KYAU Network

From Wiki³
Icon  Back to Main Page

Icon KYAU Network

KYAU Network is powered by Arch Linux and KYAU Labs. While once utilizing dedicated servers to power, everything is now located on-site via the local KYAU Labs datacenter with external access being routed through a VPS using a Wireguard VPN. KYAU Labs chiefly utilizes Kernel-based Virtual Machines (KVM) to separate services onto separate virtual machines (VMs). Each VM and/or VPS is setup using kyaulabs/aarch. The service VMs themselves are run using Libvirt with the disk volumes sitting on LVM thin volumes on-top of RAID10(far2).

Icon Security & Reliability

Our network has been setup with security and reliability as our two primary focus points. Our DNS server has been setup to achieve an A+ with 100% in all four categories on DNS Spy. Our web server, running nginx with Let's Encrypt SSL certificates, has been setup to achieve an A+ rating with 100 points in every category on SSL Labs.

IconWe are currently looking for a low-end, multiple IPv4, VPS provider on a separate network/continent for our slave DNS server
Icon Arch Linux x64_86
NEUTRON
Icon Supermicro X9DR3-F ATX Server Board
Icon 2x Intel Xeon E5-2650 v2; (20M Cache, 2.6GHz, 8.0 GT/s QPI)
Icon 2x Noctua NH-U9DX i4 CPU Fan
Icon 2x Noctua NF-R8 redux Case Fan
Icon 6x SAMSUNG 8GB PC3L-10600R (2Rx4, 1.35V, ECC Registered)
Icon 4x SAMSUNG 4GB PC3L-10600R (2Rx4, 1.5V, ECC Registered)
Icon EVGA GeForce GTX 960
Icon LSI 9207-8i SAS Host Bus Adapter
Icon SAMSUNG SSD 830 Series 128GB
Icon 2x HGST Ultrastar C10K900 600GB 2.5" SAS2 10000RPM
Icon 2x Seagate Barracuda 5TB 2.5" SATA 6Gb/s
Icon InWin R400-03N Open-Bay 4U Server Case
Icon 1Gb/s (unmetered)

Icon Why Arch Linux?

Arch Linux was an in-house decision not taken lightly, in 2013 the switch from FreeBSD to Arch Linux was made without regret. Running Arch Linux on a server in a production environment is very feasible, provided you know a bit about security and keep on top of advisories. That being said we do not live in a perfect world, and server logs are proof of that.

Icon History

 
2020-03-03 : KYAU Labs main server rebuild.
2018-04-25 : Services have been relocated to KYAU Labs.
2017-08-15 : Migration to E5v2-SAT-1-16 complete.
2017-08-13 : E5v2-SAT-1-16 setup complete: OVH: Custom Installation, Hardening Arch Linux, KVM on Arch Linux
2017-07-29 : E5v2-SAT-1-16 purchased from OVH SYS in their BHS datacenter to replace the KS-8G.
2017-07-24 : VPS-SSD1 purchased from OVH in their BHS datacenter for the creation of tutorials.
2013-12-10 : KS-8G dedicated server purchased from OVH in their BHS datacenter. Terminated
2013-05-31 : SP 16G dedicated server purchased from OVH in their BHS datacenter. Terminated
2013-01-13 : KS1 dedicated server purchased from OVH in their BHS datacenter. Terminated

Icon Network

The following is the complete network setup for everything that the KYAU Network is currently running.

Network Overview
Machine/VM OS Hostname vMAC Location IPv4 IPv6
E5v2-SAT-1-16 Arch Linux neutron.kyau.net OVH.CA 158.69.253.213/32 2607:5300:120:dd5::/64
bind Arch Linux dwarf.kyau.net 02:00:00:72:47:2b OVH.CA 142.44.172.223/32
142.44.169.173/32
2607:5300:120:dd5::1/64
sql Arch Linux nova.kyau.net 02:00:00:4d:3b:3b OVH.CA 142.44.152.32/32 2607:5300:120:dd5::2/64
nginx Arch Linux pulsar.kyau.net 02:00:00:bc:c2:b7 OVH.CA 142.44.172.255/32 2607:5300:120:dd5::3/64
backup Arch Linux blackhole.kyau.net 02:00:00:2a:70:29 OVH.CA 142.44.179.213/32 2607:5300:120:dd5::4/64
shell OpenBSD raptr.kyaulabs.com 02:00:00:6a:8a:64 OVH.CA 167.114.151.176/29 2607:5300:120:dd5::5/64
devel Arch Linux dev.kyau.net ?? OVH.CA ?? ??
512MB SKVMS Arch Linux ecko.kyaulabs.com 00:16:3c:c9:e4:db RamNode (SEA) 107.191.104.151/32 2604:180:1:447::2/64

Icon Shell Box

The shell box is our on-going experiment/education in security. It is powered by OpenBSD and is open to anyone, provided they are willing to go through the application process. More details should be available soon.

IconWARNING: The Shell Box was shutdown once the network was brought in-house.

"One of the things I have always wanted to do since I was a younger was to run a shell provider. Shy of some dabbling with Slackware, which I installed from a CDROM I got in the back of a book at the local library (pre-internet joys), this was my first major introduction to Linux and the command line. I spent a good majority of my youth on IRC messing around with "shells". I even got my first major introduction to programming (aside from BASIC and HTML) when I started coding botnet scripts for eggdrop in TCL." ~Kyau

Shell Box
VHost IPv4 IPv6 Source
raptr.kyaulabs.com 167.114.151.176/32 2607:5300:120:dd5::5/32
?? 167.114.151.177/32 2607:5300:120:dd5::6/32
quantum.protoco.de 167.114.151.178/32 2607:5300:120:dd5::7/32
ansi.bbs.io 167.114.151.179/32 2607:5300:120:dd5::8/32
openbsd.efnet.de 167.114.151.180/32 2607:5300:120:dd5::9/32
?? 167.114.151.181/32 2607:5300:120:dd5::a/32
?? 167.114.151.182/32 2607:5300:120:dd5::b/32
?? 167.114.151.183/32 2607:5300:120:dd5::c/32