***: schmir has joined #arpnetworks
boogeyman has quit IRC (Ping timeout: 272 seconds)
boogeyman has joined #arpnetworks
_Ehtyar has quit IRC (Remote host closed the connection)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
mhoran has quit IRC (Quit: Lost terminal)
mhoran has joined #arpnetworks
ChanServ sets mode: +o mhoran
heavysixer has quit IRC (Quit: heavysixer)
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
schmir has quit IRC (Remote host closed the connection)
hsbt has joined #arpnetworks
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
hsbt has joined #arpnetworks
hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit)
hsbt has joined #arpnetworks
RandalSchwartz: I wrote to hover.com to ask when they plan on being v6 ready... "we have no plans". Feh.
Can't use them as a registrar then.
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
LT: v6 ready in what sense? glue records?
RandalSchwartz: yes
and being v6 accessible
v6 reverse would also be helpful
but not necessary, if I host my own records
so there's three pieces to it
they have none of that, and no near-term plans
LT: ah you were planning on using them as a host and registrar
RandalSchwartz: yup
no, just registrar
but the third item would be needed if I was also just parking a domain
for example, to have stonehenge.com registered there and accessible from a v6-only machine, I'd need them to have servers on v6, and then provide the v6 glue record
although, if my backup DNS servers are v6, that'd solve most of that
Hmm. I wonder if DNS is smart enough to roll over like that?
right... hover isn't ever directly consulted. they're only pushing info to the root servers
but they need to push v6 glue to the root... ahh, there's the missing step
LT: exactly... most of them have old software that can't push the glue
RandalSchwartz: their servers don't need to talk v6, unless I'm also hosting dns with them
toddf: godaddy.com for .net and .com is fully v6 ready
***: schmir has joined #arpnetworks
RandalSchwartz: yeah - I'm trying to avoid godaddy though
toddf: I use godaddy exclusively, other than annoying ads what is wrong with it again?
***: schmir has quit IRC (Remote host closed the connection)
Dougy: eeeeeeeeeeew
godaddy
mhoran: Eh. It works. It's a registrar. They all suck.
Just like CAs.
Dougy: hehe.
I use moniker
LT: name.com is meant to be fully v6 ready as an alternative... though last time I tried to talk to their sales people I didn't get a reply
jdoe: name.com is v6 ready.
(having just setup a domain there)
they're also able to to work with dnssec for some tlds.
***: LT has quit IRC (Quit: Leaving)
dxtr: RandalSchwartz: My registrar sucks :(
They don't support ipv6 glue
I'll have to contact them to get that, and they in turn will have to contact an upstream provider
I'm bugging the hell out of them for that
I'll probably move away from them (again) in a few months
In like 50 days or so :P
***: BeBoo_ has joined #arpnetworks
Dougy: wot
BeBoo_: Where is the ARP datacenter?
Dougy: LA
BeBoo_: Thanks
jdoe: oh right.
toddf: re: godaddy, my biggest complaint is that their UI sucks (that's not unique to them, domainsatcost is just as bad) and that their support team is useless.
toddf: every since my 'vi fries.net; sh ./pgpsignandsubumit fries.net' days are over, all UI's suck
I so miss the original internic that permitted that
jdoe: haha.
which is fair, I'm just saying I prefered generic html forms to ajaxified web-2.0 ... ugh.
toddf: *shrug* many modern browsers can cope, firefox amongst them, so I'm ok given that a) it actually permits pasting addresses instead of filling in boxes one octet at a time b) I have yet to find anything equivalent in functionality that is cheaper
if anybody finds same or chaper pricing vs godady with v6 glue capabilites, please let me know
jdoe: you're probably gonna have to specify a tld, but at least for .com name.com is cheaper (dunno how they stack up if you add privacy)
toddf: I never `pay extra' for privacy
name.com is cheaper for .com and has v6 glue?
BeBoo_: free privacy!
toddf: .com and .net are the only tld's that do v6 glue afaikt
BeBoo_: what is ipv6 glue?
toddf: the ability to tell the registrar to put this info out there:
dig @a.gtld-servers.net ns0.l0.freedaemonhosting.net
[..]
;; ADDITIONAL SECTION:
er
dig @a.gtld-servers.net ns0.l1.freedaemonhosting.net
[..]
