Hetzner releases new VPS line

These have quite a bit more resources per dollar/euro than their old VPS plans and they start cheaper: 4.64 euro incl VAT (3.90 euro if you're outside the EU) for a 1GB server with 25GB of SSD and 2TB bandwidth, not bad even by vpsboard standards.  They go up to 32GB/8 cores/600gb ssd for about 60 euro with vat, 50 euro without.  They come with 1 ipv4, /64 ipv6 subnet, and the (interesting) ability to store snapshots of the vps.  I don't know what virtualization but I'll guess openvz based on the features and OS selection.  I think the old ones may have been xen.

I've never used a Hetzner vps but am happy with my dedi with them, so thought I'd mention this here. 

Product matrix (US version):  https://www.hetzner.de/us/hosting/produktmatrix_vserver/vserver-produktmatrix

(DE version): https://www.hetzner.de/hosting/produktmatrix_vserver/vserver-produktmatrix

Quote said:

These have quite a bit more resources per dollar/euro than their old VPS plans and they start cheaper: 4.64 euro incl VAT (3.90 euro if you're outside the EU) for a 1GB server with 25GB of SSD and 2TB bandwidth

Click to expand...

The main changes for the 1 GB model is the switch to SSD, the  introduction of snapshots, and the ability to upgrade an existing VPS,  (and the lowering of the price from €5.80 ex vat to €3.90).  Disk space and bandwidth remain the same.  CPU speed of the new lineup is lower because they're using E5's (old lineup: 3400.022 MHz, new lineup  2099.998 MHz), and the new lineup's UnixBench score is much lower.

For the dd fans in the house, dd scores have improved to 259 MB/s from 61.2 MB/s.

UnixBench: old VPS line 1GB/1 core 2390, new VPS line 1GB/1core  1344 so a big decrease in UnixBench scores with the switch from E3's to E5's.

A comparison of old and new:

root@old-vps-line ~ # wget freevps.us/downloads/bench.sh -O - -o /dev/null|bash
CPU model :  Intel(R) Core(TM)2 Duo CPU     T7700  @ 2.40GHz
Number of cores : 1
CPU frequency :  3400.022 MHz
Total amount of ram : 1000 MB
Total amount of swap : 1020 MB
System uptime :   8 days, 2:45,       
Download speed from CacheFly: 11.7MB/s 
Download speed from Coloat, Atlanta GA: 2.15MB/s 
Download speed from Softlayer, Dallas, TX: 5.38MB/s 
Download speed from Linode, Tokyo, JP: 5.72MB/s 
Download speed from i3d.net, Rotterdam, NL: 6.22MB/s
Download speed from Leaseweb, Haarlem, NL: 15.9MB/s 
Download speed from Softlayer, Singapore: 2.42MB/s 
Download speed from Softlayer, Seattle, WA: 3.87MB/s 
Download speed from Softlayer, San Jose, CA: 6.05MB/s 
Download speed from Softlayer, Washington, DC: 4.30MB/s 
I/O speed :  61.2 MB/s

root@new-VPS-linel ~ # wget freevps.us/downloads/bench.sh -O - -o /dev/null|bash
CPU model :  Intel(R) Xeon(R) CPU E5-26xx (Sandy Bridge)
Number of cores : 1
CPU frequency :  2099.998 MHz
Total amount of ram : 1000 MB
Total amount of swap : 1000 MB
System uptime :   9 min,       
Download speed from CacheFly: 69.0MB/s 
Download speed from Coloat, Atlanta GA: 13.7MB/s 
Download speed from Softlayer, Dallas, TX: 13.1MB/s 
Download speed from Linode, Tokyo, JP: 8.76MB/s 
Download speed from i3d.net, Rotterdam, NL: 51.0MB/s
Download speed from Leaseweb, Haarlem, NL: 27.2MB/s 
Download speed from Softlayer, Singapore: 5.47MB/s 
Download speed from Softlayer, Seattle, WA: 10.7MB/s 
Download speed from Softlayer, San Jose, CA: 9.47MB/s 
Download speed from Softlayer, Washington, DC: 18.6MB/s 
I/O speed :  259 MB/s

New lineup UnixBench:

Benchmark Run: Fri Aug 28 2015 08:30:19 - 08:58:33
1 CPU in system; running 1 parallel copy of tests

