A quick search through Google and I find more articles talking about how slick the new release is or how fast it starts up and shuts down. If these articles are anything to go by, then the developers have clearly met one of the goals set by their BDFL, Mark Shuttleworth: Shorter boot speeds, some as short as 25 seconds, ensure faster access to a full computing environment on most desktop, laptop and netbook models. But I fear that the developers have focused on these goals too much that they lost focus on two of the most important things for (most) end users: system stability and seamless upgrades.

I have been using Ubuntu since the very first release (Ubuntu 4.10) and I have used every single release since then. I use my computer for 8 hours a day at the very least. I have several projects that I maintain and file system integrity is very, very important for me. System stability is something that I expect from a “stable” release. Almost all of the Ubuntu releases so far have been very stable. The 8.04LTS release had a few issues with Flash crashing under 64-bit Firefox and Wi-Fi would die abruptly and get back up again but that’s about it. The 8.10 release had a very annoying kernel bug that took 5 months for a fix to be released.

Upgrades between releases have always been pretty painless for me. I don’t do a lot of funky stuff like installing packages directly from sources and certainly none of that “automatix” crap. Upgrades via “Update Manager” have always worked for me, with very few problems. I have come to depend on the fact that I can simply fire issue an update-manager -d and everything falls into place more or less correctly. At the end of an upgrade the most that I needed to do was to tweak a few config files, re-enable some repositories that were disabled during the upgrade and I’m done.

The upgrade process from 8.10 to 9.04 went without a hitch. I would even be inclined to say that it was flawless. What disappoints me so much to the point of frustration was that the apparently flawless upgrade had a couple of very nasty gremlins under the hood. When I rebooted my laptop after the upgrade, the Bluetooth light. It did this every single time I booted up. It is not supposed light up if I had it off when I shut down. The much touted 25-second boot up time was a no show. Boot up speed was more or less the same for me.

On my first boot up after upgrading, I was about to update my Medibuntu packages. After hitting “Reload” on Synaptic, it complained about not being able to write to the file system because it was mounted as “read-only”. Uh-oh! This could only mean one of two things: full disk or file system corruption. I thought that this was only a post-upgrade hiccup and it should go away on the next reboot. I rebooted, cleaned up my APT package cache to make sure that I had enough disk space on my root file system and I was able to update the Medibuntu packages.

The next day, I spent most of my time trying to figure out how to turn off the damned Bluetooth light which seems to come on every time the ACPI subsystem was initialized on boot. The config files I tweaked required me to reboot in order to see if they worked in keeping the Bluetooth light off. At one point, rebooting caused fsck to run and it reported that my root file system had errors that needed a manual fsck. I ran fsck manually and there were quite a lot of errors that needed fixing, mostly having to do with unused inodes. During the repair stage, one of the libsvg library files were hosed, causing startup of some of my GNOME panel applets to fail. I reinstalled the library and that fixed it. A couple more reboots and I then fsck was forced to check my home partition because apparently, it was not unmounted cleanly. Boot-time fsck failed with errors and required me to run it manually. In the manual run, it reported a whole lot of unused inode errors, several superblock errors, and directory errors. I lost one photo file in my F-Spot Photos folder. I was starting to get really nervous now. All my project repositories are in my home partition. I can’t afford to lose any of those files so I decided to take a snapshot and dump it on an external hard disk.

I spent all day long rebooting and running fsck. This was because something would crash at some point because of some library not loading. At one point I even ran memcheck to see if it wasn’t my memory. This laptop is only about 7 months old and I would be really disappointed if this was caused by hardware failure. In my previous experience, file system corruption was usually caused by a bad memory stick. Fortunately there were no problems reported by memcheck. fsck with bad blocks checking reports no bad blocks on my hard drive. I can only come to the conclusion that this is a software problem caused by the upgrade. After several more crashes and fsck runs reporting more of the same thing, I was frustrated and I finally gave up. I downloaded the ISO image for Ubuntu 8.10, hoping that it would not crash during download and completely hose my home file system. I had no choice at this point and I wiped my root file system and installed Ubuntu 8.10, which surprisingly caused the Hibernate function to work.

It was a really disappointing and frustrating experience. I think the Ubuntu team has succeeded in their goal of trying to out-Windows Windows. This latest release was so unstable that it made me long for the good old days of Windows ME. This unhealthy obsession with faster boot and shutdown times is causing them to lose focus on system stability and seamless upgrading. I can’t see how having the fastest boot and shutdown time will help make Ubuntu any more useful than it is right now. I don’t really give a flying fart if the OS boots in 25 seconds or 25 minutes. I don’t really care about how slick the on-screen system notifications are. All I really care about is a clean, stable, easily maintained and easily upgraded operating system that does not play Russian Roulette with my files. Hopefully the Ubuntu team gets through this “my OS can boot faster than yours” phase and start working on the more important things. Otherwise, we will all be stuck with an OS that can do nothing more than boot and shutdown: Really fast.

Side note: A “Jackalope” is a mythical creature and sightings of this creature have been attributed to rabbits infected with the Shope Papilloma virus. I think the codename really suites the 9.04 release. It’s a beast that has sprouted some rather curious but completely useless appendages at the expense of being healthy.

a

There are a some things on this laptop that really irked me. For one, there’s the design. When the thing is closed, it looks like this black gem on your desk. While it’s not as good looking as a Macbook Pro, it’s not half bad either as long as you keep it closed. Opening it is another story, “ceramic” is just a fancy term for “all you get is a boring gray plastic finish”.

Another thing is that the keyboard has that “cheap plastic” feel to it. As a programmer, I spend inordinate amounts of time typing and a good keyboard is a must. There are times when the left Ctrl or Shift key would get stuck and it would pop out making a scary “click” sound. When I first heard that sound, I thought something had just overheated and popped.

But these are minor annoyances compared to the biggest annoyance of all.

Acer calls it “Empowering Technology”. It’s virtually impossible to get just a clean Windows install on new laptops these days without having to go buy a barebones kit and making one yourself. I don’t know what it is with these manufacturers these days but a lot of them have been shipping units without system recovery discs. My wife’s HP Compaq laptop didn’t come with a recovery disc and neither did this Acer. They want you to burn your own copy of the recovery discs on DVD+R. Say what?!? In my experience, those things don’t even last more than a year even if kept in a “cool, dark place”. I really don’t understand why they can’t just provide a pressed DVD like they used to. If this is supposed to stop piracy, then it’s not working. I have seen OEM copies of Vista floating around on “scener” sites and on TPB, fully patched to SP1 and the latest updates! “Empowering” indeed.

While I can live with not having pressed recovery DVD’s and pre-installed crapware, the thing that really irks me the most is the fact that I cannot upgrade my ATI drivers. I tried downloading the latest drivers from the ATI website but they won’t install. Even though the installer finishes without problems, it does not install the latest CCC and the drivers. It stays stuck on the drivers provided by Acer which are over a year old. After a bit of searching I found this statement from ATI:

Currently AMD does not provide any driver support for Mobility Radeon™ products. All driver and technical support for Mobility Radeon™ products is provided by the original laptop or notebook manufacturer. The drivers that are available for download at ati.amd.com are for desktop products only.

To download Windows Vista Mobility Radeon™ drivers or driver updates for your laptop or notebook product, please visit your laptop or notebook manufacturer’s website.

So I’m stuck with the Acer provided drivers? The suck just keeps on getting stronger on this one. While I can understand the reasoning behind this, OEM’s want to be able to control everything on both hardware and software fronts as much as possible. They modify the drivers to make sure that they work properly. But the only modifications I can see on the Acer provided drivers is that the CCC is crippled to the point of being completely useless. There is no “Advanced” CCC with the Acer provided drivers. The “Advanced” CCC is important because there are many tweaks and settings that you can only access using the “Advanced” view. Most important for me is the option to “Preserve Aspect Ratio” when switching from 16:9 to 4:3 resolutions. Some games I am running do not have support for widescreen and so I have to fall back to using standard resolutions (800×600).

I have heard of the so-called “Omega ATI Drivers” which are supposed to allow you to install the ATI Desktop drivers on ATI Mobility hardware. At the time of writing, they only support Windows XP. After a few more days of searching I finally stumbled on this thread from FPSLabs Forums which led me to this website. After following the instructions on DriverHeaven.net, I was able to install the latest ATI drivers with a full-featured CCC. So far, everything seems to be going along swimmingly. I must stress that following the instructions on DriverHeaven.net may probably void your warranty as you will be running unsigned drivers (not signed by WHQL). But I have read my Warranty Information Booklet and there is nothing in there that implicitly or explicitly states that installing the “reference” drivers from ATI will void my product warranty. It is clear though that I cannot expect any help from either ATI or Acer if there are any problems caused by the driver.

Remember, if things go haywire you can always undo the driver installation using Vista’s “System Restore” feature.

a

I have seen this page before. Berger had the same problem when we were moving our arsenic.ph domain to our shiny new server. Here’s what he was getting at the time:

It also appears that we were not the only ones affected by this issue. There are others who are also getting this strange page.

WTF?!?

The first time I came saw this problem was when we moved our arsenic.ph domain name to our new server. There were, admittedly, a few kinks that I had not worked out yet and DNS was among them. I was able to access our home page with no problem. But Berger complained to me about getting this “search results” page and my first suspicion was that his PC had been hijacked and that DNS queries were going somewhere else. But then he’s using a Mac. You can deny it as much as you would like, but Mac users are not immune to pwnage. I found instructions on how to reset the DNS cache for Mac OS X. We tried it to no avail. Eventually he ended up doing a wipe-n-load on his Macbook Pro.

Eventually, our new DNS settings have propagated throughout the whole DNS network. So arsenic.ph can now be accessed with no problems. I forgot about it but then it reared it’s ugly head again last night. I thought that my laptop had been hijacked so I ran HijackThis which found nothing out of the ordinary. I also downloaded and ran Spybot Search and Destroy. Nothing suspicious. Short of doing a full system scan with my AV software, I decided to take a different route.

I rebooted to Linux. Typed vim.org in Firefox and it automagically redirects to www.vim.org, Vim’s home page as it should. So what was triggering the “Search Page” on Windows?

meridiantelekoms.com is Sucks

To understand the problem, you need to understand what your OS does when you type in a bare domain name in your browser’s address bar. Typically it goes something like this:

Your OS will try to find the domain name in its local DNS cache. If this fails, it will query your first DNS server. If connecting to your first DNS server fails, it will try to connect to the second one in the list (some systems allow up to 5 backup DNS servers). If the DNS query does not return a usable IP address, your system will fall back to whatever it is you have as your “Primary Domain Suffix”. It will tack your primary domain suffix to the end of the domain name you have just supplied.

For example, you type in “nonexistentdomain.none” in your browser’s address bar. Your OS will go through with the usual query chain before giving up and using your supplied primary domain suffix. For SmartBro customers, your primary domain suffix is “meridiantelekoms.com” by default. So “nonexistentdomain.none” will be turned into “nonexistentdomain.none.meridiantelekoms.com”.

Let’s take a look at what “meridiantelekoms.com” looks like:

Look familiar? It appears that some uberleethax0r has taken over the meridiantelekoms.com website. Here is the whois data for meridiantelekoms.com as domaintools sees it.

Here is the relevant part of the whois data as reported by the command line whois tool that I have installed on Linux:

Registrant:
Maagdenberg, Ubbo
   Wilhelimanstraat 9
   Haarlem 2011vh
   NL

   Domain Name: MERIDIANTELEKOMS.COM

   Administrative Contact, Technical Contact:
      Maagdenberg, Ubbo                
      Wilhelimanstraat 9
      Haarlem 2011vh
      NL
      +31.003123 fax: +31.003123

   Record expires on 07-Oct-2008.
   Record created on 07-Oct-1999.
   Database last updated on 14-Jul-2008 12:30:54 EDT.

   Domain servers in listed order:

   NS5.WORLDNIC.COM             205.178.190.3
   NS6.WORLDNIC.COM             205.178.144.3

This “Ubbo Maagdenberg” person probably bought the expired meridiantelekoms.com domain and configured it to point to this “Relevancy Searcher” page that you keep getting if you try to enter a non-existent domain name. At the moment, this is slightly annoying when you get this “Relevancy Searcher” page. But this can turn dangerous if the server running at the IP address 69.64.58.30 was hax0red and began serving malware to unsuspecting passersby on the Smart Broadband network. It can also be turned into a staging area for man-in-the-middle attacks.

How Do You Fix This?

The fix is pretty simple if you’re behind a router. Just set your router up so that it supplies “.” (dot/period) as the Primary Domain Suffix to DHCP clients. On my WRT54G router, this can be set up under the “Basic Setup” page of the “Setup” tab on the router’s web-based admin interface. Simply change the “Domain Name” field to say “.” (without quotes).

It’s a bit more involved if you’re directly connecting your PC to your SmartBro. It depends on what OS you’re running. If you’re running Windows, the instructions found here may help. It’s for Windows 2000 but it’s still usable under Windows XP.

If you’re running Linux and your distribution is using NetworkManager or some weird automatic network configuration daemon, then you need to go to your Linux distribution’s forum and try searching for “networkmanager resolv.conf”.

For Mac OS X, you’re on your own for now, at least until September of this year.

a

encfs: error while loading shared libraries: librlog.so.1: cannot open shared object file: No such file or directory

It turns out that there has been a recent update to rlog and the encfs package was somehow left out of the rebuild. It also appears that the encfs package has disappeared from the Arch Linux Community Repository.

I have been rolling my own Arch Linux packages for quite a while now. I have been using a few locally built packages on my system. Since I already have two custom packages that I wrote myself, I figured it would be a good idea to share them. I’m too lazy to register with AUR and upload these packages and it would be likely that I would forget about updating them as well. So I am posting them here for consumption by the general public.

Download the Arch Linux source package for encfs here. To build this:

1. Make a directory to hold the files contained in the encfs source package.
2. Unpack the tarballed source package into the directory you created.
3. Install boost. Boost is a C++ library that is used by recent versions of encfs. You will also need to install fuse in case you don’t have it yet.
4. Change into the encfs source package directory you made and run makepkg -c. This will download the source for the current version of encfs. When makepkg finishes you will end up with an installable package in your current directory.
5. Install the package using pacman encfs-1.4.2-1-i686.pkg.tar.gz (replace encfs-1.4.2-1-i686.pkg.tar.gz with the correct filename for your custom-built package.)

There you go. You should have encfs working now.

You can also find pyme in my AUR directory.

a

Running sql-bench/run-all-tests from the mysql-benchmark suite I got the following:

alter-table: 
Total time: 14 wallclock secs ( 0.01 usr  0.01 sys +  0.00 cusr  0.00 csys =  0.02 CPU)
ATIS: Total time:  3 wallclock secs ( 2.58 usr  0.10 sys +  0.00 cusr  0.00 csys =  2.68 CPU)
big-tables: Total time:  5 wallclock secs ( 2.33 usr  0.17 sys +  0.00 cusr  0.00 csys =  2.50 CPU)
connect: Total time: 49 wallclock secs (12.93 usr  7.55 sys +  0.00 cusr  0.00 csys = 20.48 CPU)
create: Total time: 59 wallclock secs ( 1.06 usr  0.50 sys +  0.00 cusr  0.00 csys =  1.56 CPU)
insert: Total time: 853 wallclock secs (151.16 usr 20.44 sys +  0.00 cusr  0.00 csys = 171.60 CPU)
select: Total time: 42 wallclock secs (13.51 usr  1.32 sys +  0.00 cusr  0.00 csys = 14.83 CPU)
transactions: Test skipped because the database doesn't support transactions
wisconsin: Total time:  3 wallclock secs ( 1.18 usr  0.27 sys +  0.00 cusr  0.00 csys =  1.45 CPU)

As I had suspected, insert performance was way too slow. In this case it took over 14 minutes to run the entire test-insert suite which runs about 500,000+ queries. Normally this would not be an issue but SugarCRM has a lot of inserts to do when it creates a new user or a new role. Clearly something needs to be done about slow inserts. Turn out MyISAM is not really good when it comes to inserts so MySQL needs a little help on the configuration side to improve things.

After about half an hour of playing around with /etc/my.cnf I finally managed to cut down execution time for inserts while keeping the other operations at almost the same level of performance. The results:

alter-table: Total time: 14 wallclock secs ( 0.01 usr  0.01 sys +  0.00 cusr  0.00 csys =  0.02 CPU)
ATIS: Total time:  3 wallclock secs ( 2.58 usr  0.08 sys +  0.00 cusr  0.00 csys =  2.66 CPU)
big-tables: Total time:  5 wallclock secs ( 2.32 usr  0.21 sys +  0.00 cusr  0.00 csys =  2.53 CPU)
connect: Total time: 46 wallclock secs (13.42 usr  6.37 sys +  0.00 cusr  0.00 csys = 19.79 CPU)
create: Total time: 60 wallclock secs ( 1.07 usr  0.59 sys +  0.00 cusr  0.00 csys =  1.66 CPU)
insert: Total time: 439 wallclock secs (141.66 usr 21.48 sys +  0.00 cusr  0.00 csys = 163.14 CPU)
select: Total time: 43 wallclock secs (13.57 usr  1.40 sys +  0.00 cusr  0.00 csys = 14.97 CPU)
transactions: Test skipped because the database doesn't support transactions
wisconsin: Total time:  3 wallclock secs ( 1.21 usr  0.24 sys +  0.00 cusr  0.00 csys =  1.45 CPU)

That’s a 64% improvement in the insert benchmark, the rest of the benchmarks are largely unchanged. The whole shebang of settings are as follows:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip-name-resolve
back_log = 75
max_connections = 500
key_buffer = 384M
myisam_sort_buffer_size = 64M
join_buffer_size = 1M
read_buffer_size = 1M
sort_buffer_size = 2M
table_cache = 1800
thread_cache_size = 384
wait_timeout = 7200
connect_timeout = 10
tmp_table_size = 64M
max_heap_table_size = 64M
max_allowed_packet = 64M
max_connect_errors = 1000
read_rnd_buffer_size = 524288
bulk_insert_buffer_size = 16M
query_cache_min_res = 2K
query_cache_limit = 4M
query_cache_size = 32M
query_cache_type = 1
query_prealloc_size = 65536
query_alloc_block_size = 131072

Most of these settings came from here: http://www.debianhelp.co.uk/mysqlperformance.htm. I played with some of the settings based on sql-bench results in addition to using mysqlreport to further fine-tune the settings. You might need to adjust your own settings to match your needs though. As for me, I’m happy with the results although I know things can be further tuned for performance using OS-level tweaks. But as far as I can tell, OS-level tweaks will only cause marginal performance improvements anyway.

Oh, and as for SugarCRM I removed it and used vTiger instead,

a

It’s been quite a spectacle ever since I saw that security vulnerability report on the NVD RSS feed. Even though the bug has been patched and fixed, system administrators are now left with the task of cleaning up the mess. It would have been OK if it only affected Debian and Debian-based systems. But it turns out the damage is far reaching. Even if you don’t run Debian, if you are using SSL certificates generated by a CA who generated the certificate using a Debian system, your SSL certificate will have to be revoked and replaced! See here.

Amazing what a couple of lines of code can do.

a

I even went as far as regenerating my self-signed SSL certificates to be sure I had everything buttoned down. This just another one of those face-in-palm moments where the cause of the problem was so obvious. I forgot to enable SMTPS in master.cf. I simply uncommented the following lines in master.cf:

smtps     inet  n       –       n       –       –       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Then I restarted Postfix and nmap now reports port 465 open.

a

For a Beta release, Firefox 3 is pretty solid and feels really fast. I haven’t had nspluginwrapper crash on me yet, as opposed to the previous version which would crash from time to time especially when viewing sites with multiple Flash movies. Hopefully, Evolution mail client crashes have been fixed in this LTS release. It’s caused me a lot of grief before when it would crash randomly and then keep crashing when I restart it.

Desktop effects still suck though. When I enabled it, I still get that ugly black screen flash whenever I start Firefox. The new clock applet finally supports multiple timezones, very useful since I deal with clients in different timezones.

Two apps the I use a lot, Wine and Cinelerra, both have repositories for 8.04 so it looks like I have everything I need. Overall it feels like a solid release worth of the “LTS” designation.

a

Server Specs:

• Intel Xeon 3220-Quad Core 2.4GHz
• 2GB Generic DDR Memory
• 250GB Western Digital WD Caviar RE 16 WD2500YS

Runs CentOS 5 of course.

I will be posting more on my experiences with setting this thing up in the coming days. I still need to recover from the frustrating episode I had with installing ISPConfig.

a

A colleague brought up one web hosting company the other day. Ultra-cheap packages and impressive numbers make it very attractive to those who are looking to host their site for the first time. I don’t know what bothers me more. Is it the fact that people buy into these bullshit packages? Or the fact that some unscrupulous web hosting companies take advantage of numbers to market their crappy service. To be fair to them (and so you don’t fall prey to them as well), I won’t mention that company here. However, I will take a look at the packages they offer.

Marketing

Here are some of the interesting bits on their hosting packages page:

• 99.9% Uptime Guarantee
• 27/7 Support
• Lowest Latency
• Highest Reliability
• Powerful Servers

Our servers are packed with powerful Dual Quad Core Clovertown Xeon (8 logical CPU’s) machines with 4GB of memory, SCSI drives, and being monitored by sytem administrator 24/7.

Our network having the best network equipment will give you the hightest reliability, lowest latency and 99.9% uptime guarantee.

Cisco Routers & Switches – 6500, 3750, 2900 Series routers and switches with gigabit speeds available from the individual server to the Internet.

Redundant GigE Backbone – Multi-router gigabit connections to the Internap, SAVVIS, VERIO/NTT, Abovenet, and Global Crossing core backbone exchanges located in the INFOMART in Dallas, Texas

Traffic Management & Analysis – Utilizing Peakflow from Arbor Networks coupled with Netflow data from Cisco routers and switches, network engineers continuously monitor the health, reliability, and performance of the network. Historical analysis is critical for demand and capacity planning.

Network IDS, IPS & DDOS – Industry best solutions from Tipping Point are utilized to guard against denial of service, malicious traffic, viruses, malware, phishing, spyware and other types of Internet threats via wire speed detection and remediation coupled with automatic and zero day response.

The datacenter which our servers are housed in is a tier one datacenter facility located inside the well-known INFOMART telecom hotel near downtown Dallas. Specializing in datacenter and hosting facilities, INFOMART is home to multiple datacenters including MCI, Level 3, Equinix, Verio, Switch & Data, Verizon, DataSides, and more. The building sits atop three redundant electrical grids from TXU delivering diverse power to each quadrant of the building. HVAC needs are supplied via five one hundred ton onsite water chillers to deliver N+1 cooling requirements. Home to over twelve switch sites and thirty-five different carriers, INFOMART houses technology and telecom related businesses in a complex communications ecosystem.

• 2000AMPS 480V Input Power
• Parallel 500Kva UPS Battery Backup Units
• 2000Kw Diesel Generator with Onsite Fuel Storage
• Redundant Liebert 20 Ton HVAC Units
• Pre-Action Dry Pipe Fire Suppression
• Digital Security Video Surveillance

At first glance it’s all pretty impressive huh? If you’re impressed then they almost have you at their mercy at this point. Don’t fall for it though. It’s all smoke and mirrors. A company putting up an infrastructure such as this will have spent millions of dollars to set it up. Every web hosting company I have reviewed has drivel like this in one form or another. Surely if they all had “data centers” as they claim on their marketing page, Dallas would be full of these concrete bunkers by now.

The truth of the matter is that these web hosting companies are just copy/pasting specs from the company doing the actual web hosting. More likely these web hosting companies are co-located or have managed servers under companies like RackSpace, Serverbeach, or Softlayer.

It’s not that they’re lying or anything. Since they are co-located or managed by another company, then the drivel also applies to them as well.

The Numbers! They Lie!

