#arpnetworks 2010-08-04,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***smokey has quit IRC (Ping timeout: 260 seconds) [00:03]
IPv6Freelyi wonder if he was doing a survey [00:10]
***IPv6Freely has quit IRC (Remote host closed the connection)
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[00:19]
..... (idle for 20mn)
nesta has quit IRC (Remote host closed the connection) [00:41]
nakano_ is now known as nakano [00:46]
nesta has joined #arpnetworks
nesta has quit IRC (Client Quit)
nesta has joined #arpnetworks
LT has joined #arpnetworks
[00:54]
..... (idle for 21mn)
dbgi-- has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
dbgi has quit IRC (Ping timeout: 276 seconds)
[01:19]
............ (idle for 56mn)
dbgi-- is now known as dbgi
dbgi has quit IRC (Changing host)
dbgi has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
schmir has quit IRC (*.net *.split)
jn has quit IRC (*.net *.split)
jn has joined #arpnetworks
[02:19]
schmir has joined #arpnetworks [02:40]
.......... (idle for 47mn)
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[03:27]
.... (idle for 17mn)
nuke` has quit IRC (Ping timeout: 258 seconds) [03:44]
........ (idle for 38mn)
nuke` has joined #arpnetworks [04:22]
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[04:28]
.......... (idle for 48mn)
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[05:16]
schmir has quit IRC (Remote host closed the connection) [05:29]
..... (idle for 24mn)
ziyourenxiang has joined #arpnetworks [05:53]
nakano is now known as nakano_ [06:00]
schmir has joined #arpnetworks
adxp has quit IRC (Ping timeout: 276 seconds)
adxp has joined #arpnetworks
nakano_ is now known as nakano
[06:06]
schmir has quit IRC (Remote host closed the connection) [06:23]
..... (idle for 20mn)
fink_ has joined #arpnetworks [06:43]
awyeahmornin' [06:48]
***awyeah has quit IRC (Quit: Reconnecting)
awyeah has joined #arpnetworks
[06:49]
awyeahhrmph. [06:50]
bob^^just upgraded my VPS to freebsd 8.1 o/
went smooth as it could, i love freebsd-update :)
[06:53]
RandalSchwartzzfs gpt boot? [06:53]
bob^^nope
i'm not crazy
[06:53]
RandalSchwartzahh, simpler. :) [06:53]
bob^^:)
i need things to 'just work'
[06:53]
RandalSchwartzme too. but I like snapshots and rollbacks [06:54]
bob^^oh yeah, zfs is nice... i'm just not happy to use it in production *just* yet [06:54]
RandalSchwartzRandalSchwartz wanders off to $DAYJOB [07:00]
***adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[07:03]
bob^^:q!
lol
[07:03]
***dbgi has quit IRC () [07:05]
dxtrSo
How would I secure my fresh, new freebsd installation?
If I don't have enough space to jail my users
[07:11]
***vtoms has joined #arpnetworks [07:13]
ziyourenxiangon arpnetworks? should have enough space :-) [07:13]
RandalSchwartzyeah - even the smallest plans can run a jail
they nullmount back to your existing /bin etc
or rather a bin built for all jails
[07:13]
bob^^dxtr: http://erdgeist.org/arts/software/ezjail/ [07:13]
fink_ezjail rocks [07:16]
bob^^+1
:D
[07:17]
awyeahdxtr: Get rid of the users
Then shutdown -h now
[07:18]
RandalSchwartzheh... I'm stuck on the guru level of he.net ipv6 certification
turns out, using he.net as a secondary for my domain is actually stopping me from getting he.net certification!
ns1.he.net is ipv4 only (!!!)
so my nameservers aren't all reachable from v6
"a clever trap they have laid, and I fell for it!"
[07:19]
***woremacx has quit IRC (Ping timeout: 260 seconds) [07:22]
ziyourenxiangthe handbook's method to construct jails is quite straightforward as well. [07:24]
bob^^ezjail just makes it way easier to manage afterwards, plus bringing up a new jail just takes a few seconds
but yes, the handbook method is fine too if you're just after one or two standalone jails
[07:24]
fink_bob^^: i've done both and i find ezjail really saves on the drudgework [07:31]
bob^^agreed :) [07:32]
ziyourenxiangi'll give it a try then. :-) [07:34]
***adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
woremacx has joined #arpnetworks
[07:39]
.... (idle for 18mn)
dxtrIs it safe to compile a new kernel with a new cnofiguration without first rebuilding world?
It's the same version and everything. Just a different kernconf
[07:57]
bob^^if it's the same version and nothing's been updated, you'll be fine [07:57]
dxtrCool [07:57]
bob^^just don't let kernel and world get out of step... Bad Things (tm) will happen
:)
[07:57]
dxtrHehe
I don't need support for "USB Serial Devices", right? :P
[07:58]
bob^^are you using USB Serial Devices? [08:00]
dxtrOn the VPS? [08:00]
bob^^you never said it was for your vps :)
i wouldn't think you'd need that, no
[08:00]
dxtrI thought it was obvious, sorry :) [08:01]
bob^^:) [08:01]
dxtrDo I need any USB support for thinks to function?
things*
[08:01]
bob^^i'm not sure
let me check on mine
[08:01]
dxtryeah :) [08:01]
bob^^i've not *noticed* any USB (apart from a usb mouse, but i don't need/use that nayway) [08:01]
dxtrI wanna disable as much as possible [08:02]
bob^^don't see anything in dmesg.boot that looks to use USB
you're not going to save a huge amount by removing those sorts of things though imho
these days i tend to run everything with GENERIC tbh
[08:02]
dxtrhehe
Just playing around :)
[08:03]
bob^^hehe
it's not quite the same as the old days where saving a couple of MBs made a huge difference when your box only had 16mb to start with :D
[08:04]
dxtrHehe [08:04]
cedwardsyeah. I run GENERIC, but I change the name is all.
I used to bother pulling modules on my *old* sparc machine, but now it's not worth it.
