<!-- Some styling for better description lists --><style type='text/css'>dt { font-weight: bold;float: left;display:inline;margin-right: 1em} dd { display:block; margin-left: 2em}</style>
***: schmir has joined #arpnetworks
<br> schmir has quit IRC (Remote host closed the connection)
<br> schmir has joined #arpnetworks
<br> LT has joined #arpnetworks
Wraithan: Well I am sort of in my system lol
<br> kernel doesn't seem to provide virtio out of box
<br> but I got my bootloader setup right... so now it is just a matter of getting my kernel setup righ
***: Wraithan has quit IRC (Quit: WeeChat 0.3.2-rc1)
<br> Wraithan has joined #arpnetworks
Wraithan: on my ARP vps
<br> sort of :)
<br> exit
***: Wraithan has quit IRC (Client Quit)
<br> Wraithan has joined #arpnetworks
<br> Wraithan has quit IRC (Client Quit)
<br> Wraithan has joined #arpnetworks
Wraithan: kernels take entirely too long to compile
***: schmir has quit IRC (Remote host closed the connection)
<br> schmir has joined #arpnetworks
<br> ziyourenxiang has joined #arpnetworks
cedwards: <u>Wraithan</u>: bummer
***: LT has quit IRC (Quit: Leaving)
<br> cedwards has quit IRC (Quit: leaving)
<br> cedwards has joined #arpnetworks
<br> fink has joined #arpnetworks
<br> vtoms has joined #arpnetworks
<br> schmir has quit IRC (Remote host closed the connection)
<br> schmir has joined #arpnetworks
<br> schmir has quit IRC (Remote host closed the connection)
<br> ziyourenxiang has quit IRC (Quit: ziyourenxiang)
Wraithan: Well I am on my ARP vps, chrooted in from the liveCD and it is running fine lol
<br> Hopefully I'll hace an hour or two tonight to get it working the rest of the way
***: schmir has joined #arpnetworks
<br> fink has quit IRC (Quit: fink)
<br> Wraithan is now known as wizzo`s_fizzo
wizzo`s_fizzo: Jeez you guys talk too much, I can hardly keep up with the conversations
<br> slow it down already!
cedwards: sorry :(
***: wizzo`s_fizzo is now known as Wraithan
Wraithan: forgot I changed my nick
<br> <.<
***: schmir has quit IRC (Remote host closed the connection)
<br> schmir has joined #arpnetworks
BarberRonny: a
<br> whoops
dxtr: Uhm. Why did this ice cream taste like snus?
<br> That
<br> That's horrible
mike-burns: What's nu?
dxtr: Oh, you're american? :D
<br> But you have snus in the states nowadays
<br> http://en.wikipedia.org/wiki/Snus
mike-burns: Ha, I assumed you were making a pun along the likes of "my roommate is wearing her updog around the apartment".
CESSMASTER: Uhm. Why did this ice cream taste like anus?
dxtr: Wat?
CESSMASTER: But you have anus in the states nowadays
dxtr: <u>CESSMASTER</u>: Perhaps you had it in your anus?
CESSMASTER: http://en.wikipedia.org/wiki/Anus
***: nukeAFK has quit IRC (Ping timeout: 248 seconds)
mike-burns: Haha.
CESSMASTER: nsfw probably
<br> oh, not anymore
dxtr: http://en.wikipedia.org/wiki/Human_anus
<br> :D
CESSMASTER: there used to be an actual photo of a human anus
dxtr: There are two nowadays
<br> Didn't you see the discussion about that?
CESSMASTER: no
dxtr: Some people didn't want a shaved ass because it didn't look natural
<br> And some didn't want a male anus
CESSMASTER: hahahahhahaha
dxtr: http://en.wikipedia.org/wiki/Talk:Human_anus
<br> There
<br> :)
<br> http://en.wikipedia.org/wiki/Talk:Human_anus#Endless_image_contention
<br> More like that
<br> That would bring it around full circle to where it's been a couple of years. We had a cropped, shaved, bleached porn-anus in this article for a while, it was determined unsuitable (and a copyvio) and replaced with the current hairy man-hole. All we need is a neutral-looking and not-overly-hairy, suitable for an anatomy text
<br> I have actually considered taking a photo of my own anus for the article (as far as I am aware, mine is pretty typical) just to put an end to this. Unfortunately, I don't think I'll be able to hold the camera at the right angle to get a decent shot. :( If you take a close look at the 'porn' anus in hi-res, it doesn't actually appear to have been shaved or bleached.
<br> Yeah
<br> I think you get it
<br> please remove picture of male anus and replace with female anus Fartbarker 22:44, 28 January 2007 (UTC
CESSMASTER: hahahahahahahaha
dxtr: This arguement is ridiculous....if you don't want to see an anus, be it male or female or hairy or not so hairy...um don't come to this page? Yeah...now if you want to see a female anus to masturbate to for whatever reason, how bout you go find a porn site? The gender of the person with the anus does not matter. An anus is an anus is anus. Deal with it. Don't want to see it, ...