Web hosting companies will usually offer several packages with varying price points and features. Usually it all boils down to the following:

• Disk quota
• Bandwidth
• Number of email accounts
• Number of FTP accounts
• Number of subdomains
• Number of databases
• Occasionally, number of support tickets

Here’s a very interesting set of packages from one web hosting company:

Package 1

• Monthly rate – $3.95
• Disk Quota – 1GB
• Bandwidth – 10GB/Month
• Email Accounts – Unlimited
• FTP Accounts – Unlimited
• Subdomains – 10
• Databases – 10 MySQL

Package 2

• Monthly rate – $7.95
• Disk Quota – 5GB
• Bandwidth – 50GB/Month
• Email Accounts – Unlimited
• FTP Accounts – Unlimited
• Subdomains – 20
• Databases – 20 MySQL

Package 3

• Monthly rate – $14.95
• Disk Quota – 10GB
• Bandwidth – 100GB/Month
• Email Accounts – Unlimited
• FTP Accounts – Unlimited
• Subdomains – 40
• Databases – 40 MySQL

Pretty impressive huh? But let’s take a closer look and put ourselves in the shoes of someone who wants to run a web hosting business. First let’s deal with the claim of “Our servers are packed with powerful Dual Quad Core Clovertown Xeon (8 logical CPU’s) machines with 4GB of memory, SCSI drives”. So far I’ve found that the cheapest Dual Quad Core Xeon servers cost around $259 (not including taxes) for a managed server at Softlayer (Rackspace and Serverbeach have them but at $300+). The cheap setup I’m going with does not have any add-ons for storage, CPanel with WHM at additional $25. The Linux distribution is not a factor as all of the offerings are the free distros anyway. Total cost each month to keep the server running is $284.

The server setup is like this:

• Processor – Dual Processor Quad Core Xeon 5310
• Memory – 2 GB FB-DIMM Registered 533/667
• Uplink Port Speed – 10 Mbps Public & Private Networks
• Public Bandwidth – 2000 GB Bandwidth
• Disk – 250GB SATA II

OK. So it takes $284 to run the server each month. Let’s take the most expensive package offering, Package 3. To break even, you need 284 / 14.55 = 18.99 hosting clients. Let’s round it off to 19. That gives you $284.05 per month, with a profit of $0.05. Not enough profit if you ask me. What’s the point of running a business if you don’t turn any profits?!? Let’s up our clients to 25! We get $373.75 a month. That’s $89.75 in monthly profits.

Now let’s turn our attention to resource usage. First off, disk space usage. Remember we have a 250GB disk. The OS will use around 10GB of that for a typical server installation. For 25 clients each requiring 10GB disk quota, we would need 25 * 10GB = 250GB. That would not leave us enough room for our operating system! Let’s say we adjust our purchase and instead of the 250GB disk, we get the 500GB disk. This will cost us an additional $30 each month. So we are left with $59.75 in monthly profits. But now we have a bigger disk, we can accommodate more clients. So let’s assume we have 40 clients. That’s 40 * $14.95 = $598 per month. We have a monthly profit of $284 now and we have 100GB disk space to spare as well.

Now let’s look at bandwidth usage. Let’s say all 40 clients soak up their 100GB per month. That’s already 4000GB, twice as much bandwidth that was allocated for our server. Say we purchase more bandwidth 4000GB is $200 extra. But that would be cutting it really close. So now our profits are cut down to $84 per month putting us back where we started!

I’ve been in the web hosting business once and quite frankly tech support is a nightmare. Especially if you make the mistake of enabling phone-in tech support. Phone in tech support is something that you would outsource and call centers don’t come cheap. So for a budget outfit like the one I’m describing here, it really makes you wonder if it’s not just some fly-by-night company.

Afterthoughts

I have been contemplating on running a small “custom web hosting” shop for 2 years now. I planned to focus on catering to Django-powered sites. But with the recent release of Google App Engine I think it really hit the nail on the coffin for that idea. It’s really not worth the expense and the tech support nightmare.

So far SoftLayer is the cheapest managed hosting I’ve found. I’ve looked at DimeHost but I hear a lot of their IP’s are black listed because spammers used them in the past.

a