[08:05]
bob^^exactly :) [08:05]
ziyourenxiangcedwards, i suppose you don't use freebsd-update, since you rename GENERIC to something else? [08:11]
***adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[08:11]
bob^^i <3 freebsd-update so very much [08:13]
cedwardsziyourenxiang: I build everything.
with ccache it really doesn't take long. On one machine I can do a kernel in <1m and world in <5m.
[08:18]
ziyourenxiangi like freebsd-update, but i also want IPsec, so i can't run GENERIC... bummer... any suggestion for a user-space site-to-site VPN thingie? i know of openVPN. [08:20]
bob^^openvpn is superb, i can highly recommend it [08:21]
ziyourenxiangsomehow it feels a bit "impure" to run TCP over SSL (assuming that's what openVPN does) [08:22]
RandalSchwartznot really ssl
it has its own encryption
and yes, I highly recommend openvpn as the best solution
since it tunnels using UDP, not TCP
tcp over tcp is troublesome
[08:22]
ziyourenxiangah, it uses UDP? didn't know that. ok, will give it a whirl. [08:23]
RandalSchwartzand you can use either layer 3 or layer 2
with layer 2, it's a bit fatter packets, but you can tunnel *anything*
eseentially, your interface looks like a participant on the remote net
[08:23]
ziyourenxiangi'm looking to tunnel something like zero MQ or one of those AMQP thingies among 2-3 servers. [08:25]
cedwardsI really need to learn openvpn too. something on my (long) list of topics. [08:25]
RandalSchwartzthe one thing that won't work is behind-NAT to behind-NAT
the server has to have a public face
the client can be behind-NAT though
[08:26]
bob^^well.. behind NAT to behind NAT will work, with port forwarding
it works fine providing you configure it correctly
[08:26]
RandalSchwartzpresuming you have a public IP too [08:26]
bob^^well yes [08:26]
RandalSchwartzthere are some ISPs that never give you a public IP [08:27]
bob^^my advice there would be [08:27]
RandalSchwartz"it's NATs... all the way down!" [08:27]
bob^^move to an actual ISP [08:27]
ziyourenxiangat the moment my two servers are all arpnetworks VPS. at some point i expect to have one or more linux 64bit servers (to run GLASS). any of you guys run linux on arpnetworks? [08:27]
RandalSchwartzindeed. but there are some solutions (like hamachi) that don't require public IPs
jus' sayin'.
[08:28]
bob^^meh
i'd hardly call hamachi a solution
but whatever floats your boat
[08:28]
RandalSchwartzwell *I* would never use it either [08:28]
bob^^ziyourenxiang: i'm sure plenty of chaps use linux around here too :)
openvpn works fine on linux as well - i've done freebsd > linux > windows with openvpn, no problems at all
[08:28]
ziyourenxianghmm, if all my machines are on arpnetworks maybe i might just use GRE for tunneling and rely on higher layers to provide security. [08:30]
RandalSchwartzGRE is tcp over tcp though, right? [08:30]
bob^^you'll have openvpn up and running in five minutes :) [08:30]
ziyourenxiangGRE is anything-over-ip [08:30]
bob^^indeed it is
i've done some horrible things with GRE in my time :)
but they work!
[08:30]
ziyourenxiangok, i'll try openvpn next. i've done GRE before too and know that it surely works. [08:32]
RandalSchwartzof course it works, and stop calling me shirley. :) [08:33]
ziyourenxiangheh [08:33]
..... (idle for 22mn)
jdoefeh, tcp tunnels. [08:55]
***adxp has quit IRC (Ping timeout: 260 seconds)
vtoms has quit IRC (Quit: Leaving.)
adxp has joined #arpnetworks
[09:01]
fink_+1 openvpn [09:04]
***IPv6Freely has joined #arpnetworks [09:08]
IPv6Freelywell... i learned the hard way that binary system updates dont play well with zfs at this point. [09:08]
***nakano is now known as nakano_ [09:09]
IPv6FreelyI ran across this issue: http://forums.freebsd.org/showthread.php?t=8958 (except the accepted fix doesnt want to work for me) [09:12]
***LT has quit IRC (Quit: Leaving) [09:15]
dxtrErr
Did console.cust.arpnetworks.com just go down?
Oh no it didn't
[09:23]
***BeBoo_ has joined #arpnetworks [09:24]
BeBoo_about how long does it take for a vps to be setup? [09:24]
IPv6Freelyusually under 24 hrs [09:24]
BeBoo_Cool. I'm excited :D [09:26]
IPv6FreelyIt's pretty awesome, that's for sure. Except for me having to wipe mine and start over because im an idiot :P [09:27]
BeBoo_:o
Thats not good. What happened?
[09:27]
IPv6FreelyI rebuilt w/ ZFS, and apparently freebsd's binary system upgrades (to go to 8.1) dont play well with zfs
http://forums.freebsd.org/showthread.php?t=8958 <--- that, except their fix doesnt work for me
[09:28]
BeBoo_excuse the ignorance but what's different about ZFS? [09:29]
IPv6Freelyhell if i know... its supposed to be better :P
was just about to read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/filesystems-zfs.html
not that ill understand a single word of it
[09:30]
fink_IPv6Freely: you should ask RandalSchwartz [09:33]
IPv6Freelyfink_: about my broken system or about zfs in general? [09:34]
fink_yours [09:34]
IPv6Freelyhumph... i dont know whats the deal with my vps, i connect w/ chicken of the vnc and it appears to connect but i get no window [09:39]
BeBoo_love that program
doesn't seem to work with VirtualBox though
virtualbox's vnc that is
[09:39]
fink_IPv6Freely: i like cotvnc too, but i've had better luck with jollysfastvnc w/arpnetworks [09:41]
dxtrIPv6Freely: I got that too earlier with tightvnc
Just connect a couple of times
[09:42]
IPv6Freelyhmmmm [09:43]
***BeBoo_ has quit IRC (Quit: ::: (tekN1X) :::) [09:43]
IPv6Freelyfrustrating
no luck :( fail
there we go.. shut down the vps and booted. now i can get in
RandalSchwartz: awake? :)
booted into fixit... says to chroot into my installation, which should just be "chroot /zboot" right?
