[00:13] *** hiro_dSn_ has joined #arpnetworks
[00:15] *** hiro_dSn has quit IRC (Ping timeout: 265 seconds)
[00:15] *** nukeAFK is now known as nuke-
[01:05] *** LT has joined #arpnetworks
[04:18] *** nesta has joined #arpnetworks
[04:43] *** nesta has quit IRC (Remote host closed the connection)
[04:45] <infrared> jeeze, what is google doing?
[04:46] <bob^^> ?
[04:47] <infrared> now i can change the bg image?  google is becoming lame
[04:47] <bob^^> ugh
[04:48] <infrared> stupid
[04:48] <bob^^> yeah
[04:48] <bob^^> keep it simple, stupid :)
[04:49] <infrared> yup
[04:56] <bob^^> oh man
[04:56] <bob^^> i see what you mean
[04:57] <bob^^> what the hell are they thinking, it's awful
[04:57] <LT> if you switch javascript off for google you don't get the background
[05:42] <up_the_irons> it's so Bing'y
[05:42] <bob^^> apparently it's only for 24 hours
[05:43] <bob^^> then you willhave hte option of keeping it, or disabling it
[05:43] <bob^^> stupid google
[05:46] <cedwards> http://lifehacker.com/5559961/turn-off-googlecoms-24+hour-background-image
[05:47] <bob^^> the embossed stuff still looks stupid :/
[06:06] *** ziyourenxiang has joined #arpnetworks
[06:09] *** fink has joined #arpnetworks
[06:20] *** fink has quit IRC (Quit: fink)
[07:04] <cedwards> up_the_irons: first thing I did after getting your email is login to my main box and make sure it's all still there :)
[07:04] <cedwards> up_the_irons: we're good. thanks.
[07:52] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang)
[08:00] <cedwards> Wraithan: ping re: arch installation
[08:03] <cedwards> n/m
[08:53] <Wraithan> cedwards: ?
[08:56] *** woremacx has quit IRC (Ping timeout: 265 seconds)
[08:57] *** woremacx has joined #arpnetworks
[08:58] <cedwards> Wraithan: couldn't figure out the grub entry for vda devices, but I got it.
[09:22] *** LT has quit IRC (Quit: Leaving)
[09:26] <Wraithan> oh
[09:26] <Wraithan> yeah
[09:58] *** toddf has quit IRC (Ping timeout: 260 seconds)
[10:07] *** Yamazaki-kun has quit IRC (Ping timeout: 260 seconds)
[10:08] *** toddf has joined #arpnetworks
[10:08] *** ChanServ sets mode: +o toddf
[10:14] *** Yamazaki-kun has joined #arpnetworks
[10:39] *** schmir has joined #arpnetworks
[10:41] <Wraithan> http://www.youtube.com/watch?v=QAue4hnH8-A
[10:43] <RandalSchwartz> arp networks not listed on http://www.fix6.net/ipv6-webhosting/
[10:58] <jdoe> I swear Kubuntu is going to drive me to start using Gnome...
[10:59] <cedwards> jdoe: so don't use Kubuntu.
[10:59] <cedwards> jdoe: the best KDE I've found is http://chakra-project.org
[11:06] <jdoe> cedwards:I'm basically screwed by my own mistrust.
[11:06] <jdoe> I don't want to screw around with minor distros and I don't trust arch.
[11:06] <cedwards> jdoe: then I guess you're screwed.
[11:06] <jdoe> yep.
[11:07] <cedwards> why is it that you don't trust arch?
[11:07] <jdoe> so my options are basically centos, fedora, *buntu and debian.
[11:07] <jdoe> the first two are polished but upgrading them sucks, the kubuntu sucks, and debian is stale :/
[11:08] *** mdg has joined #arpnetworks
[11:09] <mdg> Hi, I currently have an OpenBSD VPS with you guys, but I would like to switch it to Arch Linux, is this possible ?
[11:09] <cedwards> mdg: heh. I just did that one one of my machines.
[11:10] <cedwards> mdg: it's possible. you'll need to submit a support@ request, and there is some manual config to be done during install.
[11:10] <mdg> cedwards: were you doing the $20/month (and did your pricing change?)
[11:11] <cedwards> mdg: I am doing the $20 (I have two machines). No price change, just a support request for him to reprovision is all.
[11:11] <jdoe> cedwards: I might give fedora a shot.
[11:11] <mdg> cedwards: awesome, thanks
[11:12] <cedwards> mdg: the reprovisioning will require your current system be destroyed, so make sure you've got what you need.
[11:12] <cedwards> mdg: ..and I'll document on the wiki the manual tweaks required to get an Arch machine running properly.
[11:14] <mdg> sounds good
[11:22] <jdoe> cedwards: sorry, distracted before. My beef with arch is that I'm not sure how big the maintainer community is.
[11:23] <jdoe> for all I know it's just some dude like Slackware.
[11:26] <cedwards> jdoe: it seems to be pretty big. I've actually been helping build and test packages for chakra-project, and our -devel channel has been pretty busy.
[11:26] <cedwards> everything goes through -testing before it goes public.
[11:27] <cedwards> and what I've been doing is compiling the entire repository in a chroot, helping ensure each package is compatible with the rest.
[11:35] <mdg> jdoe, its a good size for the size of the community.  There are TUs which aid in package maintenance as well
[11:37] <cedwards> mdg: irc is very active, although it seems to be 12yr olds.
[11:43] <Wraithan> yeah heh
[11:45] <Wraithan> i used to spend a lot of time in the arch channel it has changed a ton from when i started with arch
[11:46] <bob^^> never tried arch
[11:46] <bob^^> i've mostly been on debian in my linux experience
[11:46] <bob^^> i tend to break it :/
[11:47] <Wraithan> i went from slack for 2 years to fedora for 3 weeks slack for a few more years then arch for the last 2 or 3 years
[11:48] * mdg recalls seeing Wraithan in -offtopic
[11:48] <mdg> The fun thing about Arch is that the community doesnt take itself too seriously
[11:48] <Wraithan> mdg: i am the founder of the -ot renegade channel
[11:50] <cedwards> and everything is so stinking simple. it's great
[11:50] <mdg> renegade ?
[11:54] <Wraithan> plol
[11:54] <Wraithan> Well, we had a issue with the ops in #archlinux-offtopic so we started another channel that everyone was an op in
[11:55] <Wraithan> then that blew up because the founder of that one went all nazi too
[11:55] <mdg> who was the founder of that one ?
[11:55] <Wraithan> so I started ##lessthanthree and that's our new home
[11:55] <Wraithan> daedhel
[11:55] <mdg> heh
[11:58] <Wraithan> how long have you been an archer mdg /
[11:58] <Wraithan> ?
[12:01] <Wraithan> I remember when #archlinux was a channel that if the answer was on the wiki or man page, we used to give kids RTFM and leave them at that, now it is all about the hand holding #ubuntu-like stuff with ops banning for stupid cra[
[12:05] <mdg> Wraithan: ~ 3 years
[12:06] <mdg> I see that a lot too, ubuntu users for some reason decide to try arch and then get mad in irc because it doesnt work like ubuntu did
[12:07] <mdg> but the archwiki, you cant beat it
[12:29] <Wraithan> I use the archwiki when troubleshooting stuff on the gentoo and ubuntu servers at work
[12:47] <setient> hi guys!
[12:51] *** schmir has quit IRC (Ping timeout: 240 seconds)
[13:05] <BarberRonny> HELLLOO
[13:35] <mdg> oh hey
[13:54] <jdoe> mdg: TU = trusted user or similar? Why should I trust them? :P
[14:00] <Wraithan> jdoe: because the developers do
[14:01] <Wraithan> jdoe: why do you trust the developers of your distro?
[14:04] <bob^^> lessthanthree is a great name :)
[14:04] <Wraithan> http://lessthanthreesoftware.com
[14:04] <Wraithan> That's my blog
[14:04] <Wraithan> lol
[14:07] <bob^^> nice :)
[14:08] <bob^^> love the last post
[14:08] <bob^^> had a very similar experience
[14:09] <bob^^> people think websites take like two seconds :(
[14:10] <Wraithan> http://www.teamfortress.com/macupdate/ -- for all you macf-- er users :)
[14:26] <jdoe> Wraithan: TU implies some forum rat, debian has ridiculous bureaucracy, redhat/suse have actual companies overseeing that.
