#arpnetworks 2010-09-09,Thu

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

***LT has joined #arpnetworks [01:12]
..... (idle for 24mn)
schmir has joined #arpnetworks [01:36]
boogeyman has quit IRC (Ping timeout: 272 seconds)
boogeyman has joined #arpnetworks
.... (idle for 17mn)
_Ehtyar has quit IRC (Remote host closed the connection) [02:03]
.......... (idle for 48mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
...................... (idle for 1h47mn)
mhoran has quit IRC (Quit: Lost terminal)
mhoran has joined #arpnetworks
ChanServ sets mode: +o mhoran
....... (idle for 32mn)
heavysixer has quit IRC (Quit: heavysixer)
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
schmir has quit IRC (Remote host closed the connection) [05:22]
......... (idle for 42mn)
hsbt has joined #arpnetworks [06:04]
....... (idle for 31mn)
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
hsbt has joined #arpnetworks
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
hsbt has joined #arpnetworks
........ (idle for 37mn)
RandalSchwartzI wrote to hover.com to ask when they plan on being v6 ready... "we have no plans". Feh.
Can't use them as a registrar then.
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
LTv6 ready in what sense? glue records? [07:33]
and being v6 accessible
v6 reverse would also be helpful
but not necessary, if I host my own records
so there's three pieces to it
they have none of that, and no near-term plans
LTah you were planning on using them as a host and registrar [07:36]
no, just registrar
but the third item would be needed if I was also just parking a domain
for example, to have stonehenge.com registered there and accessible from a v6-only machine, I'd need them to have servers on v6, and then provide the v6 glue record
although, if my backup DNS servers are v6, that'd solve most of that
Hmm. I wonder if DNS is smart enough to roll over like that?
right... hover isn't ever directly consulted. they're only pushing info to the root servers
but they need to push v6 glue to the root... ahh, there's the missing step
LTexactly... most of them have old software that can't push the glue [07:42]
RandalSchwartztheir servers don't need to talk v6, unless I'm also hosting dns with them [07:43]
toddfgodaddy.com for .net and .com is fully v6 ready [07:44]
***schmir has joined #arpnetworks [07:44]
RandalSchwartzyeah - I'm trying to avoid godaddy though [07:48]
toddfI use godaddy exclusively, other than annoying ads what is wrong with it again? [07:50]
***schmir has quit IRC (Remote host closed the connection) [07:59]
mhoranEh. It works. It's a registrar. They all suck.
Just like CAs.
I use moniker
LTname.com is meant to be fully v6 ready as an alternative... though last time I tried to talk to their sales people I didn't get a reply [08:00]
.............. (idle for 1h7mn)
jdoename.com is v6 ready.
(having just setup a domain there)
they're also able to to work with dnssec for some tlds.
***LT has quit IRC (Quit: Leaving) [09:21]
dxtrRandalSchwartz: My registrar sucks :(
They don't support ipv6 glue
I'll have to contact them to get that, and they in turn will have to contact an upstream provider
I'm bugging the hell out of them for that
I'll probably move away from them (again) in a few months
In like 50 days or so :P
........ (idle for 39mn)
***BeBoo_ has joined #arpnetworks [10:14]
Dougywot [10:14]
BeBoo_Where is the ARP datacenter? [10:14]
DougyLA [10:14]
BeBoo_Thanks [10:14]
............ (idle for 56mn)
jdoeoh right.
toddf: re: godaddy, my biggest complaint is that their UI sucks (that's not unique to them, domainsatcost is just as bad) and that their support team is useless.
toddfevery since my 'vi fries.net; sh ./pgpsignandsubumit fries.net' days are over, all UI's suck
I so miss the original internic that permitted that
which is fair, I'm just saying I prefered generic html forms to ajaxified web-2.0 ... ugh.
toddf*shrug* many modern browsers can cope, firefox amongst them, so I'm ok given that a) it actually permits pasting addresses instead of filling in boxes one octet at a time b) I have yet to find anything equivalent in functionality that is cheaper
if anybody finds same or chaper pricing vs godady with v6 glue capabilites, please let me know
jdoeyou're probably gonna have to specify a tld, but at least for .com name.com is cheaper (dunno how they stack up if you add privacy) [11:16]
toddfI never `pay extra' for privacy
name.com is cheaper for .com and has v6 glue?
BeBoo_free privacy! [11:17]
toddf.com and .net are the only tld's that do v6 glue afaikt [11:17]
BeBoo_what is ipv6 glue? [11:17]
toddfthe ability to tell the registrar to put this info out there:
dig @a.gtld-servers.net ns0.l0.freedaemonhosting.net
dig @a.gtld-servers.net ns0.l1.freedaemonhosting.net
ns0.l1.freedaemonhosting.com. 172800 IN AAAA 2001:240:58a:100::1
ns0.l1.freedaemonhosting.net. 172800 IN AAAA 2001:240:58a:100::1
if the TLD zones don't have that then nobody can find the dns servers for the domains they're authorative for
think about it
`what IP is freedaemonhosting.com, ask TLD's who the NS is, it is ns0.l1.freedaemonhosting.com, what is the IP? ask ns0.l1.freedaemonhosting.com, ....' aka recursion if ADDITIONAL SECTION was not there
BeBoo_ahh i see [11:24]
toddfI see .com is indeed cheaper at name.com
now does name.com have v6 glue?
http://www.tunnelbroker.net/forums/index.php?topic=93.0 .. points out several others that might even be cheaper and provide v6 glue .. interesting, will have to look further when I have more time [11:35]
cedwardsanyone here use nginx?
I'm considering migrating from lighttpd.
mhoranmike-burns: uses nginx. [11:46]
mike-burnsSure do. [11:53]
jdoetoddf: yes. [11:55]
............ (idle for 55mn)
up_the_ironscedwards: i use nginx still, but all my new stuff is using apache2 / passenger (for rails / rack apps). i will gladly trade the performance for ease of deployment / administration; my sites aren't twitter [12:50]
***nesta has quit IRC (Quit: later skater!)
nesta has joined #arpnetworks
BeBoo_BeBoo_ waves to up_the_irons [12:55]
cedwardsup_the_irons: I've been off Apache for a few years now--been using lighttpd. All of my sites are either static or PHP.
up_the_irons: in local testing it looks like nginx + php-fpm is going to be really efficient.
up_the_ironscedwards: cool
up_the_irons waves at BeBoo_
BeBoo_how goes things? [13:06]
up_the_ironsgoing alright [13:07]
cedwardsonce upon a time, when I was at Slicehost, I couldn't keep my box up due to Apache OOM death.
now, on FreeBSD 8.1 with lighttpd and fastcgi I rarely break 200M ram.
up_the_ironswow, nice [13:08]
cedwardsI'm hoping to improve that even more.
that 200M includes three jails as well. web server, postfix relay (MX2) and a tinydns installation.
cedwards loves him some FreeBSD :)
***Ehtyar has joined #arpnetworks [13:12]
cedwards..but I really don't like our developers. Just got a request (requirement) to install end-of-life jdk 5 for a new deployment. [13:18]
up_the_ironscedwards: lol, sucks [13:19]
cedwardsI work for a Java shop and what little respect I had for it once upon a time has long since been wiped out. [13:21]
up_the_ironsyeah, i've heard that story before [13:22]
cedwardsthat and Oracle. Ohh man.. as a sysadmin in a shop running oracle and java everwhere I just can't stand them.
all I hear is "we need more machines" "we need more ram" "we need.." "we need.."
write more efficient code, dumb ass.
mike-burnsEfficient code isn't some magic we sprinkle onto our project, to be fair. [13:28]
cedwardsmike-burns: I understand, but sometimes I wonder if they even try. at all. [13:28]
mike-burnsYeah that's reasonable too. [13:28]
cedwardsfrom a business standpoint, it's likely cheaper to throw hardware at the problem than hire skilled programmers that will spend time writing a quality application. [13:31]
mike-burnsYup. [13:44]
cedwardscan anyone comment on the appropriate location for a socket connection for php-fpm? (I want to try sockets vs ip:port for fastcgi)
on my Linux installations it goes in /var/run/php-fpm/php-fpm.sock, but I wonder about the /usr/local/ distinction on FreeBSD..
I suppose it doesn't matter too much, but if there is a standard I'd prefer to use it. [13:59]
.... (idle for 15mn)
amazon's mini servers in the cloud are 2 cents an hour.
2c * 24 * 31 = monthly price of 14.88
conclusion: amazon is a bunch of nazis.
RandalSchwartzhow so? [14:17]
jdoe14 and 88 are both neo-nazi symbols.
... clearly it's accidental, they wanted $15/mo or something and rounded down to 2c/hr instead of 2.02
but it made me laugh.
RandalSchwartzhow are 14 and 88 neo nazi symbols?
I've never heard of this before
mike-burnshttp://www.urbandictionary.com/define.php?term=14%2F88 [14:25]
***pierut has joined #arpnetworks [14:26]
jdoe... the 88 thing is just HH
but the 14 words bit is right.
RandalSchwartzahh. ok
that pricing does seem like they're going after the proliferation of VPS providers
too bad you're still stuck with either Linux or OpenSolaris
oh - wait.... http://www.ioncannon.net/system-administration/1246/converting-from-virtualbox-or-vmware-to-ec2-now-easier-than-ever/

oh - that doesn't cover it
still needs a linux-based kernel
they must paravirtualize or something
jdoe... I gotta say, since switching my work desktop to fbsd I've had far fewer issues or complaints than I did with ubuntu.
by and large, shit just works.
... I'm content(ish) with UFS2 though :)
***justin has quit IRC (Quit: leaving) [14:45]
toddf... since using openbsd exclusively for over 11 years, everything else seems time consuming and labor intensive ;-) [14:50]
lsof won't build on freebsd without kernel sources present
toddffstat is more than sufficient on OpenBSD imho, I don't even install lsof anymore [14:53]
mhoranSame in Free.
It's in base and it works well. :)
toddf_isakmpd isakmpd 15170 21* internet6 dgram udp [fe80::6b%vether0]:500
mhoran: does it have its suid bit removed yet?
er sorry, setgid kmem ..
mhoran-r-xr-sr-x 1 root kmem 20K Jun 5 11:51 /usr/bin/fstat*
toddf-r-xr-xr-x 2 root bin 15440 Jul 10 01:19 /usr/bin/fstat*
........... (idle for 51mn)
up_the_ironsjdoe: do you run into any issues with flash / java or wireless networking? I've heard those things can be a pain on fbsd [15:45]
RandalSchwartzif I was running a desktop with fbsd... I might be concerned. :)
my OSX box Just Works
up_the_ironsMy Ubuntu Lucid netbook (MSI Wind 1350) "Just Works", I was pretty amazed. Even my Sprint USB Modem was automatically detected and configured. It's even more stable than my T61 (I had 33 days uptime with the MSI, but then needed to shut it off to install more RAM) [15:51]
BeBoo_BeBoo_ agrees with RandalSchwartz
up_the_irons: are you using Ubuntu Desktop or the Netbook Remix?
up_the_ironsBeBoo_: netbook remix, but then i installed Xmonad and configured it to work with Gnome; so at this point it really isn't much of a "netbook" interface, although in gdm I can still select the Netbook GUI [15:53]
BeBoo_I got a free dell netbook when i ordered my desktop and my partner just bought a toshiba today and he wants to put ubuntu desktop on it because he doesn't like the netbook gui [15:54]
up_the_ironsBeBoo_: all he has to do is apt-get another gui (gnome, kde, etc...) and select it as default session before logging in. then it really doesn't behave like a netbook anymore [16:00]
BeBoo_is that all that is different between netbook and desktop?
the gui?
up_the_ironsBeBoo_: i haven't noticed any other difference yet [16:01]
BeBoo_i just installed netbook remix the other day and updated it. haven't had a chance to really play with it
i was planning on hooking my phone up to it and tethering
getting my work to add the tethering plan onto my iphone (grandfathered unlim plan)
and seeing if that would work
RandalSchwartztethering via jailbreak
are you using mywi or pdanet?
wait wait
BeBoo_i haven't jailbroken it [16:04]
RandalSchwartzyou can't add tethering and retain unlimited! [16:04]
BeBoo_i use pdanet on my android
RandalSchwartzyou choose
old plans or new plans
BeBoo_fuckers [16:04]
RandalSchwartzyeah sucks [16:04]
i'll keep my unlim tyvm
RandalSchwartzme too [16:05]
BeBoo_i'll just keep tethering my android [16:05]
RandalSchwartzand then jailbreak and use pdanet :) [16:05]
i phear jailbreaking
i rooted my droid, i have no problems with that
but jailbreaking... thats like a different world
RandalSchwartzit's trivial still
as long as you're on 4.0.1. not 4.0.2
or maybe it's 4.0.2 vs 4.0.3
dunno... haven't gotten my new phone yet
and I'm still on 3.2.1
err. 3.1.2
BeBoo_.1 and .2
.2 broke jailbreaking
i can always jump back to 4.0.1
i have a 8gb 3gs
it's only a work phone so i don't want/need a 4
jdoe4.0.2 is the one you supposedly can't jailbreak.
... although I don't get it, I could have sworn I did it with redsn0w...
RandalSchwartzI think the problem is on 4g [16:21]
BeBoo_there is no 4g, just iphone 4
thats as bad as saying you have an iTouch
i just want to reach thru the computer and slap those people
jdoeuhh... well that depends on whether you're being anal-retentive about 4g being exclusively the standard, and not "4th generation" [16:34]
people saying iTouch really annoys me
RandalSchwartzor "X Windows"
also drives me nuts
jdoedon't get me wrong, itouch is dumb, but I still have an old ipod 4g somewhere... [16:34]
RandalSchwartzX X11 or X Window System
so saith the Great Book
I suppose that the windows that X11 draws can be called "X windows"
but not "X Windows" :)
BeBoo_anyone good with eggdrops here? [16:36]
RandalSchwartzfrom what height? [16:36]
BeBoo_:-P [16:37]
jdoeBeBoo_: ... depends on what you want to know, I guess.
RandalSchwartz: Xorg ;)
BeBoo_having an issue running it. set many up in the past but i can't remember a damn thing
just a sec
***ziyourenxiang has joined #arpnetworks [16:43]
................. (idle for 1h20mn)
fink_ has joined #arpnetworks
ziyourenxiang has quit IRC (Quit: ziyourenxiang)
nakano has quit IRC (Read error: Operation timed out)
mike-burns has quit IRC (Read error: Operation timed out)
phlux- has quit IRC (Ping timeout: 240 seconds)
dxtr has quit IRC (Read error: Operation timed out)
mhoran has quit IRC (Read error: Operation timed out)
nukeAFK has quit IRC (Ping timeout: 272 seconds)
thecoil has quit IRC (Read error: Connection reset by peer)
RandalSchwartz has quit IRC (Ping timeout: 260 seconds)
up_the_irons has quit IRC (Ping timeout: 272 seconds)
phlux has joined #arpnetworks
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
fink_ has quit IRC (Read error: Connection reset by peer)
BeBoo_ has quit IRC (Ping timeout: 260 seconds)
phlux is now known as Guest5929
BeBoo__ has joined #arpnetworks
fink_ has joined #arpnetworks
BeBoo__ is now known as BeBoo_
nakano has joined #arpnetworks
mhoran has joined #arpnetworks
ChanServ sets mode: +o mhoran
nukeAFK has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
dxtr has joined #arpnetworks
coil_ has joined #arpnetworks
pierut is now known as vampierut
fink_ has quit IRC (Quit: fink_)
vampierut is now known as pierut [18:41]
fink_ has joined #arpnetworks [18:49]
........................ (idle for 1h59mn)
RandalSchwartz has joined #arpnetworks
RandalSchwartz has quit IRC (Changing host)
RandalSchwartz has joined #arpnetworks
I think I might have found a bug in bind.
fink_jdoe: better than a bug in bed
i'll be here all night
jdoeheyooo :P
naw, I have an ipsec tunnel between my master and slave
zone transfers go over that etc.
the way linux's ipsec is implemented, it's on-demand.
fink_jdoe: two problems with your situation
bind & ipsec
when you try to send a packet to a host it knows about a tunnel for, the packet just gets buffered in memory or something until the tunnel is established.
afaik nothing is ever returned to the app.
so it just sits there.
RandalSchwartzipsec seems complex, but necessary [20:52]
fink_interesting [20:53]
jdoeso my master goes down, the tunnel dies.
... and bind eventually tries to update the zone
and just hangs there.
can connect to 53, but no queries get answered.
fink_:( [20:54]
jdoefink_: funny thing is, until now I've never had a problem with bind.
I hate how linux does ipsec though.
(also I couldn't even get powerdns working with sqlite)
fink_that sucks
i bet tinydns doesn't have this problem
do you have to use ipsec?
openvpn maybe?
RandalSchwartzopenvpn rocks
udp transport
the only way to go
tcp over tcp is fatal
I'm now seeing that tcp over 3g is like tcp over tcp
jdoeI don't have to, no.
but I have to for work, so I figured I'd get some experience.
RandalSchwartz3g has its own retransmit [20:57]
jdoe(and hey look, I learned something :P) [20:57]
RandalSchwartzand that's just bad
I wish 3g had a udp mode
jdoeRandalSchwartz: time for a vpn on your phone :) [20:57]
fink_RandalSchwartz: really, heh; haven't tried it [20:57]
RandalSchwartzwell - that'd be tcp over udp over 3g
not sure if that'd help
jdoeshould. [20:58]
RandalSchwartza reliably delivered unreliable packet
sounds sucky to me
jdoeit does, but I can't see why it would be. [20:58]
RandalSchwartzI can't see that it's different from tcp over tcp
which is where the trouble starts
jdoethe real question is why 3g bothers with error correction.
voice codecs are specifically designed to deal with missing packets.
RandalSchwartzbecause they have low-level connections that require it
3g data is not 3g voice
jdoeI thought 3g was just the ... radio... protocol? I guess? I'm not sure what to call it.
and that the data/voice protocols were built on top of that.
RandalSchwartzno - it's a data protocol between phone and tower
and apparently includes re-transmit
jdoeso data and voice are *completely* different?
I thought it was more... 3g = ip, voice/data = udp/tcp
All I konw is, ping is reliable over 3g
and thus, I get ping times from very short to very long
that means that my ping is being retransmitted
fink_RandalSchwartz: are you on your iphone/ [21:01]
jdoeyeah, but that doesn't say anything about error correction [21:01]
RandalSchwartzso essentially, 3g is acting like tcp
not udp
it's the same as when I'm using ping on a cruise ship
they tunnel tcp over tcp
so I'll get no ping for 18 seconds
then a huge string of 18000 ms, 17500 ms, etc responses
in *real* networks, that doesn't happen
jdoeI don't get drops on my 3g
I just get jitter.
... but you know, minor jitter, 150-300 or something.
fink_RandalSchwartz: have you tried this in different locations? [21:04]
I tether a lot
fink_i've pinged through the iphone in different locations, and gotten low and steady in some populated places, but most of the time wild fluctuations like you describe [21:04]
RandalSchwartzmy conclusion is that what should be disposable packets (ICMP) is in fact being forcibly retransmitted
at that point, you get the problems of 'tcp over tcp'
when congestion happens, pings should fail
anything else, you got trouble
any ping that takes longer than a second means somebody isn't playing by the rules
***fink_ has quit IRC (Quit: fink_) [21:12]
I see what you mean, because it gets retransmitted you end up seeing that ping some ridiculous amount of time later.
didn't catch that the first time around.
RandalSchwartzyeah [21:15]
jdoeI haven't noticed, I'll have to check the next time I'm tethered. [21:15]
RandalSchwartzping packets should just "go"
if they get retransmitted, someone isn't playing by the rules
jdoemeh... ping packets are weird anyway in a time when everyone and their dog shapes. [21:16]
RandalSchwartzand that means what?
it's not about shaping
it's about fundamentals
ping packets should just be about "oh, I got a ping, send it along"
jdoeit means it's no longer a useful measure. [21:18]
what are you saying?
because at first glance, I disagree.
jdoeI'm saying that on a shaped network your icmp rtt could be wildly different than your tcp rtt? [21:18]
RandalSchwartzit's the measure of end-to-end ideal times [21:18]
jdoeor any ttl, really.
wtf brain.
RandalSchwartztcp rtt should always be greater than icmp rtt
no matter what shaping is in play
or else you're a confused net admin
icmp should *always* have priority
since it's a meta-protocol
if you don't make your nets like that, please get off my internet
jdoeeasy, who said *I* do that? :P [21:20]
RandalSchwartzjdoe - then talk about what sane people do
not random insane
jdoethat's not random insane, I see that often on networks with p2p nazis. [21:21]
RandalSchwartzthey push icmp below tcp? [21:21]
jdoethey end up whitelisting various normal traffic and then anything they haven't thought of gets dumped into ultra-low-priority. [21:21]
RandalSchwartzthat's crap [21:21]
jdoeicmp is often something they haven't thought of. [21:21]
RandalSchwartzlike the packets that say "your udp is too big"? :)
you really can't filter that
or most of the net break
jdoeI didn't say filter
just, you know, low priority.
RandalSchwartzif it's too low priority, it's effectively filer [21:22]
jdoehaha, well I guess yeah, that's kinda what I was saying.
I guess I don't need ipsec, I can just use tsig or something.
something else new to try.
.............. (idle for 1h8mn)
IPv6Free1ywhat's espcially funny are the nazis that kill icmp
and the icing on the cake is when they're so clueless they try to kill icmp when they implement IPv6. LOL.
............... (idle for 1h14mn)
***nakano is now known as nakano_ [23:46]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)