zroot rather
[09:43]
nestahehe
you guys and your ZFS
I don't understand why you love heart ache so much
UFS rox
[09:51]
fink_lol@ufs
zfs=future
[09:52]
nestayeah well guess what
it's present day
:)
the future is yet to come :P
[09:52]
DaCanesta: it's great, on a dedicated server, but to use it on a vps looks downright ridiculous to me [09:52]
nestayes DaCa [09:52]
fink_DaCa: i'm using it now on root on an arp vps [09:53]
IPv6Freelyyea i think im just gonna build a standard install
i dont think ill get anything out of it
[09:53]
fink_zfs snapshot management rules [09:53]
nestadoes ZFS just get installed to /root ?
I am kinda confused about that
what about multiple partitions
[09:53]
***dxtr has quit IRC (Changing host)
dxtr has joined #arpnetworks
[09:53]
fink_there's a tutorial on the freebsd wiki [09:53]
IPv6Freelyno idea
http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot

i just followed that
[09:53]
nestayeah I saw it but it does not really makew it clear about multiple paritions
unless I totally missed it hehe
whihc is likely
[09:54]
IPv6Freelyno clue. [09:54]
nestadxtr: how was the re-install? great success? [09:54]
dxtrnesta: Yeah. Been doing stuff for a couple of hours now [09:56]
nestaah okay, did you get all the seperate partitons okay? [09:56]
IPv6Freelyhmm now i cant even do a default install
unable to find device node for /dev/ad0s1b in /dev! The creation of filesystems will be aborted
[09:58]
fink_IPv6Freely: the first time i followed that tutorial; the second time i did this: http://anonsvn.h3q.com/projects/freebsd-patches/browser/manageBE/create-zfsboot-gpt_livecd.sh
that was with 8.0 release
it was pretty awesome
[09:59]
IPv6Freelycool but that doesnt help me with either issue im having [10:00]
nestawhats your issue? you can't do an install?
just erase you disk man
[10:03]
IPv6Freelywell first the zfs was broken, then i tried wiping and starting over and it wont let me
how do i erase a disk? ive always just done that and partitions in sysinstall
I think... im just going to cancel my account.
[10:04]
nestasounds a bit hasty
they provide you with a perfect working installation
[10:09]
IPv6Freelyand i break it [10:10]
nestapeople decide to do all sorts]
yeh
you can easily fix
:)
[10:10]
IPv6Freelyapparently not [10:10]
nestaare you booted to cd? [10:10]
IPv6Freelyi was [10:10]
nestawell go back, why give up? [10:10]
IPv6Freelynow im at a boot: prompt [10:10]
nestathe devil loves a trier [10:10]
IPv6Freelyi have no idea how to reboot from here [10:11]
nestalog into your webpanel that Arp provides for you, IPv6Freely [10:12]
IPv6Freelyok [10:12]
nestayou can shut it down there
and then boot it
[10:12]
IPv6Freelybooting..
okay in the sysinstall main menu
[10:12]
nestaokay
do a standard install
when you go to the disk part don't do anything just shout me :)
[10:13]
IPv6Freelyyeah im in that part [10:13]
nestaokay you select the drive yeh?
then it brings you to black screen
[10:15]
IPv6Freelyyea
the fdisk partition editor
[10:15]
nestasee the middle line? it has 'freebsd' on it
press down arrow to get to it
then press d
then press a
[10:15]
IPv6Freelyi have "unused, unknown, unknown, unknown, unused" [10:16]
nestaok
just delete
all
basically
go to all them
and press
d
once
[10:16]
IPv6Freelyk all unused. this is how i normally do it [10:16]
nestatell me when you done that
k
[10:16]
IPv6Freelydone [10:16]
nestapress arrow back up to top
then press
a
[10:16]
IPv6Freelyyep
now i have ad0s1 freebsd
[10:17]
nestacool
go to that one
and press
s
[10:17]
IPv6Freelydone [10:17]
nestapress q [10:17]
IPv6Freelyk [10:17]
nestanow choose yes for the bootmanager
like the top option is fine
[10:17]
IPv6Freelyya [10:18]
nestadone?
k
now
what size is your hard drive
[10:18]
IPv6Freely20GB
i usually just do auto here too
[10:18]
nestais that what you would like to do? [10:18]
IPv6Freelysure why not [10:18]
nestayou can carry on now as normal
it should fdisk just fine
if not then you got me :)
yeh go with auto
just auto and then q to get out
[10:19]
IPv6Freelyauto and then q
now i was gonna use "user" here since im gonna cvsup src anyway
[10:20]
nestayeah sure
jsut get to the fdisk hehe
[10:20]
IPv6Freelyasking where to install from, i pick CD obviously [10:21]
nestayep [10:21]
***nakano_ is now known as nakano
nakano is now known as nakano_
nakano_ is now known as nakano
[10:21]
IPv6Freelyokay, the final yes/no window. "last chance, are you sure?" [10:21]
nestaYES
:D
[10:21]
IPv6Freelysame error as before [10:22]
nestanesta crosses fingers
lol
wow okay ZFS really *is* evil
hey IPv6Freely don't worry when up_the_irons is here he will reinstall for you np :)
its part of the contract
[10:22]
IPv6Freelyhttp://a.imageshack.us/img401/2599/screenshot20100804at102.png [10:23]
nestawowee
thats a funny one alright
[10:23]
IPv6Freely*thumbs up* [10:23]
nestaI am sure there is some sensical explanation
okay, IPv6Freely .. ya got me.