[14:26] <jdoe> so yeah, there's a difference.
[14:27] <Wraithan> redhat/suse are crap
[14:27] <bob^^> +1
[14:27] <Wraithan> TU is more than forum rat, these are people who have maintained packages in the AUR which is a user based repository for packages
[14:27] <bob^^> i remember using redhat about 12 years ago
[14:27] <bob^^> it was 'ok' then
[14:28] <bob^^> in fact, i think my first linux experience was suse
[14:28] <bob^^> but then i was shown freebsd, and i must admit, i've absolutely *never* looked back
[14:28] <Wraithan> sometimes they become a TU because they are taking one of the AUR packages to a official repo, then they are moved into taking care of more projects
[14:29] <bob^^> probably helps that i was shown by the chap who used to be the official freebsd documentation editor
[14:29] <jdoe> redhat isn't crap for what it is.
[14:29] <Wraithan> jdoe: it hurts the linux world.
[14:29] <jdoe> having a stable platform for production use? how terrible.
[14:30] <Wraithan> have a stable platform that encourages people to not move forward and therefor keep progress in check if folks want to support 'enterprise' as well
[14:30] <Wraithan> yeah, doesn't sound bad at all.
[14:31] <Wraithan> python 2.3 and 2.4 should be dead.
[14:31] <Wraithan> 2.7 is coming out next month
[14:32] <jdoe> heh
[14:32] <jdoe> see, here's the thing.
[14:32] <jdoe> suppose I have an app written for python2.3 (and I do indeed have just such an app, although not on redhat)
[14:33] <jdoe> my options are to fix the app for whatever version redhat/debian/whoever decides to ship.
[14:34] <jdoe> ... or I can have that platform supported and not waste the time and effort.
[14:34] <jdoe> that's a no-brainer.
[14:34] <Wraithan> waste?
[14:34] <jdoe> yes, waste.
[14:34] <Wraithan> There is a reason the python language has progressed in ways that aren't backwards compatible
[14:35] <jdoe> yes, but none of that invalidates the way things were previously done.
[14:35] <jdoe> it worked before, and it will continue to work for the foreseeable future.
[14:35] <jdoe> so yes, it's a waste for us to fix the app.
[14:35] <Wraithan> maybe you should have kept up with python
[14:35] <Wraithan> it isn't bad porting from 2.3 to 2.4
[14:35] <Wraithan> or 2.4 or 2.5
[14:36] <jdoe> right, but it takes more than zero effort, right?
[14:36] <jdoe> and the benefits from my POV are negligible. Things might perform slightly better, but my current setup is never going to perform worse.
[14:37] <Wraithan> But the additional effort required because you are using some ANCIENT verison of python and can't run 2.6 because there are libaries you can't update because your system is so old
[14:37] <jdoe> what effort?
[14:37] <jdoe> it's supported for years.
[14:38] <jdoe> rhel does 7 years of support for major versions.
[14:38] <Wraithan> additional effort because only old libraries which are also unsupported now
[14:38] <Wraithan> so you are rebuilding everything
[14:40] <jdoe> true, but 7 years is a long time, after that long I probably would be anyway.
[14:40] <Wraithan> but you are chosing to ignore that cost
[14:40] <jdoe> and the difference is it's on my timeline, not because some distro EOL'd a version after a year.
[14:40] <Wraithan> heh, yeah sure
[14:41] <jdoe> to each their own, but I never thought I'd hear someone call stability a *failing* of linux..
[14:41] <Wraithan> you and every other programmer who has said, we have plenty of time, we can just update it later
[14:41] <Wraithan> funny thing is the cost of updating grows over time
[14:42] <jdoe> I'm not a programmer, I'm a sysadmin.
[14:42] <Wraithan> Ah
[14:42] <jdoe> I've never met a programmer who wouldn't jump at the chance to upgrade to python 3.14
[14:42] <Wraithan> Not quite a bad but almost
[14:42] * Wraithan is a programmer
[14:42] <jdoe> for me, show me a tangible, immediate benefit or gtfo ;)
[14:43] <jdoe> well no, not immediate.
[14:43] <jdoe> I'm low on blood sugar and rambling now. I need food.
[14:44] <bob^^> :)
[14:44] <bob^^> i still haven't got stuck in to python
[14:45] <bob^^> i bought the book
[14:45] <bob^^> *books
[14:45] <bob^^> now they are out of date
[14:45] <bob^^> :(
[14:45] <Wraithan> what version do they teach?
[14:46] <bob^^> sec
[14:47] <bob^^> 2.0 hehe
[14:47] <bob^^> i'm sure i wouldn't have any trouble learning the new stuff though
[14:47] <Wraithan> 2.0?
[14:47] <bob^^> that's what it says
[14:48] <bob^^> o'reilly books, from at least, hmm, four years ago?
[14:48] <Wraithan> book is 10 years old?
[14:48] <bob^^> maybe more than four years
[14:48] <bob^^> 'covers python 2' is what is says :/
[14:48] <Wraithan> oh
[14:48] <Wraithan> ok
[14:48] <Wraithan> probably 2.4
[14:48] <bob^^> i find that i need a project to learn a new language
[14:48] <bob^^> never really found a project
[14:49] <bob^^> i was going to write a radius server in python but 'hmmmmmmm'
[14:49] <bob^^> maybe with twisted or sth
[14:49] <Wraithan> diesel > twisted
[14:49] <Wraithan> lol
[14:49] <bob^^> meh
[14:49] <bob^^> don't really know hehe
[14:49] <Wraithan> twisted is not like writing python it is like writing twisted
[14:50] <bob^^> i guess i'd want a new 'thread' for every inbound UDP packet
[14:50] <bob^^> but as i say, never had to actually do anything with python so :)
[14:51] <bob^^> i wrote a radius client in php a few years ago, that was fun
[14:51] <bob^^> that was before i ended up writing a usenet binary grabber in php with rate limiting
[14:51] <bob^^> fun projects, now i hate php
[14:54] <up_the_irons> wth does my /etc/event.d/ttyS0 work in Jaunty but not Lucid
[15:01] *** Jestre has quit IRC (Read error: Connection reset by peer)
[15:02] *** Jestre has joined #arpnetworks
[15:11] <jdoe> dunno
[15:11] <jdoe> I hate writing for upstart though.
[15:12] <bob^^> i don't really get why it matters that a box takes a little while to start
[15:12] <bob^^> hence i don't really get the point of upstart
[15:13] <jdoe> well it makes init dependencies more sane.
[15:13] <jdoe> and it gives you some easier triggers than what init allowed.
[15:13] <jdoe> ... but users don't care about that so they boast about how instead of taking 15 seconds to boot now it takes 14.
[15:14] * Wraithan uses a BSD style init with linux
[15:14] <bob^^> bsd style makes more sense to me
[15:14] <bob^^> i can't even begin to understand runlevels, especially in the context of 'today'
[15:14] <bob^^> and tbh i don't really care how long a restart takes
[15:15] <bob^^> but that's probably because we have redundant everything
[15:15] <jdoe> even on a lone machine I don't care
[15:15] <bob^^> same, tbh
[15:15] <jdoe> init is the fastest part of the boot anyway
[15:16] <jdoe> I've got to wait minutes for the controllers to init.
[15:16] <bob^^> yup
[15:16] <bob^^> dell servers tend to take even longer than that tbh
[15:17] <jdoe> been a while since I had to deal with one.
[15:18] <bob^^> tbh, when you look at how long it takes to restart something like a cisco 6500 with something like a sup720
[15:18] <bob^^> everything comes into perspective :)
[15:18] <bob^^> 10+ minute downtime right there
[15:22] <jdoe> indeed.
[15:51] <up_the_irons> new IPv6 policy for new VPS setups:
[15:51] <up_the_irons> " A /48 IPv6 block has been allocated to your site as recommended by RFC 3177 and RFC 5375.
[15:51] <up_the_irons> However, only the first /64 is directly connected (assigned) to your VLAN.
