IPv6Freely: yeai dont mind messing with a server (even then, not a fan - id rather get it working and not touch it) nesta: oh I love fiddlin
hehe
in fact
mine is currently broke
as a result IPv6Freely: yep, understood.. many do. Just not me :P
i dont use osx because im stupid (as the win/linux people say), but because im lazy... in that regard, at least. nesta: I think windows it the 'hardest' of the lot
overall anyway IPv6Freely: well part of it is that i dont like the whole open source philosophy nesta: oh you don't?
aw okay IPv6Freely: no. Sharing code and such is wonderful... it really is... im all about sharing knowledge
But when software A depends on software B being version x, and software C depends on software B being version y, and something breaks... ARGH.
Similar situation with java... i could run my packetshaper gui, but not my firewall gui, because each depended on a different version of java being installed. drove me nuts having to run a VM for one of them
kind of an offtopic example, but same idea up_the_irons: I think "dependencies" is high up there in the Reasons for Computer Frustration "Hall of Fame" IPv6Freely: As I've always said "Linux works great, until it doesnt"
I always hear about how well ubuntu works and how easy it is... which is fine, until something breaks. Then you're screwed.
Unless you know what you're doing. nesta: lol.. in which case you are not screwed
bit of a conundrum that
so basically, IPv6Freely, you are saying RTFM?
:) IPv6Freely: But an OS thats supposedly computer illiterate friendly and so easy to use that requires you to know what youre doing to fix problems... well.. thats kind of a contradiction nesta: hmm up_the_irons have you ever put NetBSD on a vps for anyone? up_the_irons: nesta: no IPv6Freely: up_the_irons: make my damn vps :P
<3 nesta: okay, do you know is the IPV6 setup on OpenBSD similar to that on FreeBSD ?
google is not much use atm :S IPv6Freely: mmm native ipv6 on arp... woot up_the_irons: IPv6Freely: patience patience. i have a large order in front of you, an existing customer ordered 6 more VMs. After I'm done with that order, I'll move into yours and the others I got this morning nesta: yes, it rox my sox up_the_irons: IPv6Freely: :) IPv6Freely: oh darn. no worries i guess up_the_irons: nesta: it is not really the same, config files are very different nesta: yeah up_the_irons: IPv6Freely: you'll be set up in the next couple hours though, no problem nesta: okay I guess it is re-install time for me hehe -: up_the_irons gets back to work nesta: damn MAC/ACL have screwed me
;-/ IPv6Freely: no problem up_the_irons ill be asleep im sure. :) up_the_irons: :) IPv6Freely: 64-bit fbsd8 right? up_the_irons: yeah IPv6Freely: cool ***: nakano_ is now known as nakano -: nesta twiddles thumbs while the OS re-installs ***: LT has joined #arpnetworks
Lefty has joined #arpnetworks up_the_irons: IPv6Freely: your VPS is baking... nesta: mmmh baked VPS
yummy ***: schmir has joined #arpnetworks IPv6Freely: wooooo
what do you guys use for vnc on osx? nesta: IPv6Freely: use chicken of the vnc
it's the only one that works lol
no copy paste function IPv6Freely: k
stupid question time
how do i use F12 with a mac keybord? function+F12 just brings up my osx dashboard :S ***: Lefty has quit IRC (Remote host closed the connection) IPv6Freely: got it, just unmapped function+F12 since F4 does dashboard anyway
heh so much for following that zfs tutorial up_the_irons: IPv6Freely: ZFS tutorial no good? IPv6Freely: i try gpart destroy ad0 and it says device busy up_the_irons: i c IPv6Freely: i suck at the internet up_the_irons: haha IPv6Freely: i guess i cant follow this word for word afterall ***: Lefty has joined #arpnetworks IPv6Freely: aha! magic
"gpart delete -i 1 ad0" first :)
apparently i win at the internet... or at least my google-fu is strong dbgi: you are funny and silly hehe :P IPv6Freely: damn it, i got it to work all the way down to "zfs unmount -a"
wooo all done -: dxtr just came back from work ***: ziyourenxiang has joined #arpnetworks nesta: argh
up_the_irons: are you around? ***: ziyourenxiang has quit IRC (Quit: ziyourenxiang)
rVn_- has quit IRC (Quit: bye.)
schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
vtoms has joined #arpnetworks
RandalSchwartz has joined #arpnetworks RandalSchwartz: where is the server physically located? I'm updating my geo record for stonehenge.com
wilshire annex, or something like that awyeah: Is there an easy way to do dynamic DNS with BIND? bob^^: from dhcp or something else? awyeah: it would have to be a remote update client.
