shmget: my apple airport extreme gives me an automatic 6to4 tunnel; works quite well http://www.politico.com/news/stories/0310/33866.html beautiful :/ and yet the ignorant bafoons which call themselves republicans will still deny it up_the_irons: my apple timecapsule gives me a 6to4 tunnel, which is what I do from home shmget: yeah, same thing its a nice feature they put in I should turn up ipv6 at home again. I was using some free tunnel provider... go6 i think it was called? The configuration on FreeBSD was easy - and it almost immediately configured the other boxes on my network automatically sixxs nice Hurricane Electric also has a free tunnel broker. The only problem is, my router (dd-wrt) doesn't support it... so I will have to lock down my BSD box here. yeah, HE is the largest provider of IPv6 tunnels they even provide full IPv6 routing tables if you peer with them That's slick. Hrm. I need to make sure I know what I'm doing... I kinda depend on NAT for security of my home LAN here. NAT and IPv6 don't really play well together Well I was able to do a tunnel through my ipv4 nat - but as I understand it, all the IPv6 addresses you get are fully routable. IPv6 aims to make NAT obsolete Right Which is why I need to enable a few pf rules on my bsd box before I put the tunnel up ;) yep I gotta figure out how that works. amyeah: nat is nothing more than 'block all; pass out' on the external interface of the firewall in terms of security you get no gain by natting other than obfuscation and pain yep I know what nat is - it's my home network, and i'm damn lazy with v6 you are highly encouraged not to NAT though you unfortunately have that option in places Now, if I had more than 1 IP address routed to me. I wouldn't nat. 'I kinda depend on NAT for security' .. if you say that then you are not of the same mindset as I I nat at home too I don't depend on it for security I use IPv6 more than IPv4 if only openafs had ipv6 ... then I wouldn't need v4 at all I guess I've become complacent. at least you can admit it. I don't even run firewall software on my Windows box. Because it's behind the nat. hah. I've had ```security experts''' tell me that my idea of putting public IP's on windows is bunk for clients of mine even with proper firewalling if you want private addressing for IPv6, use ULA's (rfc 4193) Nah. I don't think I'll do private addressing. What I should do is put another NIC in my BSD box and make it my router. LaTeX and m4 training, baby hahaha. amyeah: or get a managed switch and use vlans .. LOL I like using the more contemporary `` and `` in restructured text (rst) or an openbsd box and use vlans ;) I don't have the desire to spend that kind of money on my home LAN. But I would spend $30 to put additional NICs in my freebsd box. managed switches aren't that expensive unless you're getting gigabit Yeah? 10/100 managed switches are dirt cheap now Jesus. I don't even remember the last time I looked at any kind of non-consumer network hardware. I get nics for $5 at a local monthly thing at the computer show, 10/100mbit intel nics infact I get whole computers including nics from a local bottom feeder who buys surplus auction stuff for $5 nice desktops mind you, not the nice rackmounts nice.aslkjdaskldj crap animal / pet walk on your keyboard? http://bit.ly/aFexoy for $9.99 you can have a 24port 10/100mbit managed switch must be a fish cuz it only touched the home row Nah. I dropped somethin on the keyboard. including vlan support yeah, you get shunned for using an allied telesyn in the data center, but it would do the job at home vlan's, everything I have a rapier 24i at home i have a baystack 24 port 10/100 with PoE at the data center, just to power cameras ;) got it brand spankin' new for $200 supposedly have another one a client is decomissioning last year being sent to me as well, but that client tends to make vaporware promises that come true years later 24 ports of PoE (IEEE compliant too) for $200 is killer cisco ftw! ja, thats the steal of a deal http://www.linux-kvm.com/content/qemu-kvm-012-adds-block-migration-feature hey up how easy is it to get a kvm server up and running? how long is a piece of string? for me, it's pretty easy, but then again i've done it many times over Man. I wish I could get that new TiVo QWERTY keyboard for my TiVo :( So these fe80 addresses. Those are link local? awyeah: yes ping6 -n -w ff02::1%fxp0 -> `everybody bsd based that isnt filtering say hi!' ping6 -n -w ff02::2%fxp0 -> `everybody bsd based that isnt filtering and is a router say hi!' on the local ehternet link that is Gotcha. I really need to do some reading on ipv6. v6 subnets are easy too cidr notation only no netmasks and /64 for the ethernet link local for globally routable addresses is the suggested and commonly experienced norm k. I actually have a tunnel up and running now on my bsd box. Now to set up rtadvd and get it to be a gateway. woot. That setup was actually rather easy. nice um. for ipv6 a records in DNS... it's AAAA right? yup Only thing that sucks. Got lots of latency. what tunnel are you using? Google via ipv4 is ~30ms. Via