IPv6Freely: i wonder if he was doing a survey ***: IPv6Freely has quit IRC (Remote host closed the connection)
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
nesta has quit IRC (Remote host closed the connection)
nakano_ is now known as nakano
nesta has joined #arpnetworks
nesta has quit IRC (Client Quit)
nesta has joined #arpnetworks
LT has joined #arpnetworks
dbgi-- has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
dbgi has quit IRC (Ping timeout: 276 seconds)
dbgi-- is now known as dbgi
dbgi has quit IRC (Changing host)
dbgi has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
schmir has quit IRC (*.net *.split)
jn has quit IRC (*.net *.split)
jn has joined #arpnetworks
schmir has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
nuke` has quit IRC (Ping timeout: 258 seconds)
nuke` has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
ziyourenxiang has joined #arpnetworks
nakano is now known as nakano_
schmir has joined #arpnetworks
adxp has quit IRC (Ping timeout: 276 seconds)
adxp has joined #arpnetworks
nakano_ is now known as nakano
schmir has quit IRC (Remote host closed the connection)
fink_ has joined #arpnetworks awyeah: mornin' ***: awyeah has quit IRC (Quit: Reconnecting)
awyeah has joined #arpnetworks awyeah: hrmph. bob^^: just upgraded my VPS to freebsd 8.1 o/
went smooth as it could, i love freebsd-update :) RandalSchwartz: zfs gpt boot? bob^^: nope
i'm not crazy RandalSchwartz: ahh, simpler. :) bob^^: :)
i need things to 'just work' RandalSchwartz: me too. but I like snapshots and rollbacks bob^^: oh yeah, zfs is nice... i'm just not happy to use it in production *just* yet -: RandalSchwartz wanders off to $DAYJOB ***: adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks bob^^: :q!
lol ***: dbgi has quit IRC () dxtr: So
How would I secure my fresh, new freebsd installation?
If I don't have enough space to jail my users ***: vtoms has joined #arpnetworks ziyourenxiang: on arpnetworks? should have enough space :-) RandalSchwartz: yeah - even the smallest plans can run a jail
they nullmount back to your existing /bin etc
or rather a bin built for all jails bob^^: dxtr: http://erdgeist.org/arts/software/ezjail/ fink_: ezjail rocks bob^^: +1
:D awyeah: dxtr: Get rid of the users
Then shutdown -h now RandalSchwartz: heh... I'm stuck on the guru level of he.net ipv6 certification
turns out, using he.net as a secondary for my domain is actually stopping me from getting he.net certification!
ns1.he.net is ipv4 only (!!!)
so my nameservers aren't all reachable from v6
"a clever trap they have laid, and I fell for it!" ***: woremacx has quit IRC (Ping timeout: 260 seconds) ziyourenxiang: the handbook's method to construct jails is quite straightforward as well. bob^^: ezjail just makes it way easier to manage afterwards, plus bringing up a new jail just takes a few seconds
but yes, the handbook method is fine too if you're just after one or two standalone jails fink_: bob^^: i've done both and i find ezjail really saves on the drudgework bob^^: agreed :) ziyourenxiang: i'll give it a try then. :-) ***: adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
woremacx has joined #arpnetworks dxtr: Is it safe to compile a new kernel with a new cnofiguration without first rebuilding world?
It's the same version and everything. Just a different kernconf bob^^: if it's the same version and nothing's been updated, you'll be fine dxtr: Cool bob^^: just don't let kernel and world get out of step... Bad Things (tm) will happen
:) dxtr: Hehe
I don't need support for "USB Serial Devices", right? :P bob^^: are you using USB Serial Devices? dxtr: On the VPS? bob^^: you never said it was for your vps :)
i wouldn't think you'd need that, no dxtr: I thought it was obvious, sorry :) bob^^: :) dxtr: Do I need any USB support for thinks to function?
things* bob^^: i'm not sure
let me check on mine dxtr: yeah :) bob^^: i've not *noticed* any USB (apart from a usb mouse, but i don't need/use that nayway) dxtr: I wanna disable as much as possible bob^^: don't see anything in dmesg.boot that looks to use USB
you're not going to save a huge amount by removing those sorts of things though imho
these days i tend to run everything with GENERIC tbh dxtr: hehe
Just playing around :) bob^^: hehe
it's not quite the same as the old days where saving a couple of MBs made a huge difference when your box only had 16mb to start with :D dxtr: Hehe cedwards: yeah. I run GENERIC, but I change the name is all.
