| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | LT has joined #arpnetworks | [01:21] |
| ........ (idle for 39mn) | ||
| hsien has quit IRC (Ping timeout: 240 seconds) | [02:00] | |
| .... (idle for 15mn) | ||
| Ehtyar has joined #arpnetworks | [02:15] | |
| ................................... (idle for 2h50mn) | ||
| heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [05:05] | |
| ramanK has joined #arpnetworks | [05:12] | |
| ramanK has left | [05:23] | |
| ................... (idle for 1h31mn) | ||
| fink has joined #arpnetworks | [06:54] | |
| ........... (idle for 53mn) | ||
| heavysixer has quit IRC (Ping timeout: 255 seconds)
heavysixer has joined #arpnetworks ChanServ sets mode: +o heavysixer | [07:47] | |
| .............. (idle for 1h9mn) | ||
| LT has quit IRC (Quit: Leaving) | [08:59] | |
| nerdd has joined #arpnetworks
nerdd_ has quit IRC (Ping timeout: 250 seconds) nuke` has quit IRC (Ping timeout: 250 seconds) nuke- has joined #arpnetworks | [09:09] | |
| ...... (idle for 27mn) | ||
| robotarmy has joined #arpnetworks | [09:43] | |
| robotarmy | :D | [09:43] |
| dxtr | I don't understand how one only knows how to make food that tastes close to nothing
I wouldn't recommend my moms cooking to my worst enemey | [09:49] |
| *** | zxvf is now known as zxvff | [09:50] |
| ......................... (idle for 2h1mn) | ||
| baklava has quit IRC (Remote host closed the connection)
baklava has joined #arpnetworks | [11:51] | |
| .... (idle for 19mn) | ||
| robotarmy | i'm trying to find a list of all our subdomains - is this possible with dig? | [12:11] |
| yes
and no is the answer :D | [12:24] | |
| ...... (idle for 29mn) | ||
| *** | schmir has joined #arpnetworks | [12:53] |
| .... (idle for 19mn) | ||
| jpalmer | robotarmy: if you're nameserver is configured to allow your client to axfr, then yes. you can. | [13:12] |
| up_the_irons | jpalmer: robotarmy : yes, but usually axfr is turned off, for security purposes | [13:13] |
| jpalmer | up_the_irons: sure, but assuming you have administrative control over the NS, you can easily enable it for specific (assuming administrative) clients. thats what I do. | [13:14] |
| up_the_irons | jpalmer: true | [13:15] |
| jpalmer | an axfr is the only real (as in, safe) way to get an accurate "to the second" view of DDNS zones. so I always enable what I call an "administrative dig client" hehe
up_the_irons: did you ever get anywhere with being able to delegate the "bind support tasks?" or is it still somewhere on the TODO? | [13:16] |
| up_the_irons | jpalmer: still on the todo :( | [13:18] |
| jpalmer | hehe I know how that goes, trust me ;) | [13:18] |
| up_the_irons | yeah | [13:18] |
| jpalmer | are you using straight BIND, or BIND-dlz with a DB backend? | [13:18] |
| up_the_irons | jpalmer: straight BIND, but have been thinking about a DB backend. if you have experience with a DB-backed version, do tell your thoughts :) | [13:19] |
| jpalmer | well, the real question is, do you do seperate views? or one global view for your zones?
DB backed is considerably slower (straight bind can handle thousands of queries per second, depending on hardware) DB backed, is more in the hundreds range. so what most people do, is a BIND-dlz master, and then file backed BIND for slaves. but if you are doing views, that gets complicated. | [13:20] |
| up_the_irons | no views
hundreds / sec is probably fine for my purposes cd $lunch | [13:27] |
| jpalmer | Do you have someone you can pay to build a web frontend to your DB? becuase if so, you could easily have it setup so customers can handle their own DNS requests. | [13:28] |
| bob^^ | i've done a bind (with database) master, with many bind file-backed slaves in front
works great though there's probably better things out there now | [13:28] |
| jpalmer | if you are doing standard zone transfers (BIND-dlz does) then you can have standard secondaries that use the standard textfile backends. | [13:29] |
| bob^^ | yeah | [13:30] |
| up_the_irons | jpalmer: I do in fact have someone I can pay. how to do DB-backed BIND _effectively_ was the looming question, but sounds like you've answered that for me :) Man, I learn a lot from this channel :) | [13:31] |
| jpalmer | it's nice to be able to give back. | [13:31] |
| up_the_irons | yup | [13:31] |
| jpalmer | and it sounds like you have at least 2 of us capable of answering some of the -dlz questions. | [13:32] |
| up_the_irons | that's why I publish the custom kvm I use in my PPA
ok, cd $lunch for real | [13:32] |
| jpalmer | enjoy. | [13:32] |
| toddf | now if someone would just punch seabios into adding an f12 option for cdrom .. we'd be rid of the openbsd issues with kvm here at arp .. ;-) | [13:32] |
| jpalmer | hehe
just switch to VMware, it's all taken care of :P jpalmer ducks | [13:33] |
| toddf | jpalmer: bpheew...
I had a couple free vmware containers at a client site | [13:33] |
| jpalmer | was that the sound a laserbeam makes as you shoot at me? bpheew? | [13:34] |
| toddf | never could get console, serial or graphics, so I could never do anything serious with them as a result, and came here
jpalmer: that is me snorting at you 'never could get' as in said client told me I didn't need it he would just fix it if it broke for me. like that's gonna work when I want a ddb> prompt .. ;-) | [13:34] |
| jpalmer | vshpere uses a client, to connect to their infrastructure. the easiest way to do it, would likely be: create an account, assign them a resource pool. and let them admin their own pool.
(ie, they install the vsphere client on the local machine, and connect over the network.) | [13:35] |
| toddf | something tells me vsphere client is !openbsd friendly | [13:36] |
| jpalmer | no, you'd need a windows machine locally. | [13:36] |
| toddf | how ick. | [13:36] |
| jpalmer | ehh, don't knock it till you try it. the vmware esx/esxi line is pretty damned solid.
actually, you wouldn't even need the windows client. vmware has the RCLI. if you wanted to script everything.. you could do it remotely. | [13:37] |
| toddf | 'trying' it would require me to use windows to administrate a loonix skeleton running the vmware stuff. not my cup of tea. | [13:37] |
| jpalmer | jpalmer wonders if anyone is doing vmware hosting like that. I'm sure someone has to be.
bbl | [13:39] |
| ............ (idle for 57mn) | ||
| *** | schmir has quit IRC (Ping timeout: 240 seconds) | [14:37] |
| ............... (idle for 1h11mn) | ||
| up_the_irons | jpalmer: toddf : but the thing is, why go through all those hoops? with kvm, one can use normal open source tools to do anything you need. and from my client base as proof, it'll work on windows, linux, *bsd, anything | [15:48] |
| mhoran | kvm++ | [15:48] |
| up_the_irons | hehe | [15:48] |
| *** | heavysixer has quit IRC (Quit: BAMPF!) | [15:59] |
| ............... (idle for 1h11mn) | ||
| amdprophet has quit IRC (Quit: amdprophet) | [17:10] | |
| amdprophet has joined #arpnetworks | [17:18] | |
| ...... (idle for 29mn) | ||
| fink has quit IRC (Quit: fink) | [17:47] | |
| infrared | vmware is sweet
we use 4.1 esxi at work with vcenter (runs on windows unfortunatley) up_the_irons: OSS is nice, but where I work... anything with the word "free" in it is bad | [18:01] |
| mjp | where i work anything with 'no vendor support' is bad ;) | [18:05] |
| infrared | yeah
VMware is slick with vmotion only 1 packet loss moving a VM between hosts | [18:06] |
| mike-burns | Where I work we don't use software unless we have the source code. | [18:07] |
| infrared | mike-burns: sounds like a place I would like to work :) | [18:07] |
| .... (idle for 18mn) | ||
| *** | heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [18:25] |
| ..... (idle for 21mn) | ||
| jdoe | toddf: kvm isn't openbsd-friendly either :P
(and though he was right, Theo isn't vm-friendly) | [18:46] |
| mjp | *-friendly | [18:52] |
| jdoe | maybe, but that's irrelevant right now ;)
his attitude is entirely reasonable in that regard, I'm just saying that worrying about how various virtualization offerings work with openbsd is probably a losing battle. | [18:54] |
| mjp | s/about how various virtualization offerings work with// | [19:03] |
| jdoe | jdoe gives up :P | [19:05] |
| ..... (idle for 20mn) | ||
| toddf | honestly kvm uses a bios that presents a bogus mpbios in the UP case, openbsd has not found any real hardware to present that, and thus it is a bug with kvm; newer kvm uses seabios however that doesn't have an 'hit f12 for cdrom' option and thus up_the_irons can't upgrade to newer bios | [19:25] |
| ....... (idle for 32mn) | ||
| jpalmer | with vmware/vmotion, I can literally move a running VM from one host to another, and not even lose my SSH session. | [19:57] |
| ..... (idle for 22mn) | ||
| *** | tuv_ has joined #arpnetworks
tuv has quit IRC (Ping timeout: 255 seconds) | [20:19] |
| .......... (idle for 48mn) | ||
| jdoe | toddf: I agree. I can't say for certain because I... don't know, but he sure appears to be completely correct.
toddf: otoh he said in the same thread that virtualization is a potential vulnerability (yep) and that he's not particularly concerned with how well obsd works under it (I may be paraphrasing that last bit, it's been a long time since I read it) | [21:10] |
| ... I dunno, I don't work here. :) | [21:15] | |
| toddf | jdoe: virtualization does compromise the security of any os, just think about all the secrets decrypted or easily reachable via memory snooping. tis why we know that flash freezing memory can preserve bits if it is yanked quickly.
in terms of implementing kvm or a kvm alike interface in openbsd as a host, that'd take one or more people to show up who care to do it `right' .. sofar no code has show up though I've heard rustlings of people in the past. | [21:28] |
| jdoe | er
I agree as it turns out, this all started because I misread what you said, I thought you were talking about vmware not playing nice with openbsd. oops. | [21:38] |
| ......... (idle for 44mn) | ||
| *** | awyeah has quit IRC (Read error: Connection reset by peer)
ww__ has joined #arpnetworks bitslip has quit IRC (Read error: Connection reset by peer) islandfox has quit IRC (Read error: Connection reset by peer) Husky has quit IRC (Ping timeout: 255 seconds) mhoran_ has joined #arpnetworks ChanServ sets mode: +o mhoran_ islandfox has joined #arpnetworks IPv6Free1y has quit IRC (Read error: Connection reset by peer) awyeah has joined #arpnetworks IPv6Freely has joined #arpnetworks dxtr has quit IRC (Read error: Connection reset by peer) mhoran has quit IRC (Read error: Connection reset by peer) Lefty_ has joined #arpnetworks ww has quit IRC (Read error: Connection reset by peer) koan has quit IRC (Read error: Connection reset by peer) bitslip has joined #arpnetworks mjp has quit IRC (Read error: Connection reset by peer) dxtr has joined #arpnetworks mjp has joined #arpnetworks Sheath has joined #arpnetworks Lefty has quit IRC (Read error: Connection reset by peer) heidar_ has joined #arpnetworks heidar has quit IRC (Ping timeout: 245 seconds) | [22:24] |
| koan has joined #arpnetworks | [22:31] | |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |