[00:03] *** jcv has joined #arpnetworks [00:48] *** kevr_ has quit IRC (Changing host) [00:48] *** kevr_ has joined #arpnetworks [00:48] *** kevr_ is now known as kevr [05:37] ] [05:53] *** tabthorpe has quit IRC (Quit: leaving) [05:55] *** tabthorpe has joined #arpnetworks [05:55] *** tabthorpe has quit IRC (Changing host) [05:55] *** tabthorpe has joined #arpnetworks [07:39] *** mike-burns has quit IRC (Quit: WeeChat 1.0.1) [07:59] *** mike-burns has joined #arpnetworks [07:59] *** ChanServ sets mode: +o mike-burns [11:06] ya im not looking forward to using ipv6. so fucking long [11:11] just use DNS [11:13] ^ [11:14] how would you assign an ipv6 ip to a new machine, before it's even up and has a chance to be configured with dns? [11:14] or maybe it is the dns server [11:14] Plus if you have a brain like mine, it's easy to remember /64 portion [11:14] mus1cbox: SLAAC [11:14] dhcpv6 can register with dns [11:14] or use mdns [11:14] or just stop caring about addresses... [11:14] (i.e. slaac) [11:19] oh [11:19] so you guys are having a fine experience running ipv6? [11:20] static: no-one uses dns on ipv6 [11:20] Huh ^? [11:21] dns reverse lookups bascially don't exist. [11:21] wtf why not [11:21] uh... what? ^? [11:21] mercutio: you trolling? [11:21] because providers never seem to configure it? [11:21] Because... DNS still a thing, including PTR. [11:21] brycec: do some traceroutes over ipv6... [11:22] you'll quickly see 8/10 or more ipv6 addresses have no reverse dns [11:22] lazy providers... Half my v4 hops across comcast don't have ptr's. Doesn't mean nobody DNS' on IPv4 though. [11:22] like tracing www.google.com from arp has 0 dns reverse lookups. [11:22] Nah, it has 1 - google's [11:22] not here [11:23] seems ipv6 is reducing network accessibility for admins [11:23] 11. iad23s23-in-x03.1e100.net 0.0% 6 68.4 68.5 68.4 68.7 0.2 [11:23] http://pastebin.com/raw.php?i=kFTYJ0W6 [11:23] mercutio: That's not a v6 thing, Google suck at adding v4 PTR records as well as v6 [11:25] weird traceroute isn't working with udp or icmp wioth ipv4 [11:25] oh just timing oitu hop [11:25] 10 pa-in-f106.1e100.net (74.125.25.106) 30.763 ms 30.771 ms 30.612 ms [11:25] i got one google lookup [11:25] is it true ipv6 is less secure? [11:26] No [11:26] It's as-secure as v4 [11:26] generally [11:26] mus1cbox: lots of users don't do firewalls on ipv6. [11:26] and were relying on nat for "firewall" on ipv4. [11:26] there are some security/privacy extensions available to v6 too [11:26] As a technology, it's as-secure [11:26] so you may find suddenly you can accept incoming connections when you coiuldn't before. [11:26] It's just the same as before "everybody" was NAT'ing [11:27] there are some neighour exhaustion issues too. [11:27] ah [11:27] (and "everybody" used global v4 addresses) [11:27] what's neighbor exhaustion? [11:27] brycec: yes, but now people have the internet that used to not. [11:27] mus1cbox: it's when your subnet gets scanned and your router struggles to deal with checking out who is there. [11:28] it's kind of like the "too large bridge domain" issue with ipv4. [11:28] http://inconcepts.biz/~jsw/IPv6_NDP_Exhaustion.pdf [11:28] oh [11:28] ty [11:29] does ipv6 improve susceptibility to ddos? [11:29] uhh [11:29] ddos is a complex issue. [11:29] you can trivially overload switches etc. [11:30] it should be fixed sometime. [11:30] the only improvement to ddos susceptibility is that lots of zombie boxes used to attack stuff don't have ipv6 connectivity yet [11:31] hahha [11:31] security through lack of connectivity :P [11:31] m0unds: i thought hetzner etc had ipv6 now? [11:32] mercutio: could be, i have no idea [11:32] but there are still tons of compromised residential machines being used as attack sources [11:32] oh wtf [11:32] this is worse on that gear than i thought [11:32] 1 pps of traffic with random ipv6 source address can full ndp table. [11:32] pps? [11:32] oh that's coming forom inside the network [11:33] packet per second [11:33] you don't mean petabyte do you? [11:33] oh phew [11:33] this is sounding worse and worse :) [11:34] that's on nexus 5500 [11:34] with juniper it's slightly better apparently. [11:34] yes, faster cpu, more ram [11:34] death by 1pbs [11:34] pps* [11:34] yea i think next time i buy networking gear i'll replace cisco with juniper [11:34] so yeah don't use l3 switches for ipv6? [11:34] there are pitfalls with either [11:35] mercutio: yeah, haha [11:35] i hate dhcp [11:35] i hate arp [11:35] not arp networks [11:35] arp the protocol [11:36] YOU BASTARD [11:36] GET OUT [11:36] i hate neighbour discovery [11:36] i hate my neighbors [11:36] m0unds: choosing a name like arp networks, you have to expect some confusion [11:36] heh [11:36] mus1cbox: i know it [11:36] i actually kind of think there should just be a secure key between ethernet devices [11:36] with maximum advertised ip's etc./ [11:37] and dynamic routing type stuff with filters. [11:37] and cut out bridging type systems [11:38] but if using neighbour discovery you could still limit individual users to using too many addresses etc [11:42] there's a discussion on nznog about ipv6 prefix size to allocate to end users. [12:37] what's the thinking? [13:16] not much currently. [13:16] not the best time of year to get responses :) [13:17] whenever i see an interesting post i hope people have interesting replys. but often the good posts don't get many answers. [13:21] i'm about to redo my raid... fun times. [13:22] going from 3 to 4 drives and new raid array is going to be slightly annoying [13:22] as don't have enough sata ports :( [13:35] *** novae_ has quit IRC (Ping timeout: 265 seconds) [13:40] *** novae has joined #arpnetworks [13:46] do you use zfs? [13:46] yes [13:46] and mdadm [13:46] i'm using mdadm in raid 10, and zfs in raid-z [13:47] but going to do raid 10 for both i think [13:47] but raid 0 for bulk storage. [13:47] and just backup over network to hard-disk system [13:47] this is ssd only :) [13:47] only got 3x120gb atm though [13:47] and upgrading to 2x250 and 2x480 [13:48] trying to decide on layout.. i'm thinking like 32gb for mdadm per disk, 4gb for swap, 16gb for proxy, 200gb for zfs [13:48] maybe 192gb for zfs, i have to short stroke a bit more the 250s i think. [13:49] then like 220x2 extra for zfs raid 0 [13:50] fuck it i'll just do the root first :) [17:22] i hate grub [17:29] +1 [17:37] lilo felt so much easier [17:45] JC_Denton: does lilo support uefi? [17:46] i probably should research other boot loaders. [17:49] no it doesn't [18:07] elilo does [18:07] @wiki elilo [18:07] LILO (boot loader) :: LILO (LInux LOader) is a boot loader for Linux and was the default boot loader for most Linux distributions in the years after the popularity of loadlin. Today, most distributions use GRUB as the default boot loader. Overview LILO does not depend on a specific file system, and can boot an operating system (e.g., Linux kernel images) from floppy disks... http://en.wikipedia.org/wiki/LILO%20%28boot%20loader%29 [18:37] * dne prefers syslinux - recent versions have EFI support [19:12] interesting. [19:12] i really just want to be able to select a few different kernels to boot [21:14] how many people will stop following me on twitter, if I tweet about a powershell post? :P [21:51] heh [21:51] only one way to find out :) [21:51] Timing buffered disk reads: 4660 MB in 3.00 seconds = 1552.74 MB/sec [21:51] nice and fast raid :) [22:01] *** SpeedBus has quit IRC (Quit: SpeedBus@CrownCloud.net) [22:13] https://www.youtube.com/watch?v=sV_bDXgeg7Q [22:13] YouTube People: "Counterfeiting : Documentary on the Business of Counterfeits and Knock-Offs" by The New School (1h 35m 17s), 892,712 views, 2,727 likes and 256 dislikes. Uploaded 2013-10-01T03:56:12.000Z. [22:14] interesting watch, esp for anyone who takes pharmaceutical drugs [22:25] hahaha, i got a ps3 eye camera for doing head tracking in ARMA and flight sims [22:25] my wife was freaked out moving her head and having it pan the view around [22:31] step 1. step 2, Fabio. [22:31] (http://www.fabioifc.com/) [23:20] that does sound a little disorientating [23:40] uh oh i'm reading slashdot again. bots are scanning github to steal amazon ec2 keys. [23:41] how could that be, git users are soooo smart [23:41] heh