<br> ... don't go to the anus page...
<br> Are aliens coming to this page? Anyone from the animal kingdom who isn't human? We don't need photos of anuses, ok? We just simply do not. It's gratuitous, inappropriate, nearing pornographic and quite ridiculous. Everyone has an anus and they know what it looks like. If an image is *absolutely* necessary, i think i diagram or drawing would suffice. 71.232.108.228 07:01, 23 ...
Wraithan: Er
dxtr: ... March 2007 (UTC)
<br> Hahahaha
Wraithan: if folks want to read it
<br> they can go to the page.
dxtr: They can?
CESSMASTER: http://commons.wikimedia.org/wiki/Category:Sex_drawings_by_User:Seedfeeder this is what i was talking about
<br> half of these aren't even linked to a wikipedia article
jdoe: they probably were.
<br> after they went through the first copyright violation/sharia law purge, they replaced a lot of the sex article pictures with drawings (and occasionally in non-human flesh tones)
<br> I think they stopped doing that.
dxtr: http://en.wikipedia.org/wiki/Talk:Human_anus#Artificial_anus <- Haha, read that :D
***: nukeAFK has joined #arpnetworks
Wraithan: http://www.wolfire.com/humble
***: vtoms has quit IRC (Quit: Leaving.)
-: jdoe stabs dns.
***: fink has joined #arpnetworks
<br> sroute has quit IRC (Quit: WeeChat 0.3.0)
<br> amdprophet has joined #arpnetworks
<br> amdprophet has quit IRC (Remote host closed the connection)
<br> nukeAFK has quit IRC (Ping timeout: 268 seconds)
<br> william``` has joined #arpnetworks
-: cedwards steps away for the afternoon and comes back to talk of anuses. wtf.
Wraithan: A thing that is a bit problematic (could just be configuration stuff from what I am reading) is that my VPS is only showing one core?
cedwards: <u>Wraithan</u>: both of mine show the same
Wraithan: :(
<br> The dual 4 core servers made me think I'd have multiple cores, even if it was 2-4 (4 seems standard these days for VPS)
william```: don't arpnetworks vps only have a single cpu?
Wraithan: Yeah, just found that out
<br> which could be problematic
william```: little weird if you're used to linode/slicehost
<br> :)
<br> unfortunately, neither of those offer bsd...
-: Wraithan doesn't care about the BSD offerings lol
Wraithan: <u>up_the_irons</u>: So the servers are multi-core but the VPSs only get access to a single core?
<br> brb
***: Wraithan has quit IRC (Quit: WeeChat 0.3.3-dev)
<br> Wraithan has joined #arpnetworks
cedwards: I understand it as a single, dedicated core whereas the others are multiple, shared cores.
Wraithan: Yes, but having it as a single rather than multiple means if I go to compile a package I could bring my webservices to a halt/crawl
william```: you can nice the compilation process
<br> give it a priority of 20
Wraithan: I have to make sure I do anything that could be detrimental as nice, which is a hassle
jdoe: it's not a dedicated core, is it?
***: ballen has joined #arpnetworks
<br> ChanServ sets mode: +o ballen
jdoe: presumably it's a ... single core that you get some slice of as determined by scheduling on the host.
Wraithan: william```: Yes I know but I compile packages weekly, among other things that are CPU intensive
william```: why do you have to compile things weekly? o.O
<br> are you running gentoo or something? :)
Wraithan: No, but I run cutting edge on several packages
jdoe: ... or freebsd, or openbsd ;)
Wraithan: Every 3 weeks is a new kernel release, that I will have to compile, I am running trunk of python 2.7 for a couple of my projects, and trunk of python 3.2 for some other stuff
william```: ouch
Wraithan: Once 2.7 is official I wont have to compile it anymore, but until then I need to be tested against the latest so I can confidently push a release on 2.7 as soon as 2.7 is stable.
cedwards: I compile all my ports on FreeBSD and I haven't seen any issues yet.
Wraithan: Does your system default to nice'ing the compilation?
<br> Btw, recompiled kernel makes my system work 100%
william```: what was happening before you recompiled it?
Wraithan: hanging because virtio was a module, not compiled in.
william```: :(
Wraithan: scp is amazing :)
cedwards: rsync is more amazing?
william```: not the same thing
***: nukeAFK has joined #arpnetworks
<br> Wraithan1 has joined #arpnetworks
<br> Wraithan1 has quit IRC (Client Quit)
<br> Wraithan1 has joined #arpnetworks
<br> Wraithan has quit IRC (Quit: WeeChat 0.3.2-rc1)
<br> Wraithan1 is now known as Wraithan
<br> schmir has quit IRC (Ping timeout: 245 seconds)
<br> nukeAFK has quit IRC (Ping timeout: 248 seconds)
<br> Nat_UB has quit IRC (Ping timeout: 268 seconds)
<br> Nat_UB has joined #arpnetworks
<br> nukeAFK has joined #arpnetworks
cedwards: so I'm playing around with FreeBSD in KVM locally. Can anyone tell me how to activate console access, like is available at ARP?
