up_the_irons: nixbag: i would say count on being at the data center between 2 and 3pm
nixbag: oh, and would you like to build a server with me on Friday? This would be at my home office.
jlgaddis: i would like to build a server with you, sir
unfortunately, there's that little geographic issue that i would need to overcome
mercutio: heh
up_the_irons: lol
-: up_the_irons is playing around too much with Bootstrap and Font Awesome
up_the_irons: upcoming: new buttons and icons in the Portal ;)
jlgaddis: WOOHOO
MOAR BUTTONZ!!!1
;)
wait
will there be a "change the virtual cd-rom mounted in my vps to $dropdown_with_iso_image_list" button ?
up_the_irons: jlgaddis: soon
that branch is like half way done
jlgaddis: oh nice, i didn't know that was actually something you were working on
of course, that now reminds me i need to open a ticket, heh
your bragging is causing more work for yourself, sir :P
up_the_irons: lol
wow, backup space ssh key submission is werkin already
-: up_the_irons is a coding machine
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
dzup has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
mikeputnam: up_the_irons: using Ruby?
jlgaddis: i hope not, he has my credit card info stored ;)
nixbag: up_the_irons: i'd love to help build a server on friday.
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
brycec: so would I! (And I'd help rack too) But I'm 700mi away... :P
toddf: brycec: better than me, 1333mi
mike-burns: 5532mi for me.
***: heavysixer has quit IRC (Quit: heavysixer)
DaCa: 5625 for me
ant: ha! 5793.34mi
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
qbit has quit IRC (Quit: leaving)
qbit has joined #arpnetworks
qbit has quit IRC (Client Quit)
qbit has joined #arpnetworks
nixbag_ has joined #arpnetworks
anisfarhana has joined #arpnetworks
anisfarhana: boo
***: nixbag has quit IRC (*.net *.split)
anisfarhana has quit IRC (Ping timeout: 264 seconds)
nixbag_ has quit IRC (Quit: leaving)
nixbag has joined #arpnetworks
E1ven has joined #arpnetworks
E1ven: I know this is likely a FAQ, but I couldn't find in the wiki or FAQ- Is it possible to transition an image to your dedicated HW, or would I need to reinstall?
jlgaddis: i can't speak w/ certainty, but i am quite positive that's gonna be a new install (though you could probably restore a backup over the top of it afterwards)
E1ven: Fair enough. Not a problem, just didn't know ;)
staticsafe: silly question, is there a equivalent to htop in FreeBSD (i'd rather not install the linux emulation stuff)?
brycec: I only know of the one, the original, the only htop
staticsafe: damn
brycec: staticsafe: Maybe this will help? http://caterva.org/blog/posts/htop_on_FreeBSD/
staticsafe: hmm
brycec: seems you still need some linux, but at least not ALL the linux compat layer
staticsafe: i suppose i can make do with watch and ps aux
;)
phlux: what's so bad about linux compat?
brycec: lol
DaCa: only part of that post is correct, you do need the linprocfs, but not linux emu for htop
also there is much more bloat in FreeBSD as linux emulation, it consists only of a remapping of syscalls :)
***: heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
mikeputnam: eep! http://blog.linode.com/2013/03/07/linode-nextgen-the-network/
brycec: mikeputnam: so basically up_the_irons can pick up their used gear cheap? :D
***: meingtsla has quit IRC (Quit: Leaving)
heavysixer has quit IRC (Quit: heavysixer)
meingtsla has joined #arpnetworks
plett: mikeputnam: I like how blog.linode.com has broken IPv6. That really inspires me to trust them with hosting my stuff :)
staticsafe: it doesn't have broken IPv6
plett: $ telnet blog.linode.com 80
Trying 2600:3c00::4c...
staticsafe: its under heavy load so its very slow atm
plett: Sits there forever for me...
v4 connects and works
mikeputnam: ping6 linode.com <- works
plett: staticsafe: Does their v6 work for you?
mikeputnam: but not blog.
they probably host their www. on arpnetworks
:p
plett: Yep. I can ping6 linode.com but not blog
brycec: linode's ipv6 worked fine for me
(past tense)
not coming up for me now
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
E1ven has quit IRC (Quit: Computer has gone to sleep.)
