[01:12] *** LT has joined #arpnetworks [01:36] *** schmir has joined #arpnetworks [01:44] *** boogeyman has quit IRC (Ping timeout: 272 seconds) [01:46] *** boogeyman has joined #arpnetworks [02:03] *** _Ehtyar has quit IRC (Remote host closed the connection) [02:51] *** heavysixer has joined #arpnetworks [02:51] *** ChanServ sets mode: +o heavysixer [04:38] *** mhoran has quit IRC (Quit: Lost terminal) [04:38] *** mhoran has joined #arpnetworks [04:38] *** ChanServ sets mode: +o mhoran [05:10] *** heavysixer has quit IRC (Quit: heavysixer) [05:11] *** hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit) [05:22] *** schmir has quit IRC (Remote host closed the connection) [06:04] *** hsbt has joined #arpnetworks [06:35] *** hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit) [06:35] *** hsbt has joined #arpnetworks [06:46] *** hsbt has quit IRC (Quit: Tiarra 0.1: SIGTERM received; exit) [06:46] *** hsbt has joined #arpnetworks [07:23] I wrote to hover.com to ask when they plan on being v6 ready... "we have no plans". Feh. [07:23] Can't use them as a registrar then. [07:24] *** heavysixer has joined #arpnetworks [07:24] *** ChanServ sets mode: +o heavysixer [07:33] v6 ready in what sense? glue records? [07:34] yes [07:34] and being v6 accessible [07:34] v6 reverse would also be helpful [07:34] but not necessary, if I host my own records [07:34] so there's three pieces to it [07:35] they have none of that, and no near-term plans [07:36] ah you were planning on using them as a host and registrar [07:36] yup [07:36] no, just registrar [07:36] but the third item would be needed if I was also just parking a domain [07:37] for example, to have stonehenge.com registered there and accessible from a v6-only machine, I'd need them to have servers on v6, and then provide the v6 glue record [07:38] although, if my backup DNS servers are v6, that'd solve most of that [07:38] Hmm. I wonder if DNS is smart enough to roll over like that? [07:41] right... hover isn't ever directly consulted. they're only pushing info to the root servers [07:42] but they need to push v6 glue to the root... ahh, there's the missing step [07:42] exactly... most of them have old software that can't push the glue [07:43] their servers don't need to talk v6, unless I'm also hosting dns with them [07:44] godaddy.com for .net and .com is fully v6 ready [07:44] *** schmir has joined #arpnetworks [07:48] yeah - I'm trying to avoid godaddy though [07:50] I use godaddy exclusively, other than annoying ads what is wrong with it again? [07:59] *** schmir has quit IRC (Remote host closed the connection) [07:59] eeeeeeeeeeew [07:59] godaddy [07:59] Eh. It works. It's a registrar. They all suck. [08:00] Just like CAs. [08:00] hehe. [08:00] I use moniker [08:00] name.com is meant to be fully v6 ready as an alternative... though last time I tried to talk to their sales people I didn't get a reply [09:07] name.com is v6 ready. [09:07] (having just setup a domain there) [09:07] they're also able to to work with dnssec for some tlds. [09:21] *** LT has quit IRC (Quit: Leaving) [09:34] RandalSchwartz: My registrar sucks :( [09:34] They don't support ipv6 glue [09:34] I'll have to contact them to get that, and they in turn will have to contact an upstream provider [09:34] I'm bugging the hell out of them for that [09:35] I'll probably move away from them (again) in a few months [09:35] In like 50 days or so :P [10:14] *** BeBoo_ has joined #arpnetworks [10:14] wot [10:14] Where is the ARP datacenter? [10:14] LA [10:14] Thanks [11:10] oh right. [11:11] toddf: re: godaddy, my biggest complaint is that their UI sucks (that's not unique to them, domainsatcost is just as bad) and that their support team is useless. [11:11] every since my 'vi fries.net; sh ./pgpsignandsubumit fries.net' days are over, all UI's suck [11:12] I so miss the original internic that permitted that [11:12] haha. [11:12] which is fair, I'm just saying I prefered generic html forms to ajaxified web-2.0 ... ugh. [11:13] *shrug* many modern browsers can cope, firefox amongst them, so I'm ok given that a) it actually permits pasting addresses instead of filling in boxes one octet at a time b) I have yet to find anything equivalent in functionality that is cheaper [11:15] if anybody finds same or chaper pricing vs godady with v6 glue capabilites, please let me know [11:16] you're probably gonna have to specify a tld, but at least for .com name.com is cheaper (dunno how they stack up if you add privacy) [11:16] I never `pay extra' for privacy [11:17] name.com is cheaper for .com and has v6 glue? [11:17] free privacy! [11:17] .com and .net are the only tld's that do v6 glue afaikt [11:17] what is ipv6 glue? [11:19] the ability to tell the registrar to put this info out there: [11:21] dig @a.gtld-servers.net ns0.l0.freedaemonhosting.net [11:21] [..] [11:21] ;; ADDITIONAL SECTION: [11:21] er [11:22] dig @a.gtld-servers.net ns0.l1.freedaemonhosting.net [11:22] [..] [11:22] ;; ADDITIONAL SECTION: [11:22] ns0.l1.freedaemonhosting.com. 172800 IN AAAA 2001:240:58a:100::1 [11:22] ns0.l1.freedaemonhosting.net. 172800 IN AAAA 2001:240:58a:100::1 [11:23] if the TLD zones don't have that then nobody can find the dns servers for the domains they're authorative for [11:23] think about it [11:24] `what IP is freedaemonhosting.com, ask TLD's who the NS is, it is ns0.l1.freedaemonhosting.com, what is the IP? ask ns0.l1.freedaemonhosting.com, ....' aka recursion if ADDITIONAL SECTION was not there [11:24] ahh i see [11:24] I see .com is indeed cheaper at name.com [11:24] now does name.com have v6 glue? [11:35] http://www.tunnelbroker.net/forums/index.php?topic=93.0 .. points out several others that might even be cheaper and provide v6 glue .. interesting, will have to look further when I have more time [11:41] anyone here use nginx? [11:42] I'm considering migrating from lighttpd. [11:46] mike-burns: uses nginx. [11:53] Sure do. [11:55] toddf: yes. [12:50] cedwards: i use nginx still, but all my new stuff is using apache2 / passenger (for rails / rack apps). i will gladly trade the performance for ease of deployment / administration; my sites aren't twitter [12:53] *** nesta has quit IRC (Quit: later skater!) [12:53] *** nesta has joined #arpnetworks [12:55] * BeBoo_ waves to up_the_irons [13:00] up_the_irons: I've been off Apache for a few years now--been using lighttpd. All of my sites are either static or PHP. [13:00] up_the_irons: in local testing it looks like nginx + php-fpm is going to be really efficient. [13:06] cedwards: cool [13:06] * up_the_irons waves at BeBoo_ [13:06] how goes things? [13:07] going alright [13:07] once upon a time, when I was at Slicehost, I couldn't keep my box up due to Apache OOM death. [13:08] now, on FreeBSD 8.1 with lighttpd and fastcgi I rarely break 200M ram. [13:08] wow, nice [13:08] I'm hoping to improve that even more. [13:10] that 200M includes three jails as well. web server, postfix relay (MX2) and a tinydns installation. [13:10] * cedwards loves him some FreeBSD :) [13:12] *** Ehtyar has joined #arpnetworks [13:18] ..but I really don't like our developers. Just got a request (requirement) to install end-of-life jdk 5 for a new deployment. [13:19] cedwards: lol, sucks [13:21] I work for a Java shop and what little respect I had for it once upon a time has long since been wiped out. [13:22] yeah, i've heard that story before [13:23] that and Oracle. Ohh man.. as a sysadmin in a shop running oracle and java everwhere I just can't stand them. [13:24] all I