I used to bother pulling modules on my *old* sparc machine, but now it's not worth it. bob^^: exactly :) ziyourenxiang: cedwards, i suppose you don't use freebsd-update, since you rename GENERIC to something else? ***: adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks bob^^: i <3 freebsd-update so very much cedwards: ziyourenxiang: I build everything.
with ccache it really doesn't take long. On one machine I can do a kernel in <1m and world in <5m. ziyourenxiang: i like freebsd-update, but i also want IPsec, so i can't run GENERIC... bummer... any suggestion for a user-space site-to-site VPN thingie? i know of openVPN. bob^^: openvpn is superb, i can highly recommend it ziyourenxiang: somehow it feels a bit "impure" to run TCP over SSL (assuming that's what openVPN does) RandalSchwartz: not really ssl
it has its own encryption
and yes, I highly recommend openvpn as the best solution
since it tunnels using UDP, not TCP
tcp over tcp is troublesome ziyourenxiang: ah, it uses UDP? didn't know that. ok, will give it a whirl. RandalSchwartz: and you can use either layer 3 or layer 2
with layer 2, it's a bit fatter packets, but you can tunnel *anything*
eseentially, your interface looks like a participant on the remote net ziyourenxiang: i'm looking to tunnel something like zero MQ or one of those AMQP thingies among 2-3 servers. cedwards: I really need to learn openvpn too. something on my (long) list of topics. RandalSchwartz: the one thing that won't work is behind-NAT to behind-NAT
the server has to have a public face
the client can be behind-NAT though bob^^: well.. behind NAT to behind NAT will work, with port forwarding
it works fine providing you configure it correctly RandalSchwartz: presuming you have a public IP too bob^^: well yes RandalSchwartz: there are some ISPs that never give you a public IP bob^^: my advice there would be RandalSchwartz: "it's NATs... all the way down!" bob^^: move to an actual ISP ziyourenxiang: at the moment my two servers are all arpnetworks VPS. at some point i expect to have one or more linux 64bit servers (to run GLASS). any of you guys run linux on arpnetworks? RandalSchwartz: indeed. but there are some solutions (like hamachi) that don't require public IPs
jus' sayin'. bob^^: meh
i'd hardly call hamachi a solution
but whatever floats your boat RandalSchwartz: well *I* would never use it either bob^^: ziyourenxiang: i'm sure plenty of chaps use linux around here too :)
openvpn works fine on linux as well - i've done freebsd > linux > windows with openvpn, no problems at all ziyourenxiang: hmm, if all my machines are on arpnetworks maybe i might just use GRE for tunneling and rely on higher layers to provide security. RandalSchwartz: GRE is tcp over tcp though, right? bob^^: you'll have openvpn up and running in five minutes :) ziyourenxiang: GRE is anything-over-ip bob^^: indeed it is
i've done some horrible things with GRE in my time :)
but they work! ziyourenxiang: ok, i'll try openvpn next. i've done GRE before too and know that it surely works. RandalSchwartz: of course it works, and stop calling me shirley. :) ziyourenxiang: heh jdoe: feh, tcp tunnels. ***: adxp has quit IRC (Ping timeout: 260 seconds)
vtoms has quit IRC (Quit: Leaving.)
adxp has joined #arpnetworks fink_: +1 openvpn ***: IPv6Freely has joined #arpnetworks IPv6Freely: well... i learned the hard way that binary system updates dont play well with zfs at this point. ***: nakano is now known as nakano_ IPv6Freely: I ran across this issue: http://forums.freebsd.org/showthread.php?t=8958 (except the accepted fix doesnt want to work for me) ***: LT has quit IRC (Quit: Leaving) dxtr: Err
Did console.cust.arpnetworks.com just go down?
Oh no it didn't ***: BeBoo_ has joined #arpnetworks BeBoo_: about how long does it take for a vps to be setup? IPv6Freely: usually under 24 hrs BeBoo_: Cool. I'm excited :D IPv6Freely: It's pretty awesome, that's for sure. Except for me having to wipe mine and start over because im an idiot :P BeBoo_: :o
Thats not good. What happened? IPv6Freely: I rebuilt w/ ZFS, and apparently freebsd's binary system upgrades (to go to 8.1) dont play well with zfs
http://forums.freebsd.org/showthread.php?t=8958 <--- that, except their fix doesnt work for me BeBoo_: excuse the ignorance but what's different about ZFS? IPv6Freely: hell if i know... its supposed to be better :P
was just about to read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/filesystems-zfs.html
not that ill understand a single word of it fink_: IPv6Freely: you should ask RandalSchwartz IPv6Freely: fink_: about my broken system or about zfs in general? fink_: yours IPv6Freely: humph... i dont know whats the deal with my vps, i connect w/ chicken of the vnc and it appears to connect but i get no window BeBoo_: love that program
doesn't seem to work with VirtualBox though
virtualbox's vnc that is fink_: IPv6Freely: i like cotvnc too, but i've had better luck with jollysfastvnc w/arpnetworks dxtr: IPv6Freely: I got that too earlier with tightvnc
Just connect a couple of times IPv6Freely: hmmmm ***: BeBoo_ has quit IRC (Quit: ::: (tekN1X) :::) IPv6Freely: frustrating
no luck :( fail
there we go.. shut down the vps and booted. now i can get in
RandalSchwartz: awake? :)
booted into fixit... says to chroot into my installation, which should just be "chroot /zboot" right?
zroot rather nesta: hehe
you guys and your ZFS
I don't understand why you love heart ache so much
UFS rox fink_: lol@ufs
zfs=future nesta: yeah well guess what
it's present day
:)
the future is yet to come :P DaCa: nesta: it's great, on a dedicated server, but to use it on a vps looks downright ridiculous to me nesta: yes DaCa fink_: DaCa: i'm using it now on root on an arp vps IPv6Freely: yea i think im just gonna build a standard install
i dont think ill get anything out of it fink_: zfs snapshot management rules nesta: does ZFS just get installed to /root ?
