***: up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
up_the_irons: test
mhoran: Failed.
up_the_irons: no
***: heavysixer has joined #arpnetworks
toddf has joined #arpnetworks
toddf: just gonna idle till I have ?'s, fwiw
***: heavysixer has quit IRC ()
vtoms has joined #arpnetworks
heavysixer has joined #arpnetworks
toddf: is there by any chance a v6 dns server provided?
obsidieth: i just set up named.
toddf: I'm reinstalling. gonna do a v6 only install for now. ;-)
will just use mine at home, it'll work for resolving a ftp site
by default named listens to v6, just have to add to the clients acl your v6 subnets and we can use the v6 address of your nameservers if you wish to provide that
(suggestion only, no expectations.. *grin*)
***: ballen|away is now known as ballen
toddf: how do I monitor my bandwidth usage?
yes, 'UKC> disable mpbios' and OpenBSD/amd64 -current boots
***: ballen is now known as ballen|away
ballen|away is now known as ballen
ballen: up_the_irons: pwn away, just let me know how you did it
jeev: where are the graphs
ballen: graphs?
jeev: ;/ bandwidth/traffic
ballen: ah, no ide
a
up_the_irons: ballen: got it fully working; it's actually so easy the reason ppl aren't doing it is b/c they are probably trying a harder setup (like i did at first) and it fails
ballen: so lets see the configs
and does it tunnle ipv6 and v4 at the same time?
tunnel even
up_the_irons: ballen: just put "tun-ipv6" in openvpn.conf on both ends, then assign a ::1/64 to tun0 on server and ::2/64 to tun0 on client; you can then ping ::1 from ::2 and vice versa, it's like it is a regular link
ballen: yup, ipv6 and v4 at the same time
ballen: well shit
up_the_irons: ballen: the rest is just regular routing
i'll pastie.. standby
ballen: kk
up_the_irons: ballen: this is Linux <-> Linux, but the idea should be the same on *BSD / OS X: http://pastie.org/603277
uncommented commands are on server, commented ones are on client (this is from my server change log)
ballen: cool
I'll give it a try in a bit
up_the_irons: cool
toddf: doesn't openvpn provide link local v6 addresses?
ballen: need to finish some this document
toddf: well it would on tun interfaces
could route via link local and save the global allocation s ;-)
up_the_irons: toddf: it doesn't, at least not on my setup
toddf: he.net hasn't learned this either btw
ballen: toddf, I haven't seen that
toddf: 'ifconfig tun0' has no fe80:: address?
ballen: right
up_the_irons: toddf: nope
toddf: thats not a real interface then, blech
I am spoiled with OpenBSD it seems
up_the_irons: right, it's not
ballen: tun0 doesn't have a mac address
thats why
toddf: tun101: flags=9943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,LINK0,MULTICAST> mtu 1500
lladdr 00:bd:38:2c:e5:66
priority: 0
groups: tun
media: Ethernet autoselect
status: active
inet6 fe80::2bd:38ff:fe2c:e566%tun101 prefixlen 64 scopeid 0x9
ballen: must be a obsd thing
toddf: this is a link0 setting
which makes it layer 2
layer 3 w/out
up_the_irons: toddf: to answer your questions above -- there isn't a v6 dns server yet (suggestions on setup welcome, I will implement v6 dns soon)
toddf: if your dns server has v6
up_the_irons: toddf: OpenBSD is cool in that way
toddf: just add local subnets to the acl that permits recursion
local v6 subnets anyway
thats about all it takes
well, and telling us luzers what the v6 addy is then
up_the_irons: right, it's just BIND; but I've been meaning to change that out, too many BIND exploits these days
-: toddf grins
up_the_irons: LOL
toddf: yeah. problem is there's not a drop in replacement, some are only recursive, some are only authorative, and some are just plain voodoo
up_the_irons: toddf: and for bandwidth graphs, they are available; just not handed out by default cuz I have no automated way to provision them yet; i'll get you yours and add the info to the portal
toddf: right, i hear ya on that
toddf: so did you do a reinstall by rebooting and selecting to boot the CD ?
toddf: nope, I used bsd.rd
boot> bsd.rd.amd64cur to be precise
install went fine
its just that 'boot> bsd -c' the first time then 'UKC> disable mpbios' and then 'config -ef /bsd' afterwards and 'ukc> disable mpbios' and it seems stable sofar
'the first time' -> 'the first time booting after the install'
once I know the reset procedure after I purposefully hang I'll try booting and 'UKC> enable mpbios' and see if it is still a bug
up_the_irons: toddf: wow, badass work you did there
toddf: I described it in the emails I sent before, 'disable mpbios' is what I hear makes it work
so I tried it, and it worked
now fixing the bug in linux KVM, that would be badass
up_the_irons: hehe
toddf: wonder how that relates to the "setting tty flags" hang
toddf: mpbios does some interrupt routing and things, 'setting tty flags' is where all tty's are accessed and twiddled, so likely it flickers a com interrupt or something
`accessed and twiddled' aka set to sane states via /etc/ttys and correct perms etc
jeev: up_the_irons, where are the graphs
up_the_irons: to anyone who wants their bandwidth graphs, send an email to support@arpnetworks.com asking for it, and we'll add the info to your portal settings
jeev: ^
toddf: roger that
jeev: oh
i dont really care
up_the_irons: and that's why i don't provision them by default ;)
toddf: your bandwidth graph login info is now in the portal
toddf: heh before my email reaches your direction
up_the_irons: oh hah, i meant anyone *else* (was already working on yours) ;)
***: ballen_ has joined #arpnetworks
ballen has quit IRC (Nick collision from services.)