Similar to the way dyndns or no-ip works. RandalSchwartz: a bit of googling - http://www.oceanwave.com/technical-resources/unix-admin/nsupdate.html
You Too can Google On Your Own for such Tasty Treats!(tm) bob^^: oh - nsupdate would be my recommendation
http://linux.yyz.us/nsupdate/ RandalSchwartz: I just googled for "bind dyndns"
many hundreds of hits bob^^: is a useful link awyeah: Cool.
Or... are there any services out there that will not charge me to delegate a subdomain for dynamic DNs. bob^^: i do it the cheating way awyeah: freedns.afraid.org looks promising.
also, they run FreeBSD.
CNAME? :) bob^^: :)
saves a lot of hassle ;) awyeah: yeh. maybe I should just do that. lots easier. ***: nakano is now known as nakano_
LT has quit IRC (Quit: Leaving)
vtoms has quit IRC (Quit: Leaving.)
vtoms has joined #arpnetworks IPv6Freely: sooo... i did the zfs freebsd tutorial, but now no ssh to my vps :( jdoe: anyone who can answer a possibly dumbassed xmonad question? RandalSchwartz: IPv6Freely - did you remember to enable ssh? :)
you have to add that to /etc/rc.conf jdoe: installed it on the current ubuntu. The xmonad xsession it sets up works, but is ... barren. Xmonad doesn't seem particularly happy running inside of gnome though. When I change the wm from metacity -> xmonad with gconftool it ... works... sort of? As soon as gnome starts it seems to trample all over xmonad though.
draws the background over xmonad, hijacks keyboard etc. RandalSchwartz: ... sshd_enable=YES
you should be able to log in on the console though
that's not ssh
even though you're sshing to get there. :) -: RandalSchwartz stops talking until IPv6Freely faces this way again IPv6Freely: RandalSchwartz: haha nope, never put that in.
im used to default installs where everything is just done for you in sysinstall :P RandalSchwartz: so you should be able to access the login prompt on the console IPv6Freely: yea console is no problem RandalSchwartz: and login as root from there
then fix everything else IPv6Freely: ok freebsd noob question - can i apply the changes i made in rc.conf without rebooting? RandalSchwartz: sorta
if you know which rc.d they map to, yes
you can say /etc/rc.d/sshd start, for example
for something installed from ports, it's in /usr/local/etc/rc.d/something
with a few exceptions, MUMBLE_enable maps to [/usr/local]/etc/rc.d/MUMBLE start IPv6Freely: yea i know about that stuff
so its just a matter of manually starting whichever daemon ive changed RandalSchwartz: I imagine you could just run /etc/rc, but that might have nasty second-time consequences IPv6Freely: fair enough, thanks RandalSchwartz: I never trust running initialization twice :) IPv6Freely: yeah understood -: RandalSchwartz wanders off IPv6Freely: haha thanks man :) ssh working now jdoe: crisis averted. -: jdoe stabs haskell ***: cedwards has quit IRC (Changing host)
cedwards has joined #arpnetworks
vtoms has quit IRC (Quit: Leaving.) jdoe: ... and somehow it broke sound. Haha. ***: vtoms has joined #arpnetworks awyeah: yeh
don't run /etc/rc :)
It does a lot of things.
some of which you may not want ) bob^^: especially if you're remotely connected ;) awyeah: hahah right.l nesta: wb RandalSchwartz
mmm does anyone here know.. if I install a base 8.0 system can I just csup source for 8.1 and upgrade straight to it or do I have to update the 8.0 first and then go to 8.1 ? RandalSchwartz: I didn't see anything in the 8.1 release notes that would imply that you had to be at the very latest 8.0
... http://www.freebsd.org/releases/8.1R/announce.html nesta: cheers RandalSchwartz
I musta done some voodoo on my install yesterday, no idea why it went all pear shaped
hehe
try try again as they s ay RandalSchwartz: and this - http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
and /usr/src/UPDATING, apparently awyeah: poop.
shit. ***: awyeah has quit IRC (Quit: EPIC5-1.1.2[1638] - amnesiac : A)bort, R)etry, I)gnore, V)alium?) nesta: yeah I can buildworld in my sleep pretty much
but post install things were very odd
nice quit msg there ***: awyeah has joined #arpnetworks nesta: wb awyeah awyeah: Something got screwed up with my terminal and I couldn't fix it.
and why the hell do I not ever resolve
Can any of you resolve my address to the proper hostname? RandalSchwartz: what's your address? :) awyeah: oh
2607:f2f8:7400::2 nesta: yes it resolves for me RandalSchwartz: did you get DNS delegated yet? nesta: Non-authoritative answer:
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.8.f.2.f.7.0.6.2.ip6.arpa name = excelsior6.awyeah.net. awyeah: Yeah. then why can't freenode resolve it. RandalSchwartz: I got NXDOMAIN for that same query awyeah: wtf. RandalSchwartz: so maybe it depends on which nameserver nesta: does ZFS work with multiple partitions? awyeah: Weird. I haven't updated my DNS in a long time.
