FreeBSD Hosting/Shared/VPS etc.

I run FreeBSD on a number of Hetzner VPSes and they work just fine, at least for everything I've ever needed to do.
 
nobrowser said:
👏 You win! This seems to have been the problem. Some questions come to mind:

1. When was it you solved this? When I talked to Linode support now, they were friendly and all but totally unwilling to say anything about FreeBSD other than "we don't support it".
Click to expand...
Shortly after I setup my first FreeBSD VM I contacted support (5/14/22) because no matter what I did I could not get routing done for IPV6. (Actually I may have found a static setting that worked but I wanted to try and get RTADV to work so it would be automatic).

The first level of support didn't have any useful suggestions so they bumped it to L2. After a little back and forth they came back (5/20/22) with a few suggestions that I had already tried like making sure ICMP V6 was not blocked on my firewall and further said that their technical team suggested the sysctl setting "net.inet6.icmp6.nd6_onlink_ns_rfc4861=1" which finally fixed the issue.

Incidentally, I believe I have had to use that setting on another VPS provider but I can't recall at the moment which one. I was on a mission to try 5 or 6 providers' support for FreeBSD at the time.
nobrowser said:
2. How come Linux has no problem here? As far as I understand the situation, the default behavior of FreeBSD is because accepting the off-link router advertisements Linode sends is a security risk. Does Linux ignore the risk, or maybe it has a knob too but the default is unsafe?
Click to expand...
Don't know but suspect your guess is the likely answer.
nobrowser said:
3. Where can I find documentation for the FreeBSD sysctl flags? The obvious manpages only have generalities, not the purpose of specific flags.
Click to expand...
Maybe others have a better explanation but my belief is that the Sysctl flags are buried in individual manual pages like: sysctl(3) and security(7).

Additionally from my google searching I believe that many sysctl's are buried in the source code for obscure tweaking of behavior. If someone has found a handbook item or other source for all the switches I too would love to hear of it.
 
nobrowser said:
3. Where can I find documentation for the FreeBSD sysctl flags? The obvious manpages only have generalities, not the purpose of specific flags.
Click to expand...

bgrant said:
technical team suggested the sysctl setting "net.inet6.icmp6.nd6_onlink_ns_rfc4861=1" which finally fixed the issue.
[...]
Maybe others have a better explanation but my belief is that the Sysctl flags are buried in individual manual pages like: sysctl(3) and security(7).

Additionally from my google searching I believe that many sysctl's are buried in the source code for obscure tweaking of behavior. If someone has found a handbook item or other source for all the switches I too would love to hear of it.
Click to expand...

Only the (perhaps?) obvious sysctl -d switch, for one-line descriptions. I know next to zero about ipv6, but just ran
sysctl -ad | grep inet6.icmp6
for clues, and for at least hints for manpages
apropos 'inet6|icmp6'
 
I know AWS EC2 provides 12 months free trial and has FreeBSD 13 with an instance specification (t3.micro) of 1GB RAM with 2 virtual cores. however for web server applications, this seems not useful other than testing and development:
aws.amazon.com

AWS Marketplace: FreeBSD 13

aws.amazon.com aws.amazon.com

They also provide some products which are always free services as well, such as database.

Then there is Digital Ocean, who provides $200 free credit to try out any of their products for 60 days. I'm testing it out and seems like you can upload custom images to Digital Ocean to run your FreeBSD VM:

I downloaded FreeBSD 64 Bit ".img" installer file, uploaded it to Digital Ocean "custom images", then use the $200 free credit to use a droplet (VM) which have the specifications of 8 GB RAM with 4 core Intel CPU of 160 GB NVMe SSDs with a 5 TB bandwidth remaining transfer. Super cool setup for any valid web development startups. With those specifications, you could even run a GUI desktop environment with no hiccups.
The custom image how I originally implemented did not work, this is because Digital Ocean requires a more specific custom image of FreeBSD which can be done following the tutorial on this link:
www.adminbyaccident.com

How to upload a FreeBSD custom image on DigitalOcean - Admin... by accident!

Knowing how to upload a FreeBSD custom image on any cloud platform is very helpful. This is how to do that on DigitalOcean.
www.adminbyaccident.com www.adminbyaccident.com

There is also Oracle, they have "Always Free cloud services" and also have a $300 free credit to try out their "wide range of Oracle Cloud services for 30 days, including Databases, Analytics, Compute, and Container Engine for Kubernetes":


Wow, I usually dislike using online cloud services due to being it super expensive when we all can build, setup and run our server rack that have at least 4+ CPU cores, 4GB+ RAM at home/work running FreeBSD for fraction of the cost permanently, just need to pay for dedicated ISP service. But that requires a lot of time and some effort, with many pro cloud services providing valid free implementations to possibly try their performing VM/VPS, it's good for startups to build and deploy and hopefully let the cash flow revenue take place.
 
First_Law_of_Unix said:
Then there is Digital Ocean, who provides $200 free credit to try out any of their products for 60 days. I'm testing it out and seems like you can upload custom images to Digital Ocean to run your FreeBSD VM:
Click to expand...

Digital Ocean doesn’t support IPV6 in custom images in case you hadn’t read this previously and need/want IPV6 support.

Digital Ocean quote in letter found in the below post: “Please note that IPv6 is not currently supported for Droplets created from Custom Images.”

forums.freebsd.org

VPS friends of FreeBSD?

Dear Friends, DigitalOcean is going to drop support for FreeBSD to... empower our customers by providing them with simple, reliable cloud infrastructure And I am not interested in supporting them anymore. I am looking for others providers that have a reliable history in supporting...
forums.freebsd.org forums.freebsd.org
 
  • Thanks
Reactions: jef
bgrant said:
Digital Ocean doesn’t support IPV6 in custom images in case you hadn’t read this previously and need/want IPV6 support.

Digital Ocean quote in letter found in the below post: “Please note that IPv6 is not currently supported for Droplets created from Custom Images.”
Click to expand...

Theres away to get around that, here is an example done with openBSD running as a custom image on Digital Ocean with IPV6:

How to "hack" DigitalOcean to run OpenBSD w/ native IPv6

Even though it's not supported at this time you can install OpenBSD on Digital Ocean and have native IPv6
riedstra.dev riedstra.dev

I haven't tried it but seems promising.

Could also use a tunnel broker.
 
bgrant said:
Digital Ocean doesn’t support IPV6 in custom images in case you hadn’t read this previously and need/want IPV6 support.

Digital Ocean quote in letter found in the below post: “Please note that IPv6 is not currently supported for Droplets created from Custom Images.”

forums.freebsd.org

VPS friends of FreeBSD?

Dear Friends, DigitalOcean is going to drop support for FreeBSD to... empower our customers by providing them with simple, reliable cloud infrastructure And I am not interested in supporting them anymore. I am looking for others providers that have a reliable history in supporting...
forums.freebsd.org forums.freebsd.org
Click to expand...

They are also *still* blocking outgoing SMTP (port 25) and some other ports for no sane reason on IPv6. This also still isn't documented anywhere, so you basically start troubleshooting until you may find one of the many complaints in their 'support'-forum (where a lot of requests for features that should never be a 'feature' are open for years and never answered...).

I used digitalocean a lot, but they seem to have grown too fast, left behind all support in the process and just ignore problems/requests by users. Dropping FreeBSD support completely was the final straw for me and I've deleted my last VPS at DO ~6 months ago and now only use their DNS, because I use acme.sh with their DNS-API everywhere and still haven't found the motivation to migrate...

For 'quick & cheap' VPS I now use mainly vultr, for longer-running servers I'm either with netcup.de for VPS (they also offer FreeBSD images) or manitu.de for physical servers.
 
Looks like manitu.de does not currently offer any new root-servers at all, according to the homepage. Rising energy costs....
It also looks like Hetzner's dedicated servers are still cheaper, if you need ECC RAM. At least, if you are content with a server from the bargain-bin ("Server-Börse").
 
rainer_d said:
Looks like manitu.de does not currently offer any new root-servers at all, according to the homepage. Rising energy costs....
Click to expand...

Yes, that's correct for new customers. If you are already a customer you can still write/call them and get a new server.
They have been very fair and open about how they handle those inflated energy prices in germany and didn't just increase prices for all products. Instead they explained how they include energy rates into their price calculation, on what products that calculation now doesn't fit any more and for how long their pre-bought energy contingent will last. For those products (only servers and IIRC some of the high-end hosting packages) they now charge an additional energy fee since the energy contingent they pre-bought at much lower rates has run out (since beginning of this year). This extra fee will be recalculated as energy prices drop, and completely vanish as soon as they are back to normal levels (given that germany currently has NEGATIVE energy prices at the stock market almost every week, this should be the case sometimes early this year)
I find this approach much more transparent and fair - compared to other hosters that just increased prices (some even multiple times) and very likely won't reduce them again...

I had to deal with servers and hosting packages at hetzner several times over the years and I found their customer support rather slow and often unnecessarily complicated. You often have to deal with several stages of 'callcenter-droids' until you finally get someone that actually can and wants to help you... Thats definitely not what I want if a server is down or needs a hard disk replaced. Although they are still not as bad as hosteurope where I once waited a whole week until they took care of a hard disk failure...
The last incident with a manitu server (a dying HDD rendering the server unbootable) was resolved in under 15 minutes from my first message to them until them getting back at me with details on what they found and what they replaced.


PS: No, I'm in no way affiliated to manitu, just a _very_ pleased customer for 10+ years.

(sorry for the somewhat lengthy OT)
 
bgrant said:
Digital Ocean doesn’t support IPV6 in custom images in case you hadn’t read this previously and need/want IPV6 support.
Click to expand...
First_Law_of_Unix said:
Theres away to get around that, here is an example done with openBSD running as a custom image on Digital Ocean with IPV6
Click to expand...
I managed to replace an existing Droplet with a custom image, while keeping the IPv6 address it had.
But yes, on new ones it's harder.
I'm moving to Linode for that reason. But even there; in Fremont -of all places!- they don't have IPv6 support at all.

sko said:
now only use their DNS, because I use acme.sh with their DNS-API everywhere and still haven't found the motivation to migrate...
Click to expand...
When you run your own authoritative DNS, for example using dns/knot3, then you can generate a TSIG for security/py-certbot-dns-rfc2136 and use that for automatic DDNS calls for the TXT records containing the ACME challenges, and get your SSL certs in a single command (or cronjob).
Then your not depending on Digital Ocean anymore, and AFAIK are not even limited to Let's Encrypt, since others -like pki.goog and zerossl- use it also.
 
dns.company said:
I'm moving to Linode for that reason. But even there; in Fremont -of all places!- they don't have IPv6 support at all.
Click to expand...
It's been a couple of months but I was running IPV6 just fine at Linode Fremont as long as I used the following in sysctl.conf:

Code: 
net.inet6.icmp6.nd6_onlink_ns_rfc4861=1
 
I've seen Hetzner recommended a lot but do the cheaper servers come with IPMI? I know the Dell servers come with iDRAC, but they are rather expensive compared to my requirements.
 
Cromulent said:
I've seen Hetzner recommended a lot but do the cheaper servers come with IPMI? I know the Dell servers come with iDRAC, but they are rather expensive compared to my requirements.
Click to expand...
They will put the web browser based consoles (the name of which eludes me now) onto them when you request it via the Hetzner robot (also a web interface). You can request a console to be put on your machine for 3 hours for free, or longer if you pay. The process takes a couple of minutes after you submitted the request, you'll be notified via email about the access URL and credentials.

I rarely needed a console for three hours. Normally I only order one when I'm in for a huge update.

Tip: if you have the email hosted on your machine, add another one (I have a protonmail one added), just in case you can't get the email because your server is down for some reason.
 
jbo said:
The "cheap" Hetzner servers are honestly just a bunch of regular desktop hardware in regular desktop tower cases put on a shelf.
View: https://youtu.be/F0KRLaw8Di8?t=149
Click to expand...

karolyi said:
They will put the web browser based consoles (the name of which eludes me now) onto them when you request it via the Hetzner robot (also a web interface). You can request a console to be put on your machine for 3 hours for free, or longer if you pay. The process takes a couple of minutes after you submitted the request, you'll be notified via email about the access URL and credentials.

I rarely needed a console for three hours. Normally I only order one when I'm in for a huge update.

Tip: if you have the email hosted on your machine, add another one (I have a protonmail one added), just in case you can't get the email because your server is down for some reason.
Click to expand...
Thank you both. That sounds good.
 
Finally, Contabo hosting turns to a disaster for me. My VPS is down for 3 days (probably a problem with a host server), and nobody repairs nothing. No customer support neither. My ticket was closed without solving the problem...
 
  • Thanks
Reactions: mro
Peter2121 said:
Finally, Contabo hosting turns to a disaster for me. My VPS is down for 3 days (probably a problem with a host server), and nobody repairs nothing. No customer support neither. My ticket was closed without solving the problem...
Click to expand...
uh, that's awful. I am skeptical about their competence, but was lucky so far and enjoy the low prices.

And I have all critical things at variomedia.de for a reason (however, no VPS).

Years ago Hetzner was a desaster for me with a fucked up KK domain move support case. Won't touch them again.
 
mro said:
You come across quite threatening. Can you elaborate what you want me not to say? I never looked into reddit.
Click to expand...
Hi, warm greetings to Bavaria (where I come from originally, too).
The Americans seem to have some serious problem with the f-word. I'm not fully sure about the wherabouts, but in distinguished discussions they seem to be seriousely frowned upon it.
 
  • Thanks
Reactions: mro
You must log in or register to reply here.
Back
Top