Open a open tibia server in my own home? - Discuss

[bury]

Hi.

Some years ago I had my server hosted in a Debian OVH server but I started working and decided to close it. Now, with more spare time, I tried to open the server in my own home so that I can save some money/month. I've been working for a couple of months for changing everything from linux to windows, also found a 0.4 64 bits tfs so it was awesome.

My hardware:

- i7 6700k
- SD Crucial 250gb
- 32 gb RAM

Bandwith:

- Symmetric 300 mbps

I made some test with foreign friends and the ping was good, also they had 0 lag. My cpu was 10% of use always and my RAM 40% with lot of things opened like chrome, firefox, tibia clients, media or some game like overwatch. It was great.

---------- ONCE OPENED:

The first problem I had was the dinamic ip, a static costs 25€/month so it doesnt worth. If the router doesn't turn off everything goes fine.

The server was working fine but 3 days after it was online for the first time, I got ddosed and someone of OVH tried to enter my facebook (I got an alert, searched the ip and it was of OVH). I also couldn't advertise here in otland I dont know why, I couldnt create the topic.

-----------

Do you know what can I do? Any advice for avoiding this ddos attacks? The cheaper ovh server costs 60€/month, but I see now windows server is included on the price, isn't it???

 

[Nekiro]

This should be in support

 

[bury]

This should be in support

Well is not a support ask 100%, I want to discuss if is possible to host an open tibia server at home instead of a dedicated server.

 

[jlnunez89]

In services in general, we use SLO (Service level objectiive) and SLA (Service level agreement). As an informal service provider (you host an OT server) you wont have an SLA should have an SLO at least.
Where I'm going to is, you may find an answer to your question by measuring and defininng an acceptable SLO.

A simple (and arbitrary) one would be 99% uptime (montly) and <30ms ping (75th percentile) for your players, but let's forget about the ping because I don't think you have a way to measure it.

The 99% uptime means in a month your service can only be down a total of 7 hours and 12 minutes until you miss your SLO.

Start by answering the following questions:

How many times and for how long does your home internet go down?
How many times and for how long do you have a power outage?
How many times and for how long do you need to reboot that machine (think about windows updates) ?
What happens if it unexpectedly dies (disk/memory/power/other fails)?
If you start getting DDoSed, will your HW/network setup be able to handle it?
What if your ISP starts blocking/throtling your traffic because of DDoS?
What's your response time to all of the previous scenarios? (Add this and see if it''s still above SLO)

Will all of the above be acceptable for your players, or will they leave and never come back? (99% could be way too low)

If you meet that level consistently then I think you're good, but nonetheless I believe one of the things that draws players is the confidence that a server is going to be on for a while (6 months ? a year? IDK).
As a player I would definitely not play a home-hosted one because it just sounds a hell of a lot more unreliable than a private server.

I would use Azure or AWS virtual machines. I have been hosting experimental servers on Azure for a while now, but I'm unsure if the free options only covers web apps & alike (I got 150 usd credit per month).
I think AWS gives a full year for free, but I've not tried it

 

[Don Daniello]

I've been working for a couple of months for changing everything from linux to windows

Maybe not quite relevant to the main problem, but what exactly did you need to change to make it "for windows"?

 

[bury]

Maybe not quite relevant to the main problem, but what exactly did you need to change to make it "for windows"?

On my linux server I had tfs 0.4 and here I downloaded 0.3.6 for 64 bits. Obiously there were a lot of thing different that I had to fix. Then I realized (well I think it was just on May) that someone here made a 0.4 for 64 bits and just downloaded it and the old server 0.4 that I used worked fine. I just was fixing some quests, and doing some custom content. Also, I had to fix the website I had that time for the last version of gesior website that uses a new system.

So I really didn't have to fix anything related to the operative system. If I migrate from Windows to Linux it could be a problem because of the upper case and lower case (Linux makes a difference between them).

@downloadnow

When I first tested everything I had my server on for one month and 20 days. My net and my PC were not down that time, the windows updates are disable. As you can see my hardware is better or same good than any other dedicated server. My bandwidth is 300 mbps symmetric and the ping was good (said by the testers). Anyway I haven't tested the server with 100 players or idk, so its hard to say.

The problem is the DDOS attacks. I had like 20 players online and I got ddosed LOL. Is there a man that make ddos every ot of the list when he gets bored?? I can't understand. My net was down, localhost stopped working and as I said, someone tried to enter my facebook. All that in 10 minutes.

 

[jlnunez89]

On my linux server I had tfs 0.4 and here I downloaded 0.3.6 for 64 bits. Obiously there were a lot of thing different that I had to fix. Then I realized (well I think it was just on May) that someone here made a 0.4 for 64 bits and just downloaded it and the old server 0.4 that I used worked fine. I just was fixing some quests, and doing some custom content. Also, I had to fix the website I had that time for the last version of gesior website that uses a new system.

So I really didn't have to fix anything related to the operative system. If I migrate from Windows to Linux it could be a problem because of the upper case and lower case (Linux makes a difference between them).

@downloadnow

When I first tested everything I had my server on for one month and 20 days. My net and my PC were not down that time, the windows updates are disable. As you can see my hardware is better or same good than any other dedicated server. My bandwidth is 300 mbps symmetric and the ping was good (said by the testers). Anyway I haven't tested the server with 100 players or idk, so its hard to say.

The problem is the DDOS attacks. I had like 20 players online and I got ddosed LOL. Is there a man that make ddos every ot of the list when he gets bored?? I can't understand. My net was down, localhost stopped working and as I said, someone tried to enter my facebook. All that in 10 minutes.

I'm curious as to how you determined that it was a DDoS attack and not anything else.

How do I know I'm being DDoSed? Setup monitoring to see how many requests per second I'm serving and then observe an abnormally high rate.