***: heavysixer has quit IRC (Quit: BAMPF!)
Nat_UB: <u>cedwards</u>: Think he uses an actual serial console...but I know zero details
<br> :)
up_the_irons: <u>cedwards</u>: -serial telnet:127.0.0.1:<port>,server,nowait
<br> <u>cedwards</u>: then telnet to localhost and that port
Nat_UB: Or that.... hehehe
up_the_irons: <u>Nat_UB</u>: looks like an actual serial console, doesn't it? ;)
***: heavysixer has joined #arpnetworks
<br> ChanServ sets mode: +o heavysixer
Nat_UB: yes...rather neat implementation
up_the_irons: thanks
<br> I credit toddf for pointing me in the right direction and providing hints / tips
cedwards: looks like I'm close based on this: http://www.freebsd.org/doc/en/books/handbook/serialconsole-setup.html
<br> I can see the boot output, but can't yet login.
***: nukeAFK has quit IRC (Ping timeout: 268 seconds)
up_the_irons: <u>cedwards</u>: you need to run a getty on /dev/ttyu0
<br> or ttyd0 (FreeBSD 7.2 and below)
cedwards: that might be my problem. I setup ttyd0, but I'm running 8.0.
<br> I'll try ttyu0
up_the_irons: 8.0 uses uart(4) by default, not sio(4), so yeah, you'll need ttyu0
cedwards: (I'm testing this on Ubuntu 10.04 using virsh console and virt-manager)
up_the_irons: nice
<br> should have the serial fix in it then, and you'll have no problems
cedwards: Edit /etc/ttys and change off to on and dialup to vt100 for the ttyd0 entry. Otherwise a password will not be required to connect via the serial console, resulting in a potential security hole.
<br> that is from the handbook. you say just change ttyd0 to ttyu0 and it should work for 8.0?
up_the_irons: yes
<br> handbook must not be updated for 8.0 yet
Wraithan: <u>up_the_irons</u>: the VPSs are all single core?
up_the_irons: <u>Wraithan</u>: yes, unless you order more ($2 per core)
Wraithan: Ah I was not aware... maybe I didn't notice
<br> <u>up_the_irons</u>: would I send an email to support@ in order to request the extra(s)?
up_the_irons: most are happy with just a single core
<br> <u>Wraithan</u>: yup
william```: what is the max number of cores you can have on a single vps?
Wraithan: Heh, i use my vps for multiple things, which need the ability to be spread out on different cores
cedwards: for documentation sake: I added 'console="comconsole"' to /boot/loader.conf and made the above change to /etc/ttys.
up_the_irons: william```: 8
william```: so that is baseline vps price + $14 (7 additional cores) per month?
up_the_irons: <u>cedwards</u>: i find it a little easier to just "echo "-D" > /boot.config"
<br> william```: yes
william```: cool, noted :)
up_the_irons: np
william```: what is the average response time for support tickets?
<br> i'm looking to migrate off of linode to arpnetworks entirely
up_the_irons: william```: depends on the request
william```: root pass reset :-)
cedwards: <u>up_the_irons</u>: ohh, now you tell me. pfft.
fink: <u>up_the_irons</u>: do you guys cater?
up_the_irons: vps reset (format / reinstall) is usually like 24 / 48 hours
-: fink is hankering for some choco cupcakes
william```: <u>up_the_irons</u>: it requires a reinstall to reset the root pass? o.O
up_the_irons: william```: not applicable -- you can reset your root password on your own in single-user mode -- http://support.arpnetworks.com/faqs/vps/what-is-supported
<br> <u>fink</u>: only cupcakes
william```: oh, great
<br> thanks
up_the_irons: william```: no no, just giving an example of support request ;)
william```: i'll make sure i log in more than once every 1.5 months so i don't forget in the future :)
<br> i still do 99% of my stuff on linode :-/
fink: lamenode
up_the_irons: LOL
william```: they're ok, but... linux
-: william``` stabs himself in the face
up_the_irons: never used them, but hear they are a pretty decent provider
<br> probably one of the top
william```: having choice of five datacenters is cool
up_the_irons: i bet
william```: and their support is good
cedwards: they need to move away from xen though or they'll be stuck on dying tech
up_the_irons: yeah, their higher prices can afford staff :)
<br> <u>cedwards</u>: yes, srsly
william```: haha, not a jibe, just an observation :-)
fink: if you guys had cupcakes you would leave lamenode in the lamelagoon
cedwards: we've been talking a lot about virtualization at work and I've simply told them to wait until kvm is well-done.
<br> no point in starting things out on xen, and having to rebuild later.