RandalSchwartz - can you dig it? RandalSchwartz: do you have a secondary that isn't refreshing?
what's the dig syntax? nesta: dig 2607:f2f8:7400::2 AAAA IPv6Freely: i need to get dns working for ipv6 on my vps nesta: yeh dig is not work for me awyeah RandalSchwartz: yeah dig can't find either awyeah: So you got NXDOMAIN on dig?
hrmph. nesta: nslookup worked for me though RandalSchwartz: I get no answer
how does dig show NXDOMAIN?
sorry, I always use "host" not "dig" now awyeah: dig doesn't even work for me when I use @localhost on my box.
weird. RandalSchwartz: hah - this time with +trace on, I see it goes to arp, and arp delegates to 206.125.173.26 and 202.157.182.142
maybe one of those aren't refreshed IPv6Freely: i need to buy a domain name to use with my vps nesta: all of my domains suck :-/
hehe
I was drunk when I bought most of them IPv6Freely: i really want to get ipv6 going on mine, but i dont know how ipv6 dns works RandalSchwartz: ahh - this is interesting - http://www.intodns.com/0.0.4.7.8.f.2.f.7.0.6.2.ip6.arpa IPv6Freely: but id absolutely love having a website on ipv6 :) RandalSchwartz: see the red fails down below
ns1.awyeah.net is not responding to dns awyeah: hmmmmm IPv6Freely: i could do ipv6freely.com :P awyeah: Still can't figure out what's going on. weird. RandalSchwartz: you mean you think ns1.awyeah.net is responding?
or you don't know why it isn't?
what part of "what's going on" are you missing? awyeah: I'm pretty sure the nameserver is responding, try again (it's the box I'm on, and when I loaded the intodns.com page it worked)
i'm also having issues with my dig syntax RandalSchwartz: dig +trace stopped before finishing too awyeah: hrm. RandalSchwartz: gave two nameservers for 0.0.4.7.8.f.2.f.7.0.6.2.ip6.arpa.
but then nothing past them awyeah: what was your full command line? RandalSchwartz: oops - getting pulled into meeting
sorry awyeah: well first, I had a bad record in the forward DNS for awyeah.net.
according to http://dnssy.com/report.php?q=0.0.4.7.8.f.2.f.7.0.6.2.IP6.ARPA
the NS records are different between my stuff and ARP's stuff
and crappers, my nameserver didn't appear to return an SOA record. ***: vtoms has quit IRC (Remote host closed the connection)
vtoms has joined #arpnetworks
vtoms has left
schmir has joined #arpnetworks up_the_irons: jdoe: xmonad works great with gnome on Lucid, but I didn't enable it with gconftool. Instead I followed: http://www.haskell.org/haskellwiki/Xmonad/Using_xmonad_in_Gnome under "2.1 A Simple Hybrid Alternative"
RandalSchwartz: server is physically located at: 900 N. Alameda, Los Angeles, CA 90012 ***: vtoms has joined #arpnetworks
vtoms has left RandalSchwartz: cool. now I just need to get lat/lon for that dxtr: up_the_irons: Hey, could you check something for me real quick+ RandalSchwartz: 34.058682, -118.235303
and now convert that to HMS dxtr: up_the_irons! Fine! Ignore me then .) awyeah: 03-Aug-2010 14:43:12.646 security: info: client 173.88.161.245#64606: query (cache) '2607:f2f8:7400::2/PTR/IN' denied
Why the hell is it denying! jdoe: up_the_irons: yeah that wasn't the issue. awyeah: I wonder if it thinks it isn't authoritative for that. jdoe: up_the_irons: if I started xmonad from "xmonad.desktop" it worked fine, and fucked up as soon as I ran /etc/X11/Xsession or whatever.
I needed to tweak xmonad.hs to tell it to give space for the gnome panels etc. up_the_irons: jdoe: ah yeah, import GnomeConfig or some shit
i had to do that too dxtr: You said shit! up_the_irons: shit dxtr: You said shit! up_the_irons: ... -: dxtr giggles awyeah: shitshitshitshitshit
:( dxtr: You couldn't be awesome and see if you actually got my money? I got a receipt but can't for the love of god find something to you in my bank log
up_the_irons up_the_irons: dxtr: if you got a receipt, you were charged dxtr: well then
Problem solved :P jdoe: up_the_irons: not sure if GnomeConfig alone does it, or if I needed the manageHooks crap
either way, it was a disappointing experience with a distro package :P up_the_irons: jdoe: you need a couple other lines, yeah ***: IPv6Free1y has joined #arpnetworks IPv6Free1y: ahoy ***: IPv6Freely has quit IRC (Quit: leaving)
IPv6Free1y is now known as IPv6Freely
IPv6Freely has quit IRC (Changing host)
IPv6Freely has joined #arpnetworks jdoe: up_the_irons: yeah I dunno. I'm sure I'll give it another shot, xmonad.hs is just so ... it makes perl look like prose.