Dhrystone 2 using register variables       26444785.6 lps   (10.0 s, 7 samples)
Double-Precision Whetstone                     3330.6 MWIPS (9.9 s, 7 samples)
Execl Throughput                               4800.0 lps   (29.8 s, 2 samples)
File Copy 1024 bufsize 2000 maxblocks        843857.0 KBps  (30.0 s, 2 samples)
File Copy 256 bufsize 500 maxblocks          230558.0 KBps  (30.0 s, 2 samples)
File Copy 4096 bufsize 8000 maxblocks       1442002.1 KBps  (30.0 s, 2 samples)
Pipe Throughput                             1559608.1 lps   (10.0 s, 7 samples)
Pipe-based Context Switching                 280058.9 lps   (10.0 s, 7 samples)
Process Creation                               9553.3 lps   (30.0 s, 2 samples)
Shell Scripts (1 concurrent)                   6257.7 lpm   (60.0 s, 2 samples)
Shell Scripts (8 concurrent)                    811.9 lpm   (60.0 s, 2 samples)
System Call Overhead                        3485622.8 lps   (10.0 s, 7 samples)

System Benchmarks Index Values               BASELINE       RESULT    INDEX
Dhrystone 2 using register variables         116700.0   26444785.6   2266.0
Double-Precision Whetstone                       55.0       3330.6    605.6
Execl Throughput                                 43.0       4800.0   1116.3
File Copy 1024 bufsize 2000 maxblocks          3960.0     843857.0   2131.0
File Copy 256 bufsize 500 maxblocks            1655.0     230558.0   1393.1
File Copy 4096 bufsize 8000 maxblocks          5800.0    1442002.1   2486.2
Pipe Throughput                               12440.0    1559608.1   1253.7
Pipe-based Context Switching                   4000.0     280058.9    700.1
Process Creation                                126.0       9553.3    758.2
Shell Scripts (1 concurrent)                     42.4       6257.7   1475.9
Shell Scripts (8 concurrent)                      6.0        811.9   1353.2
System Call Overhead                          15000.0    3485622.8   2323.7
                                                                   ========
System Benchmarks Index Score                                        1344.6

Quote said:

 I don't know what virtualization but I'll guess openvz based on the features and OS selection.  I think the old ones may have been xen.

Click to expand...

Old and new are KVM.  The usual list of Linux distributions. Windows Server 2012 R2 Standard Edition or Datacenter Edition are available on the 2GB and up servers.

Quote said:

 /64 ipv6 subnet

Click to expand...

Probably should be mentioned because it usually causes some people to freakout: your WHOIS info for the /64 will be public

...Core2 Duo on the old VMs (according to the benchmark script)? That has to be wrong. I'd assume they were using E3s on the old ones, right?

Anyhow. In every other way beyond per-core CPU power, this seems to be an upgrade for the clients, and at a lesser price. Probably a larger node with large SSDs; more financially viable for them to do than any E3 box could provide. I/O and network appear faster across the board. All good in my book.

T7700 CPU for VPS nodes?!?!?!?!  Say it's not true.   Ancient CPU and just a dual core.  Unsure why anyone would....

SSD + E5 is a nice combo.   No need to go there really, especially if buying gear instead of leasing / renting.  

/64 with public WHOIS is blah.   Unsure why guys needs all those IPv6 addresses other than for foolish bad behavior.  Enlighten little old me who has long survived with a single IP and often without any static IP.

drmike said:

T7700 CPU for VPS nodes?!?!?!?!  Say it's not true.   Ancient CPU and just a dual core.  Unsure why anyone would....

Click to expand...

3.4 MHz, so not a T7700, just done to mask the real processor used (similar to "Vultr Processor 2", etc).  Probably an E3-1245 or i7-4770 (the 2 dedicated 3.4 MHz they were selling last year).

drmike said:

/64 with public WHOIS is blah.   Unsure why guys needs all those IPv6 addresses other than for foolish bad behavior.  Enlighten little old me who has long survived with a single IP and often without any static IP.

Click to expand...

The public WHOIS is a RIPE SWIP requirement for IPv6 /64 or larger.  