[15:52] <up_the_irons> Should you require use of the entire /48 at this time, we will route it to you over a link-local address.
[15:52] <up_the_irons> Please email support@arpnetworks.com to set this up. "
[15:52] <up_the_irons> this will appear in IP Block detail in the Portal for new setups
[15:52] <up_the_irons> I think it is a saner default
[15:52] <bob^^> makes perfect sense :)
[15:52] <up_the_irons> and the info appears a little different, so as to make this clear
[15:52] <up_the_irons> putting a /48 on the VLAN always made me uncomfortable
[15:52] <up_the_irons> toddf will like this change ;)
[15:53] <bob^^> hehehehe :)
[15:53] <toddf> YAYAYAYAYAYAYAYAYAYAYAYA
[15:53] <toddf> the next sane default would be a link local address for the gateway
[15:55] <up_the_irons> LOL
[15:55] <bob^^> :D
[15:55] <RandalSchwartz> what is the effect of this change?
[15:55] <RandalSchwartz> I'm not following
[15:56] <up_the_irons> toddf: I'll have to wrap my head around that more.  What I don't want is for a 2+ VPS setup to require one of the VPS's to be a gateway, unless this is explicitly requested by the customer
[15:56] <bob^^> that makes sense, up_the_irons
[15:56] <bob^^> ipv6 is a confusing beast
[15:56] <RandalSchwartz> I mean, what can you do with the new setup that you can't do with the old one
[15:56] <RandalSchwartz> coudln't I always say that my em0 was /64
[15:56] <RandalSchwartz> and then create other nets near it?
[15:57] <up_the_irons> RandalSchwartz: nope
[15:57] <up_the_irons> RandalSchwartz: b/c the /48 was on the wire
[15:57] <bob^^> the whole /48 was routed to your VPS previously, no?
[15:57] <Wraithan> https://twitter.com/IPv4Countdown
[15:57] <up_the_irons> RandalSchwartz: the /48 would have to be routed to you, over say a link-local address, for you to subnet it further
[15:58] <up_the_irons> RandalSchwartz: exactly same like IPv4.  If I put a /24 on the VLAN, you can't subnet it.  But if I route the /24 over a /30 to you, then you can subnet further.  This new policy will allow this to happen in a more organic way.  People who don't need it will accept the sane default, and people that need it (very few), can request it
[15:58] <RandalSchwartz> well, wouldn't my em0 act as a proxy arp them?
[15:58] <RandalSchwartz> you'd route all of the /48 to my em0, then I could further route it
[15:58] <up_the_irons> RandalSchwartz: yes, if you wanted that, sure
[15:59] <up_the_irons> RandalSchwartz: not sure wrt proxy arp
[15:59] <RandalSchwartz> yeah - so I don't see what the change buys me yet
[15:59] <RandalSchwartz> as long as I'm not putting two pieces of the /48 in entirely disjoint places
[15:59] <RandalSchwartz> but I can't, because the global routing table can't handle that
[15:59] <toddf> up_the_irons: the difference between global and link local for the default gateway is not huge, but if a customer wanted a different /64 routed to the VPS, no change for default gateway
[15:59] <up_the_irons> RandalSchwartz: you shouldn't.  with only a couple VPS's, there is really no need to further subnet a /48
[16:00] <up_the_irons> RandalSchwartz: unless you want to do some tunnel's and have individual /64's for the tunnels
[16:00] <toddf> randalschwartz: this isn't about arp, v6 doesn't have arp!
[16:00] <RandalSchwartz> how does it map an address to ether then?
[16:00] <toddf> ndp
[16:00] <up_the_irons> bob^^: yeah, previously, the whole /48 was assigned to the VLAN, which worked but sets a bad example; it shouldn't really be done that way in retrospect
[16:00] <toddf> v6 does multicast
[16:00] <bob^^> yeah, indeed
[16:01] <toddf> ping6 -n -w ff02::1%em0
[16:01] <bob^^> i like the new default :)
[16:01] <bob^^> makes sense :)
[16:01] <toddf> that'll get you all kame based systems on the wire, unless firewalled
[16:01] <toddf> ping6 -n -w ff02::2%em0
[16:01] <up_the_irons> toddf: roger
[16:01] <toddf> that'll get you all sysctl net.inet6.ip6.forwarding=1 kame based systems on the wire, unless firewalled (read: all your routers)
[16:02] <toddf> the ff02::/8 is a special multicast subnet .. compare with 224.0.0.0 on ipv4, but always present in v6
[16:02] <toddf> it permits link local discover of addresses, both global and link local
[16:02] <up_the_irons> yeah
[16:03] <RandalSchwartz> so if I want my laptop to have a piece of my v6 with a 6over4 tunnel of some kind to my apr box, I can't do that right now, because em0 will answer for all /48 ?
[16:03] <toddf> so a combo of ff02::/8 multicast and fe80::/8 link-local addresses come into play to discover local addresses
[16:03] <toddf> precisely
[16:03] <RandalSchwartz> ahh.  I thought I could do that before
[16:03] <RandalSchwartz> so I'll want mine changed. :)
[16:03] <bob^^> oh cool
[16:03] <toddf> if you want to route a /64 to your laptop you'll need a /64 routed to your vps and then re-route that /64 to your laptop over a tunnel
[16:03] <bob^^> i hadn't thought of that
[16:03] <toddf> what the new default permits
[16:04] <toddf> is one /64 for the link local of your vps
[16:04] <toddf> then the rest of the 65535 /64's just routed to your vps
[16:04] <toddf> so you can then do with them what you want, including assign them to lo1 lo2 lo3 or whatever
[16:04] <RandalSchwartz> yeah, ok, sign me up!
[16:04] <up_the_irons> wow, i just did "ping6 -n -w ff02::1%em0" on a test VPS
[16:04] <toddf> or .. if you enable forwarding for v6, you can setup tunnels to remote systems to utilize the address space
[16:04] <up_the_irons> interesting!
[16:04] <RandalSchwartz> if I change my /48 to a /64 right now, will it break anythin?
[16:05] <RandalSchwartz> in anticipation of the change?
[16:05] <toddf> the -w is the `kame specific' option, w/out it even linux and cisco respond
[16:05] <up_the_irons> it sees the router and the console server.  i wonder why the console server is in there...
[16:05] <toddf> randalschwartz: changing to a /64 will not break if your v6 addresses lie within that /64 including your upstream gateway
[16:05] <toddf> now if your upstream gateway were the link local of the upstream router, the 'including your upstream gateway' goes away in the above sentence
[16:05] <up_the_irons> oh, same vlan, f'in duh
[16:05] <RandalSchwartz> yeah - that's true so far
[16:06] <toddf> the %em0 means 'this ethernet segment attached to em0'
[16:06] <up_the_irons> and if anyone who has an existing VPS wants to change to the new default, just let me know; it's a pretty easy change
[16:06] <toddf> randalschwartz: because bsd systems assign networks to interfaces when you assign addresses, just changing the prefix on the interface may not change your routing table, it may be a maintnence reboot to make sure all tendrils are in proper order
[16:07] <RandalSchwartz> so what interface does the remainder of the /48 come in on?
[16:07] <toddf> randalschwartz: its routed to you
[16:07] <RandalSchwartz> I'd take v6 down and up
[16:07] <RandalSchwartz> as in, it also comes in via em0?
