***: schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
LT has joined #arpnetworks Wraithan: Well I am sort of in my system lol
kernel doesn't seem to provide virtio out of box
but I got my bootloader setup right... so now it is just a matter of getting my kernel setup righ ***: Wraithan has quit IRC (Quit: WeeChat 0.3.2-rc1)
Wraithan has joined #arpnetworks Wraithan: on my ARP vps
sort of :)
exit ***: Wraithan has quit IRC (Client Quit)
Wraithan has joined #arpnetworks
Wraithan has quit IRC (Client Quit)
Wraithan has joined #arpnetworks Wraithan: kernels take entirely too long to compile ***: schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
ziyourenxiang has joined #arpnetworks cedwards: Wraithan: bummer ***: LT has quit IRC (Quit: Leaving)
cedwards has quit IRC (Quit: leaving)
cedwards has joined #arpnetworks
fink has joined #arpnetworks
vtoms has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
ziyourenxiang has quit IRC (Quit: ziyourenxiang) Wraithan: Well I am on my ARP vps, chrooted in from the liveCD and it is running fine lol
Hopefully I'll hace an hour or two tonight to get it working the rest of the way ***: schmir has joined #arpnetworks
fink has quit IRC (Quit: fink)
Wraithan is now known as wizzo`s_fizzo wizzo`s_fizzo: Jeez you guys talk too much, I can hardly keep up with the conversations
slow it down already! cedwards: sorry :( ***: wizzo`s_fizzo is now known as Wraithan Wraithan: forgot I changed my nick
<.< ***: schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks BarberRonny: a
whoops dxtr: Uhm. Why did this ice cream taste like snus?
That
That's horrible mike-burns: What's nu? dxtr: Oh, you're american? :D
But you have snus in the states nowadays
http://en.wikipedia.org/wiki/Snus mike-burns: Ha, I assumed you were making a pun along the likes of "my roommate is wearing her updog around the apartment". CESSMASTER: Uhm. Why did this ice cream taste like anus? dxtr: Wat? CESSMASTER: But you have anus in the states nowadays dxtr: CESSMASTER: Perhaps you had it in your anus? CESSMASTER: http://en.wikipedia.org/wiki/Anus ***: nukeAFK has quit IRC (Ping timeout: 248 seconds) mike-burns: Haha. CESSMASTER: nsfw probably
oh, not anymore dxtr: http://en.wikipedia.org/wiki/Human_anus
:D CESSMASTER: there used to be an actual photo of a human anus dxtr: There are two nowadays
Didn't you see the discussion about that? CESSMASTER: no dxtr: Some people didn't want a shaved ass because it didn't look natural
And some didn't want a male anus CESSMASTER: hahahahhahaha dxtr: http://en.wikipedia.org/wiki/Talk:Human_anus
There
:)
http://en.wikipedia.org/wiki/Talk:Human_anus#Endless_image_contention
More like that
That would bring it around full circle to where it's been a couple of years. We had a cropped, shaved, bleached porn-anus in this article for a while, it was determined unsuitable (and a copyvio) and replaced with the current hairy man-hole. All we need is a neutral-looking and not-overly-hairy, suitable for an anatomy text
I have actually considered taking a photo of my own anus for the article (as far as I am aware, mine is pretty typical) just to put an end to this. Unfortunately, I don't think I'll be able to hold the camera at the right angle to get a decent shot. :( If you take a close look at the 'porn' anus in hi-res, it doesn't actually appear to have been shaved or bleached.
Yeah
I think you get it
please remove picture of male anus and replace with female anus Fartbarker 22:44, 28 January 2007 (UTC CESSMASTER: hahahahahahahaha dxtr: This arguement is ridiculous....if you don't want to see an anus, be it male or female or hairy or not so hairy...um don't come to this page? Yeah...now if you want to see a female anus to masturbate to for whatever reason, how bout you go find a porn site? The gender of the person with the anus does not matter. An anus is an anus is anus. Deal with it. Don't want to see it, ...
... don't go to the anus page...
