Cool Ideas Fibre ISP – Feedback Thread 4

PBCool

Cool Ideas
Company Rep
Joined
Jan 11, 2016
Messages
11,575
I know it's not for everyone, but I like my current setup. The rb3011 is kinda old now the the 5009 is out but it sits nice and was cheap.

0cb045fbd6d709cba4f393a1a2b3d57f.jpg
I have a similar setup as you actually, 3011 is fine for most stuff :). My point is if you are able to administrate it then use it, but most people do not. Tiks are always a great way to learn.
 

TheLostPacket

Active Member
Joined
Oct 31, 2019
Messages
41
I have a similar setup as you actually, 3011 is fine for most stuff :). My point is if you are able to administrate it then use it, but most people do not. Tiks are always a great way to learn.
Yeah most people dont know how to secure a Tik properly and then that Tik gets used in DDOS attacks etc
 

EpicPotato

Active Member
Joined
Feb 28, 2021
Messages
87
Disconnecting every minute. Not an exaggeration. Every minute and 30 seconds or so. Metrofibre Umbilo. It's been like this for 40 minutes.
 

PBCool

Cool Ideas
Company Rep
Joined
Jan 11, 2016
Messages
11,575
This still ongoing?

The primary path failed for a few hours from midnight and failed over to alternatives that weren't looking great.

We will change some path priorities a bit as the paths should be KZN JHB primary and KZN CPT secondary.
 
Last edited:

Tinuva

The Magician
Joined
Feb 10, 2005
Messages
11,218
Yeah most people dont know how to secure a Tik properly and then that Tik gets used in DDOS attacks etc
I think it actually goes further than just to secure it.

Mine was pretty much blocked off from the outside, but then since I had port 80/443/22 open, bots enjoyed to spam those and even eventually flooded my link making my internet unusable.

So now, I limit what is accepted directly to the outside interface.
80/443 is only open to CloudFlare IP ranges and I use CloudFlare to share my internal services for myself. While they all require logins, if a bot scan my direct ip it will look closed.
22 only open to required ip range.
ICMP is open to a select few ranges I believe is allowed to ping me. To do list is to still allow most CISP ranges or if I knew their source testing ip range I would add that.

Idea is that ip looks dead from outside. I think the only scannable port is the torrent app port unfortunately.

Most of the config on my router is scripted, so when I moved from a 750 to the 3011 I just used the scripts to get everything set up again, made the whole process real quick.

One thing, the last thing that infected an older ROS, was using an inside PC. I dont really know how to protect against that except have latest version with fixed and auth even forced from inside.
 

Benji_

Member
Joined
Dec 23, 2021
Messages
20
Is Eersteriver Vuma Reach also affected by Mitchell's Plain because i had no connectivity since 2am this morning, red LOS is flashing.
 

linkinpark

Expert Member
Joined
Jun 27, 2005
Messages
1,250
This still ongoing?

The primary path failed for a few hours from midnight and failed over to alternatives that weren't looking great.

We will change some path priorities a bit as the paths should be KZN JHB primary and KZN CPT secondary.

Seems to be resolved
 

Savy561

Well-Known Member
Joined
Oct 6, 2018
Messages
379
@PBCool Moving soon with openserve as the FNO. Are there any plans in the future to offer dedicated static ip's on openserves network?
 

chrisc

Honorary Master
Joined
Aug 14, 2008
Messages
10,407
As mentioned there were two replies to your query so I would recommend you maybe check your spam/junk folder?

We typically wouldn't recommend using the Mikrotik unless you personally want to and are able to administrate it? If I'm not mistaken it may still belong to Vox anyway?
I sent an email to Cool Ideas since there does not seem to be any provision for moving from one ISP to another, only to order a new service on the web form

Nothing in my spam or junk folder, are you using the correct address?

I tried in October to change to Afrihost who said they needed the line released from Vumatel before moving the service to themselves, but inquiring with Vumatel, I got some convoluted explanation that I did not understand, and nothing progressed as the line was “reserved” as they put it

Thank you
 
Top