ipv6... ~200ms he um, fremont. $ ping6 -c 3 ipv6.google.com PING ipv6.google.com(pv-in-x6a.1e100.net) 56 data bytes 64 bytes from pv-in-x6a.1e100.net: icmp_seq=1 ttl=53 time=31.8 ms 64 bytes from pv-in-x6a.1e100.net: icmp_seq=2 ttl=53 time=31.7 ms 64 bytes from pv-in-x6a.1e100.net: icmp_seq=3 ttl=53 time=31.9 ms --- ipv6.google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2036ms rtt min/avg/max/mdev = 31.752/31.823/31.905/0.215 ms Howdy Irons! lucky me, but that's from a vps ;) nite97m: howdy Well, y'know, I'm on roadrunner via time warner cable. It's at least 15 hops before I even get outside their network. :) nite97m: saw your order, you'll get it tonight And there are a couple of hops there that usually add latency, depending. awesome :) awyeah: yeah, if I ping6 from home, it'll be worse (also on TW). but one of my VM's I frequently hit on IPv6 from home, and I can't even tell a difference (actually, it is the VM that hosts my screen session for this very irc :) Yeah but are you tunneling to your own datacenter? :) awyeah: no, it's just plain TW awyeah: w/e tunnel my airport extreme lands me on Does it just do the tunneling for you? like, zero config? i used to actually advertise a public 6to4 tunnel, but then HE or L3 or one of those guys did their own, and knocked my out ;) (that is, it got a lot less usage) awyeah: yeah, it uses the 6to4 anycast stuff; completely automatic I wonder if I can set up my bsd box to do the same thing. Maybe I'll get faster results. is that the 192.88.99.* thing? yup but that won't help you only helps other people to discover your 6to4 relay, which you need to announce over bgp, etc... in your case, it would be better just to set up your own tunnel on your vps your vps has ipv6, so does your home, so connect the two hey that's a good idea. I have about a 90ms to my vps. where do u live? sounds like east coast Ohio. ok 90ms you to me, 30ms me to google, so you're still looking at about 120ms True. almost halves the 200ms though btw quick question. of course tunneling through the vps will use bandwidth... How can I monitor my bandwidth - and what do you charge for overage? 70ms from me to vps vnstat ftw awyeah: send support@arpnetworks.com an email requesting your bandwidth graphs awyeah: generally $0.15 / GB on overage up_the_irons, is HE as cheap as it is in FMT in LA ? http://www.cyberciti.biz/faq/freebsd-install-vnstat-network-traffic-monitor-software/ jeev: i was quoted $4 per meg on 100 oh g4y since you've had the network for a while now? how is it jlgaddis: I may do that - but - I'd like to see my usage as ARP sees it ;) jeev: there OK *they're would you consider it serious value ? irons - any plans to have those bandwidth graphs online in some form? what bandwidth graphs you email support and he'll set you up with it nite97m: they are indeed online now :) jeev: i'd rather pay the premium for level3; it makes a lot of sense for guys overseas was just curious for a potential customer up_the_irons - sent. let me see if I have this straight. trying to figure out ipv6 PTR setup in bind. is it IP6.INT or IP6.ARPA? awyeah: ip6.arpa my reverse zone is: zone "8.f.2.f.7.0.6.2.ip6.arpa" silly bind sheesh. I'm not dyslexic. But when it comes to reversing parts of ipv6 addresses and splitting them .. so 2607:f2f8:7400::/48 is what's assigned to my vps. therefore: zone "0.0.4.7.8.f.2.f.7.0.6.2.IP6.ARPA" { yup :) now. $ORIGIN 0.0.4.7.8.f.2.f.7.0.6.2.IP6.ARPA. and for the actual PTR.. it gets better 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.1 IN PTR 4or6.com. 2.0.0.0.0.0.0.0 IN PTR excelsior6.awyeah.net that's an actual entry for a customer ;) awyeah: i think you need way more zeros :) hrm. I don't feel like I have enough zeroes. yeah. you don't you should have 4 less than me I thought it was FOUR zeroes between the :: ? :: acts as a filler awyeah: no, :: eats all the _remaining_ zeros oh jesus fsking engineers. it's shorthand, so you don't have to do: 2607:f2f8:7400:0000:0000:0000:0000:0000:00000000000000000000000000000000000000000000000000000000000000000000000:1 ;) so in the extreme case... :: is 32 0's awyeah: actually you just need to blame bind for that lousy syntax I thought they were putting together different record types for the DNS RFC's to help with that... been far too long since I was actively working with v6. not for reverse, that i know of AAAA is IPv6 version of A okay. fsck isc engineers :) > server localhost Default server: localhost Address: ::1#53 Default server: localhost Address: 127.0.0.1#53 > 2607:f2f8:7400::2 Server: localhost Address: 127.0.0.1#53 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.8.f.2.f.7.0.6.2.ip6.arpa name = excelsior6.awyeah.net. whoa, shit, sorry for that paste. hehe, np I meant to get that last line only. Sorry 'bout that. rofl haha. I didn't know DALnet had that reputation! although I did akill many many people for excessive flooding back in my day. +++ATH0 ftw oh - btw - speaking of the PTR stuff. Did you ever get chance to do the delegation? I can't remember. friends dont let friends use ubuntui awyeah: i did all delegations as of a couple nights ago