#arpnetworks 2010-11-09,Tue

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
Sunilanyone tried upgrading to OpenBSD 4.8? [01:10]
***LT has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
[01:18]
..... (idle for 20mn)
Ehtyar has joined #arpnetworks
schmir has joined #arpnetworks
[01:40]
............. (idle for 1h1mn)
Sunil has quit IRC (Quit: leaving) [02:41]
.......................... (idle for 2h8mn)
schmir has quit IRC (Remote host closed the connection) [04:49]
.... (idle for 19mn)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
[05:08]
..... (idle for 24mn)
nesta has quit IRC (Ping timeout: 265 seconds)
nesta has joined #arpnetworks
tuv has quit IRC (Read error: Connection reset by peer)
tuv has joined #arpnetworks
[05:36]
......... (idle for 40mn)
toddfSunil: 4.8 and current works fine, just recall to 'disable mpbios' [06:21]
...... (idle for 27mn)
***kitkatbar has joined #arpnetworks [06:48]
kitkatbari was wondering, if i can nslookup -type=aaaa six.nullbnc.com from my localbox but ping6 six.nullbnc.com on my local box says "network is unreachable", however, it ping6 fine on my server and i can connect to irc with it... something must be configured incorrectly :(
i'm running debian, any hints or help would be nice :D
[06:50]
***andrewnemeth has joined #arpnetworks [06:52]
andrewnemethhey guys
need some help with my freebsd
how can I resize the root partition?
[06:52]
.... (idle for 16mn)
***ziyourenxiang has joined #arpnetworks [07:08]
kitkatbarahh looks like my localhost doesn't support ipv6 at home, no wonder i got network is unreachable
:>
[07:18]
***andrewnemeth has quit IRC (Quit: andrewnemeth) [07:22]
zxvff_ipv6 is nice
i hear it is the future of the internet!!
[07:23]
kitkatbarye
can you see if you can "ping6 six.nullbnc.com" ?
[07:23]
nvm [07:36]
***BarberRonny has quit IRC (Quit: leaving)
BarberRonny has joined #arpnetworks
BarberRonny has quit IRC (Client Quit)
kitkatbar has quit IRC (Quit: leaving)
[07:38]
BarberRonny has joined #arpnetworks
BarberRonny has quit IRC (Client Quit)
BarberRonny has joined #arpnetworks
BarberRonny has quit IRC (Client Quit)
BarberRonny has joined #arpnetworks
BarberRonny has quit IRC (Client Quit)
[07:47]
mhoranup_the_irons: How do you share your libvirt config files? Storage, network, VM config, etc across your host servers?
I was considering using git as we do with Xen but that seems to be frowned upon.
[07:55]
***BarberRonny has joined #arpnetworks [07:56]
wwmhoran: iscsi?
ww hides
[08:00]
mhoranSure, we use iSCSI for block devices, but /etc/libvirt is what I want to share.
And sharing that directory (or at least /etc/libvirt/qemu) is frowned upon -- https://www.redhat.com/archives/libvir-list/2009-October/msg00033.html

Really, all I need shared is /etc/libvirt/storage, since that's where my storage pools live (which are iSCSI).
But to migrate a domain that lives on an iSCSI block devices, the pool must first exist and be started on the remote end, which isn't always the case.
So really, libvirt should just have better support for migrating iSCSI pools. And should start them up automatically when a domain is migrated (though I see why it doesn't do that).
So in the meantime I have to find a way to share my storage pools, and to do that I've checked everything in /etc/libvirt save qemu dir into git.
[08:01]
wwmhoran: i was being facetious...
... i've not actually looked into the details of qemu much
[08:10]
mhoranSo I think I'm just going to write a wrapper around iscsiadm that automatically creates the poolsfor the available targets ... that seems the best way to do this ... and then let libvirt migrate the domain configs when it wants to.
Unless up_the_irons has a better option for me. :)
[08:16]
toddfmhoran: up_the_irons doesn't do auto distribution, from what I can see it is a manual migration process [08:19]
.... (idle for 19mn)
***schmir has joined #arpnetworks [08:38]
toddfand he doesn't do iscsi, he has found physical disks on the servers to be more reliable [08:39]
nestatoddf: do you know what OS is used to host the virtual machines? [08:39]
mhoranUbuntu. [08:39]
toddfnesta: Linux is all I need to know. ;-) [08:40]
nestahehe
nesta prefers a good ole BSD
[08:40]
mhoranI've found iSCSI to be just as reliable as physical disks, it's just more expensive. Though our iSCSI vendor blows.
It's nice for e.g. live migration.
[08:40]
toddfnesta: a good ole BSD doesn't do kvm just yet [08:40]
mhoranReplication and failover as well. [08:40]
nestatoddf: I imagine not :) [08:41]
toddfmhoran: check the old logs about iscsi [08:41]
mhoranI know, just stating my opinion. [08:41]
toddfaka regarding up_the_irons experiences with it [08:42]
mhoranLive migration (or even migrating betwen hosts -- what about failed disks) just seems so impossible without iSCSI. Granted, we don't currently have live migration even with Xen, but we do have iSCSI backed storage and can easily move VMs between host servers with no data loss.
Our iSCSI infrastructure is also fully redundant, we've got N+1 replication and then RAID-5 on each cluster node.
We've lost entire iSCSI systems and remained fully available.
Not to mention losing a single disk and being fine.
[08:43]
toddfas soon as live migration is a requirement, iSCSI makes sense
when the environment is large enough such setups make sense
[08:43]
mhoranYup. Well, it is, here. We just can't use it. We just need to be able to migrate between hosts, at a minimum. And that seems too difficult with local storage. [08:44]
toddfat arp, there is a bit of common sense, simplicity, and economy in the mix, iscsi tends to take the simplicity and economy out of the equation IMHO
though I don't disagree with the awesomeness of your setup
I wish there was a free software iscsi target that did anything close to what you describe
[08:45]
mhoranI wish our product did everything it was supposed to do. :p [08:46]
toddfas it is the one free iscsi target I can run on OpenBSD (netbsd-iscsi-target ironically) can't even reload the targets config file w/out restarting, severing all iscsi connections in the process .. whee! [08:46]
mhoranDamn.
Yeah, considering what it does, it's pretty solid. But sometimes it's really flakey, and it requires a clunky Java GUI to manage it.
Though now it's got some SSH console, but the CLI is undocumented.
[08:46]
toddfare you able to divulge your 'product' ? ;-) I've got an equalogix array at a customers colo, seems like a very fancy iscsi target... [08:47]
mhoranThe clustering is awesome, and it supports LACP at the link layer automatically so the NICs are redundant.
HP/LeftHand SANs.
[08:47]
toddfthat sounds a lot like equalogix wannabe [08:48]
mhoranIndeed. They were around for a while as LeftHand and then HP bought them. Apparently they've rose to huge success, at least that's their excuse for their shitty tech support.
The whole core was some guys PhD thesis or something.
[08:48]
toddf;-) [08:49]
mhoranWish it were open source, it would kick ass. [08:49]
toddfyeah [08:49]
mhoranThe real cool thing is remote replication -- we can replicate our five san cluster to our second datacenter all in a half hour over a dedicated backbone link. [08:49]
toddfthats what equalogix touts also
do you do more granularity than 15mb data chunks?
[08:49]
mhoranI believe so, though I've not tuned any of that. [08:50]
toddfit seems rather rediculous if one byte is modified every 15mb .. it transfers the entire 15mb chunk [08:50]
mhoranYeah, looks like LH is 256k. [08:51]
toddfmuch more efficient [08:51]
mhoranI'm wondering if the new version of the software fixes some of thes issues we've seen with the version we're running, but I don't think I'm going to get the go-ahead to upgrade ... we've just had major headaches with upgrades in the past, and, if it ain't broke it, don't fix it.
But I know the second I log a support call, they're going to tell me to upgrade.