Wraithan: <u>cedwards</u>: we are using kvm at work right now
up_the_irons: william```: right, didn't take it as a jibe, was also just observing ;)
william```: :)
cedwards: <u>Wraithan</u>: I just got a Dell R900 to start testing with.
<br> <u>up_the_irons</u>: so I removed my previous changes and tried simply "-D" in /boot.config. The console stalls out at trying to mount root from ufs:/dev/ad0s1a
up_the_irons: <u>cedwards</u>: that's probably just the end of it writing; the next will be getty
Wraithan: We have a custom built server, pretty nice gear in it... I mainly just bring it to it's knees while I am doing a naive first pass of stuff though
<br> go go 1600 queries to render a single page!
up_the_irons: <u>cedwards</u>: i'd say kvm is already well-done. I've replaced Xen completely with KVM at this point. Things work even *better*
william```: 1600 queries? o_o
cedwards: <u>up_the_irons</u>: we're mostly a RHEL shop, so I've been kind of just holding out for KVM to be provided there in RHEL6 (although I think they offered it in 5.5 too)
ballen: whens RHEL6 supposed to be out?
<br> or 5.5 for that matter
Wraithan: william```: you've never done a naive first pass with a ORM, without any optimization in mind?
-: Wraithan ponders when RHEL will die.
<br> Wraithan hates it.
ballen: never will
up_the_irons: <u>cedwards</u>: i c
ballen: its a decent version of Linux
Wraithan: No it isn't
william```: <u>Wraithan</u>: i use an ORM daily :-)
ballen: especially if you have a large enterprise site license
Wraithan: It is the reason good projects have to support old garbage
ballen: if you have a kickstart server setup, local yum repos, etc
Wraithan: They still support Python 2.3
<br> or maybe JUST phased it out, I forget
ballen: they're plenty of ways to get around old versions
<br> just like you would in Solaris
Wraithan: Yeah, typically it is hacks to make it work on old versions as well as new
<br> it makes for shit code because you have to support something so old.
up_the_irons: Anything RH-based gets hacked
ballen: well anything CentOS gets hacked
<br> RH is less worse off
up_the_irons: nah, all my RH servers got hacked, i've never run Cent
ballen: plus it has a lot of industry support as far as paid apps go
Wraithan: Plus (in my very limited experience with it) making RPMs SUCKS
ballen: yes RPM's are lame
<br> just saying its not as bad as most people thing it is
<br> as is most things
***: nukeAFK has joined #arpnetworks
ballen: think*
Wraithan: I'm just saying setups like RHEL are part of the reason why technology isn't moving forward as fast as it could.
up_the_irons: making RPMs sucks, but so does making .deb's
<br> they all suck
Wraithan: <u>up_the_irons</u>: that is why you make PKGBUILDs
<br> they don't suck
up_the_irons: been meaning to look into Arch Linux pacman stuff; it seems a lot simpler
ballen: Arch is good
<br> and yes pacman is wicked simple
<br> but
<br> Arch is bleeding edge
<br> no matter what
<br> compat be damned
Wraithan: <u>ballen</u>: http://www.archserver.org/
up_the_irons: i like *BSD package stuff as well, since they are mainly just tarballs
Wraithan: <u>up_the_irons</u>: arch recently moved to using tar.xz's for packaging :)
<br> tiny downloads
up_the_irons: nice
ballen: arch server is interesting, but if I really have my choice I'd just pick FreeBSD
<br> no reason to use Linux
<br> for most things
Wraithan: I've never (directly) used *BSD and could say the same thing about it.
up_the_irons: it's all about taste
Wraithan: Yup
ballen: well theres certainly ease of use
<br> and FreeBSD has a lot of that
Wraithan: I said something smart the other about it
up_the_irons: <u>ballen</u>: yeah but FreeBSD is difficult for those who are used to something else
<br> everything is hard when you don't invest the time
<br> if you learn it, it becomes easy
Wraithan: :)
ballen: hah, yeah buy X is difficult for those who are used to something else
Wraithan: Arch is very easy!
ballen: but*
Wraithan: L(
<br> :)
up_the_irons: <u>ballen</u>: yeah
Wraithan: http://www.lessthanthreesoftware.com
<br> now running on ARP
up_the_irons: ease of use is relative to the user, let's just put it that way
<br> so, again, it comes down to taste
ballen: true
Wraithan: <u>up_the_irons</u>: put in the request for the extra cores :)
<br> I find windows hard to use.
ballen: meh whatever, use whatever the hell ya want
Wraithan: Same with OSX
ballen: is my opinion
Wraithan: my hands don't flow!
<br> (nor does the spice)
ballen: unless it affects my production systems I don't care
william```: osx is a fully-certified unix :-)
up_the_irons: hehe
fink: i love osx with macports
william```: sudo port install slime +sbcl :-)
Wraithan: Eh, I use a highly customized WM... even other linux systems are hard to use
fink: freebsd is a "real" unix, it seems to me
Wraithan: william```: yous a lisp hacker?
up_the_irons: <u>Wraithan</u>: which WM?