:)
lol
[10:23]
IPv6Freelyhad zfs, zfs broke, tried to install normally, and failsauce. Thats the summary of my last two days :P [10:24]
nestaI have thus far steared clear of it
for I knew all of this lay before me
:D
I heeded the warning calls of others lost in the wilderness
[10:24]
IPv6Freelyi made the mistake of trying to do a binary upgrade from 8.0 to 8.1, which apparently is broken if you use zfs [10:24]
nestaah yes I never binary upgrade [10:25]
IPv6Freelyid never done it before, i figured id try it [10:25]
nestaI always upgrade via fresh source and build it
its much more fun
freebsd-update is boring imho
[10:25]
IPv6Freelyme too, though i dont find it fun :P [10:25]
nesta:P [10:25]
IPv6Freelyi didnt know binary upgrades even existed
until a couple days ago
[10:25]
nestaya gota make it fun hehe, dangerous kernel options etc.. [10:26]
IPv6Freelyha. no.
im not a tinkerer
[10:26]
nestaplaying with MAC and ACL and ttoally breaking your shit [10:26]
IPv6Freelyi want it to just work [10:26]
nestalike I did the other night
lol
[10:26]
IPv6Freelyi hate computers, i have zero interest [10:26]
nestaaww come on
thats not true clearly
[10:26]
IPv6Freelyno really... if i ever had to do sysadmin shit id go nuts [10:27]
nestayou have a FreeBSD vps
most 'normal' people
]have NOidea what that is
[10:27]
IPv6Freelythe only reason i got a vps is because the shell i have gets rebooted every night and therefore sucks for screen+irssi. [10:27]
nestarebooted every night?
dang
[10:27]
IPv6Freelysometimes not
but when i log in and do screen -r and it says no screen to be resumed... man does that ever piss me off
[10:27]
nestabut you don't care about computers
:P
[10:28]
IPv6Freelyi dont. i care about irc :P [10:29]
nestahahaha [10:29]
IPv6Freelyi want my irc and dont want to have to mess with shit to get it
a shell is also super useful for testing my networks from the outside
[10:29]
dxtrHmm... [10:34]
IPv6Freelybut otherwise i hate computers. thats why i use a mac, because everything just works and i can spend my time doing my work rather than dicking with my OS [10:34]
dxtrExactlt what is "cputime" in login.conf? I'm thinking it essentially says how long a proccess can run ("Use the cpu") [10:35]
***Lefty has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
koan has quit IRC (Read error: Connection reset by peer)
koan has joined #arpnetworks
fink_ has quit IRC (Quit: fink_)
cedwards has quit IRC (Read error: Connection reset by peer)
cedwards has joined #arpnetworks
[10:39]
ziyourenxiangIPv6Freely, whatever i want to do on my VPS, i try first on a vbox instance on my laptop... if nothing else i get familiar with the procedure and screens.
oh ok, didn't see that bit where you say you don't do sysadmin :-)
[10:44]
IPv6Freelyheh yea [10:46]
awyeahNext project: OpenVPN on my VPS.
So I can have "local" network access to it.
[10:49]
IPv6FreelyThat's probably pretty easy.
About to configure VPN today actually.
Though, its a Juniper SSL VPN appliance, so slightly different :P
[10:49]
awyeahheheh yeah.
purpose-build.
built.
Although, JunOS is based on FreeBSD I think.
[10:51]
IPv6Freelysort of
It runs on top of freebsd
not really based on it
[10:51]
***schmir has quit IRC (Remote host closed the connection) [10:56]
RandalSchwartzheh... got an answer back from he.net about how to pass their test
"remove ns1.he.net from your list"
great. :)
[11:00]
up_the_ironslol
up_the_irons anticipates a support ticket
RandalSchwartz: want me to remove it from your rdns? i happen to be in my name server right now...
[11:00]
***Lefty has joined #arpnetworks
vtoms has joined #arpnetworks
[11:01]
dxtrHey, you guys can help me :D
Exactly what is "cputime" in login.conf? I'm thinking it essentially says how long a proccess can run ("Use the cpu")
[11:04]
nestahiya up_the_irons :) [11:05]
up_the_ironsup_the_irons has no idea what cputime is [11:05]
nestaman login.conf [11:06]
jdoedxtr: I believe that is the case.
but it's not how long it can run, it's how long it can RUN
ie actually be on the cpu.
[11:06]
bob^^man login.conf says it's a limit on cputime
;)
[11:07]
jdoeright. [11:07]
nestait actually says "CPU USage Limit"
:P
which does indeed explain it a bit more
[11:07]
RandalSchwartzup_the_irons - I think it only matters on the forward
so lemme see if that fixes it yet
[11:08]
up_the_ironsRandalSchwartz: roger [11:08]
RandalSchwartzsince I'll put it back in after I get my badge. :) [11:08]
nestaany idea why a line like this won't work .. pass in quick log on $ext_if inet proto tcp from group { bakeneko } to $iplist port $ssh flags S/SA keep state [11:09]
up_the_ironsheh [11:09]
nestaseems to be an issue with the group part of the rule
man page is useless and google is like 'what?'
>_<
[11:09]
***ziyourenxiang has quit IRC (Quit: ziyourenxiang) [11:15]
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
nakano is now known as nakano_
[11:26]
nakano_ is now known as nakano
BeBoo_ has joined #arpnetworks
[11:35]
BeBoo_=] [11:37]
nestahi BeBoo_ :)))
long time
[11:38]
BeBoo_hey nesta, how are ya [11:38]
nestasuper duper [11:38]
BeBoo_great to hear
just waiting for my new vps to be created :D
(impatiently)
[11:40]
nestaniiiice
FreeBSD?