[08:52]
toddfheh [08:53]
mhoranOh, of course listStoragePools() and listDefinedStoragePools() are mutually exclusive, why not! [09:00]
.... (idle for 15mn)
***LT has quit IRC (Quit: Leaving) [09:15]
kitkatbar has joined #arpnetworks [09:23]
up_the_ironsmhoran: the config is not shared [09:29]
***heavysixer has quit IRC (Quit: BAMPF!) [09:30]
kitkatbarup_the_irons: can you double check some small configs for me?
this is ipv6 part of /etc/network/interfaces -> http://pastebin.com/BKN6usGX
[09:32]
vcskitkatbar: shouldn't the netmask for link local be /48 [09:35]
kitkatbari'm not sure, i had hell of a time getting it to the point where it is now
:)
[09:36]
vcs:)
kitkatbar: the mask should be /48 if you are routing a /48 block of ipv6 over link local
also, do you have packet fowarding enabled
[09:37]
kitkatbaryes [09:37]
vcsany crazy firewall rules [09:38]
kitkatbar/etc/sysctl.conf i added net.ipv6.conf.all.forwarding = 1
default firewall
[09:38]
vcsok [09:39]
kitkatbari even added that protocol 41 i think to iptables [09:39]
vcskitkatbar: has he fowarded the block to you yet? [09:39]
kitkatbaryes
i already have reverse delegation to my nameservers
[09:39]
vcscan you print out "ifconfig" and "route" [09:39]
kitkatbarsure one sec [09:39]
vcsand pastebin them [09:39]
kitkatbarhttp://pastebin.com/gcFQAvXA [09:40]
vcsinet6 addr: fe80::2/64 Scope:Link is incorrect
should be fe80::2/48
your routes look correct
[09:41]
kitkatbarbout to restart networking or might reboot
to see if the netmask 48 will change things
[09:42]
up_the_ironsvcs: fe80::2/48 is incorrect. link local addresses are /64's [09:43]
vcs:X [09:43]
up_the_ironskitkatbar: ^ [09:43]
vcsvcs slaps himself [09:43]
up_the_ironsfe80::2/64 is correct [09:43]
vcs::/0 2607:f2f8:34c0::1 UG 1 0 0 eth1
it looks like you have an extra default route for ipv6
that was probobly leftover from your /64
err wait
im not used to non BSD route, lol
[09:44]
***kitkatbar has quit IRC (Read error: Connection reset by peer) [09:45]
vcs16 bytes from 2607:f2f8:34c0::3, icmp_seq=0 hlim=63 time=1.264 ms
that looks good :)
[09:47]
***unknown_ has joined #arpnetworks
unknown_ is now known as kitkatbar
[09:47]
vcskitkatbar: you had an extra default ipv6 route
that was the problem
;)
::/0 2607:f2f8:34c0::1 UG 1 0 0 eth1
was still loaded
from your /64
so rebooting cleared it out, and now you are on ipv6 ;)
congrats man
[09:47]
kitkatbarsweet [09:48]
vcshehe [09:49]
kitkatbarcan you check to see if you can reverse this ip 2607:f2f8:34c0::3
maybe it just hasn't propagated yet, i sure to hell hope i got bind9 configured properly
[09:49]
vcsHost 3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa not found: 2(SERVFAIL) [09:50]
kitkatbarhmm [09:50]
vcskitkatbar: are you running BIND? [09:50]
kitkatbaryea
i get this from my server though
nslookup -type=AAAA six.nullbnc.com
six.nullbnc.com has AAAA address 2607:f2f8:34c0::3
[09:51]
jpalmerdon't use nslookup for debugging or troubleshooting. use dig.
nslookup will make several assumptions about the information you are looking for, and will occasionally work even when things aren't configured properly. if you are troubleshooting, this is not a good thing.
[09:51]
kitkatbarthx :D i'm not a network guru yet
this one had me baffled
dig says no error when i dig that domain, so i guess it's a propagation issue
[09:54]
jpalmerkitkatbar: I'm pretty decent with bind. let me scroll up a sec and read from the top. [09:55]
kitkatbari was having ipv6 issues with my interfaces config with the netmask
i think changing it and rebooting solved that problem
[09:55]
jpalmerkitkatbar: it looks like ns1 and ns2.nullbnc.com are delegated the ip6.arpa for that address space. are those your NS's? [09:57]
vcsdig @your.dns.server.com 2607:f2f8:34c0::3 PTR
try that
[09:57]
kitkatbaryes
http://pastebin.com/ZmuJwBtM
[09:57]
jpalmerkitkatbar: I'm getting a SERVFAIL from your NS for that record. can you paste your bind config and zone config? [09:58]
kitkatbaryes, one sec [09:58]
http://pastebin.com/VazMSimU [10:03]
jpalmerkitkatbar: I'm not seeing anything obviously wrong with the configs/zone. do you see any errors in bind when loading the configs? [10:11]
kitkatbarno
i added that ipv6 address to ns1.nullbnc.com thinking it might help
not sure if thats correct, probally should work without it
[10:12]
jpalmerahh, your SOA, and origin don't match in the ip6.arpa zonefile
you have a zone definition of: 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa, you have an SOA of: 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa but you have an ORIGIN of: 0.0.0.0.0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa
[10:13]
kitkatbarahhh [10:16]
***ziyourenxiang has quit IRC (Quit: ziyourenxiang) [10:16]
kitkatbarso should which one should i change
lol
sorry
should i add 4 0's to the SOA or remove 4 0's from the origin?