Are aliens coming to this page? Anyone from the animal kingdom who isn't human? We don't need photos of anuses, ok? We just simply do not. It's gratuitous, inappropriate, nearing pornographic and quite ridiculous. Everyone has an anus and they know what it looks like. If an image is *absolutely* necessary, i think i diagram or drawing would suffice. 71.232.108.228 07:01, 23 ... Wraithan: Er dxtr: ... March 2007 (UTC)
Hahahaha Wraithan: if folks want to read it
they can go to the page. dxtr: They can? CESSMASTER: http://commons.wikimedia.org/wiki/Category:Sex_drawings_by_User:Seedfeeder this is what i was talking about
half of these aren't even linked to a wikipedia article jdoe: they probably were.
after they went through the first copyright violation/sharia law purge, they replaced a lot of the sex article pictures with drawings (and occasionally in non-human flesh tones)
I think they stopped doing that. dxtr: http://en.wikipedia.org/wiki/Talk:Human_anus#Artificial_anus <- Haha, read that :D ***: nukeAFK has joined #arpnetworks Wraithan: http://www.wolfire.com/humble ***: vtoms has quit IRC (Quit: Leaving.) -: jdoe stabs dns. ***: fink has joined #arpnetworks
sroute has quit IRC (Quit: WeeChat 0.3.0)
amdprophet has joined #arpnetworks
amdprophet has quit IRC (Remote host closed the connection)
nukeAFK has quit IRC (Ping timeout: 268 seconds)
william``` has joined #arpnetworks -: cedwards steps away for the afternoon and comes back to talk of anuses. wtf. Wraithan: A thing that is a bit problematic (could just be configuration stuff from what I am reading) is that my VPS is only showing one core? cedwards: Wraithan: both of mine show the same Wraithan: :(
The dual 4 core servers made me think I'd have multiple cores, even if it was 2-4 (4 seems standard these days for VPS) william```: don't arpnetworks vps only have a single cpu? Wraithan: Yeah, just found that out
which could be problematic william```: little weird if you're used to linode/slicehost
:)
unfortunately, neither of those offer bsd... -: Wraithan doesn't care about the BSD offerings lol Wraithan: up_the_irons: So the servers are multi-core but the VPSs only get access to a single core?
brb ***: Wraithan has quit IRC (Quit: WeeChat 0.3.3-dev)
Wraithan has joined #arpnetworks cedwards: I understand it as a single, dedicated core whereas the others are multiple, shared cores. Wraithan: Yes, but having it as a single rather than multiple means if I go to compile a package I could bring my webservices to a halt/crawl william```: you can nice the compilation process
give it a priority of 20 Wraithan: I have to make sure I do anything that could be detrimental as nice, which is a hassle jdoe: it's not a dedicated core, is it? ***: ballen has joined #arpnetworks
ChanServ sets mode: +o ballen jdoe: presumably it's a ... single core that you get some slice of as determined by scheduling on the host. Wraithan: william```: Yes I know but I compile packages weekly, among other things that are CPU intensive william```: why do you have to compile things weekly? o.O
are you running gentoo or something? :) Wraithan: No, but I run cutting edge on several packages jdoe: ... or freebsd, or openbsd ;) Wraithan: Every 3 weeks is a new kernel release, that I will have to compile, I am running trunk of python 2.7 for a couple of my projects, and trunk of python 3.2 for some other stuff william```: ouch Wraithan: Once 2.7 is official I wont have to compile it anymore, but until then I need to be tested against the latest so I can confidently push a release on 2.7 as soon as 2.7 is stable. cedwards: I compile all my ports on FreeBSD and I haven't seen any issues yet. Wraithan: Does your system default to nice'ing the compilation?