[11:41]
BeBoo_lol
of course
[11:41]
nestaexcellent [11:41]
BeBoo_yeah, element talked me into getting my own VPS since i keep taking his over [11:41]
nestahaha [11:42]
BeBoo_so i figured if i'm getting my own, i want a freebsd one, not linux [11:42]
nestahow is he doing?
hell yeh
[11:42]
BeBoo_pretty good, we've both been busy busy
his b'day is coming up
[11:42]
nestaanything exciting?
ahhh
[11:42]
BeBoo_we're goin to the shore
not really exciting... bought a PS2 and a bunch of games we miss playing
lol
[11:42]
RandalSchwartzfeh. even after removing ns1.he.net from stonehenge.com, it's still failing [11:43]
jdoeso much for your global redundancy ;)
bah. Another day, another "rdns still not setup properly"
classless delegation is hard :(
[11:50]
***Jestre has quit IRC (Read error: Operation timed out)
phlux_ is now known as phlux
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[11:58]
RandalSchwartzwoo hoo... I'm a Sage! http://ipv6.he.net/certification/cert-main.php
... http://ipv6.he.net/certification/scoresheet.php?pass_name=merlyn
[12:03]
nestawell done :) [12:04]
IPv6Freelywoohoo
i dont know the systems side of ipv6 :(
[12:05]
nestaits easy :)
well
actually
I retract that
[12:05]
IPv6Freelyi guess ill find out [12:06]
nestalol
but adding your ipv6 aliases for arp with FreeBSD .. is easy
:)
# ipv6
ipv6_enable=YES
ipv6_defaultrouter="2607:f2f8:12c0::1"
#ipv6_ifconfig_em0="2607:f2f8:12c0::2 prefixlen 48"
#ipv6_ifconfig_em0_alias0="2607:f2f8:12c0::3 prefixlen 48"
#ipv6_ifconfig_em0_alias1="2607:f2f8:12c0::4 prefixlen 48"
just change to your info and put this in /etc/rc.conf
[12:06]
IPv6Freelyask me to configure OSPFv3 over point to multipoint frame relay... no problem. Configure on a desktop? completely lost. [12:06]
nestaand reboot [12:06]
IPv6Freelyyea i had v6 on my vps, but no idea how to be able to actually use it... i wasnt able to resove hostnames to ipv6 addresses and such [12:07]
nestaoh well you have to relegate your vps dns to some servers fo your choice
then email up_the_irons the info
the sets them
you make the AAAA records and set the ipv6 as above for the addresses you set the AAAA Records for
and ba da bing
the=he
[12:08]
IPv6Freelyyea im lost.
i dont understand dns
[12:09]
nestatell ya what
me either but I can help you
do this sir, make an account on afraid.org
sign up with them
don't have to pay just make an account
[12:09]
IPv6Freelyheh
URL blocked
[12:10]
nesta? [12:10]
IPv6FreelyThe URL that you are attempting to access is a potential security risk. Trend Micro Core Protection Module for Mac has blocked this URL in keeping with network security policy.
damn corp laptops
[12:10]
nestabhaha
ignore that
[12:10]
IPv6Freelyi cant [12:10]
nestao
hmm
do
nm
[12:10]
IPv6Freelyheh [12:11]
nestayou can do it wiith he.net [12:11]
IPv6Freelydont worry about it [12:11]
nestanow I think
make an account there
[12:11]
IPv6Freelyon tunnelbroker.net?
okay account created, now logged in
[12:13]
nestasorry IPv6Freely
https://dns.he.net/
thats the one
prolly works across board
your login
anyway they do dns now
fpr ipv6
free
[12:16]
BeBoo_IPv6Freely: why do you have AV on your Mac? [12:16]
IPv6Freelyyep works
BeBoo_: because they put it there
[12:16]
nestaso just give up_the_irons the info... ie. the he.net nameservers ip addresses [12:16]
BeBoo_"they"? [12:17]
IPv6FreelyBeBoo_: work [12:17]
BeBoo_ah
interesting
[12:17]
IPv6Freelyif its not there, i cant log into vpn [12:17]
nestayeh fucking wierd [12:17]
BeBoo_silly IT dept [12:17]
IPv6Freelyindeed [12:17]
BeBoo_Macs don't get virii
:D
BeBoo_ hugs his MacBook Pro
[12:17]
IPv6FreelyIPv6Freely hugs his too [12:17]
BeBoo_hug yours too nesta
do it now
[12:18]
IPv6Freelyi7 yummyness
nesta: so just ns1-5.he.net
?
[12:18]
nestasure
email him all them
how many ever they have
[12:19]
BeBoo_sorry to butt in but are you talking about dns mgmt for ipv6? [12:19]
nestaask him to set them for your ipv6 dns
sure BeBoo_
[12:19]
BeBoo_reverse or just NS? [12:19]
IPv6Freelyno idrea
idea*
im just doing as im told
[12:19]
nestahaha
wel I dunno how he.net
works
I am just trying to help
:X
[12:20]
BeBoo_Element was telling me that up_the_irons doesn't have any DNS manager that I either have to do it myself or have him forward to somewhere [12:20]
nestabutr I know for sure [12:20]
RandalSchwartzoooh. I get a t-shirt for being a sage [12:20]
IPv6Freelyno worries. i think im gonna get food [12:20]
nestanah BeBoo_ you can make tons of subs of afraid.org
or your own ones
it's eeeeasssssy
[12:20]
BeBoo_you can't do reverse on afraid.org, can you?
i want reverse
[12:21]
***arenlor has joined #arpnetworks [12:21]
phluxyeah you can [12:22]
IPv6Freelydoesnt help that i dont know how to config ipv4 dns either [12:22]
phluxI do [12:22]
arenlorAnyone know how to place an upgrade order? Just email support@ or is there a form? [12:22]
***adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[12:24]
BeBoo_I'm gonna have fun setting my vps up :D [12:25]
nestahehe [12:28]
BeBoo_I'm blanking, what's this character called: ~ [12:34]
arenlorTilde? [12:34]
BeBoo_i thought thats what ` was [12:34]
arenlorI call that a back tick ^_^'
http://en.wikipedia.org/wiki/Tilde
[12:34]
BeBoo_yup, it's a tilde. thanks ^;
^^;
[12:35]
awyeahwoot! [12:46]
arenlorYou mean //|-|0()t don't you? ;) [12:47]
awyeahSure. [12:49]
RandalSchwartzhe.net will forward and reverse domains (including v6 records) for up to 25 domains, *and* they have 5 servers all over the world
I'm moving everything away from afraid.org to he.net
... https://dns.he.net/
[12:55]
nestathere ya go IPv6Freely ^
RandalSchwartz: whats the story with subdomaains on he.net ?
do they have free one like on afraid.org ?
[12:56]
RandalSchwartzthat question doesn't make sense to me
you handle your own subdomains
using your own master files
[12:57]
nestaon afraid.orf there is tons of domains available for people to use
everyone knows this and uses them subsequently
you are probably aware
:)
yeah so am sasking of he.net has similar
I do not imagine so
[12:58]
RandalSchwartzoh - those crappy little vanity domains?
I wouldn't trust anything I couldn't re-register
[12:58]
nestaright, those crappy lil vanity dmoains
domains
k
for IRC its not such a big deal to me
:)
[12:59]
***adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
[13:01]
nesta has quit IRC (Remote host closed the connection)
nesta has joined #arpnetworks
[13:07]
arenlor has quit IRC (Quit: Leaving)
Jestre has joined #arpnetworks
[13:16]
_Ehtyar has quit IRC (Remote host closed the connection)
_Ehtyar has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
[13:22]
nesta has quit IRC (Quit: leaving)
nesta has joined #arpnetworks
nesta has quit IRC (Client Quit)
nesta has joined #arpnetworks
[13:34]
IPv6Freelynesta: heh thanks, but i still have nfi about any of that :P [13:41]
RandalSchwartztime to learn!
try http://lmgtfy.com/?q=dns+tutorial
[13:42]
nestahehe [13:43]
IPv6Freelyheh
bleh
feh
and finally meh
[13:43]
RandalSchwartztry http://lmgtfy.com/?q="words+that+end+in+'eh'" [13:44]
IPv6Freelylmgtfy is awesome [13:44]
RandalSchwartzoops, that broke
bad-encoding
RandalSchwartz wanders off
[13:44]
IPv6Freelyfail
:P
up_the_irons: wake up :P
[13:47]
***BeBoo_ has quit IRC (Quit: BeBoo_) [13:50]
RandalSchwartzwhat do you need from him? [13:51]
IPv6Freelymy vps to be rebuilt [13:52]
***_Ehtyar has quit IRC (Quit: IRC is just multiplayer notepad)
Ehtyar has joined #arpnetworks
schmir has joined #arpnetworks
[14:01]
vtoms has quit IRC (Quit: Leaving.) [14:13]
RandalSchwartzrebuilt?
was it configured wrong?
[14:13]
***Lefty has quit IRC (Ping timeout: 265 seconds) [14:17]
IPv6Freelyi broke it [14:18]
jdoethat happens. [14:23]
IPv6Freelyindeed
but i cant even wipe it and start over anymore
[14:24]
***AndChat has joined #arpnetworks
AndChat is now known as Guest30393
Guest30393 is now known as gregdolley
[14:25]
nestaah yes you can :) [14:27]
awyeahwoot!
I now have VPN tunnels from my apartment's router to my VPS, my parents' router to my VPS, and it's fully routed.
So next time my mom can't do something on her computer, it's just a VNC click away ;)
[14:27]
nestanice one awyeah
that sounds cool
[14:28]
bob^^i do that with my parents too :)
it is *very* useful
you will not regret the time spent setting it up awyeah ;D
[14:28]
awyeahheh
It wasn't so bad.
Actually the hardest part was getting DD-WRT to listen to me.
Because once I got it set up, the openvpn client kept dying, so I had to figure out how to make it restart properly.
[14:28]
bob^^i've just started using dd-wrt here too
not got it terminating my VPNs yet though
they still arrive in to a freebsd box that sits underneath my router :)
my aim is to get it all onto the dd-wrt though and save some power ;)
[14:29]
awyeahYeah, I don't use my BSD box here for any of that stuff either, it's just a local server
well... it also handles my IPv6 tunnel to he.
but no other internet routing.
[14:30]
***gregdolley has quit IRC (Ping timeout: 240 seconds) [14:32]
IPv6Freelynesta: heh no i cant... we already tried :P [14:33]
RandalSchwartzyeah IPv6Freely - you can boot from a totally wiped disk
just use the VNC console
in fact, that's the first thing I do when I get a new VPS here. Wipe the disk entirely.
just go to the VNC console, hit F12 during the bios boot, and select the DVD
[14:33]
IPv6Freelycant do that man
i tried wiping it
you know how it says "are you sure you want to do this?" right at the end of the sysinstall process?
When i select YES, I get this: http://a.imageshack.us/img401/2599/screenshot20100804at102.png
[14:39]
nestaIPv6Freely: can't what? [14:40]
IPv6Freelycant wipe it and start over. up_the_irons needs to fix it :P [14:40]
nestawell as I said.. it can be fixed. :) [14:41]
IPv6Freelyyea, just needs somebody else to fix it :P [14:41]
nestaI told you that earlier. ;) [14:41]
IPv6Freelyi know :) [14:41]
RandalSchwartzjust use the fixit shell
and wipe it diretly
that's pretty easy
[14:44]
IPv6Freelyoh? do tell :) [14:44]
RandalSchwartztry http://lmgtfy.com/?q=freebsd+fixit+shell [14:45]
IPv6Freelywell thats not very helpful [14:45]
RandalSchwartzsure it is
you're gonna have to learn some day
get into the fixit shell
use gpart to reconfig the disk
fixit shell is in the first menu of sysinstall
there. everything you need, handed to you on a platter.
happy?
[14:45]
IPv6Freelyill have to go find out what gpart is [14:46]
RandalSchwartzyes. "man gpart"
So. Very. Hard.
[14:47]
***schmir has quit IRC (Remote host closed the connection) [14:47]
IPv6Freelyunable to find the file /etc/manpath.config [14:47]
RandalSchwartzI bet there's even some tutorials on THAT if you google
or even sections of the handbook
[14:47]
IPv6Freelyim sure there is
none of which i will understand
[14:47]
RandalSchwartzlearn or hire. [14:48]
IPv6Freelyill just have up_the_irons fix it [14:48]
RandalSchwartzpay with your time, or your money [14:48]
nestait's amazing. the plethora of info on the net. it's ... almost like it .. was designed for .. that?
:P
[14:48]
RandalSchwartzand I hope up_the_irons charges you consulting for that.
that's Above And Beyond
[14:48]
IPv6Freelyto restore my vps to a default image? [14:48]
RandalSchwartzhe keeps the prices low because he can keep his labor to a minimum [14:48]
up_the_ironshttp://support.arpnetworks.com/faqs/vps/what-is-supported [14:48]
IPv6Freelyim aware
up_the_irons: ive seen it.
[14:49]
up_the_ironsi will reset a vps back to "factory defaults" if requested [14:49]
IPv6Freelyup_the_irons: nesta said earlier that youd restore it [14:49]
RandalSchwartzhe may give you this one as a freebie. :) [14:49]
IPv6Freelyim just going to cancel [14:49]
up_the_ironsRandalSchwartz: factory default resets are actually free. [14:49]
RandalSchwartzI suppose, because it's just a button push or two. [14:50]
up_the_ironsnobody has really come back and wanted it done ten times or anything, so i kinda don't care [14:50]
IPv6Freelyup_the_irons: can you just kill my account? [14:50]
up_the_ironsIPv6Freely: if you want to cancel, send an email to support@arpnetworks.com with your vps uuid and it'll be taken care of [14:50]
IPv6Freelythanks [14:51]
up_the_ironsnp [14:51]
IPv6Freelyit was worth a try, i guess vps isnt for me
thanks anyway up_the_irons , you had good prices. i appreciate the help.
[14:52]
up_the_ironsIPv6Freely: no problem [14:54]
IPv6Freelycancellation email sent [14:55]
***IPv6Freely has left [14:58]
awyeahnever read that URL before.
So, do you guys add custom contacts to nagios? Like, if i'd like to be notified if it loses ping?
[15:03]
up_the_ironsno, we don't, just staff gets the email [15:04]
awyeahgotcha [15:04]
RandalSchwartz"thy rod and thy staff, they comfort me" :) [15:04]
awyeahI suppose I should probably be monitoring it on my own anyway ;)
oh, up_the_irons, that reminds me, I need to file a support ticket to validate my reverse DNS delegation
I spent hours yesterday trying to figure it out and I Still don't have things working
[15:04]
RandalSchwartzI kept telling you, paste it to me. :) [15:05]
awyeahi'm pretty confident that my nameserver response authoritatively to those requests [15:06]
up_the_ironsawyeah: just so you know, I will show you what I have in my DNS for your delegation, and I will make any changes requested. But as for your setup, you're on your own :) [15:06]
awyeahUnderstood. I just want to validate what you have. I'm sure it's right, but I need to do it for piece of mind ;) [15:07]
up_the_ironsyeah i understand [15:07]
awyeahRandal: I don't want to paste all that crap in the channel... [15:09]
RandalSchwartztry http://lmgtfy.com/?q=pastebin [15:11]
awyeahI love lmgtfy.com. I use that on my boss all the time.
okay so I'm going to use the ipv4 stuff first, it's also not working... and it's easier to remember stuff.
http://pastebin.com/a8YQUzen
[15:14]
RandalSchwartz2010 08 03 *001*???
I think your int is too big
I've always used just "01" "02" "03" in that last piece
RFC1912 section 2.2
that might be why your nameserver doesn't consider itself an authority :)
did you check the errors when you reload or restart?
RandalSchwartz waits for awyeah to catch up
[15:18]
***Lefty has joined #arpnetworks [15:21]
RandalSchwartzawyeah? [15:22]
awyeahhmmm
no errors.
[15:22]
RandalSchwartzso, first, fix that though [15:22]
awyeahbut i'll reduce the size of the serial. stand by. [15:22]
RandalSchwartz10^11 > 2^31 :)
there's a reason they chose YYYYMMDDss
[15:22]
bob^^no one chose that though [15:23]
awyeahokay, reload [15:23]
bob^^you can use 1, 2, 3, 4 if you like ;) [15:23]
RandalSchwartzbob - see RFC referenced above
it *is* the recommendation
[15:23]
bob^^it's just easier to use YYYYMMDDxx to prevent the serial rolling back
it's a recommendation
not a requirement
[15:23]
RandalSchwartzyup
I didn't say requirement
you can *choose* a recommendation :)
[15:23]
bob^^pfft ;) [15:24]
RandalSchwartzSHOULD not MUST :) [15:24]
bob^^having 001 at the will probably cause it to roll over though i'd have thought... i can't imagine BIND liking that much ;)
*at the end
[15:24]
awyeahyou know what...
that may be why I see unrelated serial numbers in my logs.
[15:26]
RandalSchwartzheh!
yeah, 2^31 overflow
[15:26]
bob^^hehe [15:26]
RandalSchwartzthat'll do nasty things [15:26]
bob^^yup [15:26]
RandalSchwartzI found that within 30 seconds
you could have had those 30 seconds yesterday :)
but no, you didn't want to paste. :(
next time, trust me.
New Pairs Of Eyes Are Always Better
[15:26]
bob^^true that :) [15:27]
RandalSchwartzespecially if it's "spooky fail" [15:27]
awyeahwell, let's see if it works now... [15:27]
RandalSchwartzit might not
your slaves might need kicking
because you've done weird serial things
there *is* a technique to force a reset of serial no matter what it is
but you didn't do that just now. :)
and it takes 2 * TTL times to do it
hopefully your TTL is small-ish
[15:27]
awyeahI just forced my secondary to reload it, twisted4life allows that... stand by [15:30]
RandalSchwartzeww. twisted? I used them a long time ago
moved to afraid about six months ago
you realize twisted is in aspac space, right?