must of been the ipv6 reverse dns zone builders fault, i should've known better than to use it haha
[10:17]
jpalmertry removing the extra nibbles from the ORIGIN, and add them to the PTR record itself. [10:20]
kitkatbarsays status: noerror on dig now
instead of nxdomain
but still says answer: 0
[10:22]
hmm i have no idea
i've tried every combination possible with the 0 thingy
[10:32]
.... (idle for 19mn)
***Sabrii has joined #arpnetworks [10:51]
Sabriikeek-a-boo [10:52]
***schmir has quit IRC (Ping timeout: 265 seconds) [11:00]
............... (idle for 1h14mn)
kitkatbar has quit IRC (Quit: leaving) [12:14]
..... (idle for 22mn)
fink has joined #arpnetworks [12:36]
cedwardsanyone use gitosis with gitweb? [12:44]
....... (idle for 34mn)
***kitkarbar has joined #arpnetworks [13:18]
kitkarbari'm now getting a response with 'dig @ns1.nullbnc.com six.nullbnc.com AAAA'
but when i try 'host 2607:f2f8:34c0::3' it says servfail
[13:18]
***schmir has joined #arpnetworks [13:33]
...... (idle for 26mn)
islandfox has quit IRC (Read error: Connection reset by peer)
islandfox has joined #arpnetworks
Husky has quit IRC (Read error: Connection reset by peer)
mhoran has quit IRC (Read error: Connection reset by peer)
mhoran has joined #arpnetworks
ChanServ sets mode: +o mhoran
jazz57 has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
heidar has quit IRC (Ping timeout: 245 seconds)
[13:59]
jazz57Anyone experiencing connectivity issues? [14:02]
***dxtr has quit IRC (Ping timeout: 264 seconds) [14:02]
vcsnope
not yet :X
[14:03]
jazz57I can't even ping arpnetworks.com [14:03]
vaporno pings [14:03]
vcs[sundial@puffy ~]$ ping6 arpnetworks.com
16 bytes from 2607:f2f8:0:102::3, icmp_seq=0 hlim=63 time=1.054 ms
ipv6 is up
[14:04]
jazz57What about ipv4? [14:04]
vcsworking for me [14:04]
jazz57Some of us still use that, ya know. [14:04]
vcs:P
i have stuff hosted on ipv4
and its all working ok
arp networks site is up for me
maybe its a routing problem
between you and them
[14:04]
vapor11 ae-1-69.edge1.SanJose1.Level3.net (4.68.18.14) 75.912 ms ae-3-89.edge1.SanJose1.Level3.net (4.68.18.142) 76.104 ms ae-4-99.edge1.SanJose1.Level3.net (4.68.18.206) 76.735 ms
12 * * *
13 * * *
dies at level3
[14:05]
mhoranYeah.
Having trouble here as well.
Just a few minutes ago.
[14:05]
***Sheath has joined #arpnetworks [14:05]
vaporman I've got 2 vps boxes at softlayer
two times today
no response
argh
[14:05]
jazz57The level3 to MZIMA link may be down. [14:06]
mhoranYeah.
I can get in over v4 from my house, but not from work.
Home goes over Comcast to Mzima, work goes over L3.
[14:06]
jazz57My monitoring service is also complaining.
I'm on roadrunner and it dies at the Level3 MZIMA connection.
What does your route look like vcs?
[14:06]
***dxtr has joined #arpnetworks [14:09]
jazz57The link from Trit Networks may still be up.
vapor: Soflayer is going downhill?
They used to have a very good reputation.