hear is "we need more machines" "we need more ram" "we need.." "we need.." [13:24] write more efficient code, dumb ass. [13:28] Efficient code isn't some magic we sprinkle onto our project, to be fair. [13:28] mike-burns: I understand, but sometimes I wonder if they even try. at all. [13:28] Yeah that's reasonable too. [13:31] from a business standpoint, it's likely cheaper to throw hardware at the problem than hire skilled programmers that will spend time writing a quality application. [13:44] Yup. [13:45] can anyone comment on the appropriate location for a socket connection for php-fpm? (I want to try sockets vs ip:port for fastcgi) [13:46] on my Linux installations it goes in /var/run/php-fpm/php-fpm.sock, but I wonder about the /usr/local/ distinction on FreeBSD.. [13:59] I suppose it doesn't matter too much, but if there is a standard I'd prefer to use it. [14:14] lol [14:15] amazon's mini servers in the cloud are 2 cents an hour. [14:15] 2c * 24 * 31 = monthly price of 14.88 [14:15] conclusion: amazon is a bunch of nazis. [14:15] QED. [14:17] how so? [14:23] 14 and 88 are both neo-nazi symbols. [14:23] ... clearly it's accidental, they wanted $15/mo or something and rounded down to 2c/hr instead of 2.02 [14:23] but it made me laugh. [14:25] how are 14 and 88 neo nazi symbols? [14:25] I've never heard of this before [14:25] http://www.urbandictionary.com/define.php?term=14%2F88 [14:26] *** pierut has joined #arpnetworks [14:26] ... the 88 thing is just HH [14:26] but the 14 words bit is right. [14:27] ahh. ok [14:28] that pricing does seem like they're going after the proliferation of VPS providers [14:28] too bad you're still stuck with either Linux or OpenSolaris [14:29] oh - wait.... http://www.ioncannon.net/system-administration/1246/converting-from-virtualbox-or-vmware-to-ec2-now-easier-than-ever/ [14:30] oh - that doesn't cover it [14:30] still needs a linux-based kernel [14:30] they must paravirtualize or something [14:32] ... I gotta say, since switching my work desktop to fbsd I've had far fewer issues or complaints than I did with ubuntu. [14:32] by and large, shit just works. [14:32] ... I'm content(ish) with UFS2 though :) [14:45] *** justin has quit IRC (Quit: leaving) [14:50] ... since using openbsd exclusively for over 11 years, everything else seems time consuming and labor intensive ;-) [14:52] lol [14:52] lsof won't build on freebsd without kernel sources present [14:53] A+ [14:53] fstat is more than sufficient on OpenBSD imho, I don't even install lsof anymore [14:54] Same in Free. [14:54] It's in base and it works well. :) [14:54] _isakmpd isakmpd 15170 21* internet6 dgram udp [fe80::6b%vether0]:500 [14:54] mhoran: does it have its suid bit removed yet? [14:54] er sorry, setgid kmem .. [14:54] -r-xr-sr-x 1 root kmem 20K Jun 5 11:51 /usr/bin/fstat* [14:54] :( [14:54] -r-xr-xr-x 2 root bin 15440 Jul 10 01:19 /usr/bin/fstat* [14:54] ! [15:45] jdoe: do you run into any issues with flash / java or wireless networking? I've heard those things can be a pain on fbsd [15:49] if I was running a desktop with fbsd... I might be concerned. :) [15:49] my OSX box Just Works [15:51] My Ubuntu Lucid netbook (MSI Wind 1350) "Just Works", I was pretty amazed. Even my Sprint USB Modem was automatically detected and configured. It's even more stable than my T61 (I had 33 days uptime with the MSI, but then needed to shut it off to install more RAM) [15:52] * BeBoo_ agrees with RandalSchwartz [15:52] up_the_irons: are you using Ubuntu Desktop or the Netbook Remix? [15:53] BeBoo_: netbook remix, but then i installed Xmonad and configured it to work with Gnome; so at this point it really isn't much of a "netbook" interface, although in gdm I can still select the Netbook GUI [15:54] I got a free dell netbook when i ordered my desktop and my partner just bought a toshiba today and he wants to put ubuntu desktop on it because he doesn't like the netbook gui [16:00] BeBoo_: all he has to do is apt-get another gui (gnome, kde, etc...) and select it as default session before logging in. then it really doesn't behave like a netbook anymore [16:00] is that all that is different between netbook and desktop? [16:01] the gui? [16:01] BeBoo_: i haven't noticed any other difference yet [16:02] i just installed netbook remix the other day and updated it. haven't had a chance to really play with it [16:03] i was planning on hooking my phone up to it and tethering [16:03] getting my work to add the tethering plan onto my iphone (grandfathered unlim plan) [16:03] and seeing if that would work [16:04] tethering via jailbreak [16:04] are you using mywi or pdanet? [16:04] wait wait [16:04] i haven't jailbroken it [16:04] you can't add tethering and retain unlimited! [16:04] i use pdanet on my android [16:04] really? [16:04] you choose [16:04] old plans or new plans [16:04] fuckers [16:04] yeah sucks [16:04] fts [16:05] i'll keep my unlim tyvm [16:05] me too [16:05] i'll just keep tethering my android [16:05] and then jailbreak and use pdanet :) [16:05] hrm [16:05] i phear jailbreaking [16:05] i rooted my droid, i have no problems with that [16:05] but jailbreaking... thats like a different world [16:05] lol [16:06] it's trivial still [16:06] as long as you're on 4.0.1. not 4.0.2 [16:06] or maybe it's 4.0.2 vs 4.0.3 [16:06] dunno... haven't gotten my new phone yet [16:06] and I'm still on 3.2.1 [16:06] err. 3.1.2 [16:06] .1 and .2 [16:06] .2 broke jailbreaking [16:07] i can always jump back to 4.0.1 [16:07] i have a 8gb 3gs [16:07] it's only a work phone so i don't want/need a 4 [16:15] 4.0.2 is the one you supposedly can't jailbreak. [16:15] ... although I don't get it, I could have sworn I did it with redsn0w... [16:21] I think the problem is on 4g [16:32] there is no 4g, just iphone 4 [16:32] thats as bad as saying you have an iTouch [16:33] i just want to reach thru the computer and slap those people [16:33] NO! It's an IPOD TOUCH [16:34] uhh... well that depends on whether you're being anal-retentive about 4g being exclusively the standard, and not "4th generation" [16:34] ugh [16:34] people saying iTouch really annoys me [16:34] or "X Windows" [16:34] also drives me nuts [16:34] don't get me wrong, itouch is dumb, but I still have an old ipod 4g somewhere... [16:35] X X11 or X Window System [16:35] so saith the Great Book [16:36] I suppose that the windows that X11 draws can be called "X windows" [16:36] but not "X Windows" :) [16:36] anyone good with eggdrops here? [16:36] from what height? [16:37] :-P [16:39] BeBoo_: ... depends on what you want to know, I guess. [16:40] RandalSchwartz: Xorg ;) [16:40] having an issue running it. set many up in the past but i can't remember a damn thing [16:40] just a sec [16:43] *** ziyourenxiang has joined #arpnetworks [18:03] *** fink_ has joined #arpnetworks [18:07] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang) [18:16] *** nakano has quit IRC (Read error: Operation timed out) [18:16] *** mike-burns has quit IRC (Read error: Operation timed out) [18:17] *** phlux- has quit IRC (Ping timeout: 240 seconds) [18:17] *** dxtr has quit IRC (Read error: Operation timed out) [18:17] *** mhoran has quit IRC (Read error: Operation timed out) [18:17] *** nukeAFK has quit IRC (Ping timeout: 272 seconds) [18:17] *** thecoil has quit IRC (Read error: Connection reset by peer) [18:18] *** RandalSchwartz has quit IRC (Ping timeout: 260 seconds) [18:20] *** up_the_irons has quit IRC (Ping timeout: 272 seconds) [18:21] *** phlux has joined #arpnetworks [18:21] *** mike-burns has joined #arpnetworks [18:21] *** ChanServ sets mode: +o mike-burns [18:21] *** fink_ has quit IRC (Read error: Connection reset by peer) [18:21] *** BeBoo_ has quit IRC (Ping timeout: 260 seconds) [18:21] *** phlux is now known as Guest5929 [18:21] *** BeBoo__ has joined #arpnetworks [18:21] *** fink_ has joined #arpnetworks [18:21] *** BeBoo__ is now known as BeBoo_ [18:21] *** nakano has joined #arpnetworks [18:22] *** mhoran has joined #arpnetworks [18:22] *** ChanServ sets mode: +o mhoran [18:23] *** nukeAFK has joined #arpnetworks [18:25] *** up_the_irons has joined #arpnetworks [18:25] *** ChanServ sets mode: +o up_the_irons [18:26] *** dxtr has joined #arpnetworks [18:28] *** coil_ has joined #arpnetworks [18:31] *** pierut is now known as vampierut [18:34] *** fink_ has quit IRC (Quit: fink_) [18:41] *** vampierut is now known as pierut [18:49] *** fink_ has joined #arpnetworks [20:48] *** RandalSchwartz has joined #arpnetworks [20:48] *** RandalSchwartz has quit IRC (Changing host) [20:48] *** RandalSchwartz has joined #arpnetworks [20:49] hmm [20:49] I think I might have found a bug in bind. [20:50] jdoe: better than a bug in bed [20:50] rimshot! [20:51] i'll be here all night [20:51] heyooo :P [20:51] naw, I have an ipsec tunnel between my master and slave [20:51] zone transfers go over that etc. [20:52] the way linux's ipsec is implemented, it's on-demand. [20:52] jdoe: two problems with your situation [20:52] bind & ipsec [20:52] haha. [20:52] when you try to send a packet to a host it knows about a tunnel for, the packet just gets buffered in memory or something until the tunnel is established. [20:52] afaik nothing is ever returned to the app. [20:52] so it just sits there. [20:52] ipsec seems complex, but necessary [20:53] interesting [20:53] so my master goes down, the tunnel dies. [20:53] ... and bind eventually tries to update the zone [20:53] and just hangs there. [20:53] can connect to 53, but no queries get answered. [20:54] :( [20:54] fink_: funny thing is, until now I've never had a problem with bind. [20:54] I hate how linux does ipsec though. [20:54] (also I couldn't even get powerdns working with sqlite) [20:55] that sucks [20:56] i bet tinydns doesn't have this problem [20:56] do you have to use ipsec? [20:56] openvpn maybe? [20:56] openvpn rocks [20:56] udp transport [20:56] the only way to go [20:56] tcp over tcp is fatal [20:56] I'm now seeing that tcp over 3g is like tcp over tcp [20:56] I don't have to, no. [20:57] but I have to for work, so I figured I'd get some experience. [20:57] 3g has its own retransmit [20:57] (and hey look, I learned something :P) [20:57] and that's just bad [20:57] I wish 3g had a udp mode [20:57] RandalSchwartz: time for a vpn on your phone :) [20:57] RandalSchwartz: really, heh; haven't tried it [20:57] well - that'd be tcp over udp over 3g [20:57] not sure if that'd help [20:58] should. [20:58] a reliably delivered unreliable packet [20:58] sounds sucky to me [20:58] it does, but I can't see why it would be. [20:58] I can't see that it's different from tcp over tcp [20:58] which is where the trouble starts [20:59] the real question is why 3g bothers with error correction. [20:59] voice codecs are specifically designed to deal with missing packets. [20:59] because they have low-level connections that require it [20:59] 3g data is not 3g voice [21:00] I thought 3g was just the ... radio... protocol? I guess? I'm not sure what to call it. [21:00] and that the data/voice protocols were built on top of that. [21:00] no - it's a data protocol between phone and tower [21:00] and apparently includes re-transmit [21:00] so data and voice are *completely* different? [21:00] I thought it was more... 3g = ip, voice/data = udp/tcp [21:00] presumably [21:01] All I konw is, ping is reliable over 3g [21:01] and thus, I get ping times from very short to very long [21:01] that means that my ping is being retransmitted [21:01] RandalSchwartz: are you on your iphone/ [21:01] yeah, but that doesn't say anything about error correction [21:01] so essentially, 3g is acting like tcp [21:02] not udp [21:02] it's the same as when I'm using ping on a cruise ship [21:02] they tunnel tcp over tcp [21:02] so I'll get no ping for 18 seconds [21:02] then a huge string of 18000 ms, 17500 ms, etc responses [21:02] in *real* networks, that doesn't happen [21:03] I don't get drops on my 3g [21:03] I just get jitter. [21:03] ... but you know, minor jitter, 150-300 or something. [21:04] RandalSchwartz: have you tried this in different locations? [21:04] yeah [21:04] I tether a lot [21:04] i've pinged through the iphone in different locations, and gotten low and steady in some populated places, but most of the time wild fluctuations like you describe [21:05] my conclusion is that what should be disposable packets (ICMP) is in fact being forcibly retransmitted [21:05] at that point, you get the problems of 'tcp over tcp' [21:07] when congestion happens, pings should fail [21:07] anything else, you got trouble [21:08] any ping that takes longer than a second means somebody isn't playing by the rules [21:12] *** fink_ has quit IRC (Quit: fink_) [21:14] oh [21:15] I see what you mean, because it gets retransmitted you end up seeing that ping some ridiculous amount of time later. [21:15] didn't catch that the first time around. [21:15] yeah [21:15] I haven't noticed, I'll have to check the next time I'm tethered. [21:15] ping packets should just "go" [21:15] if they get retransmitted, someone isn't playing by the rules [21:16] meh... ping packets are weird anyway in a time when everyone and their dog shapes. [21:17] and that means what? [21:17] it's not about shaping [21:17] it's about fundamentals [21:18] ping packets should just be about "oh, I got a ping, send it along" [21:18] it means it's no longer a useful measure. [21:18] wtf? [21:18] what are you saying? [21:18] because at first glance, I disagree. [21:18] I'm saying that on a shaped network your icmp rtt could be wildly different than your tcp rtt? [21:18] it's the measure of end-to-end ideal times [21:19] or any ttl, really. [21:19] rtt. [21:19] wtf brain. [21:19] tcp rtt should always be greater than icmp rtt [21:19] no matter what shaping is in play [21:19] or else you're a confused net admin [21:20] icmp should *always* have priority [21:20] since it's a meta-protocol [21:20] if you don't make your nets like that, please get off my internet [21:20] easy, who said *I* do that? :P [21:20] jdoe - then talk about what sane people do [21:21] not random insane [21:21] that's not random insane, I see that often on networks with p2p nazis. [21:21] they push icmp below tcp? [21:21] they end up whitelisting various normal traffic and then anything they haven't thought of gets dumped into ultra-low-priority. [21:21] that's crap [21:21] icmp is often something they haven't thought of. [21:22] like the packets that say "your udp is too big"? :) [21:22] you really can't filter that [21:22] or most of the net break [21:22] I didn't say filter [21:22] just, you know, low priority. [21:22] if it's too low priority, it's effectively filer [21:23] haha, well I guess yeah, that's kinda what I was saying. [21:23] hmm [21:23] I guess I don't need ipsec, I can just use tsig or something. [21:24] something else new to try. [22:32] what's espcially funny are the nazis that kill icmp [22:32] and the icing on the cake is when they're so clueless they try to kill icmp when they implement IPv6. LOL. [23:46] *** nakano is now known as nakano_