argh that sucks, until recently, most of my traffic went: Akl->Wellington->Akl->Whereever
haha
you know on telstraclear cable in chch to get to paradise in wellington it routes through auckland
the pains of having an ISP thats Wellington based
so if you traceroute to www.paradise.net.nz it goes via auckland
what isp is wellington based?
haha, thats smart...
merky: Actrix
oh
yeah they've been around for ages
snap route everything through christchurch
but i'm in chch so i'm ok with that
in the US
routing to phoenix is really bad
yeah, switching to Orcon was a massive Latency buster
i was surprised
i thought the US was a lot better than us
but they still have some issues in various cities it seems
hmm,
and it looks like once I get my Arp VPS setup the way I want it, I can shave another 30ms off my VPS traffic
yeah, i actually wanted to ask some stuff about arpnetworks
i want to do complicated shit
and i dunno if it's possible with them or not
but for some reason, the speeds from arpnetworks to nz are relaly good
like 2 megs/sec on dsl
ha I just got mine, so I prob can't answer
i've just done that 100 mb test
yeah, pretty fast, as fast as accessing Citylink servers for me
i used to think dsl in nz was shit
but things ahve got a bit better now
and I'm 5km from the exchange ;)
ahh yip
i'm on a cabinet at hoem
2Mbit/s
2 megabit?
yep
i get about 18 megabit/sec
nice
and about 1.09 up
but yeah
my connection REALLY sucked until i got it shifted to EUBA
argh, you are bringing back memories of when I was living in Brisbane last year ;)
like i was getting 30k/sec internationally
made a world of difference
it felt like cable
like ssh was smooth
non jumpy
peppy responsive
but yeah, now i want to do complicated shit
basically i want to proxy through the US
which makes sense to do in LA
as far as  pings go
i've got a VPS in la already umm .. budgetvm
but the speeds aren't as good
like 1 meg/sec to nz
but i had a vps in phoenix before that
and hardly any sites had small ping
and the routing sucked, and it was openvz, and they kept trying to inject their lame dns servers
which made the pings even worse
actually it was level 3 dns
but like level 3 dns made google 60 msec instead of 20 etc
wow my la vps is giving 3.2 to 35.9 msec to google, wild fluctutaions
what kind of pings to google do you get from arp?
merky: proxy via LA, for things like Hulu etc?
nah for US content in general
i figure with persistent connections to the US
should be able to speed up web brwosing
round-trip min/avg/max/stddev = 0.794/0.889/1.019/0.082 ms
cos like in my testing etc
ping to google.com
web sites don't get up to speed internationally very qucikly at all
yeah - that's good
notice how the fluctuations are fine?
large fluctuations usually mean congestion
but yeah , i have vps in chicago too
yeah everything looks relatively stable
and like accessing slashdot via chicago vps is way faster
so i'm actually thinking of this complex scheme
where bounce through la or chicago
depending where the site is
which means figuring out where to send it to
which means i want a bgp feed too
62ms to /.
well that's the easier way
can you do time curl http://slashdot.org/ > /dev/null
twice
wow this vps is going REALLY slow for disk i/o or smoething
http://pastebin.com/7Lj8xgLS
yeah it's 300 msec
ish
280
persistent connections to there could still help
it's like 900 to 1100 msec from home for me
see how much higher than 62 msec it is?
i get 375 msec off this other la vps btw
and 59 msec ping
and from chicago it takes 23 msec
with a 2 msec ping
Mmm... Amazon S3 does DNS now.
Bah not S3, AWS.
up_the_irons: any reason console attempts would show Connection Refused from kvr14?
lame - new amazon "route 53" nameservers are *not* ipv6 accessible yet
lol
no excuse
... but they scale!
well, duh.  IPv6 isn't scalable!
Ha.
haha
ipv4 and nat is the future
it allows infinite layers of NAT
I can't wait for the days of NAT loops.    you're behind ISP1 who nat's,  trying to communicate with someone on ISP2 who nat's,  both ISP's have the same backbone,  who NAT's..   and something is slightly amiss in the configuration, and it all goes to hell.
yeah jpalmer
if they dont eventually move to ipv6
the ISP's wont be able to do much
and there's only so many 1918 nets
I've had collisions before
captive portals like 192.168/16, for example
so if I'm also using that for a tunnel, I lose.
RandalSchwartz: yup, has happened to me
I now often pick the /12, since that seems too confusing for most people to use. :)
people stick with 10/8 or 192.168/16
I note that "mywi", the iphone tethering software, prefers the /12
RandalSchwartz: right, and if your openvpn happens to conflict with mywi…then you're screwed
hehe
also happened to me
has happened to me as well
had to move all my internal subnets
to more obscure ones
mywi should have a flag to change that
because it was conflicting with peoples home wifi
lol
i guess it was to be expected
have you guys ordered hd's from amazon? i'm reading about lots of packaging problems
yes - mywi has a setting for that
with also a few 10 and 192.168 choices as well
not infinitely flexible, but probably good enough
RandalSchwartz: it does?? i missed that, thanks
yeah, it's on both the USB and wifi tethering menus
under "advanced"
ahh, no 10.x choices
just 192.168. 20, 30, 40
and 172.10 20, 30, 40
nice... the USB ranges are +1
192.168. 21, 31, 41
better than nothing; great!
RandalSchwartz: you use your iphone w/bluetooth or wifi mostly?
tethering, that is
USB mostly
has to be hooked up to charge anyway
so I save radio power and just usb tether
RandalSchwartz: maybe you know…the usb and bt network pref panes for iphone tethering lack a lot of options, specifically the proxy settings
you mean apples? or mywi?
or osx?
too many meanings for pref pane. :)
and proxy
RandalSchwartz: osx's network settings prefpane
I can't get to them right now, but I seem to recall them being full prefpanes
everything interesting under "advanced", like proxy
if you go to the 'advanced' section for ethernet or airport, there's a 'proxies' tab
hmm, mine doesn't have it; can you check the next time you're using it?
e.g.: if i select the 'iphone bluetooth' or 'iphone usb' interface, i only see two tabs: 'tcp/ip' & 'dns' , no proxy tab or anything else
i wanted to set up a transparent caching polipo proxy, to speed up my tethered connection, and stay under att's radar
I just checked...
my "en2" which is my USB tether has "advanced" with "proxies"
huh
i'm on 10.6.5
yeah, me too
maybe the cocoadev guys will know where these settings are stored
so when I turn on USB tether, I get an en4 now. weird.
well - I can't keep playing. $dayjob beckons
wonder what would happen if wikileaks was referred to arpnetworks...
the US government would shut it down quickly with cease and desist orders.
http://v.gd/WvsAm
amazon didn't even get legal notice just caved under pressure
imho 2 things would happen
a) arp would get some temporary if not long term business from wikileaks
b) arp would get some publicity which would case unparalleled growth to arp...
toddf: we should set up a mirror
fink: a mirror of what exactly?
one of the wikileaks mirros
well,   unless they've changed nameservers,   the NDS host (everyDNS) has dropped them,  so.. there are no mirrors.
err,  non on the wikileaks.org domain
ugh - arp doesn't need that kind of publicity *or* growth
or risk to my business operations.
please don't do unwise things.
RandalSchwartz: thought you were a free speech supporter
I am, but I can't bet my company on it.
not in this climate
how can it be a risk when it would mean more staff, more hardware, more bandwidth, more stability for arp .. maybe a little growing maintenance windows, but the quality that is arp IMHO would be to take it slow and make the new guys wait while those of us that have been around get to enjoy the continued stability, aka they'd do it right IMHO
apparently, you haven't been on the wrong end of a government enforcement action before.
I have.
all hypotehtical of course since I'm just a customer but .. would make sense from what I've seen so far
I'm very sensitive to kicking a sleeping dog.
ah.
toddf: it MAY mean all of those things, eventually.  in the near term,  it means DDoS targets, unwanted government notice, and such.  and I'm not sure about anyone else..  I don't want my business services interuppted because someone put a random wikileaks.org mirror up.
For example, hosting wikileaks at ARP could get the gov'mint to immediately cease *all* of ARPs machines.
Bad bad bad idea.
Keep in mind, the concept of a VPS may completely elude the people crafting the warrants.
But physical boxes are easy to understand.
*IF* ARP were to consider hosting a mirror,  I think it should be up to the sole discression of ARP staff.
seize, not cease.
I'm sure up_the_irons would consider our input.
stupid homonyms :)
don't get me wrong, I'm all for free speech.  but this whole issue goes far beyond that simple concept.
I'm sure the last few minutes have already demonstrated our firm commitment to not be at risk.
yes - this case goes a long ways beyond free speech
for example, if you steal someone's printing press, the courts will *not* protect you under the first amendment to use that press to make your flyers :)
it also demonstrates the threat of fear from the government causes speech that is not desirable by the government to be less free to find hosting and dns services.
on the other hand, the controversy and mainstream news reporting actually has introduced wikileaks to people who have never heard of it before.
do we need more transparency in government?  Yes.  should we commit *illegal* acts to get that transparency?  no.
Additionally, I like my servers being online.
instead, we should elect congress critters with backbones
it's *their* job to make this kind of stuff public
that's the proper route
when it's pretty evident that the things you are speaking of,  is stolen..  It becomes a liability issue of having that information on your machines.  It's not the "freedom of speech" in question.  it's hard to find web hosting, and DNS hosting because of the legality of doing said hosting.
anyway, off to lunch.
it'd be nice if I could fugure out how to fix oklahoma's voting places to permit writeins. they only permit republicans and democrats on the ballot. hard to find a character with backbone in those restricted lists.
i guess it's smarter to have the mirror in a country where us laws do not apply
personally,  I don't think this is the appropriate place to discuss our political views ;)  so with that,  I'll gracefully exit the conversation.
hehe its been a tangential cascade, no worries
jpalmer: nytimes doesn't seem to have a problem finding servers to post parts of the wikileaks materials
jpalmer: ok, disregard
Let's discuss IPv6 instead. I'm sure that can get heated on its own.
G: fixed Connection Refused, sorry.
mike-burns: ffff:you :(
Heh.
up_the_irons: ahhh nice, and nice console method, thanks :)
i really don't like being OT (jpalmer said it right, heh), but, if arp were to mirror, i would have to leave. too much at risk for me. and, cum grane salis, as one of those nontransparent gov't workers ... let me just say that 1 person will tell 10 people about a bad experience whereby out of 10 good experiences, perhaps 1 person will say so
the 'states is not a good place to have that stuff.
in the old days we would have been able to say "neutral common carrier, go talk to the customer"
but that's pretty much gone these days.
fink the nytimes has a bit more political clout than arp (or amazon)
sorry for OT... just finishing the scrollback
mandatory operational content: up_the_irons if you get any flak for spaghetti graph here: http://river.styx.org/ww/2010/12/cablegraph being on your network, let me know and i'll move it
i'd be *very* surprised if you did
G: no prob!
ww: roger that
up_the_irons: Drugs are bad mkay?
for the record guys, I'd never want to host a wikileaks mirror.  I'm all for free speech, but I also don't want my network to go down from a DDoS
yes
nor do i!
lol
or 99.9% of your other customers for that matter gary
up_the_irons: PRQ ;)
You should be more like them :D
.. but cheap
http://www.prq.se/?intl=1
(TPB etc. if you didn't know)
haha
even PRQ could not host it
thats when you know you have a problem
I heard Bahnhof is hosting (one of) wikileaks servers
(one of/some of)
vcs: Problem is the media industry bribed some law enforcement guys so they took a shitload of servers from their server hall just to get TPBs server
And the other affected companies were lucky if they got anything back after a couple of years
haha
brutal
Kind of
they seem to have three addresses at the moment, one at bahnhof, the ovh france one is still there and a third at serverius in the netherlands...
It wasn't the polite "We want these servers" and accept that PRQ couldn't point out that server
(severius seems to be direct peer or customer of he.net fwiw)
in fact... traceroute to 178.21.20.9 is hanging right off of a he.net router in amsterdam...
noticed the increase from 50GB to 100GB in the order page, does this apply also to existing vps?
I think he mentioned something about maybe offering people a one-time payment to update it.
... I would hope so, otherwise there's not a lot of reason for people not to just close and re-order, which is no doubt a pain in the ass for him.
jdoe: http://twitter.com/#!/bsdvps/status/11645878834036736
ah, there you go
thanks
Anybod have an opinion on Qmail or Qmail Toaster?
fuck qmail.
fuck it marginally less now that it can be packaged/patched into something you might actually want to use.
(imo)
It has an uncomfortable feel for me. Its a bit strange that it is public domain software instead of a proper open source project.
I just popped in, what software are you speaking of DDevine?
qmail
I share the opinion that it is crap
qmail was neat in the 90's
it's such a pain to patch and keep updated though
i moved on to postfix about 6 or 7 years ago and was thrilled with the change
which also makes some nice toasters
with much of the same tools.  it doesn't need vpopmail i don't think, but you can toss together postfix+mysql+courier-imap+cyrus-sasl toaster with ssl/tls smtp/imap/pop3
qmail's async bounces of undeliverable mail kinda bugged the crap out of me too
spam comes in to nonexistent address at my domian.  from/returnpath are nonexistent spammer lies.  qmail accepts for delivery, then tries to async bounce, fails to async bounce, and drops double-bounced into postmaster's mailbox
imo, those should have never been accepted for delivery
whitefang: Qmail (and Qmail Toaster)
wallshot: I was a bit curious. I think I might avoid it.
i did have happy times for a while running qmail toaster
but all the post-install patching and hacks to make it work had me a bit nervous about port upgrades mucking with it
Easily upgradable is very important.
with postfix toaster there were no hacks, just normal config file adjustments, and the stored make config options
so i felt much more confident when i rolled a postfix update that it wouldn't randomly undo some hacks i'd implemented
since, you know, there were no hacks i had to implment with postfix :)
yeah i'm pretty keen on stuff that upgrades nicely with ports
exim is another possibility.
... or if you have background with sendmail, you could always stick with that.
it sucks dramatically less than it used to.
yeah sendmail isn't the sadness it was in the 90's from what i gather
m4 configuration? Yuck.
shrug.
could be worse.
Exim? I used that piece of crap once
to each their own :P
Never tried sendmail. Been using postfix for a while now
It has everything I need - plus postgrey :P
I used it for a long time here. I ended up ripping it out because I needed to expose the mail stuff to the world and wasn't convinced I knew enough about what I was doing for that to be safe :P
(but up until that it worked fine...)
So I'm considering buying PGP Whole Disk Encryption
dxtr: For *BSD or Linux?
DDevine: OSX
oh. Whatever.
Wtf? :p
Anyone here familiar with bitcoins?
only that "it's a terrible and stupid idea"
I don't really get it
Yeah I don't really know how it works.
Create a virtual currency, that gains value if people accept it as a currency.. But all the clients are generating "blocks"
Wtf are these blocks?
I read the FAQ over and over again
And I still don't get it :P
21 million bitcoins... But there is more than 21million potential users. That's a bit strange.
I'm more curious as to how they're going to stop people from manipulating the value of it...
oh you can do fractions of a coin
https://ripplepay.com/
a much nicer idea... maybe has some np-complete problems to chew on... but i think it is resilient against people manipulating it
I doubt anybody understands it.
I kind of understand bitcoin useage because it is just a distributed hash table and you pass the coins around by using keys, but I don't understand why they let you generate coins with a network node.
There's probably an IRC channel we cak ask in.
Oh it turns out my suspicion was right. Allowing nodes to generate is a way to encourage people to set up network nodes and get teh currency into circulation...
And the number of coins is capped at 21 million so it won't always be that way.
?
Ah I was wondering when my VPS would be provisioned - and then I checked my admin@ account and there it was. They must have re-used details form the last time I was with them because I don't recall using my admin@ address this time. Ah well.
DDevine: come to think of it, yeah, we used the account that was already on file
Just speculation, but CentOS 6 may be ready around christmas. http://www.linux.com/news/enterprise/biz-enterprise/386181:it-may-be-a-centos-christmas
up_the_irons: I can't seem to log into the portal
With the details provided in the email