Btw, recompiled kernel makes my system work 100% william```: what was happening before you recompiled it? Wraithan: hanging because virtio was a module, not compiled in. william```: :( Wraithan: scp is amazing :) cedwards: rsync is more amazing? william```: not the same thing ***: nukeAFK has joined #arpnetworks
Wraithan1 has joined #arpnetworks
Wraithan1 has quit IRC (Client Quit)
Wraithan1 has joined #arpnetworks
Wraithan has quit IRC (Quit: WeeChat 0.3.2-rc1)
Wraithan1 is now known as Wraithan
schmir has quit IRC (Ping timeout: 245 seconds)
nukeAFK has quit IRC (Ping timeout: 248 seconds)
Nat_UB has quit IRC (Ping timeout: 268 seconds)
Nat_UB has joined #arpnetworks
nukeAFK has joined #arpnetworks cedwards: so I'm playing around with FreeBSD in KVM locally. Can anyone tell me how to activate console access, like is available at ARP? ***: heavysixer has quit IRC (Quit: BAMPF!) Nat_UB: cedwards: Think he uses an actual serial console...but I know zero details
:) up_the_irons: cedwards: -serial telnet:127.0.0.1:<port>,server,nowait
cedwards: then telnet to localhost and that port Nat_UB: Or that.... hehehe up_the_irons: Nat_UB: looks like an actual serial console, doesn't it? ;) ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer Nat_UB: yes...rather neat implementation up_the_irons: thanks
I credit toddf for pointing me in the right direction and providing hints / tips cedwards: looks like I'm close based on this: http://www.freebsd.org/doc/en/books/handbook/serialconsole-setup.html
I can see the boot output, but can't yet login. ***: nukeAFK has quit IRC (Ping timeout: 268 seconds) up_the_irons: cedwards: you need to run a getty on /dev/ttyu0
or ttyd0 (FreeBSD 7.2 and below) cedwards: that might be my problem. I setup ttyd0, but I'm running 8.0.
I'll try ttyu0 up_the_irons: 8.0 uses uart(4) by default, not sio(4), so yeah, you'll need ttyu0 cedwards: (I'm testing this on Ubuntu 10.04 using virsh console and virt-manager) up_the_irons: nice
should have the serial fix in it then, and you'll have no problems cedwards: Edit /etc/ttys and change off to on and dialup to vt100 for the ttyd0 entry. Otherwise a password will not be required to connect via the serial console, resulting in a potential security hole.
that is from the handbook. you say just change ttyd0 to ttyu0 and it should work for 8.0? up_the_irons: yes
handbook must not be updated for 8.0 yet Wraithan: up_the_irons: the VPSs are all single core? up_the_irons: Wraithan: yes, unless you order more ($2 per core) Wraithan: Ah I was not aware... maybe I didn't notice
up_the_irons: would I send an email to support@ in order to request the extra(s)? up_the_irons: most are happy with just a single core
Wraithan: yup william```: what is the max number of cores you can have on a single vps? Wraithan: Heh, i use my vps for multiple things, which need the ability to be spread out on different cores cedwards: for documentation sake: I added 'console="comconsole"' to /boot/loader.conf and made the above change to /etc/ttys. up_the_irons: william```: 8 william```: so that is baseline vps price + $14 (7 additional cores) per month? up_the_irons: cedwards: i find it a little easier to just "echo "-D" > /boot.config"
william```: yes william```: cool, noted :) up_the_irons: np william```: what is the average response time for support tickets?
i'm looking to migrate off of linode to arpnetworks entirely up_the_irons: william```: depends on the request william```: root pass reset :-) cedwards: up_the_irons: ohh, now you tell me. pfft. fink: up_the_irons: do you guys cater? up_the_irons: vps reset (format / reinstall) is usually like 24 / 48 hours -: fink is hankering for some choco cupcakes william```: up_the_irons: it requires a reinstall to reset the root pass? o.O up_the_irons: william```: not applicable -- you can reset your root password on your own in single-user mode -- http://support.arpnetworks.com/faqs/vps/what-is-supported
fink: only cupcakes william```: oh, great
thanks up_the_irons: william```: no no, just giving an example of support request ;) william```: i'll make sure i log in more than once every 1.5 months so i don't forget in the future :)
i still do 99% of my stuff on linode :-/ fink: lamenode up_the_irons: LOL william```: they're ok, but... linux -: william``` stabs himself in the face up_the_irons: never used them, but hear they are a pretty decent provider
probably one of the top william```: having choice of five datacenters is cool up_the_irons: i bet william```: and their support is good cedwards: they need to move away from xen though or they'll be stuck on dying tech up_the_irons: yeah, their higher prices can afford staff :)
cedwards: yes, srsly william```: haha, not a jibe, just an observation :-) fink: if you guys had cupcakes you would leave lamenode in the lamelagoon cedwards: we've been talking a lot about virtualization at work and I've simply told them to wait until kvm is well-done.
no point in starting things out on xen, and having to rebuild later. Wraithan: cedwards: we are using kvm at work right now up_the_irons: william```: right, didn't take it as a jibe, was also just observing ;) william```: :) cedwards: Wraithan: I just got a Dell R900 to start testing with.
