there are plenty of ways to speak with the IPv4 world if you are IPv6 only internally. and if more folks were IPv6 internally, they'd naturally lean towars 'speaking' natively to the rest of the IPv6 world...and then IPv4 might be relegated to the token ring of history. only problem is IPv6 still kind of sucks. the whole ipv4 vs ipv6 thing is interesting there's a high interest in being "ipv6 ready" but low interest in actually using ipv6 grody: DECT doesn't use the 2.4G ISM band Not in the UK, at least mercutio, if you've got a firewall dropping idle connections, do you know of any way to figure out where it is? so, apparently my host was ddosed over the weekend. gotta love spring break. the host is up but the network route is blackholed. whats the process for getting this back on the network? most places just do like 24 hour block, but this has been down for days now lily: send an email to support n locate /connect OFTC er try that again? mkb: it's usually the modem/router lily: any idea why it was ddosed? efnet haters erk efnet sucks i got ddos'ed on efnet once been there too long to leave because someone wanted my nick yeah I have a channel thats been established for a decade I am a popular target sometimes That's what she said!! ;) efnet sucked a decade ago to too oh sure it's nothing new but last i knew they still hadn't implemented services or any kind of room management correct its the wild west or any way to hide what ip you're using so people get ddos'ed people get ddsed on every network. i haven't been ddos'ed since using efnet? since not using efnet ddos is the internet equivalent of tagging its stupid happens more in poorer areas? heeh I dunno, lots o popular websites get hit too lol mercutio the IP I chat from is ddos protected (on another provider), and they dont usually decide to spray everything in my domain down but its spring break I guess packet party mercutio, it's outbound from ARP mkb: damn i cant' follow now mercutio: the connection dropping oh you're losing connections from arp to somewhere else? inside tmux or such yeah I mean like once a week is it routing via arp, or initiated from arp? from here oh only once a week that could jsut be network glithces lots of adsl modems here used to drop connections after a minute or two idle which could easily be more than once a day if you didn't enable "keep alive" irc has server pings so is never truly idle even IRC drops occassionally. network glitches it looks like Doesn't tmux's default config have a clock, so it's redrawing at least once a minute. my freenode drops about once 1 to 8 weeks once every but sometimes if it drops once it'll drop again shortly after brycec: yeh brycec: but i think he's talkinga bout losing irc connection? well ^Bd brycec, if I ssh from inside tmux that connection could be idle (not that ssh doesn't enable keepalive) like when i'm sick of getting distracted :) heh Very true. I didn't know if you were running tmux on the remote side (s/running/using/) ssh doesn't enable keepalive by default i don't have keepalive enabled anywhere myself. mercutio, man ssh_config, /TCPKeepAlive 'The default is "yes"' it does key renegotiation occasionally, but that's not often enough to stop nat systems that drop connections a lot mkb: oh? But that's not the same as the server ping. That's just a basic TCP keepalive packet right ServeAliveInterval is server ping and that is disabled i think you need tcp keealive enabled in kernel for that? oh it does have that enabled by default too. interestnig. BSD wll do it when SO_KEEPALIVE is set on the socket or the global sysctl is set; I would hope Linux does too i'm out of date it seems :) I just looked at BSD's code this morning :) where are you sshing to from arp? is it to your home or something that has nat and a cheap router? I'm not. I used to use bgp-spamd and the bgp connection would come undone all the time (it keeps a counter and bgpctl show displays it so I noticed... now there's freenode what prompted the question was a connection to arp actually I leave my work computer on and connected and it's invariably disconnected in the night basically most cheap adsl/vdsl/cable/etc routers have really short timeouts to conserve memory at work we've got our own AS and real routers :) memory got raised a while ago, but i think the short timeouts persisted to a degree. but the firewall may be interfering my desktop is still crashing :( i was trying to test ssh connections dying anyway I left it on with TCPKeepAlive no and ServerAliveInterval on so we'll see what that does i'm going to do it from my server :/ ok two ssh's to arp to persist inside a tmux :) i still can't figure out why my desktop is crashing also the ethernet is wedging occasionally, for some strange reason too which seems strange considering it's i217v oh seems like it could be a tso bug from what google says it seems both intel and broadcom seem to acquire a lot of bugs. and are both the generally "preferred" server ethernet adapters. mercutio, get to work implementing the new RFC into your TCP stuff :) scenic routing haha i have not seen, got a link? i've just noticed that on fast hosts, using my own curl instead of curl improves performance significantly i mean i knew it used less cpu and could go faster on really fast networks. i just didn't expect normal fast hosts for it to make a difference of like 10 to 20% or something kind of makes me want to make my curl less ugly :) https://tools.ietf.org/html/rfc7511 Don't forget https://tools.ietf.org/html/rfc7514 damn it needs ipv6 RECN haha something odd on kvr07? my server just went wonky I'll try a reboot how does amazon get away with having such terrible search? yeah - my server still running like molasses sems strange bad network or disk or cpu or what? not sure tracing to kvr07 looks fine (heh, I used to have a vps on kvr07, but no longer) yeah... it seems better now. maybe had a noisy neighbor for a bit first thing that broke was ssh hmm. just got a nagios "total processes" alert maybe I'm getting mail-bombed? (it's our mail machine) is it in swap? looking now no... i've noticed an increase in smtp auth attacks recently in general ssh has had them for ages regularly but smtp used to be much more occassional loadav only 2.35 i like to stay under 0.6 myself :) That's what she said!! of course that's an arbitary number. and bsd has higher load averages than linux etc. total procs only 93 I wonder what my alert is looking for 2.35 on bsd isn't so bad doesn't it tell you? it may have culled smtp processes? I'm just viewing through pagerduty are you using postfix? yes because M4 sucks. :) do you have maxproc set for smtp in master.cf ? hmm. good question it defaults to off but i recommend setting it yeah, that would make sense my personal mail server has it set to 8 buut if lots of users i'd set it a bit higher well it depends i'm going straight through to amavis too so that amavis procesess it before it hits quueue smtpd_client_connection_count_limit=2 i'm also setting that so that any one client can't do more than 2 connections looks like it defaults to 100 so yeah - I can probably crank that back yeah if you do the client connection limit it'll make you get less alerts if one user throws many connections at it if you get 25,000 connections you're screwed whatever you do :) heh welll ddos type from random ip's ok - changed value and "service postfix restart" you only need reload it can take up to a minute for reload to work I'm never sure, especially on master.cf but reload is all you need on most postfix changes simple enough to just restart ok. server seems sensible now. haven't rebooted it in quite a few months though maybe it was just being bitchy anyway... pagerduty is happy again. heh. postfix has heaps of new things i haven't paid attention to the last big change i made is goign straight to amavis instead of going through the mail queue first. I'm using mailroute.info instead haven't heard of it i've been using amavis forever there may be better options now, but don't want to use something external really it's a paid service they have access to information I can't possibly have i don't get much spam i do get quite a few promotions especially from amazon merlyn@stonehenge.com has been very public for two decades and the normal linkedin crap etc. most of my spam comes from google, yahoo etc. ie free email lily: lol "packet party" :) mercutio: and lol for suspecting DDoS happens more in poorer areas ;) up_the_irons: well it was more tagging that happened in poorer areas err happens ddos's on efnet are probably just young kids when i was yonger making free phone calls was popular etc. but now things seem more destructive towards individuals yeah why does windows run out of memory with 32gb of ram on a desktop? bloody braindead. i need a proper target to test on verizon's network, anyone got any ideas? something that doesn't block ping oh, verizon.net :)