Wraithan: <u>up_the_irons</u>: xmonad
up_the_irons: i use xmonad, which is pretty geeky
<br> LOL
Wraithan: :D
up_the_irons: xmonad is da bomb
<br> "Powerglove and Sonta Arctica" <-- typo
Wraithan: <u>up_the_irons</u>: I'm friends with dons, go to talks at his office every other week or so
william```: <u>Wraithan</u>: sometimes, i'm also learning Haskell, but i write Ruby for a living
mike-burns: Me toO!
william```: dons is a major dude
fink: omg we have so much in common!
mike-burns: omg do you like bsd too?!
Wraithan: no.
fink: omgomgomg
Wraithan: er
<br> yes <.<
<br> >.>
mike-burns: Ha.
fink: like whatever!
Wraithan: william```: Ah, I am mostly a python coder (pays the bills) but lisp and haskell in my freetime
william```: nice :-)
<br> i work on a large rails application for a living
Wraithan: Though truth be told I like python quite a bit
up_the_irons: lol, this is making my browser barf:
<br> host www.lessthanthreesoftware.com
<br> www.lessthanthreesoftware.com has address 206.125.170.2
william```: 160 models :|
up_the_irons: www.lessthanthreesoftware.com has address 74.204.234.252
Wraithan: william```: large django app
up_the_irons: changing IP
mike-burns: I've realized that Haskell is tricky because of the non-code parts of it are foreign. Things like documentation, finding a job, socializing events, and so on are very different than what the industry is used to.
fink: <u>Wraithan</u>: me = python fanboy
Wraithan: <u>up_the_irons</u>: linode is doing that, I shut off their DNS stuff but it is being bothersome
up_the_irons: <u>Wraithan</u>: roger
william```: yeah, i don't use linode's dns offerings
Wraithan: I used to.
william```: i take it they're bizarre?
mike-burns: I work on many large Rails applications for a living.
Wraithan: Nah, it was pretty straightforward, but I deleted my entries but they are still being propagated from there
ballen: <u>up_the_irons</u>: you should peer with Comcast
up_the_irons: <u>ballen</u>: don't i wish
Wraithan: One large Django app, many small django apps for me
william```: mike-burns: did your predecessors understand how indexes in a rdbms are supposed to work? :-/
ballen: have to hit level3 and mzima before Arp
up_the_irons: <u>ballen</u>: i'm ready and willing, but they'll give me the finger ;)
mike-burns: william```: Absolutely.
william```: i envy you :(
up_the_irons: <u>ballen</u>: i will probably get level3 direct next year
ballen: whys that, seems like generally everyone should be willing to peer
up_the_irons: <u>ballen</u>: but it's not like the mzima hop really adds much
mike-burns: william```: We don't believe that indexes are an optimization; we believe that it is a bug to leave them out.
ballen: also peer with Es.net :-)
william```: mike-burns: i found a query that would occasionally run via a cronjob on our site that did a table scan of 26 million rows
<br> took 500-600 seconds to run
mike-burns: Ha.
up_the_irons: <u>ballen</u>: ah, no. there's a lot of politics to it. the smaller networks will peer, yes, no problem. but larger ones want minimum traffic, ratio requirements, etc...
ballen: hmm
up_the_irons: <u>ballen</u>: es.net i think is pay to play
ballen: hmm, shouldn't be all their main goal is to serve the DOE labs
up_the_irons: <u>ballen</u>: but i thought one of _my_ peers already peered with them, so it was like one more hop
ballen: yea es.net to you is quite fast
<br> es.net to comcast is slow
<br> which is annoying as hell
<br> anyone ever play with GridFTP
up_the_irons: <u>ballen</u>: i might have been thinking of someone else. es.net appears to have open peering now that i looked it up, but they are not on any exchange that i'm on
ballen: yea Es.net should be fairly cool, if you ever need to get a hold of anyone there let me know
up_the_irons: ah, PacificWave was pay to play, and they have ESnet as a member
<br> <u>ballen</u>: sure, i will, thanks
***: nukeAFK has quit IRC (Ping timeout: 260 seconds)
Wraithan: <u>up_the_irons</u>: dns should be fixed
<br> heh
<br> er
<br> nvm
<br> www still has 2
<br> wtf
up_the_irons: dns caching is a bitch
william```: wild
up_the_irons: actually, caches in general are a bitch
<br> 7:30 already.. time to go home
ballen: anyone in Cisco world know when the 2960S switches will be available?
mike-burns: "There are only two hard problems in Computer Science: cache invalidation and naming things." - Phil Karlton
william```: and random number generation
<br> you don't want to be in a state of sin, do you? :)
mike-burns: Is sin a state between solid and liquid?