I am kinda confused about that
what about multiple partitions ***: dxtr has quit IRC (Changing host)
dxtr has joined #arpnetworks fink_: there's a tutorial on the freebsd wiki IPv6Freely: no idea
http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot
i just followed that nesta: yeah I saw it but it does not really makew it clear about multiple paritions
unless I totally missed it hehe
whihc is likely IPv6Freely: no clue. nesta: dxtr: how was the re-install? great success? dxtr: nesta: Yeah. Been doing stuff for a couple of hours now nesta: ah okay, did you get all the seperate partitons okay? IPv6Freely: hmm now i cant even do a default install
unable to find device node for /dev/ad0s1b in /dev! The creation of filesystems will be aborted fink_: IPv6Freely: the first time i followed that tutorial; the second time i did this: http://anonsvn.h3q.com/projects/freebsd-patches/browser/manageBE/create-zfsboot-gpt_livecd.sh
that was with 8.0 release
it was pretty awesome IPv6Freely: cool but that doesnt help me with either issue im having nesta: whats your issue? you can't do an install?
just erase you disk man IPv6Freely: well first the zfs was broken, then i tried wiping and starting over and it wont let me
how do i erase a disk? ive always just done that and partitions in sysinstall
I think... im just going to cancel my account. nesta: sounds a bit hasty
they provide you with a perfect working installation IPv6Freely: and i break it nesta: people decide to do all sorts]
yeh
you can easily fix
:) IPv6Freely: apparently not nesta: are you booted to cd? IPv6Freely: i was nesta: well go back, why give up? IPv6Freely: now im at a boot: prompt nesta: the devil loves a trier IPv6Freely: i have no idea how to reboot from here nesta: log into your webpanel that Arp provides for you, IPv6Freely IPv6Freely: ok nesta: you can shut it down there
and then boot it IPv6Freely: booting..
okay in the sysinstall main menu nesta: okay
do a standard install
when you go to the disk part don't do anything just shout me :) IPv6Freely: yeah im in that part nesta: okay you select the drive yeh?
then it brings you to black screen IPv6Freely: yea
the fdisk partition editor nesta: see the middle line? it has 'freebsd' on it
press down arrow to get to it
then press d
then press a IPv6Freely: i have "unused, unknown, unknown, unknown, unused" nesta: ok
just delete
all
basically
go to all them
and press
d
once IPv6Freely: k all unused. this is how i normally do it nesta: tell me when you done that
k IPv6Freely: done nesta: press arrow back up to top
then press
a IPv6Freely: yep
now i have ad0s1 freebsd nesta: cool
go to that one
and press
s IPv6Freely: done nesta: press q IPv6Freely: k nesta: now choose yes for the bootmanager
like the top option is fine IPv6Freely: ya nesta: done?
k
now
what size is your hard drive IPv6Freely: 20GB
i usually just do auto here too nesta: is that what you would like to do? IPv6Freely: sure why not nesta: you can carry on now as normal
it should fdisk just fine
if not then you got me :)
yeh go with auto
just auto and then q to get out IPv6Freely: auto and then q
now i was gonna use "user" here since im gonna cvsup src anyway nesta: yeah sure
jsut get to the fdisk hehe IPv6Freely: asking where to install from, i pick CD obviously nesta: yep ***: nakano_ is now known as nakano
nakano is now known as nakano_
nakano_ is now known as nakano IPv6Freely: okay, the final yes/no window. "last chance, are you sure?" nesta: YES
:D IPv6Freely: same error as before -: nesta crosses fingers nesta: lol
wow okay ZFS really *is* evil
hey IPv6Freely don't worry when up_the_irons is here he will reinstall for you np :)
its part of the contract IPv6Freely: http://a.imageshack.us/img401/2599/screenshot20100804at102.png nesta: wowee
thats a funny one alright IPv6Freely: *thumbs up* nesta: I am sure there is some sensical explanation
okay, IPv6Freely .. ya got me.
