lol that's kinda funny up_the_irons \o/ i hate waiting for disk images to copy... anyone play MW2 around here? I just got a PS3 and have been playing it. I hate school I have to do TWO book reports so I'm looking for two novels with like... 50 pages or so Books children 6-9 \o/ wow i just realized i could resize openbsd partitions by first going into bsd.rd, not booting from cd-rom that makes things a whole lot nicer... toddf: so i'm thinking about how to give each customer a routed /48, and put /64 "on the wire", instead of the current mis-practice of just putting the whole /48 on the wire but i can't seem to get around having to select a device (like the first VPS) to be the gateway for all others (say a customer has multiple VMs) tell me if you have thought of anything creative the problem with making the first VPS a gateway is that it becomes a single point of failure and that is has special networking requirements (must enable ipv6 forwarding, which is not on by default, and i'm probably going to get tired of explaining that) maybe i should allocate the /48, but only assign a /64 to each customer vlan on my router... (within the /48 obviously) and then those with requirements for actually using more than one /64 can also bear the burden of the spof (since they obviously have more knowledge to be wanting to set up multiple /64's) mmm... this is analagous to colocated customer who don't have their own router (most don't) so I "host" their subnet (assign the gateway on my side), instead of routing their whole block over a /30 routed IP blocks over a /30 is for more advanced customers i think this is making sense... and by all means, if anyone else has an opinion, jump in althought this idea doesn't make use of the snazy fe80:: link-local address tbh I was quite surprised you gave a /48 to each customer... a /64 seems like it should be more than sufficient for most uses and you could always allow special cases to request extra /64s then again I don't see anything particularly terrible about putting a /48 direct on the wire either LT: there are various RFCs and a lot of consensus on the mailing lists (nanog, ipv6-ops, arin) that each "site" gets a /48 LT: then the site can delegate /64's as it sees fit http://tools.ietf.org/html/rfc3177 on paper yes... in practise it seems a bit up in the air though. it's kinda like the whole /120 vs /64 for point to point links thing plus the whole definition of 'site' is very fluid... not that I'm complaining, having a /48 is fine by me... but when the whole enterprise has a /48 spanning across 3 sites and the VPS used for monitoring has it's own /48 but i think moving away from "need-based" addressing schemes to "policy-based" can make things a lot simpler like, why differentiate between a smaller customer and large customer? if everyone gets a /48, there is no distinction and it makes management easier (and cheaper) rather than the IPv4-centric idea, "give them a small subnet unless they need a bigger one" there are certainly arguments both ways... just makes me feel uneasy handing out addresses all over the place I guess, too stuck in the old way of thinking perhaps any plans to dualstack your nameservers at all? yeah sure up_the_irons: Delegate /64's as it sees fit? Does that mean that I still get a /48 and can use all the /64's as I wish? dxtr: you have a /48 right now, but you won't be able to further subnet b/c the whole /48 is on the wire. I can route the /48 to you over link-local and *then* you could start splitting up /64's. but I don't see any advantage in doing this if you only have 1 vps (except perhaps for educational purposes) Actually I'd like to split up /64's :) Mainly for educational purposes By the way, speaking of ip addresses. Can I somehow say that "by default, use this address for outgoing connections" globally? Because right now some things are using the wrong address when connecting (Irssi for example - if I don't set the hostname) dxtr: then I can route the /48 to you over link-local, but this will be considered "expert mode"; as in, don't email support if you can't get it working right dxtr: iirc, the source ip is usually the first one assigned to an interface And what's "the first" one? :) Because it sure as hell isn't using the first one I assigned And can I move addresses in the list? dxtr: the first one assigned to the interface not the aliases the primary one mkay Speaking of aliases. Do I have to use aliases with ipv6? Because that will be a lot in my rc.conf :P yes obviously, you only put the ones you're gonna use into rc.conf and if you want to use a thousand,then welcome to a large rc.conf unless you want to script it and call that script upon startup I thought I would be able to assign an entire subnet to an interface no Okay then :) Forgive my ignorance then that'd fill up all of kernel memory a million times over true the kernel would have