william```: "Anyone who attempts to generate random numbers by deterministic means is, of course, living in a state of sin." --John von Neumann
<br> :)
mike-burns: Ha, well played.
william```: speaking of that, i have this thing called an "entropy key"
<br> which keeps your entropy pool on linux systems maxed out
<br> using an overloaded transistor or something
mike-burns: Sounds fancy.
william```: i should get that freebsd driver book and write a driver for it :)
<br> it substantially decreases ssh/ssl handshake times
mike-burns: I had no idea. Faster things are nice; you should do that.
william```: when i have some free time :(
Wraithan: william```: what is free time?
william```: what i have too much stuff slated for ;)
Wraithan: If you have stuff slated to used it, is it still time that is free?
william```: hmm, good point
<br> i guess it's more "personal time" than anything
Wraithan: lol
<br> http://www.entropykey.co.uk/
<br> neat idea
william```: yeah, it's cool
<br> boot off an ubuntu live cd, install that, dd if=/dev/random of=/dev/sda
<br> then the system doesn't have to fill its own entropy pool with psuedorandom data
<br> so overwriting a disk with random data takes hours, not days :P
Wraithan: I never really do that
<br> I can't recall ever selling a harddrive
***: amdprophet has joined #arpnetworks
william```: i iamgine most people who don't do full disk encryption don't
Wraithan: They die before that
william```: imagine*
Wraithan: Ah, yeah, I don't do that
ballen: Full disk encryption is generally a pain in the ass
Wraithan: my laptop isn't a security risk, all it has is personal code on it
<br> ballen++
ballen: we use WinMagic SecureDoc
<br> which appears to do what it advertises
<br> only a marginal slow down in a new Macbook
william```: pgp's wde is pretty nice, too
ballen: yea
william```: i've only used it on osx, though
<br> work laptop :)
ballen: yep
william```: the fact that you're forced to use AES-256 makes me uncomfortale though
<br> uncomfortable, even
-: jdoe shrugs.
***: nukeAFK has joined #arpnetworks
fink: i use encrypted disk images
jdoe: coming from the dude who trusts his rng to an overloaded transistor? ;)
***: jahshua has quit IRC (Quit: leaving)
william```: well, it's more random than the alternative :)
***: aem has joined #arpnetworks
<br> aem is now known as jahshua
<br> mtve has quit IRC (Ping timeout: 246 seconds)
<br> mtve has joined #arpnetworks
<br> jahshua has quit IRC (Quit: leaving)
<br> boogeyman has joined #arpnetworks
<br> jahshua has joined #arpnetworks
<br> jahshua is now known as nesta
ballen: <u>up_the_irons</u>: have you done any 7.2 to 8.0 in place upgrdes?
***: nukeAFK has quit IRC (Ping timeout: 240 seconds)
<br> william``` has quit IRC (Quit: leaving)
jdoe: <u>ballen</u>: I have.
ballen: assume you have to recompile all ports?
jdoe: yep.
ballen: thats a pain in the balls
jdoe: oh it gets worse.
<br> even if you follow the instructions portupgrade may blow up in the middle of upgrading everything because ruby is a pile of shit.
<br> so make sure you get a list of what it wants to upgrade ;)
<br> that said, binary update for core software + portupgrade + manually upgrading the shit portupgrade blew up before rebuilding was successful for me.
<br> it took way longer than I was expecting, but it worked out in the ned.
<br> end.
ballen: yea sounds easier to just blow away the install and rebuild everything
jdoe: depends on what you've got installed, I guess.
<br> and how good your logbook is ;)
ballen: yea
jdoe: I keep backups of configs etc., but unless I'm redoing things I prefer to upgrade in place.
ballen: yea
<br> ugh... why is GridFTP such a bitch to install
jdoe: no clue, first I've heard of it.
ballen: part of Globus
jdoe: first I've heard of that too ;)
ballen: heh
jdoe: I've done some HPC stuff before but it's always been same-site.
ballen: yea
jdoe: which, as I'm sure you're aware, is way more pleasant.
ballen: GridFTP is kind of going towards being the standard of moving large datasets around across WAN
jdoe: ugh, another encryption standard...
<br> ... and parallel streams from the same host? If your network actually benefits from that, you need to fix your network...
<br> ... oh, GSI is just TLS.
<br> <u>ballen</u>: how well does it tolerate high latency?
ballen: not sure yet
<br> trying to get it installed to test it out
jdoe: what are you using it for, if I may pry?
***: heavysixer has quit IRC (Quit: heavysixer)
ballen: going to see if it helps with moving datasets ranging from 500MB-4GB from New Mexico to bay area
<br> others are using it for much larger data sets
<br> people that want to max out 10G links
<br> well not want, need
***: nukeAFK has joined #arpnetworks
fink: <u>jdoe</u>: no portmaster love?
jdoe: <u>fink</u>: I dunno. I've been using portupgrade since it got pushed out there as the GREAT NEW THING TO USE. I never thought about switching.
fink: <u>jdoe</u>: i used to use it; i've had much better luck with portmaster
<br> minimal deps too
jdoe: <u>ballen</u>: if you're just copying shit from point A to point B, try openssh with the performance patch.