[16:07] <toddf> think if you were on a subnet with 10.0.0.1 as router and 10.0.0.2 as your vps and 10.0.0.0/24 for the network .. and someone routed you 10.0.0.0/16 to your 10.0.0.2 vps .. same deal
[16:08] <RandalSchwartz> ahh, but I can say 10.0.0.3/2 goes over there ==>
[16:08] <toddf> just rinse and recycle with v6 subnets of /64 and /48 instead of /24 and /16
[16:08] <RandalSchwartz> since I'm now only 1,2
[16:08] <toddf> well, 10.0.0.0/24 ought to be on the native wire
[16:08] <toddf> 10.0.1.0/24 however you can point elsewhere since its routed to you and you can (and maybe even should) add a reject route for the larger block and route only the speicifc ones that are accessable
[16:09] <RandalSchwartz> ahh.  I mean 10.0.1/24 is "over there"
[16:09] <RandalSchwartz> right
[16:09] <RandalSchwartz> yeah - that's what I was getting at
[16:09] <RandalSchwartz> upstream router would send any of 10/16 to me
[16:09] <RandalSchwartz> but only 10/24 is considered "me"
[16:09] <RandalSchwartz> by "me"
[16:09] <toddf> and the specific link local of 10.0.0.0/24 over-rides the route of the 10/16
[16:09] <RandalSchwartz> yeah, that's how I thought it was working now anyway
[16:10] <toddf> what we had for a previous default is 10/16 on the wire, period
[16:10] <toddf> equivalent mind you
[16:10] <RandalSchwartz> but if I assigned /24 to em0, and 10.0.1/24 to lo1
[16:10] <RandalSchwartz> wouldn't it just do the right thing?
[16:10] <RandalSchwartz> I mean, why does upstream care?
[16:10] <toddf> previously, no
[16:10] <toddf> the wire would do arp requests for 10.0.1.X thinking its on the local link
[16:11] <RandalSchwartz> ahh...
[16:11] <RandalSchwartz> it's starting to sink in
[16:11] <RandalSchwartz> ok yes, I want this change. :)
[16:11] <toddf> what a router considers on the local link it won't magically `route' to a box on the link, unless that box does proxy arp, in which case its faking things and doing fudgery I'd care not to endorse ;-)
[16:11] <toddf> not sure if v6 even has 'proxy ndp'
[16:12] <toddf> while the term 'link local' originates from v6, you get the same concepts in v4 `within the subnet on the wire'
[16:12] <RandalSchwartz> email to support done. :)
[16:12] <up_the_irons> toddf: it does indeed do proxy ndp, which was required on some tunnels for customers when I put the whole /48 on the wire
[16:12] <toddf> up_the_irons: I hereby put this whole discourse under public domain, at least my part, do with it what you will, for the furtherance of `proper(tm)' networking *grin*
[16:12] <RandalSchwartz> as long as I'm not using any address above the /64, it doesn't matter how I'm set up, right?
[16:13] <RandalSchwartz> at least so I have to worry about a transition
[16:13] <up_the_irons> toddf: cool!
[16:13] <toddf> randalschwarts: technically no, but a mismatch in prefixlen from router to vps cannot be a thing to expect no problems from ever ;-)
[16:13] <RandalSchwartz> Right.  I'll fix it as soon as I hear I've been changed
[16:14] <toddf> it `happens' to work, just as if the router thought 10.2.3.0/24 were on the link and the client thought 10.2.0.0/16 were on the link and the client happened to use 10.2.3.2 and hit the router at 10.2.3.1, it would magically work, but obviously there is potential for `fun' down the road
[16:14] <RandalSchwartz> in theory then, I could assign each jail its own /64
[16:15] <RandalSchwartz> and nat the ipv4, right?
[16:15] <toddf> (I once had a client where the router was outside the local subnet, and windows somehow worked fine, for bsd to exist I had to widen the subnet mask considerably...)
[16:15] <up_the_irons> [arin-announce] IANA IPv4 Free Pool is Now at 6.25%
[16:15] <up_the_irons> wow
[16:15] <toddf> yes you could
[16:15] <up_the_irons> it was 10% 6 months ago!
[16:15] <RandalSchwartz> "imminent collision... sound the klaxons"
[16:15] <RandalSchwartz> "followed shortly by the failtrombone"
[16:17] <RandalSchwartz> "network_ipv6 stop" doesn't do what I thought
[16:19] <RandalSchwartz> but "ifconfig em0 inet6 dead:beef:babe::/64 does
[16:19] <RandalSchwartz> fixed up the routing too, looks like
[16:19] <RandalSchwartz> I don't see any /48's in there now
[16:25] <up_the_irons> toddf: if I route a /48 to a link-local, is there any way to get around the fact one must choose one vps as the gateway, and then ipv6 forward to all others (makes that vps more of a single point of failure)
[16:27] <toddf> initiall you'll have customers with a single vps
[16:27] <toddf> you'll have a /64 on the wire
[16:27] <toddf> and your router is the default upstream
[16:27] <up_the_irons> well yes, that's the new default now
[16:27] <toddf> if they get more vps's they can choose to put them all in that one /64
[16:27] <toddf> the rest of the /48 can be routed as a group to one vps or split up amongst several vps's
[16:27] <up_the_irons> right right, but should they want the /48 routed... then what?
[16:27] <RandalSchwartz> presuming they're all on the same host box
[16:28] <toddf> if they're wanting failover they can put the link local address into a carp group between vps's
[16:28] <up_the_irons> roger
[16:28] <RandalSchwartz> carp diem!
[16:28] <RandalSchwartz> fish of the day!
[16:28] <up_the_irons> but how can the /48 be split up amongst several vps's if it is routed?  I can only pick one destination of the route
[16:29] <toddf> you can split the /48 into 65535 /64's if they really want 65535 individual vps's with individual /64's
[16:29] <toddf> not that your routing table would be happy but it could be done theoretically
[16:29] <up_the_irons> toddf: right, that's just the "manual" (email support) way of doing it
[16:30] <toddf> if you wanted an automated way of splitting it up, ospf comes to mind as superior to rip6
[16:30] <up_the_irons> toddf: if they want the whole /48 routed and want to be self service, then they have to accept that one vps, or some device, will be a gateway for them
[16:30] <up_the_irons> i take it
[16:30] <toddf> I may use rip6 for my upstream tunnel to iijlabs which wrote kame, but thats the only place I've used either
[16:31] <toddf> one mac address on the link must respond as a router for the /48 yes
[16:31] <up_the_irons> roger, that's all i wanted to clarify
[16:31] <toddf> they could have multiple vps's responding to that one mac address per carp(8) or other similar technology
[16:31] <toddf> note that 'fe80::X' addresses can also be aliased
[16:32] <toddf> $ ifconfig vlan8
[16:32] <toddf> vlan8: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:0c:76:55:82:1b description: wifi-default priority: 0 vlan: 8 priority: 0 parent interface: trunk0 groups: vlan physical internal inet6 fe80::20c:76ff:fe55:821b%vlan8 prefixlen 64 scopeid 0xd inet6 fe80::2%vlan8 prefixlen 64 scopeid 0xd
[16:32] <toddf> blah stupid irssi
[16:32] <toddf> $ ifconfig vlan8
[16:32] <toddf> vlan8: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
[16:32] <toddf>         lladdr 00:0c:76:55:82:1b
[16:32] <toddf>         description: wifi-default
[16:32] <toddf>         inet6 fe80::20c:76ff:fe55:821b%vlan8 prefixlen 64 scopeid 0xd
[16:32] <toddf>         inet6 fe80::2%vlan8 prefixlen 64 scopeid 0xd
[16:32] <toddf> $ ifconfig carp8
[16:32] <toddf>         inet6 fe80::200:5eff:fe00:108%carp8 prefixlen 64 scopeid 0x15
[16:32] <toddf>         inet6 fe80::1%carp8 prefixlen 64 scopeid 0x15
[16:33] <toddf>         inet6 2001:240:58a:2::1 prefixlen 64
[16:33] <toddf> $ ps ax | grep rtadvd
[16:33] <toddf> 21080 ??  Is      0:10.62 rtadvd carp3 carp6 carp8 carp13 carp14
[16:33] <toddf> .. on a client system:
[16:33] <toddf> $ ping6 -n -w ff02::1%rum0
[16:33] <toddf> PING6(72=40+8+24 bytes) fe80::69%rum0 --> ff02::1%rum0
[16:33] <toddf> 40 bytes from fe80::69%rum0: knetbook.fries.net.
[16:33] <toddf> 37 bytes from fe80::1%rum0: carp1.fries.net.
[16:33] <toddf> 37 bytes from fe80::2%rum0: carp1.fries.net.
[16:34] <toddf> $ netstat -nr -f inet6 | grep def
[16:34] <toddf> default                            fe80::1%rum0                   UG        11 10546019     -     4 rum0
[16:34] <RandalSchwartz> toddf - so after the change to the link-local /48, what's my outbound default route going to look like?