to allocate some space for this many addresses (assuming /64): 18446744073709551616 and even if it used only 1 byte for each... that is 18+ exabytes :) (i think) But let's say you route the /48 to me over link-local (I'll have to read up some more on ipv6 to be sure what this means :P - and I thought I already knew much) What would that mean? dxtr: it's routed over the link local address and you can then chop up the block as you see fit there is no reason for you to do such a thing besides learning, but with 1 vps, i don't even see how you could *test* anything out; what would you assign the other /64's too? *to anyway, it's late, i must rest cd $bed Hehe When you're saying "as you see fit" I'm like "Did I miss something with ipv6? Can I route the addresses to China if I want to?" :P That's why I'm asking morning hmm. I'm trying to build a FreeBSD VM (kvm) here at work, but I want to use FixIt to build ZFS. when I try to load the CD from the FixIt menu it says it isn't connected, yet I booted from it. I guess it needs to be the DVD, and not the disc1? yep 5m left on the DVD download.. too bad I can't get the usb image to boot. that is a much faster download. Hi all, this is maybe a litle of topic but any idea on how to use rrd in conjuntion with a database maybe to know the total amount of bandwaith consumed per month ? I asked the network guys to push the "turbo" button on the AOLs, but they just laughed at me ;) nbari: is the cacti bandwidth monitor via the support interface not what you're looking for? mmm this is for another vps that i have I'm in FixIt and I need to manually remount my zfs pool to edit a file. How do I do that? I've loaded the opensolaris.ko and zfs.ko, and I would assume everything else is still intact. tired zpool import cedwards? I'm no expert in zfs but that's what I'd try first... LT: I'll try that cedwards: i ahd to do this cedwards: i'll pm you my notes? fink: sure might be a good addition to the arp wiki we've started as well cedwards: link? http://arpwiki.com cool neat, wasn't there supposed to be some "LOL THIS IS UNOFFICIAL" banner on it though? http://wonder-tonic.com/geocitiesizer/index.php love that site Wraithan especially the midi :D almost as good as shadyurl oh shit it's the same people CESSMASTER: you can mix and match! http://5z8.info/malicious-cookie_d5d2_hateminorities hi all Ok, someone was flabergasted at the 1600 query page I mentioned yesterday. Which upon discovery was dropped down to 20-30 queries by being written right. Well, today a 4145 query page was found that has a 4n growth rate with the number of users, was written by an intern that worked here for like 4 weeks, was the last thing he did before we let him go no one has visited that part of the code base since he left though since we were implementing other stuff and his code hadn't gone live so it didn't matter but 4145 queries... http://www.reddit.com/r/AskReddit/comments/c07jz/have_you_ever_heard_of_the_zombie_radius/ sfw :) even 20-30 for a single page sounds... awesome. Eh, 1400 down to 20-23 is appropriate for the page, it does a lot of complex stuff 20-30* And that is without dropping to SQL we are still working in the ORM CESSMASTER: fink : yes, the arp wiki should state it is unofficial, and it should never repeat information already in the Knowledge Base. If I change the KB, then the info is out of sync, causing mass confusion. up_the_irons: huh? I have even less to do with the wiki than you do dxtr: ah ok. no, you can't route it to china cedwards: ^^ CESSMASTER: sorry tab completion fail Maybe a better solution is to give access to the KB to two or three of us. mike-burns: no way to just give access to kb Ah, that's a shame. yeah, it's hosted, not my app presumably the wiki should work more-or-less the way the linode one does... kb for stuff specific to arp, wiki for random "lol how do i set up a mail server" pages. up_the_irons: gotcha up_the_irons: is this "unofficial" enough? http://arpwiki.com/doku.php/start cedwards: it's actually not very obvious b/c my eye doesn't even go to the upper right corner with light text cedwards: but either way, i'm starting to get a strong feeling this needs to be internally hosted. if people land here before they see the KB, i think they'll be thoroughly confused. i mean, a lot of the links go nowhere. that is not your fault, it is just the nature of wiki's anyone used mediawiki? (i noticed linode uses it) FFFFUUUUUU- I think I'm getting sick me I even have written a parser for mediawiki I hate it Haha :D up_the_irons: I'm getting sick. Wanna make out? dxtr: no schmir: so mediawiki sucks? the markup is illogical ah i wonder if there is a wiki that uses rST the template syntax sucks (restructured text) bet I'd have to look down the path of a Python solution for that moinmoin? http://moinmo.in/ReStructuredText nice well this is looking promising I'm off for bed now :) Good night <3 moinmoin its anti-spam works pretty well, considering what it is. up_the_irons: moin moin is pretty popular fink: yeah, it looks familiar I'm not. I loathe python with every fibre of my being. but moin is pretty good. it was awesome until they decided wsgi is the way to go. asshats. jdoe: why do u loathe python? up_the_irons: slow, unstable language with irritating apps (fuck you plone, fuck you 90% of the ubuntu userland) that also like to chew ram. This is compared to ? jdoe: lol the apps are indeed irritating i remember zope, back in the day, always killing my box using 100% of the cpu Wraithan: scripting language-wise? ... perl of course, what else? isn't 90% of perl out there unreadable? If you are going to judge by the existing apps hey - watch it buddy i don't like how there's 60 different ways to do the same thing in Perl, but other than that, it is fine and it's never 60 i mean 700 I love how people give over-the-top desccriptions for perl like most stereotypes, they are exagerated RandalSchwartz: you mean like how it's write-only line noise ;) RandalSchwartz: I'd argue that is what jdoe did about python Wraithan: which part? Python isn't bad as a language :) unstable? Wraithan: "irritating" is subjective when I say unstable I don't mean crashy I mean the language is in flux Perl only isn't in flux because Perl6, aka Perl Forever is the main development platform for people who want to work on the language well, that and the changes between 5.6 -> 5.8 -> 5.10 -> 5.12 are fairly minor. after 2.5 python's changes have not been huge either at least not show stopping not counting the 2 -> 3 Wraithan - also incorrect perl 5 has had a dozen major releases since perl 6 was announced perl 5 is in no way going into mothballs probably activelys upportd for another 5-10 years Wraithan: don't listen to him, Randal knows nothing about perl ;) so now we've seen a bunch of misinformation on all sides here. lies. unstable is relative then Because I'd argue it is prefectly stable with a well defined upgrade path Wraithan: I have several apps running python 2.3, 2.4 and 2.5 that can't be moved because of incompatibility in the language. That bothers me. "can't be moved" is because they are either unmaintained or have poor authors. I have our app at work, which is a large scale app, able to run on 2.6 and 2.7, granted we aren't using any of 2.7's features right now but that is due to 2.7 in late alpha right now. Once 2.7 is released we will be moving over to that Wraithan: well you can take that up with the zope/plone guys, sure. :) HEY RandalSchwartz IS BACK python is dreamy it's a joy to code in jdoe: most everyone in my local Python UG would appologize to you for having to use zope and plone, those are recognized by the community as sucking. i don't know much about zope or ubuntu I don't know anything about ubuntu and have avoided zope hrm. how can I test that I've got the reverse dns zone setup properly? when you SSH somewhere from within the reverse dns zone, then ssh there again, it should show your last connection as from the reverse dns address instead of from the IP a low tech solution from you friendly developer who doesn't know much about sysadmining s/you/your/ jdoe: dig -x 'IP' Nat_UB: that only works if it's already delegated from arp. Nat_UB: I want to test it now. Wraithan: yeah, same... that'll only work if delegation is setup, I think. dig -x is supposed to return PTR records... Reverse lookups -- mapping addresses to names -- are simplified by the -x option. addr is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the name, class and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets the query type and class to PTR and IN respectively. hrm... yeah, but that doesn't apply here. ... bingo. dig -t ptr 4.0/29.3.2.1.in-addr.arpa . quick question - is there anything that says that I need to keep my VPS's in the LA time zone? nope change the TZ to whatever your heart pleases ballen: thanks! I just realized that when I rebuilt my freebsd vps I put it in eastern, but my linux one is still in pacific heh no prob ballen: it's almost kind of a security through obscurity :) sure why not never realized how long it takes to do a freebsd buildworld so I can start building some jails. may have to convert my linux vps to anotehr freebsd in the future use sysinstall instead ballen: I rebuilt using zfsroot on gpt disk, so wound up rebuilding from fixit in sysinstall right on love the zroot I always buildworld previous to building jails. ballen: I was going to do 4 ip's for each vps, but it cost me the same to go with 13 ips instead...could do some fail over between vps' all I know is that I love arp's service....I plug it anywhere I go :) sure, might want to check that each of the VPS's are on diff servers I believe they are...my linux vps console is via kvr07, and my freebsd is on kvr06 seems likely blah