;; ADDITIONAL SECTION:
ns0.l1.freedaemonhosting.com. 172800 IN AAAA 2001:240:58a:100::1
ns0.l1.freedaemonhosting.net. 172800 IN AAAA 2001:240:58a:100::1
if the TLD zones don't have that then nobody can find the dns servers for the domains they're authorative for
think about it
`what IP is freedaemonhosting.com, ask TLD's who the NS is, it is ns0.l1.freedaemonhosting.com, what is the IP? ask ns0.l1.freedaemonhosting.com, ....' aka recursion if ADDITIONAL SECTION was not there
BeBoo_: ahh i see
toddf: I see .com is indeed cheaper at name.com
now does name.com have v6 glue?
http://www.tunnelbroker.net/forums/index.php?topic=93.0 .. points out several others that might even be cheaper and provide v6 glue .. interesting, will have to look further when I have more time
cedwards: anyone here use nginx?
I'm considering migrating from lighttpd.
mhoran: mike-burns: uses nginx.
mike-burns: Sure do.
jdoe: toddf: yes.
up_the_irons: cedwards: i use nginx still, but all my new stuff is using apache2 / passenger (for rails / rack apps). i will gladly trade the performance for ease of deployment / administration; my sites aren't twitter
***: nesta has quit IRC (Quit: later skater!)
nesta has joined #arpnetworks
-: BeBoo_ waves to up_the_irons
cedwards: up_the_irons: I've been off Apache for a few years now--been using lighttpd. All of my sites are either static or PHP.
up_the_irons: in local testing it looks like nginx + php-fpm is going to be really efficient.
up_the_irons: cedwards: cool
-: up_the_irons waves at BeBoo_
BeBoo_: how goes things?
up_the_irons: going alright
cedwards: once upon a time, when I was at Slicehost, I couldn't keep my box up due to Apache OOM death.
now, on FreeBSD 8.1 with lighttpd and fastcgi I rarely break 200M ram.
up_the_irons: wow, nice
cedwards: I'm hoping to improve that even more.
that 200M includes three jails as well. web server, postfix relay (MX2) and a tinydns installation.
-: cedwards loves him some FreeBSD :)
***: Ehtyar has joined #arpnetworks
cedwards: ..but I really don't like our developers. Just got a request (requirement) to install end-of-life jdk 5 for a new deployment.
up_the_irons: cedwards: lol, sucks
cedwards: I work for a Java shop and what little respect I had for it once upon a time has long since been wiped out.
up_the_irons: yeah, i've heard that story before
cedwards: that and Oracle. Ohh man.. as a sysadmin in a shop running oracle and java everwhere I just can't stand them.
all I hear is "we need more machines" "we need more ram" "we need.." "we need.."
write more efficient code, dumb ass.
mike-burns: Efficient code isn't some magic we sprinkle onto our project, to be fair.
cedwards: mike-burns: I understand, but sometimes I wonder if they even try. at all.
mike-burns: Yeah that's reasonable too.
cedwards: from a business standpoint, it's likely cheaper to throw hardware at the problem than hire skilled programmers that will spend time writing a quality application.
mike-burns: Yup.
cedwards: can anyone comment on the appropriate location for a socket connection for php-fpm? (I want to try sockets vs ip:port for fastcgi)
on my Linux installations it goes in /var/run/php-fpm/php-fpm.sock, but I wonder about the /usr/local/ distinction on FreeBSD..
I suppose it doesn't matter too much, but if there is a standard I'd prefer to use it.
jdoe: lol
amazon's mini servers in the cloud are 2 cents an hour.
2c * 24 * 31 = monthly price of 14.88
conclusion: amazon is a bunch of nazis.
QED.
RandalSchwartz: how so?
jdoe: 14 and 88 are both neo-nazi symbols.
... clearly it's accidental, they wanted $15/mo or something and rounded down to 2c/hr instead of 2.02
but it made me laugh.
RandalSchwartz: how are 14 and 88 neo nazi symbols?
I've never heard of this before
mike-burns: http://www.urbandictionary.com/define.php?term=14%2F88
***: pierut has joined #arpnetworks
jdoe: ... the 88 thing is just HH
but the 14 words bit is right.