[14:09]
vcsalright, one sec
ill get you a traceroute
on http://pastebin.ca/1986763
[14:10]
***kitkarbar has quit IRC (Quit: Lost terminal) [14:14]
vcsmy traffic is being routed over mzima
it appears
[14:14]
vaporI love softlayer
just don't like random weird issues
I run a small datacenterand we never run into these kinds of problems
vapor knocks on wood
:)
level3 routing issues...those happen a lot
level3 sucks
[14:14]
jazz57Thanks vcs. [14:15]
vapormzima is good transit
considering they default to level3 mostly
[14:15]
vcsim supprised i dont go through level3
since im a few miles from them
lol
guess thats a good thing
[14:15]
vaporlevel3 has awesome latency but they do run into routing issues frequently
their network is AGED like a fine wine
[14:15]
vcsi have some servers collocated at their datacenter here
no ipv6 :X
guess thats aged equip for ya
[14:16]
vaporvcs, yeah they still dont run v6
you have to run tunnels
[14:16]
jazz57I remember when level3 was considered modern [14:16]
***nukefree has joined #arpnetworks [14:17]
RandalSchwartzRandalSchwartz waves from LA [14:17]
vcsjazz57: like 10 years ago? [14:17]
RandalSchwartzit's so cool to have 1.1 ms ping times to my VPS from my desk :) [14:18]
***nuke| has joined #arpnetworks
nuke| is now known as nuke`
[14:18]
jazz57Here is my trace: http://pastebin.ca/1986770 [14:19]
dxtrRandalSchwartz: I've got a couple of hundred [14:19]
jazz57I usually get routing through Los Angeles. Now it's going up to SJC and getting lost.
vcs: That sounds about right. :-)
[14:20]
vcshurricane electric is cool :)
i like them :)
[14:22]
jazz57I remember someone recommending Level3 over ATT because the had a new network built from scratch. [14:22]
RandalSchwartza couple of hundred milliseconds? [14:22]
jazz57I like hurricane too. ipv6 and they have a cool NTP servers too. [14:23]
vaporstill seeing lvlt issues
it actually gets to mzima now
so if its bgp then should only take another 60 seconds
[14:23]
jazz57I'm still getting destination unreachable [14:24]
***kitkatbar has joined #arpnetworks [14:26]
RandalSchwartzOoh, my nagios just went nuts
did we have some downtime recently?
[14:26]
kitkatbaris anyone else experiencing network lag? [14:26]
jazz57kitkatbar: I can't get connect at all. [14:26]
kitkatbarme either
i've been working all day on my server
[14:26]
jazz57Me too. :-)
I just through.
[14:27]
RandalSchwartzI can't figure out why nagios can't even ping its own host
I've got "host down" on localhost. :(
[14:27]
dxtrAnd yes, something went down before, RandalSchwartz [14:27]
toddfrandalschwartz: fd depletion or other dos? firewalling localhost? [14:28]
RandalSchwartzno. nothing unusual.
maybe the whole VM was frozen
or at least the network stack outside my view
bad stuff from 1405 to 1426 across multiple VPS
[14:28]
toddfnagios acts funny if resources take too long to allocate .. wheterh thats sockets or disk blocks etc
since it forks a process to run the check and considers things bad if it doesn't check in so to speak within a certain timeframe
[14:28]
RandalSchwartzwell - that's pointing at VM issues, not guest OS issues [14:29]
jazz57Looked like a network issue to me. [14:29]
RandalSchwartzso it's Garrey's problem not mine [14:29]
kitkatbarany of you guys can help me figure out why my rdns isn't working for my ipv6 [14:29]
***heidar has joined #arpnetworks [14:29]
RandalSchwartzbut it's his *because* I'm gonna get yelled at because of it [14:29]
toddfrandalschwartz: think thundering herd of disk io .. slowing nagios process creation if the sectors happen to not be cached in memory .. [14:30]
RandalSchwartzsure. Still sounds like a virtual-hardware fault though
I'd like those to go away
[14:31]
toddfgiven my experience with nagaios, I'd expand the timeframe during which individual checks timeout and/or generate warnings by 20-40% ... just because nagios couldn't meet its own criteria of happy days doesn't mean external usage was effected as much as nagios might have you think .. *shrug* .. I've written a replacement to nagios and uninstalled it from my systems due to its inability to stop producing false positives on real hw, leta lone ...