:)
lol IPv6Freely: had zfs, zfs broke, tried to install normally, and failsauce. Thats the summary of my last two days :P nesta: I have thus far steared clear of it
for I knew all of this lay before me
:D
I heeded the warning calls of others lost in the wilderness IPv6Freely: i made the mistake of trying to do a binary upgrade from 8.0 to 8.1, which apparently is broken if you use zfs nesta: ah yes I never binary upgrade IPv6Freely: id never done it before, i figured id try it nesta: I always upgrade via fresh source and build it
its much more fun
freebsd-update is boring imho IPv6Freely: me too, though i dont find it fun :P nesta: :P IPv6Freely: i didnt know binary upgrades even existed
until a couple days ago nesta: ya gota make it fun hehe, dangerous kernel options etc.. IPv6Freely: ha. no.
im not a tinkerer nesta: playing with MAC and ACL and ttoally breaking your shit IPv6Freely: i want it to just work nesta: like I did the other night
lol IPv6Freely: i hate computers, i have zero interest nesta: aww come on
thats not true clearly IPv6Freely: no really... if i ever had to do sysadmin shit id go nuts nesta: you have a FreeBSD vps
most 'normal' people
]have NOidea what that is IPv6Freely: the only reason i got a vps is because the shell i have gets rebooted every night and therefore sucks for screen+irssi. nesta: rebooted every night?
dang IPv6Freely: sometimes not
but when i log in and do screen -r and it says no screen to be resumed... man does that ever piss me off nesta: but you don't care about computers
:P IPv6Freely: i dont. i care about irc :P nesta: hahaha IPv6Freely: i want my irc and dont want to have to mess with shit to get it
a shell is also super useful for testing my networks from the outside dxtr: Hmm... IPv6Freely: but otherwise i hate computers. thats why i use a mac, because everything just works and i can spend my time doing my work rather than dicking with my OS dxtr: Exactlt what is "cputime" in login.conf? I'm thinking it essentially says how long a proccess can run ("Use the cpu") ***: Lefty has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
koan has quit IRC (Read error: Connection reset by peer)
koan has joined #arpnetworks
fink_ has quit IRC (Quit: fink_)
cedwards has quit IRC (Read error: Connection reset by peer)
cedwards has joined #arpnetworks ziyourenxiang: IPv6Freely, whatever i want to do on my VPS, i try first on a vbox instance on my laptop... if nothing else i get familiar with the procedure and screens.
oh ok, didn't see that bit where you say you don't do sysadmin :-) IPv6Freely: heh yea awyeah: Next project: OpenVPN on my VPS.
So I can have "local" network access to it. IPv6Freely: That's probably pretty easy.
About to configure VPN today actually.
Though, its a Juniper SSL VPN appliance, so slightly different :P awyeah: heheh yeah.
purpose-build.
built.
Although, JunOS is based on FreeBSD I think. IPv6Freely: sort of
It runs on top of freebsd
not really based on it ***: schmir has quit IRC (Remote host closed the connection) RandalSchwartz: heh... got an answer back from he.net about how to pass their test
"remove ns1.he.net from your list"
great. :) up_the_irons: lol -: up_the_irons anticipates a support ticket up_the_irons: RandalSchwartz: want me to remove it from your rdns? i happen to be in my name server right now... ***: Lefty has joined #arpnetworks
vtoms has joined #arpnetworks dxtr: Hey, you guys can help me :D
Exactly what is "cputime" in login.conf? I'm thinking it essentially says how long a proccess can run ("Use the cpu") nesta: hiya up_the_irons :) -: up_the_irons has no idea what cputime is nesta: man login.conf jdoe: dxtr: I believe that is the case.
but it's not how long it can run, it's how long it can RUN
ie actually be on the cpu. bob^^: man login.conf says it's a limit on cputime
;) jdoe: right. nesta: it actually says "CPU USage Limit"
:P
which does indeed explain it a bit more RandalSchwartz: up_the_irons - I think it only matters on the forward
so lemme see if that fixes it yet up_the_irons: RandalSchwartz: roger RandalSchwartz: since I'll put it back in after I get my badge. :) nesta: any idea why a line like this won't work .. pass in quick log on $ext_if inet proto tcp from group { bakeneko } to $iplist port $ssh flags S/SA keep state up_the_irons: heh nesta: seems to be an issue with the group part of the rule
man page is useless and google is like 'what?'
>_< ***: ziyourenxiang has quit IRC (Quit: ziyourenxiang)
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
nakano is now known as nakano_
nakano_ is now known as nakano
BeBoo_ has joined #arpnetworks BeBoo_: =] nesta: hi BeBoo_ :)))
long time BeBoo_: hey nesta, how are ya nesta: super duper BeBoo_: great to hear
just waiting for my new vps to be created :D
(impatiently) nesta: niiiice
FreeBSD? BeBoo_: lol
of course nesta: excellent BeBoo_: yeah, element talked me into getting my own VPS since i keep taking his over nesta: haha BeBoo_: so i figured if i'm getting my own, i want a freebsd one, not linux nesta: how is he doing?
hell yeh BeBoo_: pretty good, we've both been busy busy
his b'day is coming up nesta: anything exciting?