ballen_: nick ballen
***: ballen_ is now known as ballen
up_the_irons: fail
ballen: yep
annoying
up_the_irons: I assume openvpn has to be >= 2.1
at least on the server side
up_the_irons: ballen: not sure, but I am indeed using 2.1
ballen: k
2.0.6 on freebsd
fails with the tun-ipv6 option
up_the_irons: ah
ballen: upgrading
up_the_irons: :)
ballen: best be in ports
oh wtf, 2.0.6 is latest in ports
fixing...
up_the_irons: man, screw that
ballen: ports is wierd sometimes
fecking Shimo is broken in Snow Leopard
Shimo = multi-vpn client
multi-vender
vendor*
also in OS X tun devices take on a mac address
up_the_irons: i've had success with TunnelBlick on OS X (but haven't tried with snow)
ballen: ha, openvpn-devel port
2.1_r19
up_the_irons: there ya go ;)
ballen: ... updating ports
Still getting: Options error: --tun-ipv6 cannot be used with --mode server
***: heavysixer has quit IRC ()
up_the_irons: wth
ballen: I guess my setup is a bit simpler, doesn't use 'mode server' (multi-client)
ballen: it's just one server, one client
***: heavysixer has joined #arpnetworks
ballen: how are you assigning ipv6 addresses
by hand?
up_the_irons: ballen: yeah, just for testing
next step is to see whether I can actually put it in the openvpn.conf file, but i'd think not. instead would probably put it in the client-connect script or w/e
ballen: can't use client-connect with non-server mode
can use up/down though
up_the_irons: good enough
***: vtoms has quit IRC ("Leaving.")
ballen is now known as ballen|away
heavysixer has quit IRC ()
syminet has quit IRC ("Lost terminal")
ballen|away is now known as ballen
vtoms has joined #arpnetworks
heavysixer has joined #arpnetworks
ballen has quit IRC (Read error: 110 (Connection timed out))
ballen has joined #arpnetworks
ballen: ever use dropbear instead of openssh
***: ballen is now known as Guest90106
Guest90106 has quit IRC (Client Quit)
ballen_ has joined #arpnetworks
ballen_ is now known as ballen
mhoran: up_the_irons: Would you be able to set up a bandwidth graph for me as well? (Just reading the backlog ...)
Oh, there's a note. Whoops!
toddf: the instructions in the backlog clearly state support@ *grin*
***: vtoms has quit IRC ("Leaving.")
heavysixer has quit IRC ()
vtoms has joined #arpnetworks
ballen is now known as ballen|away
timburke has quit IRC (Read error: 60 (Operation timed out))
heavysixer has joined #arpnetworks
heavysixer has quit IRC ()
ballen|away is now known as ballen
timburke has joined #arpnetworks
vtoms has quit IRC ("Leaving.")
vtoms has joined #arpnetworks
vtoms has quit IRC ("Leaving.")
mhoran has quit IRC (bartol.freenode.net irc.freenode.net)
Nat_UB has quit IRC (bartol.freenode.net irc.freenode.net)
bigs has quit IRC (bartol.freenode.net irc.freenode.net)
mike-burns has quit IRC (bartol.freenode.net irc.freenode.net)
jeev has quit IRC (bartol.freenode.net irc.freenode.net)
jeev has joined #arpnetworks
mike-burns has joined #arpnetworks
mhoran has joined #arpnetworks
bigs has joined #arpnetworks
Nat_UB has joined #arpnetworks
mhoran has quit IRC (bartol.freenode.net irc.freenode.net)
Nat_UB has quit IRC (bartol.freenode.net irc.freenode.net)
bigs has quit IRC (bartol.freenode.net irc.freenode.net)
mhoran has joined #arpnetworks
bigs has joined #arpnetworks
Nat_UB has joined #arpnetworks
jeev_ has joined #arpnetworks
mhoran has quit IRC (bartol.freenode.net irc.freenode.net)
Nat_UB has quit IRC (bartol.freenode.net irc.freenode.net)
bigs has quit IRC (bartol.freenode.net irc.freenode.net)
mhoran has joined #arpnetworks
bigs has joined #arpnetworks
Nat_UB has joined #arpnetworks
jeev has quit IRC (Read error: 110 (Connection timed out))
mhoran has quit IRC (bartol.freenode.net irc.freenode.net)
Nat_UB has quit IRC (bartol.freenode.net irc.freenode.net)
bigs has quit IRC (bartol.freenode.net irc.freenode.net)
mhoran has joined #arpnetworks
bigs has joined #arpnetworks
Nat_UB has joined #arpnetworks