... virtual hw
[14:33]
RandalSchwartzYes - I wait 10 checks before I send a hard notice
but I still shouldn't be getting soft notices like this
both mabel and red went nuts at the same time
so I'm gonna blame somethign higher
mind you, 99.96% availability isn't bad
but another 9 wouldn't hurt
especially if it's a fault that Garrey can fix
and it sounds like all of us experienced something odd during that time
that smells of VM
oops. It's Garry, and Dolley
I have a hard time remembering that. Blame jet lag. )
[14:34]
jazz57Here is my trace now:http://pastebin.ca/1986789
The route has changed back to Los Angeles.
So somehow a partial network outage causes weirdness with the VMs.
[14:38]
toddfok, so who here is setting their vm to go 'fritz' when upstream network outages occur? ;-) [14:41]
kitkatbaranyone run debian & bind w/ ipv6? [14:41]
RandalSchwartzmaybe a bunch of console notifications (high uninterruptible priority) [14:41]
vaporkitkatbar, dig -x ip +trace is your friend [14:41]
jazz57I did get some "runtime went backwards" notices the other day in my logs.
Interrupts may be getting dropped when activity is too high.
Someone suggested dropping kern.HZ to 10.
(assuming freeBSD)
[14:43]
RandalSchwartzI think it's that already [14:46]
kitkatbarmaybe it was the mysterious missle launch earlier off the coast of la the caused it [14:46]
RandalSchwartzOh. I have hz = 100 [14:46]
did the missle launch affect the cruise ship that lost power? :) [14:53]
vcsmaybe the missle took out our route :X
bastards!
[14:54]
RandalSchwartzthat's what I get for putting that info record in!
$ host -t loc stonehenge.com
stonehenge.com location 34 2 53.000 N 118 15 21.000 W 50.00m 1m 10000m 10m
[14:55]
kitkatbarvcs, can you post your reverse zone for ipv6 please?
wait
[14:58]
vcskitkatbar: sure [14:59]
kitkatbari already have the link
i used same generator you did
but my reverses dont work :/
[15:00]
vcshttp://pastebin.com/r5mb6mwn
did you use your own ip /48 range
and not mine
[15:00]
kitkatbaryes [15:01]
vcsperhaps your named.conf file is bad? [15:02]
kitkatbarhttp://pastebin.com/J3VcyXaf [15:02]
vcsor you did not run rndc reload [15:03]
kitkatbaryes i have
lol
ive tryed everything i know
[15:03]
vcs201011090 ; Serial number (YYYYMMdd)
errr
you have only changed to today?
[15:03]
kitkatbari've been at this all day [15:03]
vcsevery time you make a change
it requires an incriment
then rndc reload
[15:03]
RandalSchwartzUh - that's not 00 [15:03]
vcselse it will not realod [15:03]
RandalSchwartz20101109xx [15:04]
kitkatbareven for 'host ipv6:address' to work?
oh i see
to check to see if the config has changed
lemme test this
[15:04]
RandalSchwartzI'm old school... /etc/rc.d/named reload :) [15:05]
kitkatbarwell i have mostly been restarting it with /etc/init.d/bind9 restart [15:06]
Leftyreload is enough [15:07]
kitkatbarah
well i still have a problem then :/
[15:07]
Leftyand you should alwaysalwaysalways increment the serial [15:07]
kitkatbaryes i just did and tested it
same result
but atleast i know in the future when i make a modification, to increment the serial
[15:07]
RandalSchwartzare there any error messages when bind is reloading?
what does your local soa report?