<br> <u>ballen</u>: http://www.psc.edu/networking/projects/hpn-ssh/
ballen: yea I know
jdoe: no love? That worked well for me.
<br> <u>fink</u>: it still depends on ruby doesn't it?
ballen: getting collaborators to patch openssh is somewhat difficult
fink: no
<br> <u>jdoe</u>: http://forums.freebsd.org/showthread.php?t=6078
***: nukeAFK has quit IRC (Ping timeout: 240 seconds)
-: fink likes portmaster ;)
jdoe: <u>ballen</u>: more difficult then getting them to install this though? :)
ballen: hah, as its looking right now, no
<br> any idea if the server has to be patched or just the client?
jdoe: <u>fink</u>: that's cool. For critical things like package management I prefer tried and true though :P
<br> <u>ballen</u>: both I think.
<br> <u>ballen</u>: it's been a while since I looked at the patch, but iirc it adds/modifies ciphers (so you could send stuff plaintext if you *really* wanted to, for example) as well as adjusts buffering.
ballen: yea
<br> supposedly it allows SSH to make use of multi-cores
jdoe: still, it's not like they need to REPLACE anything to use it or anything crazy like that.
<br> just run it as a second instance on 2222 or something and go nuts.
ballen: yea fun thing is to push anything like this I'll have to write a whole case study and run it through my management, who while have to lend their support to even get the slightest chance of this happening
<br> which isn't so bad
jdoe: yeah, but you're going to have to do that with whichever you pick, presumably.
ballen: yea
<br> we're currently using ol' fashioned rsync
<br> not even over ssh
CESSMASTER: portmaster is great
<br> in particular, it isn't written in ruby
jdoe: <u>ballen</u>: ... not secret data, huh :P
ballen: nah
jdoe: <u>CESSMASTER</u>: believe me, I appreciate that. I'm just wary of change.
ballen: oh well it'll be easy enough to test out OpenSSH with and without patch using Arpnetworks, roughly close enough and roughly same bandwidth
CESSMASTER: then you should be wary of a program written in ruby, wait til that mickey mouse club changes some stupid shit
ballen: aren't we just a bunch of ruby haters
jdoe: <u>CESSMASTER</u>: in fairness, ruby is relatively stable, you want to bitch about rails ;)
<br> the core language is more stable than python, at least :P
<br> wonder how long it'll be before that bites *buntu in the ass.
ballen: suppose this means I'll need to swap out dropbear on my vps now
jdoe: well no, you could just build openssh in your homedir or something, run it on some other port...
<br> ... but really? dropbear on a vps?
ballen: hah yea
jdoe: weird.
ballen: look at how much memory it uses compared to openssh
<br> at one point was trying to squeeze every ounce of memory
<br> however you should know the $PATH is hard coded in drop bear and no it doesn't give a shit what your .profile does
jdoe: memory's never really been that big a concern for me on a vps.
<br> 256MB goes a very long way.
ballen: run a few Rails projects, a postfix + postgrey + dovecot mail setup and it gets used up quick
<br> however after moving to Sinatra
<br> its really not a big deal
CRowen: vps server?
<br> stock?
ballen: ?
jdoe: <u>ballen</u>: I blame rails. I've done the same (minus postgrey, plus spamassassin), just nginx+php instead of rails. Did very well under load.
ballen: yea
<br> Sinatra + Redis backend
<br> rocks the socks
<br> as it were
<br> at one point has postfix + dspam + dovecot + PostgreSQL
<br> the first three were using SQL based data
<br> for users, etc
***: Nat_UB has quit IRC (Ping timeout: 248 seconds)
ballen: waaay overkill
jdoe: yeah
<br> dspam is great if you're memory conscious though.
CRowen: vps is stock?
ballen: my vps?
<br> yea postgrey is better
jdoe: <u>ballen</u>: I think he's asking if he can order
<br> <u>ballen</u>: or if they're still done.
ballen: ah
jdoe: total disagree on postgrey though, btw
ballen: whys that
<br> catches most spam
jdoe: I hate greylisting.
<br> it's annoying, it gets in the way, and it still lets a lot of spam through
ballen: with almost no overhead
***: nukeAFK has joined #arpnetworks
jdoe: yeah, that's why I nolist
ballen: yea I used that and what ever one list was
jdoe: zero overhead, zero delay, catches about as much as greylisting did for me.
ballen: yea, just migrated to Google Apps
jdoe: yeah...
<br> that's a pretty compelling argument
ballen: don't have to worry a damn bit about it now
jdoe: haha.