up_the_irons: so I removed my previous changes and tried simply "-D" in /boot.config. The console stalls out at trying to mount root from ufs:/dev/ad0s1a up_the_irons: cedwards: that's probably just the end of it writing; the next will be getty Wraithan: We have a custom built server, pretty nice gear in it... I mainly just bring it to it's knees while I am doing a naive first pass of stuff though
go go 1600 queries to render a single page! up_the_irons: cedwards: i'd say kvm is already well-done. I've replaced Xen completely with KVM at this point. Things work even *better* william```: 1600 queries? o_o cedwards: up_the_irons: we're mostly a RHEL shop, so I've been kind of just holding out for KVM to be provided there in RHEL6 (although I think they offered it in 5.5 too) ballen: whens RHEL6 supposed to be out?
or 5.5 for that matter Wraithan: william```: you've never done a naive first pass with a ORM, without any optimization in mind? -: Wraithan ponders when RHEL will die.
Wraithan hates it. ballen: never will up_the_irons: cedwards: i c ballen: its a decent version of Linux Wraithan: No it isn't william```: Wraithan: i use an ORM daily :-) ballen: especially if you have a large enterprise site license Wraithan: It is the reason good projects have to support old garbage ballen: if you have a kickstart server setup, local yum repos, etc Wraithan: They still support Python 2.3
or maybe JUST phased it out, I forget ballen: they're plenty of ways to get around old versions
just like you would in Solaris Wraithan: Yeah, typically it is hacks to make it work on old versions as well as new
it makes for shit code because you have to support something so old. up_the_irons: Anything RH-based gets hacked ballen: well anything CentOS gets hacked
RH is less worse off up_the_irons: nah, all my RH servers got hacked, i've never run Cent ballen: plus it has a lot of industry support as far as paid apps go Wraithan: Plus (in my very limited experience with it) making RPMs SUCKS ballen: yes RPM's are lame
just saying its not as bad as most people thing it is
as is most things ***: nukeAFK has joined #arpnetworks ballen: think* Wraithan: I'm just saying setups like RHEL are part of the reason why technology isn't moving forward as fast as it could. up_the_irons: making RPMs sucks, but so does making .deb's
they all suck Wraithan: up_the_irons: that is why you make PKGBUILDs
they don't suck up_the_irons: been meaning to look into Arch Linux pacman stuff; it seems a lot simpler ballen: Arch is good
and yes pacman is wicked simple
but
Arch is bleeding edge
no matter what
compat be damned Wraithan: ballen: http://www.archserver.org/ up_the_irons: i like *BSD package stuff as well, since they are mainly just tarballs Wraithan: up_the_irons: arch recently moved to using tar.xz's for packaging :)
tiny downloads up_the_irons: nice ballen: arch server is interesting, but if I really have my choice I'd just pick FreeBSD
no reason to use Linux
for most things Wraithan: I've never (directly) used *BSD and could say the same thing about it. up_the_irons: it's all about taste Wraithan: Yup ballen: well theres certainly ease of use
and FreeBSD has a lot of that Wraithan: I said something smart the other about it up_the_irons: ballen: yeah but FreeBSD is difficult for those who are used to something else
everything is hard when you don't invest the time
if you learn it, it becomes easy Wraithan: :) ballen: hah, yeah buy X is difficult for those who are used to something else Wraithan: Arch is very easy! ballen: but* Wraithan: L(
:) up_the_irons: ballen: yeah Wraithan: http://www.lessthanthreesoftware.com
now running on ARP up_the_irons: ease of use is relative to the user, let's just put it that way
so, again, it comes down to taste ballen: true Wraithan: up_the_irons: put in the request for the extra cores :)
I find windows hard to use. ballen: meh whatever, use whatever the hell ya want Wraithan: Same with OSX ballen: is my opinion Wraithan: my hands don't flow!
(nor does the spice) ballen: unless it affects my production systems I don't care william```: osx is a fully-certified unix :-) up_the_irons: hehe fink: i love osx with macports william```: sudo port install slime +sbcl :-) Wraithan: Eh, I use a highly customized WM... even other linux systems are hard to use fink: freebsd is a "real" unix, it seems to me Wraithan: william```: yous a lisp hacker? up_the_irons: Wraithan: which WM? Wraithan: up_the_irons: xmonad up_the_irons: i use xmonad, which is pretty geeky
LOL Wraithan: :D up_the_irons: xmonad is da bomb
"Powerglove and Sonta Arctica" <-- typo Wraithan: up_the_irons: I'm friends with dons, go to talks at his office every other week or so william```: Wraithan: sometimes, i'm also learning Haskell, but i write Ruby for a living mike-burns: Me toO! william```: dons is a major dude fink: omg we have so much in common! mike-burns: omg do you like bsd too?! Wraithan: no. fink: omgomgomg Wraithan: er
yes <.<
>.> mike-burns: Ha. fink: like whatever! Wraithan: william```: Ah, I am mostly a python coder (pays the bills) but lisp and haskell in my freetime william```: nice :-)
i work on a large rails application for a living Wraithan: Though truth be told I like python quite a bit up_the_irons: lol, this is making my browser barf:
host www.lessthanthreesoftware.com
www.lessthanthreesoftware.com has address 206.125.170.2 william```: 160 models :| up_the_irons: www.lessthanthreesoftware.com has address 74.204.234.252 Wraithan: william```: large django app up_the_irons: changing IP mike-burns: I've realized that Haskell is tricky because of the non-code parts of it are foreign. Things like documentation, finding a job, socializing events, and so on are very different than what the industry is used to. fink: Wraithan: me = python fanboy Wraithan: up_the_irons: linode is doing that, I shut off their DNS stuff but it is being bothersome up_the_irons: Wraithan: roger william```: yeah, i don't use linode's dns offerings Wraithan: I used to. william```: i take it they're bizarre? mike-burns: I work on many large Rails applications for a living. Wraithan: Nah, it was pretty straightforward, but I deleted my entries but they are still being propagated from there ballen: up_the_irons: you should peer with Comcast up_the_irons: ballen: don't i wish Wraithan: One large Django app, many small django apps for me william```: mike-burns: did your predecessors understand how indexes in a rdbms are supposed to work? :-/ ballen: have to hit level3 and mzima before Arp up_the_irons: ballen: i'm ready and willing, but they'll give me the finger ;) mike-burns: william```: Absolutely. william```: i envy you :( up_the_irons: ballen: i will probably get level3 direct next year ballen: whys that, seems like generally everyone should be willing to peer up_the_irons: ballen: but it's not like the mzima hop really adds much mike-burns: william```: We don't believe that indexes are an optimization; we believe that it is a bug to leave them out. ballen: also peer with Es.net :-) william```: mike-burns: i found a query that would occasionally run via a cronjob on our site that did a table scan of 26 million rows
took 500-600 seconds to run mike-burns: Ha. up_the_irons: ballen: ah, no. there's a lot of politics to it. the smaller networks will peer, yes, no problem. but larger ones want minimum traffic, ratio requirements, etc... ballen: hmm up_the_irons: ballen: es.net i think is pay to play ballen: hmm, shouldn't be all their main goal is to serve the DOE labs up_the_irons: ballen: but i thought one of _my_ peers already peered with them, so it was like one more hop ballen: yea es.net to you is quite fast
es.net to comcast is slow
which is annoying as hell
anyone ever play with GridFTP up_the_irons: ballen: i might have been thinking of someone else. es.net appears to have open peering now that i looked it up, but they are not on any exchange that i'm on ballen: yea Es.net should be fairly cool, if you ever need to get a hold of anyone there let me know up_the_irons: ah, PacificWave was pay to play, and they have ESnet as a member
ballen: sure, i will, thanks ***: nukeAFK has quit IRC (Ping timeout: 260 seconds) Wraithan: up_the_irons: dns should be fixed
heh
er
nvm
www still has 2
wtf up_the_irons: dns caching is a bitch william```: wild up_the_irons: actually, caches in general are a bitch
7:30 already.. time to go home ballen: anyone in Cisco world know when the 2960S switches will be available? mike-burns: "There are only two hard problems in Computer Science: cache invalidation and naming things." - Phil Karlton william```: and random number generation
you don't want to be in a state of sin, do you? :) mike-burns: Is sin a state between solid and liquid? william```: "Anyone who attempts to generate random numbers by deterministic means is, of course, living in a state of sin." --John von Neumann