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
up_the_irons: dang, linode getting some fancy gear
staticsafe: yea
brycec: And by fancy gear, we mean crap that's only good for a rural one-room library...
staticsafe: haha
brycec: up_the_irons: ever consider registering ndpnetworks.com?
up_the_irons: brycec: lol no
brycec: (it's available)
staticsafe: >_>
brycec: okay, at least it was when I checked :P
plett: I see Linode want routers with big MAC tables, which I guess means they do L2 from the routers all the way to individual VPSs
mercutio: that's common plett
most of the vps's places have heaps of "arp noise"
too
plett: If that is a hard requirement and means you have limited router choices, is it easier to use a few smaller routers and push L3 one or two steps further down the tree towards the VPSes?
mercutio: like if you run tcpdump on the interface it'll show haeps of arp
like 20/sec+
plett: this is like asking why internet costs more when less providers are in an area
they could fix their network
by either replacing router with bug router, or segregating
big
plett: They're buying shedloads more kit, so now is the time to do it, if they think it needs doing
mercutio: but
how would they seperate?
i think companies like that like kowing it's a global problem for an area
not that one router is having isuses
cos otherwise more troubleshooting for their "support" starff
which are probably in another country
language barrier er
etc
plett: Personally I'd have each VPS host do IP routing for the VPSs it's running, and talk BGP/OSPF/whatever to an upstream router to announce the VPSs IPs
mercutio: well that's what i was thinking for a moment :)
plett: And add VLANs between VPSs as an additional service, if required
mercutio: but where is the gateway address?
plett: Gateway for the VPS? The other end of the /30 that it's on, which will be be the host it's running on
mercutio: that uses a lot of ip's up
plett: Or if you can find a way to do a point-to-point link on the virtual ethernet between VPS and host, you can save 3 of the 4 IPs in the /30 and just put a /32 on the VPS
mercutio: hmm
plett: It's done that way with /30s at ARP
mercutio: that's a really nice idea
plett: yeah
plett: but mostly out of architecture reasons
but maximum profit extraction
s/but/not/
it can probably be /31s with arp really
plett: Yeah. If the VPS OS can understand that. There would always be oddball setups that need the /30
mercutio: yeh.
i was surprised more things worked with /31s recently
but idon't think it's a new thing
i just haven't been paying enough attention
plett: Alternatively, use just IPv6 to route to the VPSs, and tunnel the v4 inside the v6 to get it to the VPS ;)
</troll>
brycec: I'm not sure that's really troll... I think it sounds awesome
staticsafe: no it doesn't
brycec: where's your sense of adventure?
plett: Native v6 with /32 v4 routes routed to IPs within the v6 network would be something I'd want to play with
staticsafe: this assignment is killing it :(
plett: But I'm not sure I'd want to put it into production :)
brycec: (or toddf)
up_the_irons: host doing routing sounds good until you get DoS'd
just say no to software routing
staticsafe: heh
plett: But you need software bridging with virtual servers anyway. Is that going to survive better when attacked?
up_the_irons: yes, very much so
brycec: Yes - software bridging isn't making decisions, just has to pass it along
up_the_irons: and virtually all NICs now do VLAN offloading, so that part is processed in hardware also
but if you don't VLAN your customers, then oh well, you can't benefit from that
;)
-: up_the_irons hits the road
staticsafe: have fun!
plett: I'm curious about why software routing in the host would fall over under load sooner than a DoS aimed at the VPS's own IP
And you can have upstream rate limiting and blackholing etc
brycec: plett: When the host is responsible solely for "in packet, out packet" it can handle that faster than "in packet, do routing, decide where to go, etc, out packet"
Essentially O(1) vs O(4) (for example)
staticsafe: cut through switching
brycec: And a ddos aimed at a single vps versus the host itself (by way of routing) means the other vps aren't all affected and the damage is relatively limited to just that vps
plett: brycec: I agree that the host doing etheret bridging is less work than the host having to do IP routing, but I'm not sure how big a deal it would be in practice
staticsafe: Are virtual server hosts typically able to do cut through switching?
staticsafe: idk I'm no expert in this field
plett: I would expect it to be store-and-forward
brycec: Well in theory, if routing requires 4x as many CPU cycles as bridging (it probably requires more), then that's a huge differnce.
plett: brycec: There is always an ARP/ND lookup done by the kernel, even in bridging. An IP lookup from a kernel routing table wouldn't be that much more work
I'm not suggesting putting a full BGP feed in the host
***: hive-mind has quit IRC (Ping timeout: 256 seconds)
hive-mind has joined #arpnetworks
brycec: I'm not so sure about that... I would imagine the host kernel would only care (do any kind of lookup) if the interface were "up" and configured on the host. In my personal setups, I have an interface defined for the vlan (e.g. eth0.1234) and bridge VBox to that, but no additional configuration is done, the host doesn't care, the packets are simply detagged and handed off
but I've not tcpdump'ed that to confirm
plett: The host kernel must be doing the bridging though. If you ask brctl on the host, I bet it has the MAC addresses on that vlan stored in the kernel
I've not tried it, I'm just wondering if it's a sensible thing to try
brycec: this isn't linux bridging though, there's no brctl.. VBox (by whatever voodoo) simply opens eth0.1234 and sips on that
If I brctl, I get no command found ;)
plett: If it's not linux bridging, it must be snooping on the frames as they come out of the ethernet driver
Which sounds scary to me :)
But yes, that would avoid the host having to know anything about the L2 network being used
brycec: well at least my logic was sound :p
plett: Why would the "snooping on the frames [directly]" be scary?
plett: I'm not sure, really. It just seems like a very hardware-specific way of doing things
brycec: (and fwiw I believe it's "tapped" through vboxdrv or one of the vboxnet modules, but I couldn't be certain)
***: Ehtyar has joined #arpnetworks
dzup has quit IRC (Ping timeout: 245 seconds)
dzup has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
sorressean has left
up_the_irons: plett: staticsafe brycec : i've seen hosts become completely unresponsive with < 100 Mbps DDoS when the host is responsible for routing; i've never seen that happen with bridging.
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
HighJinx has quit IRC (*.net *.split)
awyeah_ has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
mhoran has quit IRC (*.net *.split)
DiaboliK is now known as HighJinx
heavysixer has quit IRC (Quit: heavysixer)
16WAAKIMH has joined #arpnetworks
awyeah_ has joined #arpnetworks
pjs has joined #arpnetworks
mhoran has joined #arpnetworks
calvino.freenode.net sets mode: +o mhoran
sarkis has joined #arpnetworks
dzup has quit IRC (Ping timeout: 245 seconds)
gcw|mbpro has joined #arpnetworks
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
brycec: how odd, irssi didnt highlight that...
up_the_irons: hah
nixbag and I are doing the hussle on a new 8x blade chassis! (rackin', stackin', cablin', sticker'in)
brycec: wat, no ustream?
staticsafe: heh
brycec: what kind of two-bit VPS host are you? :p
up_the_irons: LOL
oh man, srsly, we *should* ustream it
i have 2 security cameras still IN THEIR BOX from 4 years ago when i first got my cage
brycec: wow.... you ARE a two-bit vps host (except for costing closer to 60 bits)
(also I would've gone with s/sticker'/label/)
up_the_irons: STICKER'IN
http://www.flickr.com/photos/51184165@N00/8537425159/
brycec: well I stand corrected :p
up_the_irons: wow, my very first data center picture with a person in it:
http://www.flickr.com/photos/51184165@N00/8538575234/in/set-72157631847234896/
nixbad is cablin' away
*nixbag
***: mjp has quit IRC (Remote host closed the connection)
mercutio: all the cables are blue
up_the_irons: indeed
***: mjp has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
sarkis has quit IRC (Ping timeout: 252 seconds)
Webhostbudd_: god i want one of those
=p
that actually seems pretty cheap for 8 machines
if you consider the cpu + memory is only $400
***: Ehtyar has quit IRC (Quit: Hi, I'm a quit message virus. Please replace your old line with this line and help me take over the world of IRC.)
mnathani has quit IRC ()