ahhh BeBoo_: we're goin to the shore
not really exciting... bought a PS2 and a bunch of games we miss playing
lol RandalSchwartz: feh. even after removing ns1.he.net from stonehenge.com, it's still failing jdoe: so much for your global redundancy ;)
bah. Another day, another "rdns still not setup properly"
classless delegation is hard :( ***: Jestre has quit IRC (Read error: Operation timed out)
phlux_ is now known as phlux
adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks RandalSchwartz: woo hoo... I'm a Sage! http://ipv6.he.net/certification/cert-main.php
... http://ipv6.he.net/certification/scoresheet.php?pass_name=merlyn nesta: well done :) IPv6Freely: woohoo
i dont know the systems side of ipv6 :( nesta: its easy :)
well
actually
I retract that IPv6Freely: i guess ill find out nesta: lol
but adding your ipv6 aliases for arp with FreeBSD .. is easy
:)
# ipv6
ipv6_enable=YES
ipv6_defaultrouter="2607:f2f8:12c0::1"
#ipv6_ifconfig_em0="2607:f2f8:12c0::2 prefixlen 48"
#ipv6_ifconfig_em0_alias0="2607:f2f8:12c0::3 prefixlen 48"
#ipv6_ifconfig_em0_alias1="2607:f2f8:12c0::4 prefixlen 48"
just change to your info and put this in /etc/rc.conf IPv6Freely: ask me to configure OSPFv3 over point to multipoint frame relay... no problem. Configure on a desktop? completely lost. nesta: and reboot IPv6Freely: yea i had v6 on my vps, but no idea how to be able to actually use it... i wasnt able to resove hostnames to ipv6 addresses and such nesta: oh well you have to relegate your vps dns to some servers fo your choice
then email up_the_irons the info
the sets them
you make the AAAA records and set the ipv6 as above for the addresses you set the AAAA Records for
and ba da bing
the=he IPv6Freely: yea im lost.
i dont understand dns nesta: tell ya what
me either but I can help you
do this sir, make an account on afraid.org
sign up with them
don't have to pay just make an account IPv6Freely: heh
URL blocked nesta: ? IPv6Freely: The URL that you are attempting to access is a potential security risk. Trend Micro Core Protection Module for Mac has blocked this URL in keeping with network security policy.
damn corp laptops nesta: bhaha
ignore that IPv6Freely: i cant nesta: o
hmm
do
nm IPv6Freely: heh nesta: you can do it wiith he.net IPv6Freely: dont worry about it nesta: now I think
make an account there IPv6Freely: on tunnelbroker.net?
okay account created, now logged in nesta: sorry IPv6Freely
https://dns.he.net/
thats the one
prolly works across board
your login
anyway they do dns now
fpr ipv6
free BeBoo_: IPv6Freely: why do you have AV on your Mac? IPv6Freely: yep works
BeBoo_: because they put it there nesta: so just give up_the_irons the info... ie. the he.net nameservers ip addresses BeBoo_: "they"? IPv6Freely: BeBoo_: work BeBoo_: ah
interesting IPv6Freely: if its not there, i cant log into vpn nesta: yeh fucking wierd BeBoo_: silly IT dept IPv6Freely: indeed BeBoo_: Macs don't get virii
:D -: BeBoo_ hugs his MacBook Pro
IPv6Freely hugs his too BeBoo_: hug yours too nesta
do it now IPv6Freely: i7 yummyness
nesta: so just ns1-5.he.net
? nesta: sure
email him all them
how many ever they have BeBoo_: sorry to butt in but are you talking about dns mgmt for ipv6? nesta: ask him to set them for your ipv6 dns
sure BeBoo_ BeBoo_: reverse or just NS? IPv6Freely: no idrea
idea*
im just doing as im told nesta: haha
wel I dunno how he.net
works
I am just trying to help
:X BeBoo_: Element was telling me that up_the_irons doesn't have any DNS manager that I either have to do it myself or have him forward to somewhere nesta: butr I know for sure RandalSchwartz: oooh. I get a t-shirt for being a sage IPv6Freely: no worries. i think im gonna get food nesta: nah BeBoo_ you can make tons of subs of afraid.org
or your own ones
it's eeeeasssssy BeBoo_: you can't do reverse on afraid.org, can you?
i want reverse ***: arenlor has joined #arpnetworks phlux: yeah you can IPv6Freely: doesnt help that i dont know how to config ipv4 dns either phlux: I do arenlor: Anyone know how to place an upgrade order? Just email support@ or is there a form? ***: adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks BeBoo_: I'm gonna have fun setting my vps up :D nesta: hehe BeBoo_: I'm blanking, what's this character called: ~ arenlor: Tilde? BeBoo_: i thought thats what ` was arenlor: I call that a back tick ^_^'
http://en.wikipedia.org/wiki/Tilde BeBoo_: yup, it's a tilde. thanks ^;
^^; awyeah: woot! arenlor: You mean //|-|0()t don't you? ;) awyeah: Sure. RandalSchwartz: he.net will forward and reverse domains (including v6 records) for up to 25 domains, *and* they have 5 servers all over the world
I'm moving everything away from afraid.org to he.net
... https://dns.he.net/ nesta: there ya go IPv6Freely ^
RandalSchwartz: whats the story with subdomaains on he.net ?
do they have free one like on afraid.org ? RandalSchwartz: that question doesn't make sense to me
you handle your own subdomains
using your own master files nesta: on afraid.orf there is tons of domains available for people to use
everyone knows this and uses them subsequently
you are probably aware
:)
yeah so am sasking of he.net has similar
I do not imagine so RandalSchwartz: oh - those crappy little vanity domains?