Why give a user an entire /64?:  

•  /64 per LAN needed for autoconfiguration of  SLAAC , 
• blacklists issue SBL's based on the entire /64 not individual IPv6
• RFC's on allocation suggest /64 per device

Yes, I understand, certainly wasn't a T7700.

The /64 spec or no spec it's just insane to dole out IPs in such quantity.    Even with the internet of everything model, what are you going to do, assign an IP to every cell in your body?

I get the /64 request / commonness and even the SBL issues.   I just fail to see the end user justification / need for such ranges.  Seems short sighted as a spec and issuance.

The public WHOIS is a RIPE SWIP requirement for IPv6 /64 or larger.  

Click to expand...

Oh that's interesting, I hadn't heard it before.  But lots of hosts give out /64 and Hetzner is the only one that does this public whois thing, as far as I know.  What's going on?

Drmike, I agree giving out such huge subnets is wasteful, but there's 2**64 of them to go around... one nice thing about it is it makes port scanning impractical.  Put a private service on a random address from a /64 range and no one will find it by scanning.

Thanks DomainBop for the benchmarks and clarification about resources.  I guess I got confused and/or wowed by the new very large instances.  I'm surprised that the E5 benchmark is that much slower than the E3 and expect it would do better with real world applications where more stuff misses the caches.

drmike said:

Yes, I understand, certainly wasn't a T7700.

The /64 spec or no spec it's just insane to dole out IPs in such quantity.    Even with the internet of everything model, what are you going to do, assign an IP to every cell in your body?

I get the /64 request / commonness and even the SBL issues.   I just fail to see the end user justification / need for such ranges.  Seems short sighted as a spec and issuance.

Click to expand...

willie said:

The public WHOIS is a RIPE SWIP requirement for IPv6 /64 or larger.  

Click to expand...

Oh that's interesting, I hadn't heard it before.  But lots of hosts give out /64 and Hetzner is the only one that does this public whois thing, as far as I know.  What's going on?

Drmike, I agree giving out such huge subnets is wasteful, but there's 2**64 of them to go around... one nice thing about it is it makes port scanning impractical.  Put a private service on a random address from a /64 range and no one will find it by scanning.

Thanks DomainBop for the benchmarks and clarification about resources.  I guess I got confused and/or wowed by the new very large instances.  I'm surprised that the E5 benchmark is that much slower than the E3 and expect it would do better with real world applications where more stuff misses the caches.

Click to expand...

There's really no issue with /64s being handed out, nor is it necessarily "wasteful" (after all, IPv6 was designed with this kind of end user allocation in mind). It's apparently easier to route, and lets you run different applications on different IPs more easily. The whole point of IPv6 size is to make IPs not 'scarce' anymore, thus the size of the allocation doesn't really matter.

It certainly is desirable to have each device and application be directly addressable (security concerns aside, that's a separate discussion). The internet has lost many of its originally peer-to-peer properties due to the wide use of NAT in residential networks, and more decentralization is much needed. Directly addressable devices help with that, as you can now set up peer-to-peer connections without fragile idiocy like UDP hole punching, Universal Plug-and-Pray, and so on.

Almost bought one. Veered away last minute.
 

There's really no issue with /64s being handed out, nor is it necessarily "wasteful" (after all, IPv6 was designed with this kind of end user allocation in mind). It's apparently easier to route, and lets you run different applications on different IPs more easily. The whole point of IPv6 size is to make IPs not 'scarce' anymore, thus the size of the allocation doesn't really matter.

Click to expand...

That's a smart way of putting it. IPv4 artificial scarcity game became tiresome/tedious long ago.

OVH is at least headed in the right direction re: no monthly fees, but seems like a long game of catch-up and a long way to go for web hosting in general.

Fwiw, I notice ovh.us now has its 2016 line of vps's available in Canada (they've been available in France for some time).  They start at 3.50 USD for a 2GB Openstack KVM server with 10GB of SSD and DDOS protection, which seems pretty impressive to me:

http://www.ovh.com/us/vps/vps-ssd.xml

There is some comparison/benchmarks with the VPS "classic" at the bottom of the page linked above.   I had a "classic" 2.99/mo for a couple months and its performance seemed pretty good to me.  Its main annoyance was rebooting several times in the 2 months that I had it.  I posted a review of it in the reviews section if anyone wants to look for it.  It was OpenVZ slabbed under VMware which might explain its flakiness.  It's interesting that the new stuff is all KVM, including the more expensive "Cloud" vps's which used to be VMware.   Anyway, stuff is happening.