RandalSchwartz: ahh. ok
that pricing does seem like they're going after the proliferation of VPS providers
too bad you're still stuck with either Linux or OpenSolaris
oh - wait.... http://www.ioncannon.net/system-administration/1246/converting-from-virtualbox-or-vmware-to-ec2-now-easier-than-ever/
oh - that doesn't cover it
still needs a linux-based kernel
they must paravirtualize or something
jdoe: ... I gotta say, since switching my work desktop to fbsd I've had far fewer issues or complaints than I did with ubuntu.
by and large, shit just works.
... I'm content(ish) with UFS2 though :)
***: justin has quit IRC (Quit: leaving)
toddf: ... since using openbsd exclusively for over 11 years, everything else seems time consuming and labor intensive ;-)
jdoe: lol
lsof won't build on freebsd without kernel sources present
A+
toddf: fstat is more than sufficient on OpenBSD imho, I don't even install lsof anymore
mhoran: Same in Free.
It's in base and it works well. :)
toddf: _isakmpd isakmpd 15170 21* internet6 dgram udp [fe80::6b%vether0]:500
mhoran: does it have its suid bit removed yet?
er sorry, setgid kmem ..
mhoran: -r-xr-sr-x 1 root kmem 20K Jun 5 11:51 /usr/bin/fstat*
:(
toddf: -r-xr-xr-x 2 root bin 15440 Jul 10 01:19 /usr/bin/fstat*
!
up_the_irons: jdoe: do you run into any issues with flash / java or wireless networking? I've heard those things can be a pain on fbsd
RandalSchwartz: if I was running a desktop with fbsd... I might be concerned. :)
my OSX box Just Works
up_the_irons: My Ubuntu Lucid netbook (MSI Wind 1350) "Just Works", I was pretty amazed. Even my Sprint USB Modem was automatically detected and configured. It's even more stable than my T61 (I had 33 days uptime with the MSI, but then needed to shut it off to install more RAM)
-: BeBoo_ agrees with RandalSchwartz
BeBoo_: up_the_irons: are you using Ubuntu Desktop or the Netbook Remix?
up_the_irons: BeBoo_: netbook remix, but then i installed Xmonad and configured it to work with Gnome; so at this point it really isn't much of a "netbook" interface, although in gdm I can still select the Netbook GUI
BeBoo_: I got a free dell netbook when i ordered my desktop and my partner just bought a toshiba today and he wants to put ubuntu desktop on it because he doesn't like the netbook gui
up_the_irons: BeBoo_: all he has to do is apt-get another gui (gnome, kde, etc...) and select it as default session before logging in. then it really doesn't behave like a netbook anymore
BeBoo_: is that all that is different between netbook and desktop?
the gui?
up_the_irons: BeBoo_: i haven't noticed any other difference yet
BeBoo_: i just installed netbook remix the other day and updated it. haven't had a chance to really play with it
i was planning on hooking my phone up to it and tethering
getting my work to add the tethering plan onto my iphone (grandfathered unlim plan)
and seeing if that would work
RandalSchwartz: tethering via jailbreak
are you using mywi or pdanet?
wait wait
BeBoo_: i haven't jailbroken it
RandalSchwartz: you can't add tethering and retain unlimited!
BeBoo_: i use pdanet on my android
really?
RandalSchwartz: you choose
old plans or new plans
BeBoo_: fuckers
RandalSchwartz: yeah sucks
BeBoo_: fts
i'll keep my unlim tyvm
RandalSchwartz: me too
BeBoo_: i'll just keep tethering my android
RandalSchwartz: and then jailbreak and use pdanet :)
BeBoo_: hrm
i phear jailbreaking
i rooted my droid, i have no problems with that
but jailbreaking... thats like a different world
lol
RandalSchwartz: it's trivial still
as long as you're on 4.0.1. not 4.0.2
or maybe it's 4.0.2 vs 4.0.3
dunno... haven't gotten my new phone yet
and I'm still on 3.2.1
err. 3.1.2
BeBoo_: .1 and .2
.2 broke jailbreaking
i can always jump back to 4.0.1
i have a 8gb 3gs
it's only a work phone so i don't want/need a 4
jdoe: 4.0.2 is the one you supposedly can't jailbreak.
... although I don't get it, I could have sworn I did it with redsn0w...