I wouldn't trust anything I couldn't re-register nesta: right, those crappy lil vanity dmoains
domains
k
for IRC its not such a big deal to me
:) ***: adxp has quit IRC (Read error: Connection reset by peer)
adxp has joined #arpnetworks
nesta has quit IRC (Remote host closed the connection)
nesta has joined #arpnetworks
arenlor has quit IRC (Quit: Leaving)
Jestre has joined #arpnetworks
_Ehtyar has quit IRC (Remote host closed the connection)
_Ehtyar has joined #arpnetworks
adxp has quit IRC (Read error: Connection reset by peer)
nesta has quit IRC (Quit: leaving)
nesta has joined #arpnetworks
nesta has quit IRC (Client Quit)
nesta has joined #arpnetworks IPv6Freely: nesta: heh thanks, but i still have nfi about any of that :P RandalSchwartz: time to learn!
try http://lmgtfy.com/?q=dns+tutorial nesta: hehe IPv6Freely: heh
bleh
feh
and finally meh RandalSchwartz: try http://lmgtfy.com/?q="words+that+end+in+'eh'" IPv6Freely: lmgtfy is awesome RandalSchwartz: oops, that broke
bad-encoding -: RandalSchwartz wanders off IPv6Freely: fail
:P
up_the_irons: wake up :P ***: BeBoo_ has quit IRC (Quit: BeBoo_) RandalSchwartz: what do you need from him? IPv6Freely: my vps to be rebuilt ***: _Ehtyar has quit IRC (Quit: IRC is just multiplayer notepad)
Ehtyar has joined #arpnetworks
schmir has joined #arpnetworks
vtoms has quit IRC (Quit: Leaving.) RandalSchwartz: rebuilt?
was it configured wrong? ***: Lefty has quit IRC (Ping timeout: 265 seconds) IPv6Freely: i broke it jdoe: that happens. IPv6Freely: indeed
but i cant even wipe it and start over anymore ***: AndChat has joined #arpnetworks
AndChat is now known as Guest30393
Guest30393 is now known as gregdolley nesta: ah yes you can :) awyeah: woot!
I now have VPN tunnels from my apartment's router to my VPS, my parents' router to my VPS, and it's fully routed.
So next time my mom can't do something on her computer, it's just a VNC click away ;) nesta: nice one awyeah
that sounds cool bob^^: i do that with my parents too :)
it is *very* useful
you will not regret the time spent setting it up awyeah ;D awyeah: heh
It wasn't so bad.
Actually the hardest part was getting DD-WRT to listen to me.
Because once I got it set up, the openvpn client kept dying, so I had to figure out how to make it restart properly. bob^^: i've just started using dd-wrt here too
not got it terminating my VPNs yet though
they still arrive in to a freebsd box that sits underneath my router :)
my aim is to get it all onto the dd-wrt though and save some power ;) awyeah: Yeah, I don't use my BSD box here for any of that stuff either, it's just a local server
well... it also handles my IPv6 tunnel to he.
but no other internet routing. ***: gregdolley has quit IRC (Ping timeout: 240 seconds) IPv6Freely: nesta: heh no i cant... we already tried :P RandalSchwartz: yeah IPv6Freely - you can boot from a totally wiped disk
just use the VNC console
in fact, that's the first thing I do when I get a new VPS here. Wipe the disk entirely.
just go to the VNC console, hit F12 during the bios boot, and select the DVD IPv6Freely: cant do that man
i tried wiping it
you know how it says "are you sure you want to do this?" right at the end of the sysinstall process?
When i select YES, I get this: http://a.imageshack.us/img401/2599/screenshot20100804at102.png nesta: IPv6Freely: can't what? IPv6Freely: cant wipe it and start over. up_the_irons needs to fix it :P nesta: well as I said.. it can be fixed. :) IPv6Freely: yea, just needs somebody else to fix it :P nesta: I told you that earlier. ;) IPv6Freely: i know :) RandalSchwartz: just use the fixit shell
and wipe it diretly
that's pretty easy IPv6Freely: oh? do tell :) RandalSchwartz: try http://lmgtfy.com/?q=freebsd+fixit+shell IPv6Freely: well thats not very helpful RandalSchwartz: sure it is
you're gonna have to learn some day
get into the fixit shell
use gpart to reconfig the disk
fixit shell is in the first menu of sysinstall
there. everything you need, handed to you on a platter.
happy? IPv6Freely: ill have to go find out what gpart is RandalSchwartz: yes. "man gpart"
So. Very. Hard. ***: schmir has quit IRC (Remote host closed the connection) IPv6Freely: unable to find the file /etc/manpath.config RandalSchwartz: I bet there's even some tutorials on THAT if you google
or even sections of the handbook IPv6Freely: im sure there is
none of which i will understand RandalSchwartz: learn or hire. IPv6Freely: ill just have up_the_irons fix it RandalSchwartz: pay with your time, or your money nesta: it's amazing. the plethora of info on the net. it's ... almost like it .. was designed for .. that?