:) mike-burns: Ha, well played. william```: speaking of that, i have this thing called an "entropy key"
which keeps your entropy pool on linux systems maxed out
using an overloaded transistor or something mike-burns: Sounds fancy. william```: i should get that freebsd driver book and write a driver for it :)
it substantially decreases ssh/ssl handshake times mike-burns: I had no idea. Faster things are nice; you should do that. william```: when i have some free time :( Wraithan: william```: what is free time? william```: what i have too much stuff slated for ;) Wraithan: If you have stuff slated to used it, is it still time that is free? william```: hmm, good point
i guess it's more "personal time" than anything Wraithan: lol
http://www.entropykey.co.uk/
neat idea william```: yeah, it's cool
boot off an ubuntu live cd, install that, dd if=/dev/random of=/dev/sda
then the system doesn't have to fill its own entropy pool with psuedorandom data
so overwriting a disk with random data takes hours, not days :P Wraithan: I never really do that
I can't recall ever selling a harddrive ***: amdprophet has joined #arpnetworks william```: i iamgine most people who don't do full disk encryption don't Wraithan: They die before that william```: imagine* Wraithan: Ah, yeah, I don't do that ballen: Full disk encryption is generally a pain in the ass Wraithan: my laptop isn't a security risk, all it has is personal code on it
ballen++ ballen: we use WinMagic SecureDoc
which appears to do what it advertises
only a marginal slow down in a new Macbook william```: pgp's wde is pretty nice, too ballen: yea william```: i've only used it on osx, though
work laptop :) ballen: yep william```: the fact that you're forced to use AES-256 makes me uncomfortale though
uncomfortable, even -: jdoe shrugs. ***: nukeAFK has joined #arpnetworks fink: i use encrypted disk images jdoe: coming from the dude who trusts his rng to an overloaded transistor? ;) ***: jahshua has quit IRC (Quit: leaving) william```: well, it's more random than the alternative :) ***: aem has joined #arpnetworks
aem is now known as jahshua
mtve has quit IRC (Ping timeout: 246 seconds)
mtve has joined #arpnetworks
jahshua has quit IRC (Quit: leaving)
boogeyman has joined #arpnetworks
jahshua has joined #arpnetworks
jahshua is now known as nesta ballen: up_the_irons: have you done any 7.2 to 8.0 in place upgrdes? ***: nukeAFK has quit IRC (Ping timeout: 240 seconds)
william``` has quit IRC (Quit: leaving) jdoe: ballen: I have. ballen: assume you have to recompile all ports? jdoe: yep. ballen: thats a pain in the balls jdoe: oh it gets worse.
even if you follow the instructions portupgrade may blow up in the middle of upgrading everything because ruby is a pile of shit.
so make sure you get a list of what it wants to upgrade ;)
that said, binary update for core software + portupgrade + manually upgrading the shit portupgrade blew up before rebuilding was successful for me.
it took way longer than I was expecting, but it worked out in the ned.
end. ballen: yea sounds easier to just blow away the install and rebuild everything jdoe: depends on what you've got installed, I guess.
and how good your logbook is ;) ballen: yea jdoe: I keep backups of configs etc., but unless I'm redoing things I prefer to upgrade in place. ballen: yea
ugh... why is GridFTP such a bitch to install jdoe: no clue, first I've heard of it. ballen: part of Globus jdoe: first I've heard of that too ;) ballen: heh jdoe: I've done some HPC stuff before but it's always been same-site. ballen: yea jdoe: which, as I'm sure you're aware, is way more pleasant. ballen: GridFTP is kind of going towards being the standard of moving large datasets around across WAN jdoe: ugh, another encryption standard...
... and parallel streams from the same host? If your network actually benefits from that, you need to fix your network...
... oh, GSI is just TLS.
ballen: how well does it tolerate high latency? ballen: not sure yet
trying to get it installed to test it out jdoe: what are you using it for, if I may pry? ***: heavysixer has quit IRC (Quit: heavysixer) ballen: going to see if it helps with moving datasets ranging from 500MB-4GB from New Mexico to bay area
others are using it for much larger data sets
people that want to max out 10G links
well not want, need ***: nukeAFK has joined #arpnetworks fink: jdoe: no portmaster love? jdoe: fink: I dunno. I've been using portupgrade since it got pushed out there as the GREAT NEW THING TO USE. I never thought about switching. fink: jdoe: i used to use it; i've had much better luck with portmaster
minimal deps too jdoe: ballen: if you're just copying shit from point A to point B, try openssh with the performance patch.