<br> I just don't like google having my mail.
ballen: true
jdoe: it knows enough about me already :P
ballen: also true
CRowen: I want a vps server, as I can pay for it
ballen: then by all means place an order
<br> <u>jdoe</u>: http://blogoscoped.com/archive/2007-09-17-n72.html
<br> that'll make your confidence in google go down even more
<br> albiet its fiction
CRowen: and how to order, the site says it is just stock vps?
jdoe: not a big Doctorow fan, but I've read that before. Yeah, I know.
<br> haha.
fink: <u>jdoe</u>: you use dspam on freebsd?
ballen: hmm it does appear we out of stock
fink: spamassasin + amavis just eats up memory like crazy
jdoe: <u>fink</u>: once upon a time.
ballen: feel free to email preorder@arpnetworks.com with what you want to be put on the waiting list
jdoe: <u>fink</u>: right now I just use SA because I'm lazy, don't care on that machine,e tc.
<br> also, it has more than enough ram for a couple perl procs.
fink: i like that postgrey doesn't use a lot of memory
CESSMASTER: corey doctorow is insufferable
***: fink has quit IRC (Quit: fink)
ballen: hah, I think he's a good read
<br> fun fiction for the most part
jdoe: <u>fink</u>: nolisting uses even less ;)
ballen: jdoe what if your list goes bat shit or gets hacked though ;-)
CESSMASTER: his fiction is unremarkable dreck, nothing too wrong with it
<br> his blogs and other shit make me hope a bus hits him
ballen: ahahah
jdoe: <u>ballen</u>: no no
ballen: now thats not nice
jdoe: <u>ballen</u>: nolisting isn't a list.
CESSMASTER: boingboing is the worst
ballen: ah
<br> thats clever
jdoe: nolisting is when you point your primary mx at an ip address that can never receive email. Just pick an IP you own, reject all traffic to port 25
CRowen: ballen, thanks for help =)
jdoe: very.
<br> for anything that doesn't implement retries, you get them... so you get most of the benefit of greylisting at zero cost
ballen: CRowen no prob, sorry theres nothing available at the moment. If you're in here when up_the_irons is around he can give you an idea of an ETA
<br> jdoe, I actually really like that
<br> any idea if its more effective than greylisting
CESSMASTER: the bbc world news' asia business correspondent is so horribly upbeat
jdoe: it's not going to be better, the best you can hope for is as-good-as, because they both target the same kind of bot, right?
<br> ... but I mean, I tried it myself for a while.
<br> and I was getting more-or-less equal numbers.
<br> ... and having my email actually come through immediately was a real perk.
ballen: hmm
<br> indeed
<br> just wondering if spammers started figuring out the greylisting trick and started to account for it
jdoe: sure, some do.
ballen: anyone have hands on experience with EMC CX-120 or Dell's Equalogic arrays ?
jdoe: nein.
ballen: need some central storage at work, not sold on the Dell stuff yet but its cheaper
<br> that and iSCSI over FiberChannel
<br> Dell only supports iSCSI
<br> well I'm sold on the openssh patch, on my crappy comcast upload, 249KB/s to 346KB/s
nesta: what ssh patch?
ballen: http://www.psc.edu/networking/projects/hpn-ssh/
nesta: cool thanks
ballen: np
<br> I'll let you all know what its capable of doing on a real connection after tomorrow
<br> so the real question is why in the hell haven't these patches made it back into OpenSSH proper
CESSMASTER: openbsd people
ballen: ah good point, Theo
jdoe: http://marc.info/?l=openssh-unix-dev&m=114334841829392&w=2
ballen: indeed
<br> so I could see where parallel transfers would benefit networks that have mutli-paths to the destination
jdoe: I was thinking lan not wan
ballen: ah yea
<br> LAN isn't really an issue
<br> only issue is CPU overhead of encryption with scp/sftp
jdoe: if you don't care, you can disable it with that patch
<br> there's a null cipher you can specify.
ballen: yea, or the multi-core path
<br> patch
jdoe: well, yeah, but if you don't need to encrypt the data, why bother?
ballen: most of my LAN data transferring if NFSv4 though
<br> is*
jdoe: oh god fucking damnit
***: steinberg has joined #arpnetworks
jdoe: fuck you domainsatcost and your shitty fucking javascript interface.
ballen: heh
up_the_irons: <u>ballen</u>: never done a 7.2 -> 8.0 in place upgrade
ballen: <u>up_the_irons</u>: k
<br> bed time, k bye
***: ballen has quit IRC (Quit: ballen)
jdoe: man that's annoying.
***: nukeAFK has quit IRC (Ping timeout: 248 seconds)
<br> nukeAFK has joined #arpnetworks
dxtr: I find ballens name funny. "balle" is slang for penis in Swedish. ballen = The penis
***: steinberg has quit IRC (Quit: Quit)
jdoe: I assume it's Bob, Bill, Barry, whatever Allen
***: steinberg has joined #arpnetworks
dxtr: <u>jdoe</u>: No shit, sherlock :)