host -t soa $domain $localhost
[15:13]
toddfyou've checked your /var/log/* logfiles, right? [15:15]
kitkatbarno errors when bind is reloading
host -t soa six.nullbnc.com nullbnc.com
Using domain server:
Name: nullbnc.com
Address: 174.136.101.162#53
Aliases:
six.nullbnc.com has no SOA record
[15:16]
RandalSchwartzno no - the rdns
since that's what you're having trouble with
or am I mixing up conversations here
[15:20]
kitkatbarno [15:20]
RandalSchwartzyour bind should report an SOA with the same serial as what you defined
host -t soa 0.c.5.a.8.f.2.f.7.0.6.2.ip6.arpa. localhost
something like that
Wait a second
that SOA is wrong
@ IN SOA your.forward.host.name.here.com your.email.host.com. (
that's what you want
not the reverse
you're defining the authoritative *master* host for *this* domain
for example, I have
@ IN SOA red.stonehenge.com. hostmaster.stonehenge.com. (
RandalSchwartz waits until kitkatbar catches up
[15:20]
kitkatbarso your saying '@ IN SOA 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa. ns1.nullbnc.com. (' is wrong in my reverse-ip6.arpa file? [15:24]
RandalSchwartzYes. Very Wrong. [15:24]
kitkatbarguess thats what i get for using damn generator for this reverse file [15:24]
RandalSchwartz@ IN SOA master.host.com youremail.youremailhost.com [15:24]
toddfhahaha. wrong indeed. [15:24]
RandalSchwartzno - you just put the wrong data in
it asked you things, you told it wrong :)
GIGO
[15:24]
kitkatbarah
lol
lemme see if this will fix it
[15:24]
RandalSchwartzand what does your delegation in your master file look like? [15:25]
kitkatbarin my nullbnc.com.db file it looks like
@ IN SOA ns1.nullbnc.com. ns2.nullbnc.com.
[15:25]
RandalSchwartzno... in your named.conf
... zone "0.8.0.3.8.f.2.f.7.0.6.2.ip6.arpa" {
something like that?
[15:25]
kitkatbaryea [15:26]
RandalSchwartzok - so fix your soa, reload
and then you should be able to check your soa locally
once that's working, you can worry about the right upstream delegations
[15:26]
kitkatbarhost -t soa -i six.nullbnc.com
six.nullbnc.com has no SOA record
[15:28]
toddfwrong question [15:28]
RandalSchwartzindeed [15:28]
toddfhost -t soa -i nullbnc.com localhost [15:28]
RandalSchwartzbut I'm asking about the reverse-6 records
he should be able to see his ip6.arpa soa
[15:28]
kitkatbarhost -t soa -i nullbnc.com localhost
Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases:
nullbnc.com has SOA record ns1.nullbnc.com. ns2.nullbnc.com. 201011091 86400 1800 172800 259200
[15:28]
RandalSchwartzkitkatbar - that's still broken
unless your contact email is ns2@nullbnc.com
although, knowing you, it might be :)
@ IN SOA MASTERHOSTGOESHERE YOURCONTACTEMAILGOESHERE (
there... clearer now?
[15:29]
kitkatbarso now
nullbnc.com has SOA record ns1.nullbnc.com. admin.nullbnc.com. 201011092 86400 1800 172800 259200
[15:30]
RandalSchwartzok - that's good for the forward
now check the reverse
... host -t soa 0.c.5.a.8.f.2.f.7.0.6.2.ip6.arpa. localhost
or whatever your numbers are
basically, you should get a SOA record for everything you list in named.conf
as a master
[15:30]
kitkatbarhost -t soa 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa. localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
Host 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa not found: 2(SERVFAIL)
[15:32]
RandalSchwartzwell - there's your problem then
are you *sure* your named.conf is correct?
[15:32]
kitkatbarpretty sure [15:33]
jpalmerkitkatbar: sorry I had to run earlier. work called. did you get ip6.arpa resolution working? [15:33]
RandalSchwartzjpalmer - not yet
I smell something wrong with named.conf at this point
[15:34]
kitkatbarbut can't be certain about anything now :p [15:34]
RandalSchwartzplease pastebin your "zone" entry for that reverse
zone "0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa" {
...
until the end of that block
does it have "type master" and "file '...'" correct at least?
[15:34]
kitkatbarhttp://pastebin.com/Hv2UBRpG
yes, the reason i have ip commented under slave is cos i tryed it both ways earlier
[15:35]
RandalSchwartzand the file is in the right place?
called reverse-2607 blah blah?
[15:35]
kitkatbaryea, /etc/bind/zones/master/reverse-2607blahblah.ip6.arpa [15:36]
***nukefree has quit IRC (Quit: ZNC - http://znc.sourceforge.net) [15:36]
kitkatbarreverse-2607-f2f8-34c0_48.IP6.ARPA to be exact :p [15:36]
RandalSchwartzwait - I have "master/" in front of mine
is your filename like the others in that file (the ones that work)?
