***: HighJinx has quit IRC (Ping timeout: 244 seconds)
AAYUSH has joined #arpnetworks
Webhostbudd has quit IRC (Quit: Leaving)
AAYUSH has quit IRC (Ping timeout: 246 seconds)
ryk has quit IRC (Ping timeout: 260 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ziyourenxiang has joined #arpnetworks
ziyourenxiang has quit IRC (Quit: ziyourenxiang)
AAYUSH has joined #arpnetworks
AAYUSH has quit IRC (Changing host)
AAYUSH has joined #arpnetworks
ryk has quit IRC (Ping timeout: 255 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 272 seconds)
AAYUSH has quit IRC (Ping timeout: 260 seconds)
HighJinx has joined #arpnetworks
milki has quit IRC (Remote host closed the connection)
milki has joined #arpnetworks
Webhostbudd has joined #arpnetworks
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 276 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 268 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 272 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 244 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 272 seconds)
andol has quit IRC (Quit: leaving)
near has joined #arpnetworks
Ehtyar1 has joined #arpnetworks
ryk has joined #arpnetworks
Ehtyar has quit IRC (Remote host closed the connection)
near has left "http://quassel-irc.org - Chat comfortably. Anywhere."
near has joined #arpnetworks
ryk has quit IRC (Ping timeout: 252 seconds)
ryk has joined #arpnetworks
near has quit IRC (Remote host closed the connection)
ryk has quit IRC (Ping timeout: 240 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 252 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
ryk has quit IRC (Ping timeout: 276 seconds)
ryk has joined #arpnetworks mercutio: is arp getting dos'ed again or is it just my vps having issues?
pinging kvr15 and my vps both give about 90% packet loss
curiously arpnetworks web site pings ok milki: see the network graphs mercutio: yeh i had 3 megabit peak weirdly quite a way back on the first graph
but pretty low really. 328 gig in the last year for monthly.
i just did an email jdoe: well that guy was pinging out a lot. mnathani: I too am getting 95% packetloss to my VPS on Kvr15 ***: andol has joined #arpnetworks
ryk has quit IRC (Ping timeout: 244 seconds)
ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks
SpaceDump has joined #arpnetworks SpaceDump: Morning people, anybody else experiencing packet loss? ~75% for the last one and a half hour or so...
Nevermind, looks like it's been solved. :D up_the_irons: mercutio: mnathani SpaceDump : a vps on kvr15 was dos'd. i was out and kept getting problem / recovery alerts. thought it might subside on its own, but it didn't. the target has been shutdown and i'm in the process of null routing the IPs. but at this point, kvr15 should be A-OK, since the target vlan is dead
milki: the network graphs won't show a DoS to anyone but the target customer (like, mercutio wouldn't know if a dos occurred by looking at his graphs, unless he's the target) SpaceDump: up_the_irons: I can confirm that it's no longer a problem. :) up_the_irons: SpaceDump: roger, thanks jdoe: another former customer :P SpaceDump: irc is bad for vps customers. :p mercutio: up_the_irons: well yeh i didn't think i was the target, thought i oughta check just in case though
thanks for nulling them, maybe need something automatic? up_the_irons: mercutio: yeah
mercutio: null routing is a bit drastic for an automatic process. you really want to vet the problem first. mercutio: but yaeh it was basically unusuable.
well
if it's 95% packet loss.. SpaceDump: Automatic is bad, then someone can shutdown your vps for you (well, the network).. You wouldn't like that. :] mercutio: yeh but people get kicked off if they get dos'ed anyway i thik?
even if the automatic isn't nulling but limiting them to like 20 megabit or somethign up_the_irons: mercutio: the thing is, it is hard to differentiate an attack vs. some other legit problem, based solely on packet loss alone mercutio: well true
that's why there are programs to detect ddos
and telnet into the router and add a community to null route
and/or block on router
i dunno why people like to get ddos'ed? SpaceDump: They don't. :p mercutio: err
i don't know why i said that up_the_irons: mercutio: but where would that program run? my setup doesn't use shared vlan's, so i wouldn't think it feasible to run a separate process for each customer mercutio: i don't know why people get such a buzz out of ddos'ing
umm switch ports sflow/netflow
or router
it reads the sflow/netflow, sees if it's something stupid up_the_irons: mercutio: i don't have an sflow card (and no free slots to add one). cisco is cheap about sflow too (like, it doesn't come by default ;) SpaceDump: up_the_irons: How often does it happen that you get a ddos today? up_the_irons: SpaceDump: today? mercutio: ahh SpaceDump: up_the_irons: nowadays up_the_irons: SpaceDump: it's probably the same as it always has been. just unlucky i got two in like a week. since i kill the customer when it happens, it doesn't really "pile up" as we grow SpaceDump: That's what I meant. It's pretty easy to handle manually. :) jdoe: "cisco is cheap about sflow too (like, it doesn't come by default ;)" <-- so cisco is expensive about sflow? ;) up_the_irons: jdoe: why, yes :) as in, the cheapskates don't just include it ;)
jdoe: like on Foundry,it's just there, even on the low ass end $500 switch. hardware based slow, awesome. mercutio: cisco is expensive about everything up_the_irons: yup
brb mercutio: this new colour schme for weechat is working much nicer ***: ryk has quit IRC (Ping timeout: 255 seconds) jdoe: still using irssi.
... weechat looks interesting, but not compelling enough to switch.
and I remember it being ridiculously unstable. up_the_irons: can't get 3.8 to compile :(
otherwise, i'd try the new colors dr_jkl: bored. ***: ryk has joined #arpnetworks
ryk has quit IRC (Changing host)
ryk has joined #arpnetworks