:P RandalSchwartz: and I hope up_the_irons charges you consulting for that.
that's Above And Beyond IPv6Freely: to restore my vps to a default image? RandalSchwartz: he keeps the prices low because he can keep his labor to a minimum up_the_irons: http://support.arpnetworks.com/faqs/vps/what-is-supported IPv6Freely: im aware
up_the_irons: ive seen it. up_the_irons: i will reset a vps back to "factory defaults" if requested IPv6Freely: up_the_irons: nesta said earlier that youd restore it RandalSchwartz: he may give you this one as a freebie. :) IPv6Freely: im just going to cancel up_the_irons: RandalSchwartz: factory default resets are actually free. RandalSchwartz: I suppose, because it's just a button push or two. up_the_irons: nobody has really come back and wanted it done ten times or anything, so i kinda don't care IPv6Freely: up_the_irons: can you just kill my account? up_the_irons: IPv6Freely: if you want to cancel, send an email to support@arpnetworks.com with your vps uuid and it'll be taken care of IPv6Freely: thanks up_the_irons: np IPv6Freely: it was worth a try, i guess vps isnt for me
thanks anyway up_the_irons , you had good prices. i appreciate the help. up_the_irons: IPv6Freely: no problem IPv6Freely: cancellation email sent ***: IPv6Freely has left awyeah: never read that URL before.
So, do you guys add custom contacts to nagios? Like, if i'd like to be notified if it loses ping? up_the_irons: no, we don't, just staff gets the email awyeah: gotcha RandalSchwartz: "thy rod and thy staff, they comfort me" :) awyeah: I suppose I should probably be monitoring it on my own anyway ;)
oh, up_the_irons, that reminds me, I need to file a support ticket to validate my reverse DNS delegation
I spent hours yesterday trying to figure it out and I Still don't have things working RandalSchwartz: I kept telling you, paste it to me. :) awyeah: i'm pretty confident that my nameserver response authoritatively to those requests up_the_irons: awyeah: just so you know, I will show you what I have in my DNS for your delegation, and I will make any changes requested. But as for your setup, you're on your own :) awyeah: Understood. I just want to validate what you have. I'm sure it's right, but I need to do it for piece of mind ;) up_the_irons: yeah i understand awyeah: Randal: I don't want to paste all that crap in the channel... RandalSchwartz: try http://lmgtfy.com/?q=pastebin awyeah: I love lmgtfy.com. I use that on my boss all the time.
okay so I'm going to use the ipv4 stuff first, it's also not working... and it's easier to remember stuff.
http://pastebin.com/a8YQUzen RandalSchwartz: 2010 08 03 *001*???
I think your int is too big
I've always used just "01" "02" "03" in that last piece
RFC1912 section 2.2
that might be why your nameserver doesn't consider itself an authority :)
did you check the errors when you reload or restart? -: RandalSchwartz waits for awyeah to catch up ***: Lefty has joined #arpnetworks RandalSchwartz: awyeah? awyeah: hmmm
no errors. RandalSchwartz: so, first, fix that though awyeah: but i'll reduce the size of the serial. stand by. RandalSchwartz: 10^11 > 2^31 :)
there's a reason they chose YYYYMMDDss bob^^: no one chose that though awyeah: okay, reload bob^^: you can use 1, 2, 3, 4 if you like ;) RandalSchwartz: bob - see RFC referenced above
it *is* the recommendation bob^^: it's just easier to use YYYYMMDDxx to prevent the serial rolling back
it's a recommendation
not a requirement RandalSchwartz: yup
I didn't say requirement
you can *choose* a recommendation :) bob^^: pfft ;) RandalSchwartz: SHOULD not MUST :) bob^^: having 001 at the will probably cause it to roll over though i'd have thought... i can't imagine BIND liking that much ;)
*at the end awyeah: you know what...
that may be why I see unrelated serial numbers in my logs. RandalSchwartz: heh!
yeah, 2^31 overflow bob^^: hehe RandalSchwartz: that'll do nasty things bob^^: yup RandalSchwartz: I found that within 30 seconds
you could have had those 30 seconds yesterday :)
but no, you didn't want to paste. :(
next time, trust me.