I needed to stop fucking around and get some work done :P up_the_irons: jdoe: LOL. Haskell is funny, you either love it or hate it. All the funny operators go over my head. i'm just smart enough to copy & paste the right stuff, and change some lines to do what i want jdoe: up_the_irons: it's not really that I love it or hate it, it's that it means nothing to me.
up_the_irons: so I can cut and paste shit from the example configs and have it mostly work. Maybe. And have no idea what any of it actually does.
ie "layoutHook = avoidStruts $ layoutHook gnomeConfig"
wtf is that. up_the_irons: jdoe: welcome to xmonad :) jdoe: no kidding.
haha. up_the_irons: jdoe: yeah, no idea; it just seems to work :) RandalSchwartz: Haskell makes Perl look sane. :) dxtr: Or is it Perl that makes Haskell look insane? jdoe: or <+> which I gather is some sort of operator, but... no idea what it does. RandalSchwartz: it's a tie fighter :) up_the_irons: jdoe: i'm still wondering what "|||" does ;) RandalSchwartz: "illogical or" up_the_irons: double wall jdoe: lol nesta: hi up_the_irons jdoe: "illogical or", I like that. nesta: sorry for all this messing
;/
ie. OpenBSD requests
lol
bbiab awyeah: what. the. hell!
I think my nameserver thinks it isn't authoritative for the reverse stuff.
When I do allow-recursion { any }; - then I try to look it up, i get NXDOMAIN
otherwise it refuses it ***: nuke` has quit IRC (Ping timeout: 240 seconds)
schmir has quit IRC (Ping timeout: 258 seconds) -: awyeah gives up awyeah: Okay. So it doesn't think it's authoritative for any of my reverse zones.
But all of my forward zones are A-OKAY RandalSchwartz: awyeah - can you pastebin the relevant lines from your masterconf IPv6Freely: wooo irssi on my new vps RandalSchwartz: zone "0.8.0.3.8.f.2.f.7.0.6.2.ip6.arpa" { type master; file "master/2607:f2f8:3080"; };
that's what I have IPv6Freely: RandalSchwartz: is that your zfs tutorial? RandalSchwartz: no - this is to help awyeah IPv6Freely: no im askig if you wrote that RandalSchwartz: nope. where is it?
Ahh - it was cribbed from this channel though :) IPv6Freely: oh. http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/
I couldnt do the gpart destroy ad0 without doing gpart delete -i 1 ad0 first RandalSchwartz: I thought you meant this - http://wiki.arpnetworks.com/wiki/ZFSonFreeBSD
Yes - you have to add that. I should update that wiki page
since the disks come already configured IPv6Freely: yea
also right at the end where it says "zfs unmount -a" i couldnt do that, said device busy
i could do all the set mountpoint lines too, except the legacy line
But... my install seems to be working awyeah: Yes that's my syntax as well
It also doesn't think it's authoritative for my IPv4 PTRs. ***: sbp_ has quit IRC (Quit: ( www.nnscript.com :: NoNameScript 4.22 :: www.esnation.com )) RandalSchwartz: IPv6Freely - did you cd out of zroot
and were you also out of the chroot shell?
perhaps you didn't exit the chroot shell
awyeah - can you pastbin your zone file?
maybe I can compare it to mine IPv6Freely: RandalSchwartz: i typed everything exactly as written
Not that that answers your questions, but yeah. awyeah: omfg.
dig @localhost -t PTR 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.8.f.2.f.7.0.6.2.IP6.ARPA IPv6Freely: Oh well, the only thing i wasnt able to do is "zfs set mountpoint=legacy zroot", but my install seems to be working fine awyeah: ;; ANSWER SECTION:
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.8.f.2.f.7.0.6.2.IP6.ARPA. 172800 IN PTR excelsior6.awyeah.net. RandalSchwartz: it probably presumed legacy, or something ***: UncooL has joined #arpnetworks awyeah: Anyway, so I'm pretty sure that I am configured properly now.
up_the_irons - any chance you can check your reverse delegation for the subnets assigned to my VPS? RandalSchwartz: awyeah - my dig worked
no wait
failed
no - worked
darn it - I don't grok dig very well awyeah: heheh ***: UncooL has quit IRC (Quit: .)