RandalSchwartz: I think the problem is on 4g
BeBoo_: there is no 4g, just iphone 4
thats as bad as saying you have an iTouch
i just want to reach thru the computer and slap those people
NO! It's an IPOD TOUCH
jdoe: uhh... well that depends on whether you're being anal-retentive about 4g being exclusively the standard, and not "4th generation"
bob^^: ugh
people saying iTouch really annoys me
RandalSchwartz: or "X Windows"
also drives me nuts
jdoe: don't get me wrong, itouch is dumb, but I still have an old ipod 4g somewhere...
RandalSchwartz: X X11 or X Window System
so saith the Great Book
I suppose that the windows that X11 draws can be called "X windows"
but not "X Windows" :)
BeBoo_: anyone good with eggdrops here?
RandalSchwartz: from what height?
BeBoo_: :-P
jdoe: BeBoo_: ... depends on what you want to know, I guess.
RandalSchwartz: Xorg ;)
BeBoo_: having an issue running it. set many up in the past but i can't remember a damn thing
just a sec
***: ziyourenxiang has joined #arpnetworks
fink_ has joined #arpnetworks
ziyourenxiang has quit IRC (Quit: ziyourenxiang)
nakano has quit IRC (Read error: Operation timed out)
mike-burns has quit IRC (Read error: Operation timed out)
phlux- has quit IRC (Ping timeout: 240 seconds)
dxtr has quit IRC (Read error: Operation timed out)
mhoran has quit IRC (Read error: Operation timed out)
nukeAFK has quit IRC (Ping timeout: 272 seconds)
thecoil has quit IRC (Read error: Connection reset by peer)
RandalSchwartz has quit IRC (Ping timeout: 260 seconds)
up_the_irons has quit IRC (Ping timeout: 272 seconds)
phlux has joined #arpnetworks
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
fink_ has quit IRC (Read error: Connection reset by peer)
BeBoo_ has quit IRC (Ping timeout: 260 seconds)
phlux is now known as Guest5929
BeBoo__ has joined #arpnetworks
fink_ has joined #arpnetworks
BeBoo__ is now known as BeBoo_
nakano has joined #arpnetworks
mhoran has joined #arpnetworks
ChanServ sets mode: +o mhoran
nukeAFK has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
dxtr has joined #arpnetworks
coil_ has joined #arpnetworks
pierut is now known as vampierut
fink_ has quit IRC (Quit: fink_)
vampierut is now known as pierut
fink_ has joined #arpnetworks
RandalSchwartz has joined #arpnetworks
RandalSchwartz has quit IRC (Changing host)
RandalSchwartz has joined #arpnetworks
jdoe: hmm
I think I might have found a bug in bind.
fink_: jdoe: better than a bug in bed
rimshot!
i'll be here all night
jdoe: heyooo :P
naw, I have an ipsec tunnel between my master and slave
zone transfers go over that etc.
the way linux's ipsec is implemented, it's on-demand.
fink_: jdoe: two problems with your situation
bind & ipsec
jdoe: haha.
when you try to send a packet to a host it knows about a tunnel for, the packet just gets buffered in memory or something until the tunnel is established.
afaik nothing is ever returned to the app.
so it just sits there.
RandalSchwartz: ipsec seems complex, but necessary
fink_: interesting
jdoe: so my master goes down, the tunnel dies.
... and bind eventually tries to update the zone
and just hangs there.
can connect to 53, but no queries get answered.
fink_: :(
jdoe: fink_: funny thing is, until now I've never had a problem with bind.
I hate how linux does ipsec though.
(also I couldn't even get powerdns working with sqlite)
fink_: that sucks
i bet tinydns doesn't have this problem
do you have to use ipsec?
openvpn maybe?
RandalSchwartz: openvpn rocks
udp transport
the only way to go
tcp over tcp is fatal
I'm now seeing that tcp over 3g is like tcp over tcp
jdoe: I don't have to, no.
but I have to for work, so I figured I'd get some experience.
RandalSchwartz: 3g has its own retransmit
jdoe: (and hey look, I learned something :P)
RandalSchwartz: and that's just bad
I wish 3g had a udp mode
jdoe: RandalSchwartz: time for a vpn on your phone :)
fink_: RandalSchwartz: really, heh; haven't tried it
RandalSchwartz: well - that'd be tcp over udp over 3g
not sure if that'd help
jdoe: should.
