We get many requests for IRC servers. At this time we do not allow them due to the frequency of DDOS they may cause. Is anyone supporting IRC? If so, what have you done with your network or what are your rules so the IRC server does not adversly affect your network?

Staminus has been very stable for me

server4you
I think offers

I think his questions was "Who offers IRC hosting," not because he's looking for some, but because he's wanting to know more about our leg of the industry.

BLCC offers IRC hosting. Right now filtering is performed by a set of ACLs at our uplinks border. Any attack that makes its way past the ACLs must be null routed. This is sometimes done proactively by the uplink, sometimes we perform the null route from our own route server (slaved into our uplinks routers via an internal AS), and in situations where the entire datacenter is on its knees, calls must be placed to the upstreams of our upstream (Global Crossing, AT&T etc).

Our future plans involve automatic null routing (recently acquired our own globally routable AS :D ) and passive filtering through an Astaro appliance (http://www.astaro.com , about $7k for the license and a total of about $12k if you want an appliance to go with it.)

If you decide to move foward with this, you're looking at putting a lot on the line and you'll be dealing with some decent sized gorillas (although your chances are a bit higher with FOONET as a thing of the past).

Best of luck :)

You can have an IRC server with globaldc.com. Maybe someone from there will respond to your question.

cheers

dats

I think it requires a good relationship with the upstream provider because if an attack comes in that saturates your total bandwidth then the only way you are going to make it not affect your network is if it's nullrouted or they filter before it hits your datacentre, if you want to be affective minimising downtime I would get some filtering in place with auto nullrouting setup behind it.

Jeff - Seems like you gave a pretty detailed explanation of what the poster was looking for :). FDC offers IRC, but they're down at the moment - http://www.webhostingtalk.com/showthread.php?s=&threadid=268915&perpage=15&pagenumber=1 .

-Josh

if you want to thrown your hard earned money in the trash or better yet, burn it, go with FDC.
Not only will you be unhappy in the long run, your customers will start to hate you.

There is definately an increased risk of irritating your web hosting customers if you decide to support IRC, so you really want to make sure you know what you're doing before you dive in.

if you want to be affective minimising downtime I would get some filtering in place with auto nullrouting setup behind it.

Not to be picky, but I would actually go with auto-null routing at the edge and put the filter appliance behind it ;) . To implement these solutions, you'll be hard pressed to find a router and appliance for less than $10k at the very least. (for single homed routing you can use a PC with GE interfaces and an open source program like GNU Zebra, http://www.zebra.org). This does not include the cost of bandwidth, labor, and lost business as a result of potentially reduced stability.

The only appliances i've seen that really protect against dos attacks are in the 50-100K range.. I'd be interested in checking one out that is in a lower price range (as long as it's an in-line device)
Also, never put irc servers on the same network as web servers :) bad bad bad idea.

Well , all i know is that IRC providers who provide IRCD's etc get DOS'd alot , ie pyroshells.com

:|

Originally posted by bigfoo
The only appliances i've seen that really protect against dos attacks are in the 50-100K range.. I'd be interested in checking one out that is in a lower price range (as long as it's an in-line device)
Also, never put irc servers on the same network as web servers :) bad bad bad idea.

Its actually an in-house appliance running commericial software. I'd be happy to show you one day if you want to drop me a PM with your contact info. :D