awyeah has quit IRC (Quit: Reconnecting) RandalSchwartz: uh - weird. host failed
but dig worked
are you sure you have dots in the right places in your reverse? ***: awyeah has joined #arpnetworks RandalSchwartz: can you please paste your master zone somewhere?
it tried to look up a name under my default domain
which clearly, your name shoudln't be awyeah: just a quick sec. Check this out. RandalSchwartz: querying my own reverse worked fine awyeah: dig -x 2607:f2f8:7400::2 +trace
You get a good answer (excelsior6.awyeah.net)
if you don't do +trace, you don't get a good answer. RandalSchwartz: yeah, that's similar to what I'm seeing awyeah: I bet that when you use +trace, it goes and looks it up at each nameserver
when you don't, it just looks it up at your nameserver. RandalSchwartz: ahh, might be a bad cache
but still, something is different... because your names are trying to be looked up under my default domain
I think you left out a period somewhere.
it's easy to miss.
You *do* have '.' after all your NS hosts, right?
like for me, it's NS red.stonehenge.com.
and NS ns1.he.net. awyeah: Yes RandalSchwartz: note the ending periods
and then I have:
$ORIGIN 0.0.0.0.0.8.0.3.8.f.2.f.7.0.6.2.ip6.arpa. 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR red.stonehenge.com. nesta: ugh
ffs
hi up_the_irons :( RandalSchwartz: that's so I don't have to have all those 0's :)
I remember having to count them though. :) awyeah: Yeah I mean I'm fairly familiar with the syntax... I'm pretty sure it's correct, named-checkzone gives me no errors RandalSchwartz: must be a cache then awyeah: and my server does appear to be answering authoriitatively
authoritatively RandalSchwartz: you're hosed until TTL :) awyeah: yeah RandalSchwartz: I hope it was a low TTL awyeah: try dig @excelsior.awyeah.net -x 2607:f2f8:7400::2 RandalSchwartz: wow - a lot of the top-level nameservers are talking to me in v6
nice
especially since he.net says in general, v6 is faster than v4
probably thanks to he.net :)
anyway, back to $DAYJOB ***: nuke` has joined #arpnetworks nesta: /wii nuke`
wah
:) IPv6Freely: cool so i have this vps
now... what to do with it... nesta: is it FreeBSD ? IPv6Freely: of course :) nesta: well you should update to the newest release, get the latest patches IPv6Freely: well thats no fun :P nesta: there is a FreeBSD exploit for the all unpatched ones at the moment
local root
it's advisable :) IPv6Freely: bah. ill have to look into doing that, im assuming its not like it used to be nesta: hehe IPv6Freely: I made this wayyyyy back. its not still done like this is it? http://3fives.com/tmp/freebsd.html nesta: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
use the Handbook IPv6Freely: looks pretty much the same nesta: uhhh
no IPv6Freely: okay, it does to me nesta: okay IPv6Freely: meh, ill do all that when i really have nothing better to do nesta: it's fun if you ask me
but whatever IPv6Freely: heh thats far from fun :P nesta: I wouldn't go around adding any users until you do though
it's fun for me :) IPv6Freely: i just have my user and my root user
since you cant ssh as root :P nesta: ah okay
well you _can_
but
not advisable IPv6Freely: because of the security hole? nesta: sure IPv6Freely: k
more /usr/src/UPDATING nesta: I mean if you ssh keys I _suppose_ it's "okay"
but I still would not IPv6Freely: until ive updated you mean? nesta: hm? no I just mean you could use ssh keys to ssh in as root because then no one could sniff a pass
but it's not advisable nonetheless IPv6Freely: oh gotcha
okay so i should follow that rebuilding world part of the handbook top to bottom nesta: yes sir, at the moment I am having issues but generally that *just works*
I am noobin it up at the moment
:'( IPv6Freely: why does it have the makekernel stuff at the top and then again half way down? nesta: well it gives a few example
s
diff scenarios IPv6Freely: im very confused
24.7.1 tells you do the buildworld and buildkernel, and then 24.7.7.2 has you doing make buildworld again nesta: it is kinda confusing but basically its just, make buildkernel && make buildworld && make installkernel && reboot to single user && cd /usr/src && mergemaster -p && make installworld && mergemaster && Reboot
yeah its just different ways
if you read closely IPv6Freely: jesus christ this stuff is way too complicated dxtr: Do you guys have any pro-tip for backing up configuration files?