[16:34] <toddf> what I just showed you is a carp'ed v6 gateway responding on multiple link local addresses, and the client having auto-discovered the carp'ed link local for default gateway
[16:34] <RandalSchwartz> my em0 is now /64, right?
[16:34] <toddf> randalschwartz: depends on if I talk up_the_irons into link local or global .. ;-)
[16:35] <RandalSchwartz> which would be better?
[16:35] <RandalSchwartz> I'm sure he's listening. :)
[16:35] <toddf> randalschwartz: in reality, anything thats on the link and subnets you have configured that the router responds to
[16:35] <toddf> the `path with most options' is link local, the `path that mimics old v4 behavior better' is global
[16:35] <RandalSchwartz> my existing ::1 for example?
[16:35] <toddf> ::1 <=> 127.0.0.1
[16:36] <RandalSchwartz> I mean dead:beef:babe::1
[16:36] <RandalSchwartz> I just hate typing all that :)
[16:36] <toddf> this is my vps:
[16:36] <toddf> $ netstat -nr -f inet6 | grep def
[16:36] <toddf> default                            fe80::5054:ff:fe27:9007%em0    UGS       14     3667     -     8 em0
[16:36] <toddf> $ cat /etc/mygate
[16:36] <toddf> fe80::5054:ff:fe27:9007%em0
[16:36] <toddf> 208.79.89.89
[16:36] <toddf> $ cat /etc/hostname.em0
[16:36] <toddf> inet6 2607:f2f8:1800::2 64
[16:36] <toddf> inet 208.79.89.90 255.255.255.252
[16:36] <RandalSchwartz> what is that fe80 address?
[16:37] <RandalSchwartz> I have fe80::5054 as well
[16:37] <toddf> fe80::/8 is `link local' aka each v6 enabled link has the subnet but those are non routable addresses
[16:37] <RandalSchwartz> is that link local based on MAC addr?
[16:37] <toddf> ff02::/8 is `multicast' aka each v6 enabled link has the subnet but those are non routable addresses, plus if you access one it is sent to the whole ethernet segment
[16:37] <toddf> it can be based on mac address
[16:38] <toddf> however, at isc.org for example, they do this:
[16:38] <toddf> /etc/hostname.em0:
[16:38] <toddf> inet6 fe80::1234
[16:38] <toddf> rtsol
[16:38] <toddf> and get a global v6 with ::1234 for that host
[16:38] <toddf> manually numbering hosts lower /64 bits but having the upper /64 bits auto configured
[16:39] <toddf> that only works if you do rtadvd (router) and rtsol (client) but it can be useful, some discourage since if you nubmer things from 0 its easy to discover hosts, but well, whatever
[16:39] <RandalSchwartz> ok - so I'll just let my eyes glaze over, and replace ipv6_defaultrouter=2607:f2f8:3080::1 with whatever up_the_irons says :)
[16:39] <up_the_irons> RandalSchwartz: yep :)
[16:39] <toddf> there are also some privacy things to change the link local also, randomly generate etc, the mac address is the default source of the lower /64 bits on a link local address though yes
[16:40] <RandalSchwartz> so the dead:beef:babe::1 address effectively goes away?
[16:41] <toddf> the thing to simply keep in mind is ... fe80::BLAH%em0 -> `on the local em0 link, link local addresses' .. ff02::BLAH%em0 -> `multicast on the local em0 link, link local addresses' .. 200X:BLAH -> global routable addresses
[16:41] <toddf> if you can reach a system on the local link, you can route to it, therefore unless the link local of the remote system changes, your default route doesn't need to change even if both you and the router renumber
[16:42] <RandalSchwartz> I eman, doesn't the router need some v6 number?
[16:42] <RandalSchwartz> or can it just use a virtual interface name, like I use em0?
[16:42] <toddf> the router has a fe80::...%em0 number you can set as your default route yes
[16:42] <toddf> `em0' is not an adddress its an interface
[16:42] <up_the_irons> toddf: hey, if I "ifconfig destroy vlanXXX" then "sh netstart vlanXXX" (with new settings in hostname.vlanXXX), will that bring up vlanXXX with the new settings?  any side effects I should know about?
[16:42] <toddf> $ ping6 -n -w ff02::1%em0
[16:42] <toddf> PING6(72=40+8+24 bytes) fe80::5054:ff:fe27:2122%em0 --> ff02::1%em0
[16:42] <toddf> 40 bytes from fe80::5054:ff:fe27:2122%em0: 0.v.freedaemon.com.
[16:42] <toddf> 44 bytes from fe80::5054:ff:fe27:9007%em0: s3.lax.arpnetworks.com.
[16:43] <toddf> guess what, s3.lax.arpnetworks.com aka fe80::5054:ff:fe27:9007%em0 is my v6 router on my local link, and thats what I set my default route to, works fine
[16:44] <RandalSchwartz> so this is me - fe80::5054:ff:fe27:2232%em0: red.stonehenge.com.
[16:44] <RandalSchwartz> and this is the router - fe80::5054:ff:fe27:9007%em0: s3.lax.arpnetworks.com.
[16:44] <RandalSchwartz> and that's how we'll route to each other?
[16:44] <toddf> up_the_irons: I've been around way too long and you'll realize this when I say this, but I am in a habit of 'ifconfig if down' 'ifconfig if destroy' 'sh /etc/netstart if' .. it used to cause issues sometimes, probably fixed by now, doesn't change my `be safe' habits
[16:44] <toddf> randalschwartz: that'd be my recommendation, yes
[16:44] <RandalSchwartz> will my number ever change?
[16:44] <up_the_irons> toddf: roger
[16:45] <toddf> I'm just a v6 guru client, up_the_irons can take the he.net attitude route and force global addresses to be in place and ping'able before the rest of the v6 is routed through, but he's turning out to not be so blind
[16:45] <up_the_irons> toddf: yeah i'm trying not to go that way; i'd rather do it proper now then have a thousand interfaces to change later
[16:46] <toddf> randalschwartz: if your em0 macaddr changes, it would be because up_the_irons set a different cmdline to his kvm instance; you can always do 'ifconfig em0 inet6 fe80::5054:ff:fe27:2232' on your em0 interface as the 1st thing done with it, and it'll use that as the link local
[16:46] <toddf> regardless of up_the_irons mac address tomfoolery
[16:46] <RandalSchwartz> but I can't just say "use em0 as my default route?"
[16:47] <RandalSchwartz> you can do that in v4
[16:47] <up_the_irons> toddf: or I could use fe80::1 and fe80::2, which is simpler, but I'm not sure what the ramifications could be down the road
[16:47] <toddf> he.net uses 2 global addresses in a point to point link when they could use link local, for every tunnel they have, seems like a waste of precious memory in their cisco concentrators ;-) hehehehe
[16:47] <toddf> randalschwartz: if it is a point to point link, you can, you can't broadcast to a v4 router on an ethernet segment and hope it picks up the packets and routes them, you need a router destination as far as I know
[16:48] <RandalSchwartz> ok
[16:48] <toddf> well, maybe if the v4 router responds to the broadcast address, but that seems rather hockey
[16:48] <toddf> I've configured `ip subnet zero' tomfoolery before, its way way way sad and strange
[16:49] <toddf> at 1and1 hosting for example, the openbsd net config is like this:
[16:49] <toddf>   /etc/hostname.nfe0:
[16:49] <toddf>   inet 74.208.X.X 255.255.255.255
[16:49] <toddf>  !route add -llinfo -iface -net 10.255.0.0/16 10.255.255.1 -ifp nfe0
[16:49] <toddf>   inet alias 74.208.X.X 255.255.255.255
[16:49] <toddf>   .. etc ..
[16:50] <toddf>  /etc/mygate:
[16:50] <toddf>   10.255.255.1
[16:50] <toddf> Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
[16:50] <toddf> default            10.255.255.1       UGS      112 1554310729     -     8 nfe0
[16:50] <toddf> 10.255/16          link#1             UCLS       1        0     -     8 nfe0
[16:50] <toddf> 10.255.255.1       00:00:0c:07:ac:00  UHLc       3        0     -     8 nfe0
[16:51] <toddf> thats just hockey .. but it lets them assign individual /32's to individual colos w/out wasting netmask and broadcast on each vlan .. such a pita though
[16:52] <toddf> finding arpnetworks that does things .. right .. in so many ways prior to my `suggestions' .. was a breth of fresh air
[16:52] <toddf> I even have a colo facility here in Oklahoma City that thinks putting all ethernet segments on the same vlan is ok with filter rules on the switch *sigh* .. I wish I could calculate the broadcast traffic they rack up against peoples bandwidth as a result ..