Your fb account attempted to be accesed sounds unrelated if you were actually being DDoSed

Also, is your network hardware in par with your server hardware? (Over the average gigabit router and such?)

 

[e.e]

Your story was very confusing to read/understand.
I guess I get it now.
It sounded kinda like you're hosting at OVH right now with the 300 mbps symmetric con speed, "OVH trying to access your FB", etc, but from what you've literally said and your last post it sounds like you're hosting at home.

First to clarify about OVH trying to log into your FB: The IP that tried to log into your FB that you checked and was found to be hosted by OVH was just a random OVH-server rented by a hacker/cracker/cyber criminal/whatever, not from the OVH staff.
If you'd like to engage in warfare with the hacker, you should report the incidence to OVH and perhaps his server will be suspended
Secondly, about DDoS attacks: You absolutely can't defend yourself from DDoS Bandwidth attacks by yourself/on a local computer. It can only be defended from at the ISP level.
However there are many (D)DoS attacks you can defend yourself from just by using a firewall that's configured properly (which is however a very hard and complicated task).
It sounds like your best choice is to move over to OVH if (D)DoS attacks continue to be a nuisance.
But if you choose to continue hosting at home, the first step you should take is to figure out exactly what kind of attack you're suffering from.
You do that by enabling firewall logging of all incoming traffic and by inspecting the logs later on after an attack.
If the attack is a BW attack (traffic exceeding 300 mbps) then there's nothing you can do from home.

 

[bury]

Your story was very confusing to read/understand.
I guess I get it now.
It sounded kinda like you're hosting at OVH right now with the 300 mbps symmetric con speed, "OVH trying to access your FB", etc, but from what you've literally said and your last post it sounds like you're hosting at home.

First to clarify about OVH trying to log into your FB: The IP that tried to log into your FB that you checked and was found to be hosted by OVH was just a random OVH-server rented by a hacker/cracker/cyber criminal/whatever, not from the OVH staff.
If you'd like to engage in warfare with the hacker, you should report the incidence to OVH and perhaps his server will be suspended
Secondly, about DDoS attacks: You absolutely can't defend yourself from DDoS Bandwidth attacks by yourself/on a local computer. It can only be defended from at the ISP level.
However there are many (D)DoS attacks you can defend yourself from just by using a firewall that's configured properly (which is however a very hard and complicated task).
It sounds like your best choice is to move over to OVH if (D)DoS attacks continue to be a nuisance.
But if you choose to continue hosting at home, the first step you should take is to figure out exactly what kind of attack you're suffering from.
You do that by enabling firewall logging of all incoming traffic and by inspecting the logs later on after an attack.
If the attack is a BW attack (traffic exceeding 300 mbps) then there's nothing you can do from home.

This is very useful, Thanks.

Well I explained it the best I could, I can speak English more or less but if the topic is something hard to explain I speak it a little worse.
I sent an email to OVH, ofc I know is nobody from the staff. They told me they would check it.

I will try a kimsufi or soyoustart server to start configuring debian, it's the hardest part from me since I dont use it much.

@downloadnow

Well, The server was on for 1 month (testing everything). I open it, everything stopps working, net was down (yellow triangle in the status) and someone of OVH, the most used hosting service for hosting tibia, tried to enter my facebook. All this in 10 minutes.

Yes I'm not 100% sure, I've not checked the traffic, but my net doesnt never get down... so thats wierd.

 

[Znote]

Linksys routers usually has a DDNS service that will link to DynDNS.org. This basically allows your router to automatically notify and update the ip of your no-ip.org domain records when your IP changes. Might be worth a try for home hosted servers.
And about OVH trying to enter your facebook, its likely someone trying to hack your account using a proxy located in some OVH server. When you expose yourelf to the public it is important that you have a secure password, perhaps even use Two-factor authentication to secure yourself from intruders.

Any hardware with enough ram (max 4GB) is plenty to run OT servers. 300Mbit is also plenty for hosting.
Any home hosted servers are vulnerable to DDoS, when it comes to that, get a dedicated server.

In order to post in the advertiement section of otland, you need to comply with the board rules, read the sticky carefully before making a thread there, and allow up to a day for moderators to allow it if it requires moderation.
For reference, out of the last 20 threads in advertisement section, 9 of them got deleted for not following the rules.

 

[bury]

Linksys routers usually has a DDNS service that will link to DynDNS.org. This basically allows your router to automatically notify and update the ip of your no-ip.org domain records when your IP changes. Might be worth a try for home hosted servers.
And about OVH trying to enter your facebook, its likely someone trying to hack your account using a proxy located in some OVH server. When you expose yourelf to the public it is important that you have a secure password, perhaps even use Two-factor authentication to secure yourself from intruders.

Any hardware with enough ram (max 4GB) is plenty to run OT servers. 300Mbit is also plenty for hosting.
Any home hosted servers are vulnerable to DDoS, when it comes to that, get a dedicated server.

In order to post in the advertiement section of otland, you need to comply with the board rules, read the sticky carefully before making a thread there, and allow up to a day for moderators to allow it if it requires moderation.
For reference, out of the last 20 threads in advertisement section, 9 of them got deleted for not following the rules.

Thanks for the info, Znote. I though I was following the rules but I'll read them again when I advertise it again.

Yeah, I changed my password but I dont know how they could get it, it was a hard one. I was lucky because facebook made them the security control and I was fast and changed it fast... anyway I dont have anything important in my facebook so...

So with that RAM you can host a... for example 500 players server? 4GB is enough?

I had configured dyndns already, it was very useful. Tried turning off the router and when the ip changed it configures the no-ip.com automatically and makes the domain works. But... yeah it's useless watching the DDoS attacks, I'll get a kimsufi or soyoustart as I said, it must be enough I think.