rsync /usr/local/etc and /etc to somewhere? nesta: dxtr: I just tar them up and bring em home with scp dxtr: nesta: Well I have a lot of configuration files :D
Thing is I didn't know about that local root exploit. Now I've got to re-install my VPS(!!!) just to be sure
And firsthing I do is update it nesta: tar -cvvpzf /usr/backup/localetc.tar.gz /usr/local/etc&
etc
thats what I do
then chown then .gz's to a user and scp them home
I tend to do things a bit funny though so :)
ymmv dxtr: Hehe jdoe: ... alright... been mostly productive... time to fuck around with xmonad again... nesta: xmonad is cool IPv6Freely: wtf, irssi just said "day changed to 04 Aug 2010"... wtf timezone is this in dxtr: GMT-1? :P IPv6Freely: fail nesta: depends on what ya set it to
:P jdoe: UTC IPv6Freely: i set it to PDT last night. its definitely not midnight PDT jdoe: aka "real time" :P RandalSchwartz: the One True Time :)
at least you didn't set it to swatch time :)
IPv6Freely - what does "date" say? up_the_irons: jdoe: since i went through the xmonad dance again recently, here's my build log of xmonad on my netbook: http://pastie.org/private/afxnwva4wjujbxb4k4laxw
might help, might not; take what you like IPv6Freely: Wed Aug 4 00:03:44 PDT 2010 RandalSchwartz: yeah, that's wrong IPv6Freely: heh RandalSchwartz: ntpdate ntp.pool.org
that'll snap it to the right time for now
just hope you haven't done any makes for a while IPv6Freely: yea looking at ntp config in the handbook RandalSchwartz: ntp is already configged
just enable it
ntpdate_enable=YES
ntpd_enable=YES
then /etc/rc.d/ntpd start
do NOT edit the ntp conf file
it's already correct out of the box dxtr: Where do I start if I'd like to reinstall?
I mean, where do I insert the CD? :P IPv6Freely: tharrr we go. RandalSchwartz: the DVD is already installed dxtr: I know the rest RandalSchwartz: just hit f12 during boot up dxtr: Oh, neat RandalSchwartz: and remember to wipe ad0 :) IPv6Freely: thanks RandalSchwartz i was doing that as you were typing it ;) jdoe: up_the_irons: right on, thanks. I'm trying to preserve as much of gnome as I can though, I just want something better than metacity :) dxtr: RandalSchwartz: dd if=/dev/zero of=/dev/ad0? :P jdoe: up_the_irons: ... so if you have any xmonad.hs-fu that's not specific to dzen, gwmenu or whatever I'm all ears. IPv6Freely: Tue Aug 3 17:06:09 PDT 2010 yay RandalSchwartz: not really necessary, unless you have hostile local root users
in which case, you have a bigger problem
it'd have to be someone who can read the raw disk
otherwise, freebsd does a pretty good job of handing you zeros on new blocks dxtr: RandalSchwartz: Well, I'm installing because I might've gotten my VPS rooted (Here I was thinking FBSD 8.0-RELEASE was kind of safe :P) RandalSchwartz: right - but you're wiping it
as in, new install jdoe: RandalSchwartz: something I used to like doing was going to linode, provisioning a new machine with the smallest disk I could get away with (like a 400MB debian install or wahtever) and then creating a virtual disk with the rest of my quota dxtr: Yeah RandalSchwartz: the bits that aren't part of the blocks are meaningless jdoe: ... and scraping it for ssh keys, gnupg keyrings etc.
apparently linode doesn't/doesn't wipe disk before providing it to users. RandalSchwartz: ewww ouch jdoe: (I just did it as a PoC, no malicious intent) RandalSchwartz: remind me to continue to not recommend linode :) jdoe: I dunno.
I recommend here now.
but if someone doesn't like it for whatever reason, I still recommend linode. -: IPv6Freely completely lost jdoe: (arpnetworks has more of a small-company feel, some people are skittish about that) RandalSchwartz: IPv6Freely? what are you lost about now? IPv6Freely: whatever you guys are talking about RandalSchwartz: it's not for you then. :) IPv6Freely: clearly :) jdoe: dxtr: fbsd 8.0 IS safe. You did something to fuck it up ;)
(probably) dxtr: jdoe: Well, local root exploits are making me paranoid ;) RandalSchwartz: you have untrusted local users?