gee... A6 buildups look like a blast... just looked at the ticket. I was the one who only gave you one DNS server... you asked me if I was sure :) I updated it with another one. awyeah: aw yeah, maybe i didn't get back to that one nice. up_the_irons: what's the current word on using A6 chains for forwards? nite97m: huh? :) well... ages & ages ago in the early v6 days (least it seems that way), A6 was introduced as a tool for building forward records for v6 dns nite97m: yeah i've never even heard of it basically you have A6 records for various portions of the address, like provider network, subnet, & host, then they get put together for the full address heh - figures :P I've done a fair bit of v6 off and on, but its been off for the most part for the last couple years :P things change fast indeed I've been happy seeing reports of v6 showing up in more places, but havn't had the time to do much.. comcast is starting up v6 trials this year though, so hopefully that will expand out nicely ipv6 traffic increased something like 30x when googled turned on ipv6 for youtube nice seems like its getting much closer to the critical mass needed to start seeing things roll quick. course theres only around 2-3 years worth of v4 space left available to allocate without some reclamation of legacy blocks... nite97m: You mean like all the /8s they handed out like candy? :) yep... all those legacy /8's :) or opening up E space to allocation that'll never work too much equipment out there that'd have to be updated to support it in *theory*, it should be fine, but there are plenty of other issues too... like the evergrowing zero-default table size... growing dfz is indeed an issue at least that will theoretically slow down when there is no more v4 to allocate ;) v6 is supposed to help that... we'll see or, maybe it will spead up as networks fragment their blocks more *speed multihoming is still a bitch, is it not? btw, what's so bad about ubuntu? When I use Linux... I find Ubuntu to be the least pain in the ass :) awyeah: its not bsd? :P same Well. Other than not being BSD :) To tell you the truth, I like Ubuntu on the desktop better than bsd. Don't hurt me though - I prefer Windows 7 even more :( personally, I use lots of different unix. they're all mostly the same :P On the desktop, that is. well... the machine I'm sitting at right now is win7, but I have a fbsd vm if that counts :P windows 7 is pretty 31337 i just wish it looked a little more like win xp though if you like win 7, you'll love openbsd.. since they're forks of one another rofl (i wonder where toddf is) nowadays doesn't seem like i could even get a response out of him jeev: i don't think he cares about your win7 vs openbsd comments win7 has windows classic up_the_irons, too bad. twas fun jlgaddis, there is a classic shell dll, that's what you mean ? i miss the real explorer.exe there's a "windows classic" theme it's what i use jeev: You mean /usr/bin/explorer.exe - at least on openbsd. and um that uses /usr/local/lib/system32/shell.dll ahh yea i know yea wait... I think I saw those files on my firewall it's awesom e If you ever have trouble with explorer not seeing that, just ldconfig, it'll be fine. hahah And if that doesn't work you may need.. um.. /usr/sbin/regsvr32.exe I keep that installed in /usr/local/sbin myself ah yes in other news... fscking blackberry messenger is down and I need to txt my girlfriend. how do u find the total mem from this: Mem: 7904K Active, 131M Inact, 52M Wired, 96K Cache, 34M Buf, 45M Free (freebsd) I don't want to pay per use SMS... but I also don't want to call her. active+inactive+what? hang on i'd add it up i think I think it's just the total with Mem no, it's not ok, let me see Mem: 145M Active, 1558M Inact, 226M Wired, 17M Cache, 112M Buf, 56M Free one of those values I think is a subset of another yea i think it's Inactive and active + free 1759 nope 1985 2002 2097 weird i dunno man i'd just look it up in /var/log/messages :P i know, has always confused me grep real\ memory or sysctl try /usr/local/windows/system32/taskmgr.exe then click on the second tab. can't believe people still use dalnet fuck, if I don't stop this I'm going to start doing that heh So what actually happened with DALnet. sysctl hw.physmem I left there probly around 2002 or 2003 and stopped using IRC entirely, really awyeah: they are still around OT, anyone happen to know if you can do separate backgrounds per monitor in win7? I dunno if you can you can do the slideshow thing I think so. I could plug the tv back into this box and see if I can find the widget to do that http://www.binaryfortress.com/displayfusion/ http://www.flickr.com/photos/jlgaddis/4404917471/ Well I think I have all the setup on my vps done now. (!) does that ever really happen? ... for now heh WOW. I've got to say. This VPS is far faster than DreamHost. God I don't know why I didn't do self-hosting before. I documented my steps. http://bit.ly/9q1mwv sfw? damn, it is haha yeah. I mean I could put a picture of boobs in there randomly. you should i'd add it to my rss list haha I guess that's a way to get hits. pr0n! priz0n is hot