Its been like this for like 15+ days
The top is my Linux node and the bottom is Windows.
Sorry if this was covered before. Up time for Linux (72hrs) Windows (106hrs) for August
Its been like this for like 15+ days
you must have had some downtime, and possibly gotten unlucky with how many audits hit the ap1 sat…
could be related to some of the recent audit issues with ap1, online score is an avg of 30 days of uptime, so should start to go up again soon… if there was a real issue you would see all satellites being affected.
give it time and it will recover just takes 30 days to fully go back to 100%
does seem very low, have you had any significant downtime over the last 30 days?
I don’t see how that could happen. Two nodes having perfect uptime for all but one satellite, but below 38% and 18% for the remaining one. You don’t get that unlucky and lucky at the same time.
No it can’t be. The effects of that issue are fully known and they don’t impact uptime.
Not necessarily. @rohnrob is it possible that you have a firewall that is blocking traffic from specific regions. ap1 is the Asia Pacific area satellite and depending on your settings it might be effected by region blocks.
true it does seem sort of odd, hadn’t considered the regional firewall option…
however it isn’t that uncommon to see rather large deviations in online score of a node, like easily 15-20% + because of the random audits and large variations in satellite data stored on nodes.
and if the internet had been down for both nodes i did consider it possible.
but i think you are right.
maybe… i duno… audits are what tracks uptime, and they did turn them off for ap1 for a while and then reset the audit score, don’t really think its impossible that it could have some sort of impact, if like lets say the node was offline during this period or whatever.
good point, my bad for not thinking of that option.
the deviation from nominal does seem rather extreme.
Correct, they are also what tracks DOWNtime. No audits, no downtime. It is unrelated.
Then please defer to people who do know.
OMG your right, I was getting hit by bots and I blocked countries (it just hit me), which ones should I unblock for ap1
you can’t really know where customers send data from, you will most likely need to block attacks on a semi live basis, you cannot assume that there couldn’t be customers behind addresses which previously have attacked you.
basically you will want node traffic to just go through unblocked.
that will be the network port you configured for the node… everything else you can block freely.
most attacks shouldn’t be very likely to aimed at the storagenode port, ofc it could be in which case one might want to move it to a different port.
you can’t know that resetting the audits score couldn’t have had an effect on a node for some reason, i also didn’t say it was what happened, just said it could be possible…
no reason to act like you know everything.
You can read the code - It’s source of truth. You just have a wrong assumptions here.
When the audit request is not answered - it will hit the online score.
If audit request is answered, successful or failed doesn’t matter, it doesn’t affects the online score, it can only increase it.
Simple. Incident with AP1 (dropping audit score) have nothing to do with dropping of online score for this exact user.
but its not what i’m talking about… i was talking about when the audit score was reset on ap1 across the network.
doesn’t matter it was clearly not the issue.
still i doubt anyone with easy could exclude that
Well countrywide banning is kind of like taking an axe to the problem. For the satellite itself, you likely need to allow China, maybe India. But as @SGC said, customers of any satellite could be located anywhere. This broad stroke approach doesn’t really fit with Storj and may lead to other issues as well. I would suggest instead to make sure all ports are closed from the outside with only intentional exceptions. And use something like fail2ban to automatically ban IPs that do too many login attempts on anything you want to be accessible from the outside. If SSH is one of those things, I would say think really hard on wether you actually need that. Ideally you would connect to your network over VPN instead and then route SSH through that. For both VPN and SSH it is recommended to use certificate based authentication as the preferred method. Or otherwise long random passwords. You can also use DDoS protection offered by many routers in addition to this.
UK and NL being quite important hubs in internet traffic, it is probably a very bad idea to block those anyway. You’re likely to run into things that break there. You also would not be getting any data i upload to Storj DCS as I am located in the Netherlands. Why do you ban me? What did I ever do to you?
Hey thanks for the suggestions I will check out fail2ban and also the DDoS feature. Lol I got a bunch from NL thats why, sorry. I will do more granular security.
Thanks for your suggestions also and quick reply!!!
with russia, china and lots of europa… being blocked it’s almost more surprising that more satellites aren’t acting up, i mean thats like 1/3rd of the land mass of earth…
but i guess in most cases that would just block customer traffic and not essentially count the node as offline so long as the sats can see it
Unfortunately you are wrong here… If the satellite traffic is blocked - the node will be accounted as offline and eventually can be disqualified.
that was literally my question, what if the satellite data wasn’t blocked only customer data.
Sorry, I didn’t realize that this was the question.
If you block only customer data, it will be bad for the customer - their software will receive a error instead of uploaded piece.
However, the satellite should remove this node from the cache but not reduce the online score as long as it answers on audit requests.