RandalSchwartz: a reliably delivered unreliable packet
sounds sucky to me
jdoe: it does, but I can't see why it would be.
RandalSchwartz: I can't see that it's different from tcp over tcp
which is where the trouble starts
jdoe: the real question is why 3g bothers with error correction.
voice codecs are specifically designed to deal with missing packets.
RandalSchwartz: because they have low-level connections that require it
3g data is not 3g voice
jdoe: I thought 3g was just the ... radio... protocol? I guess? I'm not sure what to call it.
and that the data/voice protocols were built on top of that.
RandalSchwartz: no - it's a data protocol between phone and tower
and apparently includes re-transmit
jdoe: so data and voice are *completely* different?
I thought it was more... 3g = ip, voice/data = udp/tcp
RandalSchwartz: presumably
All I konw is, ping is reliable over 3g
and thus, I get ping times from very short to very long
that means that my ping is being retransmitted
fink_: RandalSchwartz: are you on your iphone/
jdoe: yeah, but that doesn't say anything about error correction
RandalSchwartz: so essentially, 3g is acting like tcp
not udp
it's the same as when I'm using ping on a cruise ship
they tunnel tcp over tcp
so I'll get no ping for 18 seconds
then a huge string of 18000 ms, 17500 ms, etc responses
in *real* networks, that doesn't happen
jdoe: I don't get drops on my 3g
I just get jitter.
... but you know, minor jitter, 150-300 or something.
fink_: RandalSchwartz: have you tried this in different locations?
RandalSchwartz: yeah
I tether a lot
fink_: i've pinged through the iphone in different locations, and gotten low and steady in some populated places, but most of the time wild fluctuations like you describe
RandalSchwartz: my conclusion is that what should be disposable packets (ICMP) is in fact being forcibly retransmitted
at that point, you get the problems of 'tcp over tcp'
when congestion happens, pings should fail
anything else, you got trouble
any ping that takes longer than a second means somebody isn't playing by the rules
***: fink_ has quit IRC (Quit: fink_)
jdoe: oh
I see what you mean, because it gets retransmitted you end up seeing that ping some ridiculous amount of time later.
didn't catch that the first time around.
RandalSchwartz: yeah
jdoe: I haven't noticed, I'll have to check the next time I'm tethered.
RandalSchwartz: ping packets should just "go"
if they get retransmitted, someone isn't playing by the rules
jdoe: meh... ping packets are weird anyway in a time when everyone and their dog shapes.
RandalSchwartz: and that means what?
it's not about shaping
it's about fundamentals
ping packets should just be about "oh, I got a ping, send it along"
jdoe: it means it's no longer a useful measure.
RandalSchwartz: wtf?
what are you saying?
because at first glance, I disagree.
jdoe: I'm saying that on a shaped network your icmp rtt could be wildly different than your tcp rtt?
RandalSchwartz: it's the measure of end-to-end ideal times
jdoe: or any ttl, really.
rtt.
wtf brain.
RandalSchwartz: tcp rtt should always be greater than icmp rtt
no matter what shaping is in play
or else you're a confused net admin
icmp should *always* have priority
since it's a meta-protocol
if you don't make your nets like that, please get off my internet
jdoe: easy, who said *I* do that? :P
RandalSchwartz: jdoe - then talk about what sane people do
not random insane
jdoe: that's not random insane, I see that often on networks with p2p nazis.
RandalSchwartz: they push icmp below tcp?
jdoe: they end up whitelisting various normal traffic and then anything they haven't thought of gets dumped into ultra-low-priority.
RandalSchwartz: that's crap
jdoe: icmp is often something they haven't thought of.
RandalSchwartz: like the packets that say "your udp is too big"? :)
you really can't filter that
or most of the net break
jdoe: I didn't say filter
just, you know, low priority.
RandalSchwartz: if it's too low priority, it's effectively filer
jdoe: haha, well I guess yeah, that's kinda what I was saying.
hmm
I guess I don't need ipsec, I can just use tsig or something.
something else new to try.
IPv6Free1y: what's espcially funny are the nazis that kill icmp
and the icing on the cake is when they're so clueless they try to kill icmp when they implement IPv6. LOL.
***: nakano is now known as nakano_