Not recommended for production because support for their new VPS line is only available Mon-Fri during office hours.

Quote said:

• Server problems
  Monday to Friday, 8:00 am to 6:00 pm CEST

Click to expand...

My VPS became unreachable about 1 hour ago, the control panel is showing it shut itself off, it's unbootable from the control panel.  The ticket I opened won't  get looked at until morning, so probably a minimum of 12 hours of downtime.

The other problem with Hetzner's new VPS line is that they suffer from a bug which causes Debian Jessie guests to report 100% CPU steal time after the VPS has been running for a day or two (I believe it is this bug: https://groups.google.com/forum/#!topic/ganeti/D2Yos3BShmc ).

edited to add: Robot is now displaying a 500 error when clicking on the server.

DomainBop said:

Not recommended for production because support for their new VPS line is only available Mon-Fri during office hours.

Quote said:

• Server problems
  Monday to Friday, 8:00 am to 6:00 pm CEST

Click to expand...

My VPS became unreachable about 1 hour ago, the control panel is showing it shut itself off, it's unbootable from the control panel.  The ticket I opened won't  get looked at until morning, so probably a minimum of 12 hours of downtime.

The other problem with Hetzner's new VPS line is that they suffer from a bug which causes Debian Jessie guests to report 100% CPU steal time after the VPS has been running for a day or two (I believe it is this bug: https://groups.google.com/forum/#!topic/ganeti/D2Yos3BShmc ).

edited to add: Robot is now displaying a 500 error when clicking on the server.

Click to expand...

It must be the month for "distributed storage systems" at hosting giants to suffer major malfunctions.  Earlier this month it was Leaseweb NL with a 2-day outage for some of its VPS/cloud customers (including me), and now Hetzner having problems with its storage system.

Quote said:

An error in the distributed storage system of the vServers led to a severe loss in performance. To resolve this issue your vServer had to be shut down. After the error has been resolved, the storage system is fully operational again. Your vServer was automatically started.

Click to expand...

I notice all Hetzner servers except for the little ARM boards seem to now come with unlimited bandwidth (they got rid of the old caps). This includes the VPS line and the x86 dedis including the auction ones. Of course their network is slow enough that it might have been hard to reach the caps anyway.

They also increased the capacity of the storage servers making them quite attractive (i7-3770 with 32GB ram and 4x 6TB drives for 69 euro/month), and have some storage offers (ftp/scp, not vps) at under 0.5 eurocent/GB/month in 2TB and up sizes (smaller ones are more per GB). This was a few weeks ago but dropping the bandwidth cap is more recent. Interesting stuff. The bandwidth cap thing was probably to match OVH but it's nice that large storage from real providers has suddenly gotten a lot more affordable.

willie said:

but dropping the bandwidth cap is more recent. Interesting stuff. The bandwidth cap thing was probably to match OVH but it's nice that large storage from real providers has suddenly gotten a lot more affordable.

Click to expand...

Second that. Their connection is not bad at all and no cap on bandwidth is a good deal.

I notice OVH now has its public cloud stuff available on the US site, and the older Runabove stuff has possibly gone away.  So they have very large VPS available (like 16 vcore and 240GB of ram) and you can also get their VPS SSD with Openstack add-on options and hourly billing.  They seem to charge 2x as much per hour for hourly billing than for monthly.  I don't know if there's a cutover or if you have to choose ahead of time.

willie said:

I notice all Hetzner servers except for the little ARM boards seem to now come with unlimited bandwidth (they got rid of the old caps). This includes the VPS line and the x86 dedis including the auction ones. Of course their network is slow enough that it might have been hard to reach the caps anyway.
 

Click to expand...

I still see this:


" *There are no charges for overage. We will permanently restrict the connection speed if more than X TB/month are used (the basis for calculation is for outgoing traffic only. Incoming and internal traffic is not calculated). Optionally, the limit can be permanently cancelled by committing to pay € 1.39 per additional TB used. Please seehere for information on how to proceed. "


Nothing about unlimited bandwidth on their News section either.