New Pairs Of Eyes Are Always Better bob^^: true that :) RandalSchwartz: especially if it's "spooky fail" awyeah: well, let's see if it works now... RandalSchwartz: it might not
your slaves might need kicking
because you've done weird serial things
there *is* a technique to force a reset of serial no matter what it is
but you didn't do that just now. :)
and it takes 2 * TTL times to do it
hopefully your TTL is small-ish awyeah: I just forced my secondary to reload it, twisted4life allows that... stand by RandalSchwartz: eww. twisted? I used them a long time ago
moved to afraid about six months ago
you realize twisted is in aspac space, right? awyeah: I think I only use them for my reverse stuff RandalSchwartz: apnic space awyeah: Fine by me RandalSchwartz: whatever the name is
interesting - dig +nssearch 173.125.206.in-addr.arpa.
still says arp's serving it awyeah: hehehe
Aug 4 15:25:28 excelsior named[43094]: zone 173.125.206.IN-ADDR.ARPA/IN: zone serial has gone backwards RandalSchwartz: yeah - you're toasty for a while
at least twisted has the same SOA awyeah: okay. secondary's got it. RandalSchwartz: so in this case, you're mostly there.
that "dig" is odd though
I'd get that fixed first
looks like arp isn't delegating it yet awyeah: if you do @206.125.173.26 on your queries, you do get authoritative responses. RandalSchwartz: so the problem may be with arp up_the_irons: $ dig +trace 206.125.173.26
...
26.173.125.206.in-addr.arpa. 3600 IN CNAME 26.24-31.173.125.206.in-addr.arpa.
24-31.173.125.206.in-addr.arpa. 3600 IN NS 206.125.173.26.
24-31.173.125.206.in-addr.arpa. 3600 IN NS 202.157.182.142.
;; Received 125 bytes from 208.79.89.9#53(ns2.arpnetworks.com) in 0 ms
does that look right?
the only thing that makes me scratch my head is that the delegation NS are IPs, not hostnames
not sure if that matters awyeah: probably not
anyway I need to eat dinner now, I gotta feed the beast
i'll be back in a bit. ***: ziyourenxiang has joined #arpnetworks jdoe: up_the_irons: ping.
up_the_irons: so I've got xmonad and I'm slowly making peace with the key bindings... except I can't make Evolution behave.
I can shift it to its own workspace, but I can't identify the various windows.
ie I want to have the main window fullscreened and everything else floating.
... except evolution doesn't give me any useful info for differentiating them :/ up_the_irons: jdoe: it may be difficult to enumerate every window. you can find the window class names with 'xprop | grep WM_CLASS' and then click on the window. but if i were doing what you just described, i would tell xmonad to always float Evolution as a whole. I do this with GNUCash, b/c of all the little popup windows jdoe: having to maximize it myself kinda bugs me though.
but if that's the only way, shrug.
I dunno, it's a little irritating that they consider preferences a dialog window, but not compose etc. up_the_irons: jdoe: what is a dialog and what is not is somewhat a mystery to me. most of the time, it "works". if I maximize gnucash, it opens up maximzed again. evolution doesn't do the same? ***: BeBoo_ has joined #arpnetworks jdoe: haven't tried floating it yet.
I don't remember how it opened before.
... works nicely for pidgin though.
stole that example xmonad.hs with split 6:1 screen for conversations + buddy list up_the_irons: you have pidgin floated?
oh i c
shit, i need to look at that.. ;) -: BeBoo_ dances around the channel jdoe: no, pidgin isn't floated
the screen is split 6:1, 6/7ths for the chat window, 1/7th for the buddy list.
dedicated im workspace.
the only stuff that's explicitly floated right now is firefox dialogs. up_the_irons: oh i c
what class is firefox dialogs? i never tried to float those.. jdoe: they're actually dialogs. up_the_irons: ah jdoe: ... so if you're just floating those anyway, shrug. up_the_irons: some end up floating, some don't. prefs doesn't, but most others do RandalSchwartz: on OSX, the "green" button means only "toggle between two strange sizes"
there's no "maximize" buton, and there should be.
green is like "change the size somewhat, and move around so you have to find the green button again" BeBoo_: RandalSchwartz: It's not really a maximize button, it's a "fit to content" button up_the_irons: first size: the size that it is set to open up as, second size: the size that "optimally" fits the screen
given what is around it RandalSchwartz: Well - in practice, it never does what I want up_the_irons: haha RandalSchwartz: I want a maximize button BeBoo_: then send an email to steve mobs
err jobs ;p RandalSchwartz: it's the "randomize this window for no damn reason" button most of the time -: BeBoo_ pokes up_the_irons DaCa: up_the_irons: xprop will tell you which class jdoe: RandalSchwartz: the maximize button varies depending on app. Firefox behaves as you'd expect. Safari tries to have maximize "fit all the user content and no bigger" BeBoo_: nesta cat ***: fink_ has joined #arpnetworks
ziyourenxiang has quit IRC (Quit: ziyourenxiang)
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit) jdoe: RandalSchwartz: I agree though, the behaviour of the default osx apps is... crazy. Completely unintuitive.
up_the_irons: lol the best suggestion from #xmonad was a secondary haskell script that stringified the window icon and calling that from xmonad.hs. Terrifying. ***: fink_ has quit IRC (Quit: fink_)
BeBoo_ has quit IRC (Quit: BeBoo_)
IPv6Freely has joined #arpnetworks
nakano is now known as nakano_