[15:37]
toddfprobably some option to prefix /etc/bind/zones infront [15:37]
jpalmeror a chroot [15:37]
RandalSchwartzI have file "master/stonehenge.com" [15:37]
toddfchroots tend to be in /var/named [15:37]
RandalSchwartzand file "master/..." for all the rest
are you sure you don't need "master/..." ?
options { directory "..." }
[15:38]
jpalmerkitkatbar: what OS, and what version of BIND? [15:38]
RandalSchwartzit's relative to that, I think [15:38]
kitkatbardebian 5 bind 9
im adding it jus tto see
im curious if i need to go shoot myself for not seeing that
haha
host -t soa 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa. localhost
Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases:
0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa has SOA record ns1.nullbnc.com. nullbnc.com. 201011092 86400 1800 172800 259200
[15:38]
RandalSchwartzkitkatbar - was that it... "master/..." ?
ha ha
[15:39]
kitkatbaryea [15:40]
RandalSchwartzkitkatbar - still wrong SOA
but you're getting closer
[15:40]
kitkatbarit was thinking it was in the same dir as named.conf
i know
i just fixed it
when i saw it :)
[15:40]
RandalSchwartzunless your email is "nullbnc@com" :) [15:40]
kitkatbar<- slow learner but persistant
lol
[15:40]
RandalSchwartz<- slow teacher but easily distracted
ok - next step is to see if the delegation is coming at you from above
host -t ns 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa
better yet
host -t ns 0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa 4.2.2.2
so you're not getting a local value
Yeah - it's pointing at ns1 and ns2
so you have to get both ns1 and ns2 to agree on this record now
[15:40]
kitkatbarbut ns2 is just a mirror of ns1 for me
:D
on a different ip
[15:42]
RandalSchwartz"mirror"? [15:42]
kitkatbarlol @ i dont even think ns2 is setup [15:43]
RandalSchwartzthat's the next step then
make all the errors on this go away, and you'll be done: http://www.intodns.com/0.c.4.3.8.f.2.f.7.0.6.2.ip6.arpa
[15:44]
kitkatbaryea i was there earlier
had quite a few errs
thx for your assistance
i'll try to finish up
was my goal for today :D
[15:44]
RandalSchwartzdepending on your timezone, you're either just in time for a beer, or now can begin your workday. :) [15:45]
kitkatbari'd be on the side of the beer
lol
[15:46]
toothIt's always beer o clock [15:48]
..... (idle for 20mn)
vaporbeer:30 [16:08]
.... (idle for 17mn)
***jazz57 has left [16:25]
.................... (idle for 1h35mn)
nukefree has joined #arpnetworks [18:00]
nukefree has quit IRC (Ping timeout: 245 seconds) [18:09]
.... (idle for 15mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit)
[18:24]
kitkatbarso do i really need two nameservers for ipv6 reverses to work? [18:36]
RandalSchwartzno - but your ns delegations need to agree [18:36]
kitkatbarshit
so
[18:36]
RandalSchwartzso if you don't want two nameservers, don't let your upstream say that [18:36]
kitkatbarif i said ns1 and ns2
on the delegation request
[18:36]
RandalSchwartzit's all about the upstream
yeah
[18:36]
kitkatbari need to email them to remove ns2? [18:37]
RandalSchwartzuh, whatever [18:37]
kitkatbarcan you do that for me? :) [18:37]
RandalSchwartzbut you really should have a secondary
especailly a secondary that is far far away from you
he.net provides those for free
that's what I'm using
[18:37]
kitkatbarok i'll check into it
tunnelbroker?
[18:38]
RandalSchwartzyes [18:39]
***nukefree has joined #arpnetworks [18:42]
nukefree has quit IRC (Quit: ZNC - http://znc.sourceforge.net) [18:51]
..... (idle for 21mn)
nukefree has joined #arpnetworks
kitkatbar has quit IRC (Quit: Lost terminal)
[19:12]
..................... (idle for 1h43mn)
fink has quit IRC (Quit: fink) [20:58]
tinono has joined #arpnetworks [21:10]
tinonooh i was looking for kitkabar. just went through the logs. his reverse zone is ok, but he's missing a few zeros in his ptr reconrds. [21:12]
***mike-burns has quit IRC (*.net *.split)
sentabi has quit IRC (*.net *.split)
tinono has quit IRC (Quit: leaving)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
sentabi_ has joined #arpnetworks
[21:16]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)