mercutio: Are you aware of any independent security analyis of h2o?
kellytk: no, it's new
i doubt any has been done
it's mostly interesting atm
they don't seem naieve.
but there could still be risk as with any program
It appears to be picking up substantial steam on GitHub
you know openssl must not have had any good security done too
for those long standing vulnerabilities
i'd hate to try and read the source :)
there's an old saying about peer code reviews
Have you worked with LibreSSL?
but pretty much when people are faced with lots of other peoples code they often kind of just push it through
https://github.com/h2o/h2o/commits/master
but when there's small amounts of code they analyse it to death :)
i haven't touched ssl with any of my own code
That's signal:noise showing itself as an important balance I think
openbsd of course has shifted to libressl
Naturally :-)
https://github.com/h2o/h2o/commit/2a6ea3763fe385575006fb2b0f7f76c55dd03126
Github Commit: "implement casper; cache-aware server push using cookie-based cache fingerprinting by Kazuho Oku"
so yeah that's kind of interesting
that's the kind of thing no-one else semes to be paying much attention to
at least that i've noticed
although that stuff matters more for higher latency connections
cdns can make it less significant
By cookie-based cache fingerprinting would that be, for example, a cookie field set containing a hash of the content upon last request?
yeah
even without that it sounds like the client can abort if it already has it
for some use cases, pushing is safer than others too
does 440mb/sec for 3 hard-disk raid10 sound surprisingly quick to anyone else?
Sustained?  I'd say so.  I'm historically a fan of RAID10, but I'm going to try a JBOD+ZFS next.  Have you worked with ZFS mercutio?
well sustained for 3 seconds.
there's zfs on it too but no hdparm
zfs is raidz
 / is raid 10 mdadm
it tried doign a command :)
How do you do a 3-disk RAID10?
partition each disk into two, mirror the halves so no two are on the same disk, stripe across the mirrors? :/
The only way I'd run an odd number of disks in RAID 10 is with the odd disk being a hot spare
But that only works starting at 5
Yes, I'm not speaking to the three disk comment
:)
IMHO RAID 10 starts at four
Yeah I think that's the minimum for a RAID10
brycec: Have you worked with ZFS in production?
Yes
But I'm also stepping out to lunch. later
Thoughts?
Sure
I'm 100% pro-ZFS
More later
I'm just amateur-ZFS
launchctl load ~/Library/LaunchAgents/varietyshow.job.plist
launchctl: not found
:-D
zfs is good stuff
Can hardware RAID contribute anything to a storage model already using ZFS?
slowness :)
not revealing that there is an underlying failure
as in, the raid will still return the right value even if some of the media has failed
yes, you can monitor that at a higher level, but it seems odd to do that.
Oh goodness no! You should never combine hardware RAID with ZFS.
The key is that ZFS itself won't know about drive failure and won't be able to help you out at all.
eg: zfs resliver
Not to mention that ZFS is SO much more flexible.
FYI https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A22.openssh.asc
Geez.  I gotta go from p21 to p24 already?
I just upgraded sunday!
is this remote exploit?
ahh, only known users
brycec: 3 disk mdadm raid 10 just works
it stripes different parts of the disks, you get 1.5 disks worth of rdata
err data
and good read speeds and ok write speds
RandalSchwartz: I thought you'd enjoy "yet another security advisory" :P
there's also the iret exploit byrce
hahaha
I'm not trying to be a comprehensive advisory source :P It just happened to cross my desk (so to speak)
ahh
so I passed it along to the biggest group of FreeBSD users I interact with.
it seems security issues are increasing
i don't think they are though, just people finding them
I still can't fathom 3-disk RAID10. That's just fundamentally impossible (assuming 1 disk = 1 volume)
heh
brycec: it uses whole dsiks as far as partition tables goes
or whole partitions
but it will stripe have of the partition with half from another drive
i did it with zfs once btw :/
by doing it manually with carving up
s/have/half
<mercutio> but it will stripe half of the partition with half from another drive
mercutio: i think it's more people looking for and finding them
which is a Good Thing
Apparently what mercutio is describing is actually RAID 1E. https://en.wikipedia.org/wiki/Non-standard_RAID_levels#RAID_1E
Non-standard RAID levels :: Although all RAID implementations differ from the specification to some extent, some companies and open-source projects have developed non-standard RAID implementations that differ substantially from the standard. Additionally, there are non-RAID drive architectures, providing configurations of multiple hard drives not referred to by RAID acronyms.      Double parity    Now part of RAID 6, double parity (sometimes know
It's interesting.
yeah it's mdadm's non-standard raid1 0
err raid 10
For a brief time in 2013, RHEL allowed you to configure it, but they removed it because it's just so bizarre and it breaks peoples' heads. https://bugzilla.redhat.com/show_bug.cgi?id=888879
well it works especially well for the 3 disk case.
i use far=2, but i think you can use other ways to do it too
because in 3 disk case, it takes single disk failure like raid5, while giving better read/write/random performance
actually it shoudl be slightly reduced write speed compared to raid5, as you have to double up your writes.
also, zfsonlinux is adding large block support, i was trying it out on my server
and it seemed to be slightly quicker with 256k record size than 128k
i don't think i really want to go higher though.
linux also lets you do fancy things like raid1 over 3 hard-disks
Is that "fancy"?
i don't think everythign supports it
sounds like something i wouldn't want
hahaha
i really don't know where to go with hard-disks and raid
for bulk storage, you can do raidz2, 4 disks, 2 parity
but random performance will suck
figure what works for the workload and use that
or you can do two raidz1 3 disk pools striped, but double failures on one raidz can screw you
nothing is really ideal
if you need solid redundancy, target that, better perf, target that
you don't go for ideal, you go for what works for the workload
if you need something that works with every possibility, go ssd raid or something
I have a couple of RAID1+0's that I intend to move to ZFS, just not sure the most ideal zdev for it yet...
m0unds: well now days people want performance, and reliability, and redundancy ..
zfs ssd caching can help long time running read performance, but not really write
s/$ and supermodels, and happiness, and money, and world peace, and free energy, and.../
dammit
i hope that read caching can persist over reboots soon
i imagine that 2.5" disks are going to start getting more common
and maybe that'll mean people can have more hard-disks cheaper
and lower power.
2.5" is kind of a pita for mass storage atm, you have expensive sas disks, ssd's, and laptop hard-disks.
ssd's should displace expensive sas disks in most situations
y'never know, maybe 1tb 10k 2.5" sas disks will get cheap
there's a RAID 1E??
there is a raid 1e, but it's non standard, and not completely the same as mdadm raid10
there's heaps of weird kinds of raid around actually
http://serverfault.com/questions/139022/explain-mds-raid10-f2
oh it's linking to wikipedia but that shows layout for mdadm raid 10
wow
normally 10 on linux works better with two disks even
at least, if you want sequential performance
as raid 1 all only read from one mirror at a time
and from what i understand offset modes are meant to boost shared workloads
channel poll: who would buy a dedi (or vps) if we had presence in the EU?
VPS, please.
I would not, because I have no need of an EU presence. But please don't let me skew the results unfairly.
mike-burns: roger
brycec: roger that
up_the_irons: I would buy a VPS
Has anyone run into an issue with Parallels when attempting to install a FreeBSD guest from .iso where no boot devices are available?
up_the_irons: I wouldn't either, have no need for EU stuff myself
i did, however, just pour myself a nice bavarian beer
m0unds: nice, which one?
ayinger celebrator
came with..a tiny horse
http://www.beeradvocate.com/beer/profile/39/131/ this 'un
Beer Advocate: "Ayinger Celebrator Doppelbock | Privatbrauerei Franz Inselkammer KG / Brauerei Aying"
Does anyone know why brown ales are so uncommon?
eh? lots of breweries do brown ales
i suppose it might depend on where you are in the world, but i've seen them at lots of breweries in the SW US
IPAs are way more popular than browns in my part of the world
yea, it's the dominant style in the western US nowadays
NM has its own class of western US IPA too :)
oops just re-read, I see you said uncommon not common :)
beers styles seem to go in fads
IPAs were the big thing, sours/bretted beers are now pretty popular here
yeah
new belgium's la terroir is a worldclass sour
do want
it's so good
too bad its so expensive to ship beers here :/
yeah
so much good stuff in CA, CO and NM
one of the WA breweries does a fantastic black ipa/cascadian ipa, easily one of the best i've ever had
called octopus ink
do any of the breweries you've been to in NZ do black IPAs? i'm not sure how common they are outside the us
Yes!
we do a West Coast IPA challenge every year here, where each NZ brewery submits an IPA to compete
this year Epic did No Agenda - http://www.ratebeer.com/beer/epic-no-agenda/349452/
hrm they call it a brown ale. I assure you its very black...
Epic also does Apocalypse which is a true black IPA, pretty tasty too - http://www.ratebeer.com/beer/epic-apocalypse-ipa/267920/
ipa are even in the supermarkets.
baylands Enforcer is awesome too - https://untappd.com/b/baylands-brewery-enforcer-black-ipa/387548
Black IPA / Cascadian Dark Ale
That's what she said!!
BryceBot: oh hai
right on
one of our local breweries, bosque brewing, did a 4 beer ipa called "monsoon series" and the final one was a black ipa
ipa series
mmm
we have a group of local brewers who go by the name of the 4 horsemen of the hopocalypse
they do a ridiculous beer every year just cause they can
lol
this years was a triple IPA at 14%
jeeeeesus
sooo good though, they actually managed to balance all the bitterness so it was tasty
but yeah it kinda kicked your butt very quickly
was it super boozy?
I was pretty happen after 300mls
s/happen/happy
<gizmoguy> I was pretty happy after 300mls
haha, i bet
that's wacky abv
biggest one they've done
last years was 11%
but wasn't as balanced
14%?!
funny that they refined it w/higher abv
it's tough to nail that
I think they worked out how to get more malt in there somehow
alcohol content gets higher and it gets tougher to balance out the alcohol taste so it's not entering spirit territory
yeah true
was drinking some mikeller the other week though
black horizon.
I didn't know what happened to my taste buds after that one
man, i wish we still got mikeller here. the distributor who used to bring it here stopped carrying their whole line
wait no it wasn't that one
i loved green gold (i think that's what it was called)
ah it was just the mikerller black - http://www.ratebeer.com/beer/mikkeller-40657--black-tequila-speyside-edition/178448/
18.8%
whaaaaat
hahaha
tequila/speyside infused
and yes it was very much hot alcholo on the palate
i'd rather 7% :/
wow, crazy
if you can get a hold of any of hte mikkeller blacks they are so tasty
so tasty that you want another? and another?
i haven't seen it in a long time, probably 4-5 yrs
That's what she said!!
i'll make a reminder to look at liquor stores when i go up to CO in october, since they get tons of stuff we don't
we did a sort of beer vacation up in durango, co during july
lots of good breweries within walking distance of each other
so when drinking these high alcohol % beers how many do you normally have?
mercutio: you usually have tasters
do you just drink one or two then have normal beer?
~130ml
oh
OH
i thought it'd be like 330ml, or 500ml.
make more sense? :)
hahahaha
the bottles are
but when we do it, we split a bottle between 6 or so
ok that's a bit different
since the bottles are usually $50 a bottle or so
ahh
i'll occasionally have a single 650ml bottle of a 10-12% (usually stone russian imperial stout or similar) and that's it
jeez
pricey
yeah unfortunately we pay a high price to get good beer here :(
@exch 50 nzd to usd
BOOOO
50 NZD -> 32.482149434778 USD (as of Tue, 25 Aug 2015 20:00:08 -0700)
there's a really good Wellington importer
we pay heaps of taxes on alcohol too
need to arrange airships or drones or something
but they're almost too good, they buy refrigerated shipping all the way from the USA to NZ
which costs a bit
wow, that's awesome
yeah the quality is amazing
That's what she said!!