ballen: http://www.psc.edu/networking/projects/hpn-ssh/ ballen: yea I know jdoe: no love? That worked well for me.
fink: it still depends on ruby doesn't it? ballen: getting collaborators to patch openssh is somewhat difficult fink: no
jdoe: http://forums.freebsd.org/showthread.php?t=6078 ***: nukeAFK has quit IRC (Ping timeout: 240 seconds) -: fink likes portmaster ;) jdoe: ballen: more difficult then getting them to install this though? :) ballen: hah, as its looking right now, no
any idea if the server has to be patched or just the client? jdoe: fink: that's cool. For critical things like package management I prefer tried and true though :P
ballen: both I think.
ballen: it's been a while since I looked at the patch, but iirc it adds/modifies ciphers (so you could send stuff plaintext if you *really* wanted to, for example) as well as adjusts buffering. ballen: yea
supposedly it allows SSH to make use of multi-cores jdoe: still, it's not like they need to REPLACE anything to use it or anything crazy like that.
just run it as a second instance on 2222 or something and go nuts. ballen: yea fun thing is to push anything like this I'll have to write a whole case study and run it through my management, who while have to lend their support to even get the slightest chance of this happening
which isn't so bad jdoe: yeah, but you're going to have to do that with whichever you pick, presumably. ballen: yea
we're currently using ol' fashioned rsync
not even over ssh CESSMASTER: portmaster is great
in particular, it isn't written in ruby jdoe: ballen: ... not secret data, huh :P ballen: nah jdoe: CESSMASTER: believe me, I appreciate that. I'm just wary of change. ballen: oh well it'll be easy enough to test out OpenSSH with and without patch using Arpnetworks, roughly close enough and roughly same bandwidth CESSMASTER: then you should be wary of a program written in ruby, wait til that mickey mouse club changes some stupid shit ballen: aren't we just a bunch of ruby haters jdoe: CESSMASTER: in fairness, ruby is relatively stable, you want to bitch about rails ;)
the core language is more stable than python, at least :P
wonder how long it'll be before that bites *buntu in the ass. ballen: suppose this means I'll need to swap out dropbear on my vps now jdoe: well no, you could just build openssh in your homedir or something, run it on some other port...
... but really? dropbear on a vps? ballen: hah yea jdoe: weird. ballen: look at how much memory it uses compared to openssh
at one point was trying to squeeze every ounce of memory
however you should know the $PATH is hard coded in drop bear and no it doesn't give a shit what your .profile does jdoe: memory's never really been that big a concern for me on a vps.
256MB goes a very long way. ballen: run a few Rails projects, a postfix + postgrey + dovecot mail setup and it gets used up quick
however after moving to Sinatra
its really not a big deal CRowen: vps server?
stock? ballen: ? jdoe: ballen: I blame rails. I've done the same (minus postgrey, plus spamassassin), just nginx+php instead of rails. Did very well under load. ballen: yea
Sinatra + Redis backend
rocks the socks
as it were
at one point has postfix + dspam + dovecot + PostgreSQL
the first three were using SQL based data
for users, etc ***: Nat_UB has quit IRC (Ping timeout: 248 seconds) ballen: waaay overkill jdoe: yeah
dspam is great if you're memory conscious though. CRowen: vps is stock? ballen: my vps?
yea postgrey is better jdoe: ballen: I think he's asking if he can order
ballen: or if they're still done. ballen: ah jdoe: total disagree on postgrey though, btw ballen: whys that
catches most spam jdoe: I hate greylisting.
it's annoying, it gets in the way, and it still lets a lot of spam through ballen: with almost no overhead ***: nukeAFK has joined #arpnetworks jdoe: yeah, that's why I nolist ballen: yea I used that and what ever one list was jdoe: zero overhead, zero delay, catches about as much as greylisting did for me. ballen: yea, just migrated to Google Apps jdoe: yeah...
that's a pretty compelling argument ballen: don't have to worry a damn bit about it now jdoe: haha.