Yeah, the limits seem to be back.  I may have gotten confused or something but they did seem to be gone for a while.  I also noticed there was no news announcement.  No way to know what happened, I guess.

Dear Sir or Madam


We are contacting you today to inform you of a potential security risk
in the SSH service of the following rented servers:


CX10 #450334 (78.xxx.xxx.xxx)


An SSH server uses host keys to uniquely identify itself to connecting
clients. These keys are normally automatically regenerated each time a
new installation of the operating system is done.


Due to an error in the installation software introduced on April 10th,
2015, the Ed25519 SSH host keys (/etc/ssh/ssh_host_ed25519_key) on our
standard images were no longer individually regenerated.


This resulted in identical Ed25519 SSH host keys for each affected OS
image.


An attacker could use this situation to compromise or eavesdrop on the
SSH communication between the client and the server using a
man-in-the-middle attack.


However, due to the security of our network setup, such an attack within
our network is highly unlikely as each server can only directly
communicate with the corresponding router.


Nevertheless we would like to urge you to replace the Ed25519 SSH host
key of your server as soon as possible. The other host keys (RSA, DSA,
ECDSA) are not affected and are unique.


Instructions and information on how to replace the host key can be
found in our wiki under http://wiki.hetzner.de/index.php/Ed25519/en


At this point we would like to thank our customer Arendsen Thomas Hein,
Intevation GmbH. He alerted us to this problem yesterday afternoon. The
error was promptly corrected, and installations after December 29th,
4 pm are no longer affected.


For any queries please do not hesitate to contact us. In this case
please send a support request to [email protected].


Thank you for your understanding.


Kind regards


Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen / Germany

Click to expand...

"The error was promptly corrected"


'error' began April 10th, fixed December 29th.  8 1/2 months isn't my definition of prompt

I notice all Hetzner servers except for the little ARM boards ...

Click to expand...

Hetzner lowered monthly prices but they're charging much higher setup fees.  Prices on the cheapest EX41/EX41SSD are now 39 euro ex VAT but setup fees are 79.


ServerBidding has some good deals now though.  I picked up 2 E5-1650v2 w/64GB RAM 2 x 240GB SSD this weekend for 58-59 euros each .  They also have i7-2600/3770 and E3-1245 for 27-30 euros ex VAT.


Hetzner also released a line of storage boxes last month: 500GB storage for 4.90 euro ex VAT, 1TB for 7.90, 2TB for 9.90


https://www.hetzner.de/us/hosting/produktmatrix/storagebox-produktmatrix

I think the setup fees for the EX41 line are the same as the old fees for the EX41 line, i.e. the monthly rental is lower but the setup fee stayed the same.  It also looks like they quietly got rid of the ARM server (AX) line.  Probably nobody wanted to pay the setup fee to try it out. 


The storage box (BX) plan is similar to the old backup plan, except now it's exposed to the internet, and it's a lot cheaper than the old plan.  The backup plan still exists and the price/GB is now the same as the BX plan.  Both are very attractive price-wise.  I could see getting the backup plan (same as BX but only accessible from the Hetzner network) instead of the BX as a bit of extra security.  Most of my storage is on a Hetzner server right now anyway.


FWIW, I just ordered a 100GB BX container to try it out.  Of course it gets much more economical at the 2TB level and I'll probably get that eventually.

Update: I got the storage box (BX-100, 100GB).  It's most usable by sftp and scp, and you can mount it as sshfs though I've always heard sshfs has reliability problems (it works through sftp under the covers, I think). 


I sftp'd a 1gb file to it from my Hetzner dedi and got 50MB/s transfer, pretty good.  It supports up to 10 concurrent connections.  You can change the BX size on the fly using the Hetzner robo console.  I don't know how that is reflected in billing.  They don't tell you which data center the server in, but I might open a ticket inquiring.  It would be nice to have multiple BX's in separate DC's to have some spatial redundancy. 


Overall this is not the cheapest storage out there, even at the 2+ TB level, and it's limited in flexibility (scp/sftp only, no rsync, no S3, etc).  But I still think it's a good product, at least for users already hosting servers at Hetzner.  It's fast, traffic over the Hetzner network is free, and (maybe this is wishful thinking) I feel a bit less worried (in terms of sudden deadpool etc.) about storing the data at Hetzner than at some of the lesser-known VPS companies.