[15:30]
awyeahI think I only use them for my reverse stuff [15:30]
RandalSchwartzapnic space [15:30]
awyeahFine by me [15:30]
RandalSchwartzwhatever the name is
interesting - dig +nssearch 173.125.206.in-addr.arpa.
still says arp's serving it
[15:30]
awyeahhehehe
Aug 4 15:25:28 excelsior named[43094]: zone 173.125.206.IN-ADDR.ARPA/IN: zone serial has gone backwards
[15:33]
RandalSchwartzyeah - you're toasty for a while
at least twisted has the same SOA
[15:34]
awyeahokay. secondary's got it. [15:35]
RandalSchwartzso in this case, you're mostly there.
that "dig" is odd though
I'd get that fixed first
looks like arp isn't delegating it yet
[15:35]
awyeahif you do @206.125.173.26 on your queries, you do get authoritative responses. [15:40]
RandalSchwartzso the problem may be with arp [15:42]
up_the_irons$ dig +trace 206.125.173.26
...
26.173.125.206.in-addr.arpa. 3600 IN CNAME 26.24-31.173.125.206.in-addr.arpa.
24-31.173.125.206.in-addr.arpa. 3600 IN NS 206.125.173.26.
24-31.173.125.206.in-addr.arpa. 3600 IN NS 202.157.182.142.
;; Received 125 bytes from 208.79.89.9#53(ns2.arpnetworks.com) in 0 ms
does that look right?
the only thing that makes me scratch my head is that the delegation NS are IPs, not hostnames
not sure if that matters
[15:42]
awyeahprobably not
anyway I need to eat dinner now, I gotta feed the beast
i'll be back in a bit.
[15:44]
................ (idle for 1h18mn)
***ziyourenxiang has joined #arpnetworks [17:02]
..... (idle for 21mn)
jdoeup_the_irons: ping.
up_the_irons: so I've got xmonad and I'm slowly making peace with the key bindings... except I can't make Evolution behave.
I can shift it to its own workspace, but I can't identify the various windows.
ie I want to have the main window fullscreened and everything else floating.
... except evolution doesn't give me any useful info for differentiating them :/
[17:23]
up_the_ironsjdoe: it may be difficult to enumerate every window. you can find the window class names with 'xprop | grep WM_CLASS' and then click on the window. but if i were doing what you just described, i would tell xmonad to always float Evolution as a whole. I do this with GNUCash, b/c of all the little popup windows [17:26]
jdoehaving to maximize it myself kinda bugs me though.
but if that's the only way, shrug.
I dunno, it's a little irritating that they consider preferences a dialog window, but not compose etc.
[17:27]
up_the_ironsjdoe: what is a dialog and what is not is somewhat a mystery to me. most of the time, it "works". if I maximize gnucash, it opens up maximzed again. evolution doesn't do the same? [17:29]
***BeBoo_ has joined #arpnetworks [17:31]
jdoehaven't tried floating it yet.
I don't remember how it opened before.
... works nicely for pidgin though.
stole that example xmonad.hs with split 6:1 screen for conversations + buddy list
[17:31]
up_the_ironsyou have pidgin floated?
oh i c
shit, i need to look at that.. ;)
[17:32]
BeBoo_BeBoo_ dances around the channel [17:34]
jdoeno, pidgin isn't floated
the screen is split 6:1, 6/7ths for the chat window, 1/7th for the buddy list.
dedicated im workspace.
the only stuff that's explicitly floated right now is firefox dialogs.
[17:34]
up_the_ironsoh i c
what class is firefox dialogs? i never tried to float those..
[17:35]
jdoethey're actually dialogs. [17:35]
up_the_ironsah [17:36]
jdoe... so if you're just floating those anyway, shrug. [17:36]
up_the_ironssome end up floating, some don't. prefs doesn't, but most others do [17:36]
RandalSchwartzon OSX, the "green" button means only "toggle between two strange sizes"
there's no "maximize" buton, and there should be.
green is like "change the size somewhat, and move around so you have to find the green button again"
[17:39]
BeBoo_RandalSchwartz: It's not really a maximize button, it's a "fit to content" button [17:40]
up_the_ironsfirst size: the size that it is set to open up as, second size: the size that "optimally" fits the screen
given what is around it
[17:40]
RandalSchwartzWell - in practice, it never does what I want [17:40]
up_the_ironshaha [17:40]
RandalSchwartzI want a maximize button [17:40]
BeBoo_then send an email to steve mobs
err jobs ;p
[17:40]
RandalSchwartzit's the "randomize this window for no damn reason" button most of the time [17:41]
BeBoo_BeBoo_ pokes up_the_irons [17:43]
.... (idle for 18mn)
DaCaup_the_irons: xprop will tell you which class [18:01]
.... (idle for 17mn)
jdoeRandalSchwartz: the maximize button varies depending on app. Firefox behaves as you'd expect. Safari tries to have maximize "fit all the user content and no bigger" [18:18]
BeBoo_nesta cat [18:24]
***fink_ has joined #arpnetworks [18:24]
..... (idle for 22mn)
ziyourenxiang has quit IRC (Quit: ziyourenxiang) [18:46]
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit)
[18:54]
......... (idle for 44mn)
jdoeRandalSchwartz: I agree though, the behaviour of the default osx apps is... crazy. Completely unintuitive. [19:45]
up_the_irons: lol the best suggestion from #xmonad was a secondary haskell script that stringified the window icon and calling that from xmonad.hs. Terrifying. [19:53]
............ (idle for 59mn)
***fink_ has quit IRC (Quit: fink_) [20:52]
...... (idle for 26mn)
BeBoo_ has quit IRC (Quit: BeBoo_) [21:18]
................... (idle for 1h31mn)
IPv6Freely has joined #arpnetworks [22:49]
.... (idle for 16mn)
nakano is now known as nakano_ [23:05]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)