All posts by author

Server reboots across our network

Posted by / Jan 21, 2018 / Categories: Planned Maintenance

Due to essential maintenance, customer nodes across our network need to be rebooted in the coming few days. This covers customers on both our OpenVZ and KVM platforms.

We will reboot servers in a 2 hour time window based on where the servers are located. The time window will start as follows:

Continue reading →

US1 Fremont – network maintenance on April 6th, 2017

Posted by / Apr 2, 2017 / Categories: Planned Maintenance

We will be carrying out network maintenance at our US1 Fremont facility during the following window:

Continue reading →

US1 Fremont – Switch Software Upgrade – May 11th, 2016

Posted by / May 6, 2016 / Categories: Planned Maintenance

Please be aware of the following maintenance work taking place at our US1 Fremont facility. All customers hosted in this facility will be affected.

Window Start Time: Wednesday, May 11th, 12:01am PDT
Window End Time: Wednesday, May 11th, 12:30am PDT
Expected Impact: Two brief impacts during the window totaling less than 5 minutes
Reason: Switch software upgrades to improve security and stability.

Customers in our other data centers will not be affected.

Installing your operating system from an ISO

Posted by / Apr 11, 2016 / Categories: Getting Started

ISOs on KVM Virtualization

Please be aware that installing an operating system from an ISO is only available on our KVM platform. If you have an OpenVZ service, please order a KVM VPS if needed. It is not possible to migrate from OpenVZ to KVM, you need to order a new machine.

Disclaimer

Be aware ISO installers are likely to overwrite your existing VPS data. Take a backup of anything important on your VPS as it may be wiped.

Please take a note of your network config before starting your installation. You’ll need to note down your IP address, subnet mask and gateway. These are configured automatically for our standard Linux distributions but if installing an operating system from an ISO you may need to configure your network settings manually during the setup process.

ISO installation is provided as-is and we cannot provide any support in relation to the operating systems themselves.

About ISOs

Here’s a little about ISOs from Wikipedia:

An ISO image is an archive file of an optical disc, a type of disk image composed of the data contents from every written sector on an optical disc, including the optical disc file system. ISO image files usually have a file extension of .iso. The name ISO is taken from the ISO 9660 file system used with CD-ROM media, but what is known as an ISO image might also contain a UDF (ISO/IEC 13346) file system (commonly used by DVDs and Blu-ray Discs).
ISO images can be created from optical discs by disk imaging software, or from a collection of files by optical disc authoring software, or from a different disk image file by means of conversion. Software distributed on bootable discs is often available for download in ISO image format. And like any other ISO image, it may be written to an optical disc such as CD or DVD.

In reality the name ISO is a bit of an anachronism, as nowdays with disk images and virtualization they have little to do with physical CD ROMs!

Our platform allows you to mount an ISO so it behaves like it was a CD ROM that is connected to your VPS. You can then boot from that ISO and install anything on your VPS. This means you can run a wide variety of operating systems on BHost.

Available ISOs

We have the following ISOs available to install. If your desired operating system is not present on this list, please log a ticket with support providing a URL to the ISO so we can make it available to you.

Instructions

If you want to install your OS from an ISO, you should go into your services, and click “Manage Server” for the machine you’d like to configure.

On the CDRom tab, select the ISO you’d like to use, and click Mount:

cdrom mount

On the settings tab, change the boot order to ensure the CD ROM (ISO) is booted first, followed by the hard disk:

ISO boot order

Reboot the virtual machine and the machine will boot from the CD ROM / ISO. You can then follow the installation instructions for the specific operating system.

How to pay with BitCoin

Posted by / Apr 10, 2016 / Categories: Billing

BHost is no longer accepting payments via BitCoin. Please pay using our other payment options:

PayPal, Visa, Mastercard, American Express

OpenVZ vs KVM

Posted by / Mar 15, 2016 / Categories: Getting Started

BHost currently offers two virtualization technologies for your virtual machines – OpenVZ and KVM. For many users it makes little difference which technology you use. However, there are differences between the two systems which are explained here.

OpenVZ

OpenVZ is is a linux based virtualization platform based on the Linux Kernel. OpenVZ allows a physical server to run multiple isolated operating system instances known as containers. OpenVZ can only run linux based operating systems such as CentOS, Fedora, Ubuntu or Debian.

KVM

KVM is a hardware virtualization technology. This means the main OS on the server simulates hardware for another OS to run on top of it. It also acts as a hypervisor, managing and fairly distributing the shared resources like disk and network IO and CPU time.

Differences

Upgrades

With OpenVZ, you can change your plan (e.g. to get more memory or disk space) and you’ll instantly have your new system resources. On KVM, you’ll need to reboot your virtual machine for the change to take effect.

Operating Systems

OpenVZ only supports Linux. KVM can operate Linux as well as other operating systems such as Windows or BSD. We are primarily a Linux VPS provider but we do allow installation of FreeBSD and offer Windows machines on request.

Kernel

KVM requires a running kernel inside the VPS, whereas OpenVZ runs many containers using a shared kernel. Therefore, if you need control of your own kernel you should opt for KVM. For example, you might need to modify or patch the kernel. On the other hand OpenVZ has a shared kernel used by all containers. Having a shared kernel gives a slight performance advantage as there is no overhead from running a kernel within a kernel.

Management

OpenVZ is simpler, and is easier to manage as a result. KVM has many more options and settings which can cause complication.

How to install Mail-in-a-Box

Posted by / Mar 13, 2016 / Categories: Productivity

One of our customers recently told us they are using their BHost VPS to run Mail-in-a-Box. It’s a fantastic, easy to use way to create a mail / productivity server so we thought we’d blog about it here.

Importantly the developers of Mail-in-a-Box have been very security focused, for example by ensuring Let’s Encrypt based TLS encryption can be deployed easily.

Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom.

Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up.

They’ve also created a fantastic video running through the steps to install:

Visit the Mail-in-a-Box website or see the installation guide here.

UK1 London – facility generator maintenance – March 24th-25th, 2016

Posted by / Mar 11, 2016 / Categories: Planned Maintenance

We have been advised of the following generator maintenance taking place at our UK1 London facility. We anticipate no impact on our services, but the level of resilience will be reduced.

Continue reading →

Preventing DNS Amplification Attacks

Posted by / Feb 24, 2016 / Categories: DNS

What is a DNS Amplification Attack?

This type of attack is often utilised by criminals as a method of conducting Distributed Denial of Service (DDoS) attacks. In a DNS amplification attack the malicious actor executes a large number of DNS queries while spoofing the IP address of the intended target.

The open DNS resolvers are queried with the response being directed to the IP address of the target flooding the victim with unwanted data traffic. A degree of amplification is involved so that a small request can suddenly result in a huge response.

The result of this flood of data packets can be a reduction in the quality of service of the internet (slower web traffic), loss of availability of websites, or loss of network resources or services.

Check if you’re vulnerable

The easiest way is to see if the machine accepts a DNS query from an outside IP address. Do not test from the VPS itself, as it’s likely you want your DNS server to accept queries from localhost. Test from another machine.

For example, you’ll see Google’s public DNS servers (obviously) provide an output to the following:

dig @8.8.8.8 +edns=0 +ignore com ANY

But try on our test server lg-uk1.bhost.net

dig @lg-uk1.bhost.net +edns=0 +ignore com ANY

will produce no response.

Take Action to Mitigate

Please consider reconfiguring your resolver in one or more of these ways:

– To only serve your customers and not respond to outside IP addresses (in BIND, this is done by defining a limited set of hosts in “allow-query”; with a Windows DNS server, you would need to use firewall rules to block external access to UDP port 53)

– To only serve domains that it is authoritative for (in BIND, this is done by defining a limited set of hosts in “allow-query” for the server overall but setting “allow-query” to “any” for each zone)

– To rate-limit responses to individual source IP addresses (such as by using DNS Response Rate Limiting or iptables rules)

More information on this type of attack and what you can do to mitigate it can be found here: http://www.us-cert.gov/ncas/alerts/TA13-088A

Further reading:
http://www.team-cymru.org/Open-Resolver-Challenge.htmlhttps://www.us-cert.gov/ncas/alerts/TA13-088A
http://www.bcp38.info/index.php/Main_Page
https://community.infoblox.com/t5/IPv6-Center-of-Excellence/Finding-and-Fixing-Open-DNS-Resolvers/ba-p/3405
https://community.jisc.ac.uk/library/janet-services-documentation/dns-resolver-configuration

Introduction to our test servers / looking glasses

Posted by / Feb 22, 2016 / Categories: Testing

For each of our data center locations we operate a test server (also known as a looking glass) as follows:

Fremont, CA, USA:

Facility: Hurricane Electric Fremont 2
Looking Glass: LG-US1.BHost.net
Download Test: 10MB / 100MB
Test IPv4: 185.101.97.97
Test IPv6: 2a06:1c80:1:111::111

London, UK:

Facility: Digital Realty Meridian Gate
Looking Glass: LG-UK1.BHost.net
Download Test: 10MB / 100MB
Test IPv4: 176.126.240.240
Test IPv6: 2a04:ad80:1:111::111

Amsterdam, Netherlands:

Facility: Equinix AM5
Looking Glass: LG-NL1.BHost.net
Download Test: 10MB / 100MB
Test IPv4: 185.47.60.60
Test IPv6: 2a04:ad80:0:111::111

These servers are normal virtual machines on our VPS platform.

While performing a transfer from our test servers isn’t a definitive test of available bandwidth it should help you form an idea of what an Internet link throughput is.

Using

wget -O /dev/null

avoids skewed results caused by disk performance limitations so for example you could use

wget -O /dev/null https://lg-uk1.bhost.net/100MB.test

to wget the 100MB test file from our UK1 London test server.