[16:53] <RandalSchwartz> so technically, if both upstream and I route via link local, he doesn't even need to assign the /64 as "live", right
[16:53] <toddf> so, its been fun folks, but I have someone who wants to see me at home -> http://todd.fries.net/pub/IMG00550-20100610-1103.jpg ;-) (incase anybody was wondering why I've been silent for the last 1.5 months, more or less..)
[16:53] <RandalSchwartz> just route the entire /48 to me, and I can either respond, or route it along?
[16:54] <toddf> pretty much, yes
[16:54] <RandalSchwartz> that would be easier to understand
[16:54] <toddf> however, if he has an ip on his router for the lowest /64 in your /48 .. his router would expect your global addresses to appear on the link also
[16:54] <RandalSchwartz> rather than having a special /64 that acts differently from teh rest
[16:55] <RandalSchwartz> ok
[16:55] <RandalSchwartz> well - do the right thing, whatever it is.
[16:55] <RandalSchwartz> I have to bounce from here.
[16:55] <toddf> aka its as if you had a 192.168.0.0/24 for routing, router = 192.168.0.1, you = 192.168.0.2
[16:55] <toddf> if he just did: route add 10.0.0.0/16 192.168.0.2
[16:56] <toddf> then you could have 10.0.X.X anywhere inside your vps or tunnel it out etc
[16:56] <toddf> however if he also had an alias on his router
[16:56] <toddf> 10.0.0.0/24
[16:56] <toddf> his router would look for 10.0.0.0-10.0.0.255 on the link
[16:56] <toddf> 10.0.0.1/24 .. rather
[16:58] <RandalSchwartz> ok - I'll be back online in a few... just gotta relocate to the happy hour location
[16:58] * RandalSchwartz wanders off
[16:58] <toddf> I'm explaining this all in terms of v4, but if you s/192.168.0./fe80::/g and s/10.0.0.0\/16/2607:f2f8:XXXX::\/48/g you start to get the idea
[16:59] <toddf> I'm heading home, so likely won't be responsive most of the evening
[17:00] <up_the_irons> toddf: thanks for all the great info
[17:02] *** fink has joined #arpnetworks
[17:14] <RandalSchwartz> ok - back
[17:14] <RandalSchwartz> but it looks like my 6 is gone
[17:14] <up_the_irons> RandalSchwartz: yeah i'm making the changes now
[17:14] <RandalSchwartz> Oh- I guess not
[17:14] <RandalSchwartz> it responds to pings
[17:24] <RandalSchwartz> do I need to use an alias to make em0 also be fe80::2/64 ?
[17:24] <RandalSchwartz> ... ipv6_addrs_em0="2607:f2f8:3080::/64 fe80::2/64"
[17:24] <RandalSchwartz> would that work?
[17:31] *** RandalSchwartz has quit IRC (Ping timeout: 240 seconds)
[17:35] *** RandalSchwartz has joined #arpnetworks
[17:35] <RandalSchwartz> well - I've managed to screw up my v6
[17:35] <RandalSchwartz> em0 has         inet6 fe80::2%em0 prefixlen 64 scopeid 0x1
[17:35] <RandalSchwartz> right?
[17:36] <bob^^> i never knew a 403 was quite so time consuming toddf ;)
[17:36] <RandalSchwartz> but it still says the way to fe80::2 is via lo0
[17:36] <RandalSchwartz> that can't be right
[17:36] <RandalSchwartz> how do I convince it to send via em0?
[17:37] <RandalSchwartz> and I can't ping6 fe80::1, so I surely can't add that as a default route
[17:37] <RandalSchwartz> what do I do next?
[17:38] <RandalSchwartz> ahh - via em0
[17:38] <RandalSchwartz> yeah, that's doing it
[17:38] <RandalSchwartz> now I have default route out
[17:39] <RandalSchwartz> and ping in!
[17:39] <RandalSchwartz> this implies ipv6_defaultrouter=fe80::1%80
[17:39] <RandalSchwartz> errr ipv6_defaultrouter=fe80::1%em0
[17:40] <RandalSchwartz> and ipv6_addrs_em0="2607:f2f8:3080::/64 fe80::2/64"
[17:40] <RandalSchwartz> can anyone verify that?
[17:41] <RandalSchwartz> is this mic on?
[17:41] <RandalSchwartz> hello?
[17:41] * bob^^ hears a faint echo
[17:41] <RandalSchwartz> I don't see toddf or up_the_irons talking back at me
[17:42] <up_the_irons> RandalSchwartz: i'm still trying this on my own vps
[17:42] <RandalSchwartz> Ahh.  lo0 is already fe80::1%lo0
[17:42] <RandalSchwartz> so maybe fe80::1 is a bad choice
[17:43] <up_the_irons> yeah i'm just noticing this also
[17:43] <RandalSchwartz> your default route will have to be explicitly fe80::1%em0
[17:43] <RandalSchwartz> which is why I went off the grid
[17:43] <up_the_irons> finally found the route command: sudo route add -inet6 default fe80::1 -prefixlen 64
[17:43] <RandalSchwartz> no that's not enough
[17:43] <RandalSchwartz> not for freebsd
[17:43] <RandalSchwartz> since there's already an fe80::1
[17:43] <RandalSchwartz> on lo0
[17:43] <up_the_irons> yeah i deleted those ;)  but yeah i see what you're saying
[17:44] <RandalSchwartz> maybe you should pick something like fe80:feed:feed:feed:feed
[17:44] <RandalSchwartz> and for my end fe80:f00d:f00d:f00d:f00d:f00d :)
[17:44] <up_the_irons> LOL
[17:44] <RandalSchwartz> or actually, it'd be cuter the other way around
[17:45] <RandalSchwartz> anyway, I have v6 at the moment
[17:45] <RandalSchwartz> Not sure if I did the right thing for a reboot, but it won't matter, as I say
[17:46] <RandalSchwartz> actually fe80:feed:feed:feed::1 and :;2 would be cool
[17:46] <RandalSchwartz> with a /64
[17:47] <RandalSchwartz> it'd clearly stand out in the docs :)
[17:47] <up_the_irons> RandalSchwartz: i'm going to change it to the auto-assigned link local
[17:47] <RandalSchwartz> but what if that changes?
[17:48] <RandalSchwartz> oh duh, you control both ends of that. :)
[17:48] <up_the_irons> yup
[17:48] <RandalSchwartz> this is a virtual world
[17:48] <up_the_irons> RandalSchwartz: what is the auto-assigned one btw
[17:49] <RandalSchwartz> ... fe80::5054:ff:fe27:2232
[17:49] <up_the_irons> thanks
[17:49] <RandalSchwartz> and yours is fe80::5054:ff:fe27:9007
[17:49] <RandalSchwartz> looks like it's derived from the linklayer
[17:50] <up_the_irons> RandalSchwartz: yes, use "fe80::5054:ff:fe27:9007" as your default gateway
[17:50] <RandalSchwartz> so should I go ahead and update that for mine?
[17:50] <RandalSchwartz> ok
[17:50] <up_the_irons> RandalSchwartz: where did it say that btw?
[17:50] <RandalSchwartz> I looked at "ndp -a"
[17:50] <RandalSchwartz> that's like "arp -a" for ipv6
[17:51] <up_the_irons> ah right
[17:51] <RandalSchwartz> ok - after the change, no v6 for now
[17:52] <up_the_irons> RandalSchwartz: what does your interface and routing table look like?
[17:53] <RandalSchwartz> I left em0 off
[17:53] <RandalSchwartz> hold on
[17:53] <RandalSchwartz> nope.  still can't ping 9007
[17:54] <RandalSchwartz> ... default                           fe80::5054:ff:fe27:9007%em0   UGS         em0
[17:55] <up_the_irons> can i see your em0
[17:55] <RandalSchwartz> ...         inet6 fe80::5054:ff:fe27:2232%em0 prefixlen 64 scopeid 0x1
[17:55] <RandalSchwartz> oh wait, there might be a bad route still
[17:56] <RandalSchwartz> hmm.  I have an fe80::/10 via lo0
[17:58] <RandalSchwartz> otherwise it looks like it *should* work
[17:59] <RandalSchwartz> I can ping myself at the %em0
[17:59] <up_the_irons> yeah i'm still trying to get mine own test vps set up
[17:59] <RandalSchwartz> rats. the other one *was* working :)
[18:01] <up_the_irons> yeah, gotta be something simple...
[18:02] <up_the_irons> ah, the %em0 is important
[18:02] <up_the_irons> ping6 fe80::5054:ff:fe27:9007%em0
[18:02] <up_the_irons> that works for me
[18:02] <up_the_irons> but not without
[18:02] <RandalSchwartz> yes
[18:02] <RandalSchwartz> because of that %lo0 entry
[18:02] <up_the_irons> ah!
[18:02] <up_the_irons> default                           fe80::5054:ff:fe27:9007       UGS         lo0
[18:02] <up_the_irons> yeah
[18:02] <RandalSchwartz> so maybe you should pick something that isn't in fe80::/10
[18:02] <up_the_irons> it says lo0
[18:02] <RandalSchwartz> see there ya are
[18:03] <up_the_irons> nah, fe80:: is _the_ link-local subnet
[18:03] <RandalSchwartz> ok
[18:03] <up_the_irons> not sure why freebsd puts the /10 on lo0
[18:03] <RandalSchwartz> but you have to fully qualify which link :)
[18:03] <fink> hi guys
[18:04] <fink> anybody run voip stuff on their arps?
[18:04] <up_the_irons> the auto-assigned link-local addresses are supposed to be the ones to route over.  if i get rtadvd running, then your box _should_ automatically get the default route, etc...
[18:04] <RandalSchwartz> so do you think it should work now?
[18:04] <up_the_irons> RandalSchwartz: i'm rebooting mine and i will see...
[18:05] <RandalSchwartz> well, did you change your end pointing at me?
[18:05] <RandalSchwartz> to use my virt net?
[18:05] <RandalSchwartz> virt if?
[18:05] <RandalSchwartz> I think that's what I was missing before
[18:05] <RandalSchwartz> you've got confusion at your end about fe80::/10 like I did
[18:06] <up_the_irons> RandalSchwartz: my end pointing at you is now: fe80::5054:ff:fe27:2232
[18:06] <RandalSchwartz> yeah, I can't hit 9007 yet
[18:06] <RandalSchwartz> with %someif ?
[18:06] <up_the_irons> RandalSchwartz: perhaps if we did fe80::2%em0 (qualified it), it would have worked, before, but oh well
[18:06] <up_the_irons> RandalSchwartz: try -- ping6 fe80::5054:ff:fe27:9007%em0
[18:06] <RandalSchwartz> it *did* work before
[18:06] <RandalSchwartz> I am.  fail.
[18:07] <up_the_irons> lol
[18:07] <up_the_irons> ok, i got my test vps working
[18:07] <RandalSchwartz> so what else did you change?
[18:07] <RandalSchwartz> I have default                           fe80::5054:ff:fe27:9007%em0   UGS         em0
[18:07] <up_the_irons> i only have a /64 routed to it, but /48 would be similar
[18:08] <up_the_irons> here's my rc.conf:
[18:08] <up_the_irons> ipv6_enable="YES"
[18:08] <up_the_irons> ipv6_defaultrouter="fe80::5054:ff:fe27:9007%em0"
[18:08] <up_the_irons> ipv6_ifconfig_em0="2607:f2f8:d00d::2 prefixlen 64"
[18:08] <up_the_irons> i have:
[18:08] <up_the_irons> default                           fe80::5054:ff:fe27:9007%em0   UGS         em0
[18:08] <RandalSchwartz> yes - that's what I have
[18:08] <up_the_irons> ok, check
[18:08] <up_the_irons> what does your ifconfig em0 look like?
[18:09] <RandalSchwartz> ...         inet6 fe80::5054:ff:fe27:2232%em0 prefixlen 64 scopeid 0x1
[18:09] <RandalSchwartz> inet6 2607:f2f8:3080:: prefixlen 64
[18:09] <RandalSchwartz> I cannot ping fe80::5054:ff:fe27:9007%em0
[18:09] <RandalSchwartz> my default gateway
[18:09] <RandalSchwartz> so maybe packets aren't coming back to me
[18:09] <RandalSchwartz> do you have the right interface on my return route?
[18:09] <up_the_irons> yeah strange
[18:09] <up_the_irons> yeah
[18:10] <up_the_irons> your vlan on my end:
[18:10] <up_the_irons> vlan232: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
[18:10] <up_the_irons>         lladdr 52:54:00:27:90:07
[18:10] <up_the_irons>         vlan: 232 priority: 0 parent interface: em0
[18:10] <up_the_irons>         groups: vlan
[18:10] <up_the_irons>         inet6 fe80::5054:ff:fe27:9007%vlan232 prefixlen 64 scopeid 0x122
[18:10] <RandalSchwartz> and your route?
[18:10] <RandalSchwartz> netstat -rn | grep vlan232 :)
[18:11] <up_the_irons> 2607:f2f8:3080::/48                fe80::5054:ff:fe27:2232%vlan232 UGS        0        0     -    48 vlan232
[18:11] <up_the_irons> fe80::%vlan232/64                  link#290                       UC         0        0     -    48 vlan232
[18:11] <up_the_irons> fe80::5054:ff:fe27:9007%vlan232    52:54:00:27:90:07              UHL        0        0     -    48 lo0
[18:12] <up_the_irons> ff01::%vlan232/32                  link#290                       UC         0        0     -    48 vlan232
[18:12] <up_the_irons> ff02::%vlan232/32                  link#290                       UC         0        0     -    48 vlan232
[18:12] <RandalSchwartz> can you ping me?
[18:13] <RandalSchwartz> oh wait.
[18:13] <RandalSchwartz> I think I see it
[18:13] <RandalSchwartz> no no
[18:13] <RandalSchwartz> yeah, I'm routed to :9007
[18:13] <up_the_irons> no i can't ping you
[18:13] <RandalSchwartz> wait - where's the route to my /48
[18:13] <RandalSchwartz> oh - first line
[18:13] <up_the_irons> yeah
[18:13] <up_the_irons> regardless of /48, we need to see why the local link isn't pinging :)
[18:14] <up_the_irons> this probably won't make you feel better, but to get mine working, i rebooted the vps
[18:14] <RandalSchwartz> sure - noidea
[18:14] <RandalSchwartz> i'd rather not reboot, of course
[18:14] <up_the_irons> yeah
[18:15] <RandalSchwartz> ahh, screw it... I'll try a reboot... but let's verify my rc.conf
[18:16] <RandalSchwartz> .. fe80::5054:ff:fe27:9007%em0
[18:16] <RandalSchwartz> oops.
[18:16] <RandalSchwartz> ipv6_enable=YES
[18:16] <RandalSchwartz> ipv6_gateway_enable=YES
[18:16] <RandalSchwartz> crap
[18:16] <RandalSchwartz> can't paste here
[18:16] <up_the_irons> hehe
[18:16] <RandalSchwartz> ... ipv6_enable=YES
[18:16] <RandalSchwartz> ... ipv6_defaultrouter=fe80::5054:ff:fe27:9007%em0
[18:16] <RandalSchwartz> ... ipv6_addrs_em0="2607:f2f8:3080::/64"
[18:16] <RandalSchwartz> ... ipv6_gateway_enable=YES
[18:17] <RandalSchwartz> and off we go... reboot land
[18:17] <up_the_irons> RandalSchwartz: try /48
[18:17] <RandalSchwartz> oops.
[18:17] <RandalSchwartz> yeah, lemme fix
[18:17] <up_the_irons> RandalSchwartz: just to be consistent, until we know the link local works
[18:18] <RandalSchwartz> didn't help
[18:18] <RandalSchwartz> but rebooting
[18:18] <up_the_irons> k
[18:18] <infrared> freebsd?  why not just /etc/rc.d/network restart ?
[18:18] <up_the_irons> infrared: we're having problems with new ipv6 config
[18:18] *** RandalSchwartz has quit IRC (Remote host closed the connection)
[18:18] <infrared> o
[18:20] <up_the_irons> there we go!
[18:21] <up_the_irons> PING6(56=40+8+8 bytes) fe80::5054:ff:fe27:9007%vlan232 --> fe80::5054:ff:fe27:2232%vlan232
[18:21] <up_the_irons> 16 bytes from fe80::5054:ff:fe27:2232%vlan232, icmp_seq=73 hlim=64 time=0.964 ms
[18:21] <up_the_irons> 16 bytes from fe80::5054:ff:fe27:2232%vlan232, icmp_seq=74 hlim=64 time=0.54 ms
[18:21] <up_the_irons> 16 bytes from fe80::5054:ff:fe27:2232%vlan232, icmp_seq=75 hlim=64 time=0.543 ms
[18:21] <bob^^> reboot fix it ?!
[18:21] *** RandalSchwartz has joined #arpnetworks
[18:21] <RandalSchwartz> v4 came up, v6 still no go
[18:21] <up_the_irons> RandalSchwartz: but i can ping you now
[18:22] <up_the_irons> PING6(56=40+8+8 bytes) fe80::5054:ff:fe27:9007%vlan232 --> fe80::5054:ff:fe27:2232%vlan232
[18:22] <up_the_irons> 16 bytes from fe80::5054:ff:fe27:2232%vlan232, icmp_seq=0 hlim=64 time=0.496 ms
[18:22] <up_the_irons> 16 bytes from fe80::5054:ff:fe27:2232%vlan232, icmp_seq=1 hlim=64 time=0.457 ms
[18:22] <RandalSchwartz> and I you
[18:22] <RandalSchwartz> now why aren't the routes working further out
[18:23] <RandalSchwartz> ahh - my external address didn't get assigned
[18:23] <up_the_irons> ah
[18:24] <RandalSchwartz> bingo
[18:24] <RandalSchwartz> I have pingo!
[18:24] <RandalSchwartz> correct ip6 when outbound as well
[18:25] <up_the_irons> :)
[18:27] <RandalSchwartz> and yup, traceroute6 to my laptop works
[18:27] <RandalSchwartz> (gotta love teredo
[18:27] <RandalSchwartz> ipv6 anywhere
[18:27] <up_the_irons> now you can assign /64's around to different devices
[18:27] <bob^^> ugh, unless you're behind a hotspot
[18:27] <RandalSchwartz> indeed
[18:27] <bob^^> then it goes mental
[18:27] <RandalSchwartz> no - I'm behind a hotspot
[18:27] <RandalSchwartz> and it's working fine
[18:28] <bob^^> uh huh
[18:28] <RandalSchwartz> if you're *two* layers down, that's hard
[18:28] <bob^^> a hotspot where you have a public address without having been logged in
[18:28] <bob^^> a public ipv4
[18:28] <bob^^> it goes nuts
[18:28] <RandalSchwartz> oh
[18:28] <bob^^> :)
[18:28] <RandalSchwartz> never seen that
[18:28] <bob^^> it's unusual, tbh :)
[18:31] <RandalSchwartz> ok - looks like all is good
[18:31] <RandalSchwartz> thanks for helping me diagnose it
[18:31] <RandalSchwartz> too bad it took a reboot, but that fixed it
[18:32] <RandalSchwartz> I don't see anything obviously different in the route table or the ifconfig
[18:32] <RandalSchwartz> but there ya go
[18:32] <infrared> uptimes shmuptimes
[18:32] <RandalSchwartz> oh - I see it!
[18:32] <RandalSchwartz> I now have a route for fe80::%em0/64
[18:32] <RandalSchwartz> didn't ahve that before
[18:32] <RandalSchwartz> that would have done it
[18:33] <RandalSchwartz> without that, there would have been no route to the router
[18:33] <up_the_irons> RandalSchwartz: yeah, all those little things get set up by /etc/rc and we forget we have to do it
[18:33] <up_the_irons> manually
[18:33] <up_the_irons> if no reboot is desired
[18:39] <RandalSchwartz> indeed
[18:39] <RandalSchwartz> anyway, all good now
[18:39] <RandalSchwartz> I can move on to the next most important task :)
[18:39] <fink> hi RandalSchwartz
[18:40] <RandalSchwartz> hey fink
[18:42] <up_the_irons> RandalSchwartz: cool
[18:51] *** amdprophet has joined #arpnetworks
[18:53] <amdprophet> up_the_irons: sent a support ticket thinger, i can't send e-mails to you directly because your e-mail server checks reverse dns
[18:53] <up_the_irons> amdprophet: lol, get that fixed ;)
[18:53] <RandalSchwartz> hey up_the_irons - did you see that he.net is now offering free reverse dns and secondary dns?
[18:53] <amdprophet> that's what the support ticket is about :P
[18:54] <up_the_irons> RandalSchwartz: nope
[18:54] <RandalSchwartz> yeah - up to 25 domains
[18:54] <up_the_irons> amdprophet: ah :)
[18:54] <up_the_irons> interesting
[18:54] <RandalSchwartz> so if someone is asking "where do I get offsite secondary", tell them he.net
[19:00] <infrared> up_the_irons: you're at he.net?
[19:00] <up_the_irons> infrared: ?
[19:01] <infrared> your machines
[19:02] <RandalSchwartz> no
[19:02] <RandalSchwartz> they're in a cage
[19:02] <RandalSchwartz> because they're wild
[19:02] <infrared> whoa
[19:02] <RandalSchwartz> the cage is a few blocks from me :)
[19:04] <toddf> randalschwartz: wonder what he.net is getting out of the free dns offerings ..
[19:04] <toddf> publicity but ..
[19:04] <RandalSchwartz> more publicity
[19:04] <RandalSchwartz> yes
[19:04] <toddf> doesn't add enough in my book
[19:04] <RandalSchwartz> well - if you go to them for that
[19:04] <infrared> freedns.afraid.org++
[19:04] <RandalSchwartz> you might by transit from them
[19:04] <toddf> *shrug* guess automation makes it cheap enough
[19:04] <RandalSchwartz> buy
[19:04] <RandalSchwartz> yeah
[19:05] <toddf> if I were in the transit buying game, I'd be looking at quality and price points and nothing else
[19:05] <RandalSchwartz> Yeah - I have a half dozen things at at afraid
[19:05] <jdoe> toddf: free hosting or free lookups?
[19:05] <RandalSchwartz> I'll be moving them to he.net soon
[19:05] <jdoe> oh, hosting.
[19:05] <RandalSchwartz> he.net is also the biggest provider of teredo transit
[19:06] <RandalSchwartz> pretty much if you get on teredo, you're on he.net
[19:06] <amdprophet> up_the_irons: is there any chance you'll be able to delegate rdns to our nameservers tonight?
[19:06] <up_the_irons> amdprophet: yeah sure
[19:06] <RandalSchwartz> that's because, I think, teredo.ipv6.microsoft.net is in fact a he.net machine
[19:06] <amdprophet> sweet :D
[19:07] <RandalSchwartz> at least, it's just one hop from he.net
[19:07] <up_the_irons> infrared: my machines are in my own cage at CoreSite (aka CRG West, aka One Wilshire)
[19:07] <RandalSchwartz> One Wilshire is clearly labeled for a few miles distance :)
[19:08] <RandalSchwartz> My hotel room is on the 28th floor of the north tower of the Westin, however
[19:08] <RandalSchwartz> so I'm looking the wrong way each night. :)
[19:08] <RandalSchwartz> I'm facing pasadena
[19:08] <RandalSchwartz> and the dodgers stadium
[19:09] <RandalSchwartz> the bedroom has power outlets... down by the tv at the foot of the bed, and not up near the headboard
[19:09] <RandalSchwartz> so I asked for an extension cord
[19:38] *** fink has quit IRC (Quit: fink)