small “review”, at least that which interested me.
Bezlim to gigabit costs 17k rubles a month. In this case, under the gigabit, I will enter the “useful” traffic. The site also states that the additional dedicated IP is almost 2 times more expensive, it is not. In fact, an additional IP costs 5k rubles. Well and, accordingly, if you have several projects on one server, you do not need to start for each IP. The curator's IP binds to your IP or IP array (2,5,10, not important). If you have 100 projects on one server, all 100 will be protected for 17k rubles per month.
However, connecting during a DDoS attack costs + 6k rubles. The guys explain this by saying that they also pay for traffic, and until their classifiers learn to ignore the left traffic, they pay for it. And, accordingly, if it is there initially, it is impossible to learn how to filter it every second. There are no complaints.
Upset only paid API. The curator has an API, you can manage white and black lists. However, this pleasure is worth the money. 5k connection and 3k per month. When the curator blocked the useful users, we were set up to take the API, but common sense suggested that paying for anti-DDoS + for preventing users from blocking is not correct. As a result, he gave the command to the developers at each POST authorization to add IP to the white list through the personal account. In your account, you can add IP to the white lists.
It is probably worth noting that the curator copes with standard projects with a bang. We supported and support the site of the movie " Burnt by the Sun 2: The Citadel " and from the first days hung them under the protection of the curator. Survived several serious attacks and not a single complaint from users about the unavailability of the project.
Today, May 16, a month and a half has passed since we seriously thought about it and moved from Russian DC to foreign. During this time we have experienced a lot. The anger and threats of the "Caravan", a pleasant surprise to the prices of foreign DCs, DDoS attack of 4 gigabits and experience with the "Curator".
In fact, the experience is pleasant in a short time. But seriously, it is very disappointing when the famous Russian DC is easily turned off the power without warning and considers it the norm. When renting a tsiska ends with the excuse "oh, we forgot to set it up", while our service "lies." When for a project of 500 hosts in Russia, you need to think about a gigabit port and an Anti-DDoS attack, since "Competitors are not asleep." And that you have to buy a voice recorder in case “we draw your attention to improve the quality of service, all conversations with the operator are recorded” is a lie.
Source: https://habr.com/ru/post/119325/
All Articles