I just don't like google having my mail. ballen: true jdoe: it knows enough about me already :P ballen: also true CRowen: I want a vps server, as I can pay for it ballen: then by all means place an order
jdoe: http://blogoscoped.com/archive/2007-09-17-n72.html
that'll make your confidence in google go down even more
albiet its fiction CRowen: and how to order, the site says it is just stock vps? jdoe: not a big Doctorow fan, but I've read that before. Yeah, I know.
haha. fink: jdoe: you use dspam on freebsd? ballen: hmm it does appear we out of stock fink: spamassasin + amavis just eats up memory like crazy jdoe: fink: once upon a time. ballen: feel free to email preorder@arpnetworks.com with what you want to be put on the waiting list jdoe: fink: right now I just use SA because I'm lazy, don't care on that machine,e tc.
also, it has more than enough ram for a couple perl procs. fink: i like that postgrey doesn't use a lot of memory CESSMASTER: corey doctorow is insufferable ***: fink has quit IRC (Quit: fink) ballen: hah, I think he's a good read
fun fiction for the most part jdoe: fink: nolisting uses even less ;) ballen: jdoe what if your list goes bat shit or gets hacked though ;-) CESSMASTER: his fiction is unremarkable dreck, nothing too wrong with it
his blogs and other shit make me hope a bus hits him ballen: ahahah jdoe: ballen: no no ballen: now thats not nice jdoe: ballen: nolisting isn't a list. CESSMASTER: boingboing is the worst ballen: ah
thats clever jdoe: nolisting is when you point your primary mx at an ip address that can never receive email. Just pick an IP you own, reject all traffic to port 25 CRowen: ballen, thanks for help =) jdoe: very.
for anything that doesn't implement retries, you get them... so you get most of the benefit of greylisting at zero cost ballen: CRowen no prob, sorry theres nothing available at the moment. If you're in here when up_the_irons is around he can give you an idea of an ETA
jdoe, I actually really like that
any idea if its more effective than greylisting CESSMASTER: the bbc world news' asia business correspondent is so horribly upbeat jdoe: it's not going to be better, the best you can hope for is as-good-as, because they both target the same kind of bot, right?
... but I mean, I tried it myself for a while.
and I was getting more-or-less equal numbers.
... and having my email actually come through immediately was a real perk. ballen: hmm
indeed
just wondering if spammers started figuring out the greylisting trick and started to account for it jdoe: sure, some do. ballen: anyone have hands on experience with EMC CX-120 or Dell's Equalogic arrays ? jdoe: nein. ballen: need some central storage at work, not sold on the Dell stuff yet but its cheaper
that and iSCSI over FiberChannel
Dell only supports iSCSI
well I'm sold on the openssh patch, on my crappy comcast upload, 249KB/s to 346KB/s nesta: what ssh patch? ballen: http://www.psc.edu/networking/projects/hpn-ssh/ nesta: cool thanks ballen: np
I'll let you all know what its capable of doing on a real connection after tomorrow
so the real question is why in the hell haven't these patches made it back into OpenSSH proper CESSMASTER: openbsd people ballen: ah good point, Theo jdoe: http://marc.info/?l=openssh-unix-dev&m=114334841829392&w=2 ballen: indeed
so I could see where parallel transfers would benefit networks that have mutli-paths to the destination jdoe: I was thinking lan not wan ballen: ah yea
LAN isn't really an issue
only issue is CPU overhead of encryption with scp/sftp jdoe: if you don't care, you can disable it with that patch
there's a null cipher you can specify. ballen: yea, or the multi-core path
patch jdoe: well, yeah, but if you don't need to encrypt the data, why bother? ballen: most of my LAN data transferring if NFSv4 though
is* jdoe: oh god fucking damnit ***: steinberg has joined #arpnetworks jdoe: fuck you domainsatcost and your shitty fucking javascript interface. ballen: heh up_the_irons: ballen: never done a 7.2 -> 8.0 in place upgrade ballen: up_the_irons: k
bed time, k bye ***: ballen has quit IRC (Quit: ballen) jdoe: man that's annoying. ***: nukeAFK has quit IRC (Ping timeout: 248 seconds)
nukeAFK has joined #arpnetworks dxtr: I find ballens name funny. "balle" is slang for penis in Swedish. ballen = The penis ***: steinberg has quit IRC (Quit: Quit) jdoe: I assume it's Bob, Bill, Barry, whatever Allen ***: steinberg has joined #arpnetworks dxtr: jdoe: No shit, sherlock :)