I guess I'm lucky that way
all my local users are trusted
they all have root too :) dxtr: RandalSchwartz: Well, one jdoe: dxtr: there haven't been many of those in 8. I think there's been one or two things that required a reboot. freebsd-update is your friend. You DO cron it, right? ;) RandalSchwartz: you should put that untrusted user in his own jail :) dxtr: RandalSchwartz: Yeah, "I'll do that later" :D
Have been my motto for a couple of weeks jdoe: haha.
jailing probably isn't a silver bullet if it's an escalation in the kernel, but it's... generally a good idea. -: RandalSchwartz wanders off cmeiklejohn: up_the_irons: you got some props here: http://news.ycombinator.com/item?id=1569559 ***: cmeiklejohn has quit IRC (Quit: leaving) dxtr: up_the_irons :p ***: dxtr has quit IRC (Remote host closed the connection)
dxtrr has joined #arpnetworks
cmeiklejohn has joined #arpnetworks
dxtrr has quit IRC (Quit: Reconnecting)
dxtr has joined #arpnetworks jdoe: cmeiklejohn: fuck hackernews :P
that site/feed is such garbage.
... props are awesome and all, I just felt like venting some HN rage ;) cmeiklejohn: heh
ok then. ***: dxtr has quit IRC (Read error: Operation timed out)
dxtr has joined #arpnetworks
dxtr has quit IRC (Read error: Operation timed out)
dxtr has joined #arpnetworks awyeah: hey he.net has a DNS service now. -: awyeah adds another slave smokey: any idea how i manually set my nameservers for my v6 and v4 reverse? up_the_irons: cmeiklejohn: ah cool! RandalSchwartz: yeah, I'm moving all of my domains to he.net
one at a time of course smokey: thats what i wanna use :P awyeah: I'm just going to use them as a slave for now, I like bind.
bind doesn't like me.
but I like bind. RandalSchwartz: especailly because you get *five* slaves all over the *world* for free smokey: ive got all my stuff there. RandalSchwartz: fast fast slaves
all but one are v6 too
now if up_the_irons would fix my reverse, I coudl advance to the *next* level on the ipv6 certification cmeiklejohn: RandalSchwartz: I got my stuff there too -- got my Sage cert too ;) awyeah: wait, they slave on *all* their DNS servers? RandalSchwartz: Yes.
host -t ns stonehenge.com
my stuff is in six places around the world
I'm up to profession, waiting on guru
professional cmeiklejohn: RandalSchwartz: cool awyeah: hmmmm cmeiklejohn: awyeah: hrmm/
? nesta: hi twiggz: i probably have kids in more countries. jdoe: smokey: ? RandalSchwartz: o/~ I've got friends... in low places... o/~ nesta: where the whiskey drowns .. twiggz: glenlivet here.
12 years old.
<3
shopping for more cigars now... RandalSchwartz: "I like my whiskey like I like my women..." :) twiggz: really? cheap and nasty? RandalSchwartz: "18 year old" twiggz: glennfiddich has an 18 year old single malt i think cmeiklejohn: they do RandalSchwartz: The Macallan 25. Nectar of the GOds twiggz: the green bottle RandalSchwartz: $450 a fifth
and worth the $20/shot smokey: ? RandalSchwartz: smokey? smokey: jdoe said my name... twiggz: i like nice cigars to much to bother with spending to much on single malt scotch/whiskey ....single malt is good enough... i am partial to makers mark and glenlivet... RandalSchwartz: oh twiggz: the makers mark cigars are awesome to.
lol jdoe: lol -: jdoe is a CERTIFIED IPV6 NEWBIE smokey: same here :x jdoe: smokey: you were asking you to set nameservers for reverse.
smokey: and I was asking (poorly) for you to elaborate ;) twiggz: ipv6 is crap...noone uses it...maybe 10% of the internet even has access to ipv6 natively right now....from their own isps.... smokey: right now my v4/v6 use ns1/2.arpnetworks.com i'd like to switch em to ns(1-5).he.net
time to eat.
i submitted a ticket..now i wait! twiggz: ive lived in 5 states over the past 3 years ...and never had an isp offer native ipv6
:/
and setting up ipv6 tunnel is justmore trouble than its worth.. RandalSchwartz: twiggz - your (minority) opinion is noted, and will go on your permanent record. -: RandalSchwartz grins RandalSchwartz: truth is, we're outta v4 in a year or so
and yes, major ISPs are spinning up v6 projects twiggz: thats what they say, sure. RandalSchwartz: and have you seen tunnelbroker.net?
you can have a v6 tunnel in about 10 minutes twiggz: and sure, "spinning up" does not = OFFERING IPv6 RandalSchwartz: or miredo, to get a tunnel anywhere you're natted twiggz: so... RandalSchwartz: twiggz - you live in the US, apparently twiggz: yes, i do. RandalSchwartz: internationally, the story is different twiggz: i know. RandalSchwartz: the US is hogging most of the remaining v4
because we know we're backwards :) jdoe: RandalSchwartz: seems unlikely, there's still a ton of space that can be reclaimed.