the price not so much
lol BryceBot
heh
and there i go buying cheap beer :)
http://beerwithoutborders.co.nz/
the imports we get from EU end up being ~$15-20 for a 650ml bottle
local stuff at the brewery tends to be $3-6/pint
depending on how fancy it is
http://www.cultbeerstore.co.nz/collections/ipa/products/ballast-point-big-eye-ipa-1
that seems more affordable :/
ballast point stuff is great
their sculpin ipa is amazingly good
and 7% is more reasonable
i'm a big fan of their sculpin and grapefruit sculpin
<3 sculpin
probably expensive shipping
https://goo.gl/photos/69mZkLsoT3jTeD1r9
https://goo.gl/photos/69mZkLsoT3jTeD1r9 -> https://photos.google.com/share/AF1QipOptrg_b2Ug7ruW-FqYOuVoHrirKWCA0OlCejGDoyWfDoYwABO5TFqYYWH7VSSzYw?key=dnFTSElXVnJEeGM1SFRXTk1PS25Sa1YzVmVHdlRR
$6 shipping i suppose not too bad
green flash is good too (looking at the US offerings on that site)
i wonder if there's some sampler pack
wow, some of these mikkeller sours sound amazing
and expensive? :)
i dunno spending $18 on a single bottle of beer seems insane to me
however i look at it
i look at it like a bottle of good wine
i can't have a lot of wines because tons of them are fined w/egg whites and i'm allergic to eggs
heh i buy cheap wine too :)
the most expensive stuff i buy is like $9 for 650ml, and that usually gets put in the beer cooler to age
like the le terroir i mentioned, i typically buy two bottles each release, drink one and cellar the other til the next year's release
well that mikkeller sour stuff was $18 for 355 ml
$9 for 650ml doesn't seem so bad.
it helps that i'm not thousands of km from new belgium :)
could do
but uk is cheaper for shipping than us often
for some strange reason
huh
for normal postal mail stuff
beer problem comes from sea
and could be different
oh, i don't think the US permits alcohol via USPS
more competition maybe
oh right
and i think you have to ship direct from a distributor or wholesaler
so fedex or ups
i was more meaning distance doesn't necessarily dictate cost
i've bought bottles of whiskey online, shipping sucks inside the us too
right
seems like it might to a degree when you can get $50 bottles of beer
alchol shippining within nz is cheap
normal coureirs will deliver it
i think i paid like $20 for overnight fedex from ca -> nm
yeah that's a lot more distance then we have possible here :)
or is it
yeah
i think my state is only slightly smaller than nz
yeah
it's right on the other side of mexico
right?
NM is 85% the size of the land area of nz
oh hangon it's gone to nm, texas
what
you mean new mexico right
yes
nm is the 5th largest state in the us behind alaska, texas, california and montana
@conv 1436km to miles
hmm maybe that doesn't work
892.3 mi
actually using a different city, it's the same distance as invercargill to auclkand
basically
.89 x distance the Proclaimers would walk, just to be the man that walks a thousand miles to fall down at your door
lol
i was using dunedin before
dunedin is more of a major city than invercargill
i think that's around the distance from where i live to LA
actually no
oh, that's direct
789 mi
hey anyone here?
Hi
I have a subdomain question for a vps, i understand how to add a sub domain with host file and apache, i dont understand how to make it any port other then one port at a time
i have tried using * for the port in the vhost file but it didnt work, i am using one sub domain to host a website on port 80, a game on port 25565 and an irc channel on 6676 6680 and 8070
Kysade: this is an apache webserver question. try #httpd
thank you
Kysade: https://wiki.apache.org/httpd/IRC
that page is confusing
noone is on their ill ask in like windows forums or something
thanks for helping tho milki
apache configuration is hard
Kysade: I can recommend nginx if you're interested in an alternative to Apache
ill look into it, thanks
configuration file doesnt even need a port set in nginx, i should convert that seems much easier
Is anyone automating their FreeBSD installs?
Kysade has seen the light!
that was so much easier, everything is working just fine