(re: running out) twiggz: we also get to have guns. RandalSchwartz: jdoe - not politically twiggz: damn us! jdoe: not politically? I'm talking about reserved blocks, not assigned /8s RandalSchwartz: the reserved blocks are running out
about a year left twiggz: thats what they said a year ago
sorry, its true. jdoe: heh, yes, we've been running out for quite some time.
... and while I'm sure it's coming soon, I don't think it's coming *that* soon. twiggz: a year ago they said "we wont have any left in a year" RandalSchwartz: it has slowed down a bit twiggz: a year passes....i still get ipv4 addys RandalSchwartz: but it won't *keep* slowing down
the recession helped. :)
best guess is 322 days now
under a year twiggz: ill bet you money
for real
noones running out of ipv4 addys in 322 days
hell
ill give you 340 dys.
shit, i should give you a year.
probably two...
if ipv4 addys were so scarse ...my isp would have a real problem with giving each of my 6 pcs and laptops in the house their own ipv4 address...
if i hooked up another hub to the hub i have...id get more ipv4 addys ...lol..
no need for it...i dont have enough boxen. nesta: or fingers? twiggz: kvm switches are useful :)
but yea, "ill bet a fiddle of gold against your soul" that in a year noones running out of ipv4 addys. nesta: we heard ya twiggz: good.
;p RandalSchwartz: since that statement is already false, you already lose
you have to justify wanting a /27 or bigger these days
all the way up to ARIN twiggz: haha, you cant possibly know its false. RandalSchwartz: I just gave my evidence twiggz: you are guessing. RandalSchwartz: no - that's fact twiggz: and so is arin. RandalSchwartz: ask up_the_irons
anyway, you've proven your ignorance. we can stop now twiggz: ok, we'll see in a year
they said the same crap last year
it didnt happen
lol nesta: hrm twiggz: truth is, people are always going to be getting laid off, fired, quitting jobs.....and not being able to afford their internet ......the economy is not getting any better here.....so its a safe bet...in a year they will still not have run out of ipv4 addresses no matter what up_the_irons or arin says.
bet me money. nesta: troll is obvious troll.
only thing worse than a troll is a fail troll
:-X twiggz: sorry, im not the one calling people names.
not to mention im right. nesta: np
you must have thought I was referring to you then?
...ahh
:) twiggz: just because some op in this channel and arin guesses so does not make his arguement correct. nesta: hehe twiggz: covering my ass :)
i dont care what you think of me. ***: j3m has quit IRC (Read error: Operation timed out) nesta: ipv4 does not care what you think of it either twiggz: yep. ***: j3m has joined #arpnetworks twiggz: thats why it will still be available a year from now. nesta: so why all the to do twiggz: :D nesta: nice blog twiggz: dont worry, i like my arp vps...ill be around for atleast a year (im sure you hope not), so we'll see.
i dont think i have a blog.
i have a ning social network for my irc network...and posted a few bits on it....but i dont blog..
if i blogged....id also have to carry a pastel colored powerbook to barnes n nobles every weekend...
(or put apple made POS *book in place of powerbook) -: twiggz shrugs ***: j3m has quit IRC (Ping timeout: 240 seconds)
j3m has joined #arpnetworks jdoe: lol
"ARIN, RIPE and APNIC, and the Internet community are conducting discussions on the question whether organizations that require IPv4 addresses can acquire them from other organizations."
man I hope they kill that. A market for IPv4 addresses is pretty much the worst possible way to address this. RandalSchwartz: Yup
speculating in the spot market on a /17 :)
and certain legacy organizations with /8's would make out like banshees
not really fair
comcast would reassign me from its 4/8 pool hourly
"no packet for an hour? you lose your address!"
DHCP valid times of 90 seconds :) ***: nesta has quit IRC (Quit: leaving)
nesta has joined #arpnetworks jdoe: yeah.
haha. When I requested an IPv6 allocation (incorrectly, but whatever) my provider thanked me for using it.
I lol'd. RandalSchwartz: I have, I think 3 or 4 ipv6 /48's now
so I can enumerate all the grains of sand in the earth a few times over. :) jdoe: I asked for a /64 because honestly I'm just going to fuck around.
up_the_irons is of course correct and I should have requested a /48 RandalSchwartz: yeah - you get a /64 just for the routed tunnel :)
the rest of /48
is for all of your dinking around jdoe: yep.
oh well.
I can always bug them, they haven't actually GIVEN me the allocation yet.
hrm. -: jdoe stabs the he ipv6 thing. jdoe: I don't tunnel to home and links doesn't have js. I'll be a newbie forever ;) ***: nesta has quit IRC (Remote host closed the connection)
nesta has joined #arpnetworks
adxp has joined #arpnetworks adxp: any staff here? ***: schmir has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks