an active channel is a happy channel hehe mercutio: urxvt +1 phlux: nice screenshot up_the_irons: what kind of hw monitoring is on arp and what's on the client? sorry - meant to say that this is regarding a dedicated server ? up_the_irons: well, if a disk dies for instance ah or a nic, or one of the two psu's we have a nagios plugin for the disks nic is not monitored (we encourage both nic's to be used in case one dies) http://support.arpnetworks.com/kb/dedicated-servers/about-the-dual-1-gbps-gige-nics-on-arp-metal-dedicated-servers that Source Code Pro font looks nice so, all the client should care about is software? good to know will most likely go to dedicated in june. What would a 128G ssd cost me/mo? so the 128GB SSDs are the same price as 1TB SATA ok, $20/mo then. sounds good (haven't updated the website yet, but that will be the official pricing) yeah intel 7xx series? depends on price, u have a link for one you like? i was looking at these: http://www.newegg.com/Product/Product.aspx?Item=N82E16820227726 damn, missed the sale... they were $89 a few days ago i'm going to use mine for cache, so one of those msata things woudl work just as well for me. not sure there's supermicro boards for "enterprise" with those features just yet (referring to these: http://www.newegg.com/Product/Product.aspx?Item=N82E16820167040) well, doesn't matter much tbh. if you have something that works, lets go with that. ok cool what is the msata thing? :) oh,, that link... where the heck does that thing plug in? some PCI slot?? ;) they have a special slot for them normally i think cool $89 seems insanely cheap for a ssd i wondered if US pricing was diff than NZ pricing by that much but newegg doesn't seem to have anything like that pricing normally, maybe they were getting rid of old stock actually last i knew msata pricing was attractive for really small sizes, 20gb, 30gb etc hmm corsair force is cheap i have no idea what they're like oh it's refurbished $20/mo for a dedi ? did I read that right nesta: for a disk for a dedicated i think :) o lol up_the_irons: ivy bridege has a designted thing for cache ssd's heh ocz has more reburshied than other people jbergstroem: ah up_the_irons: talk about expanding to server boards as well, haven't seen it yet jber: can't hotswap i imagine they need little msata slots on the front or something up_the_irons: called SRT or something. basically helps you to create a transparent drive on semi-hw raid plus one cache ssd jber: only on windows isn't it? mercutio: no, i think its hardware based. i tried booting os x on one which worked but i didn't really need it so i went for a single ssd instead jber: oh, the help i meant can't say i trust it 100% it may passtrhough drive normally too mercutio: ah, yeah probably. there's a lot of software/drivers built around it it's evolving mercutio: actually, os x has "fusion drive" nowadays too. something similar. http://rochetechnology.com/quick-hackintosh-tip-create-a-fusion-drive/ i'd rather see flash-based-write-cache controllers bulit into motherboards with passthrough disks rather than hw raid mercutio: yeah. for sure. plus a small battery or capacitor the idea about having flash is that you only need enough charge to write the memory contents to flash and then the battery doesn't have to last forever jbergstroem: ah cool hmm amazon seem cheaper than newegg for ssd's i was thinking of trying to buy one from the US before if it would be cheaper... still more than $89 though daym newegg for not shipping to aus/nz :( they do err through third party ? well you can get delivery addresses in the US that then send to you they repackage things now to keep prices down cos some places use huge boxes etc :/ well nz has an easy to use service that isn't the cheapest btu there are also international onces it's still probably $10 to $20 for delivery even for something small like a ssd url? http://www.nzpost.co.nz/products-services/online-shopping/youshop?utm_source=home&utm_medium=midpage&utm_campaign=youshop http://www.shipito.com/ i've never used any of thse' http://www.kiwishipping.co.nz/ ok thanks are you in au? yeah there's prob something local there i assume demand is similar there last time i compared, it basically added up comparing to local companies. preferred giving them my monnies instead someone on local forum said shipito.com was expensive you can easily pay > $200 USD for heavy things like servers on various shipping things but small things like ram/ssds/etc is where it probably could make more diff although servers seem to cost a lot more in nz and au than the US everything is more expensive :( yeah software is too :/ even if downloading over the internet btw, is it advised to run your own ntpd (i still do) even if you have a linux vm and run the kvm-clock tsc? i guess it boils down to if the host runs ntpd or not? i don't think running openntpd locally should be a problem but i have no idea if it's necessary or not you could compare running it versus not, but ram usage isn't that high i compared at least 6 months ago, and localtime had drifted - so i installed openntpd (and nowadays run busybox-ntpd); but still, running ntpd if host already does is pointless. (assuming you run kvm-clock) what's kvm-clock? its a driver for hte linux clock source back in the days, people switched from the rc to a tsc from processors since it gave you a higher accuracy. kvm-clock is a way of getting hte host clock so the os doesn't have to keep track of this themselves from the rtc, sorry hmm i wonder what openbsd does i still don't quite understand what hpet does but it seems hpet is the normal timer these days for modern os's? hpet is hardware timing, introduced in newer mobo's, replacing rtc yep, its very reliable but you can never avoid drift if you don't rely on ntp/clock protocols pertty sure openbsd has support for both hpet and tsc don't think it picks up kvm clock though. i just upgraded my 5.2 to 5.3 and still get unknown clock source ahh yeh old kvm version on most nodes hmm up_the_irons: you around? up_the_irons: To answer your question - mSATA stuff plugs into mini PCIe slots, but it's not strictly PCIe and the slot has to support mSATA. It's found inside most laptops nowadays, and I think I've seen it on some recent Intel desktop motherboards. Generally, mSATA is what laptops use for SSDs given the chance (Apple and Chromebooks to name a couple) since it's smaller and lighter and you could probably still fit an old-fashioned hard ... ... drive too. And I can vouch for the expense of shipping servers to NZ - My company's stuff is usually about 15lbs at shipping and costs the customer $300-$400USD for shipping (FedEx), plus duties. International shipping just sucks. up_the_irons: btw I have a handful of those OCZ Agility3 120GB SSDs and so far they've all been fantastic! Been running them for about 18mos now and still going strong, and fast. Using them from everything - cache and log drives in ZFS pools, raid1 on my desktop (good lord the speed!), in the missus' gaming machine, and in most of my laptops. Can't vouch for any of there more recent stuff (I know they changed controllers in the Agility 4, trading IOPS for throughput), but I'm happy. if anyone uses openbsd… don't upgrade to 5.3 on arpnetwork vps' … you won't have a good time. orly What's the problem? I use OpenBSD 5.3 on ArpNetworks and it's just fine? Did you disable mpbios? hmm… em0 just doesn't want to work. watchdog timeouts everywhere if i can try to intercept the boot loader i'm going to try mpbios. I've had to disable mpbios since forever. I don't know how you've been getting along without doing it. (using console over ssh) kvm page said it wasn't required anymore this is maddening. :P Do you still have an old kernel that you can boot? CaZe: do you use the vnc console interface? doesn't seem very useful. I use the console server. I added a longer timeout to my boot script though. *timeout But I think I was able to still make it in at the default timeout, if you time it right. it seems the console doesn't connect fast enough. Maybe. VNC should work though. it swaps to com0 (sry after) set tty com0 if i power off from a console session the vnc session disconnects and it doesn't reconnect fast enough at power on. Can't you send a reboot through VNC? just waiting now for config command to respond. not sure. Well, do you have an old kernel you can boot? u using 32 bit or 64bit kernel? maaaaybe. 64. I'm using an old snpashot though. ah. just tried upgrade to release. Well, try to get the timing right on the bootloader. Or, just boot off the cd image. (assuming you have an openbsd installer cd loaded) Doesn't really matter which version installer. yeah not sure. how can do you dhtat without access to the boo loader? You have to get in on VNC. k. Just have your vnc client ready to login, with you login and password already typed in. And when you boot your VM from the console server, wait like five seconds before clicking connect on VNC. Maybe less. Maybe not at all, I dunno. Play around with it. mpbios seemed to do the trick… lying KVM bastards blargh. didn't fix icmp issue from 5.2 What ICMP issue? with pf enabled icmp drops, every 1 of 25 echo requests are returned. (that's with an empty pf.conf) disable pf.. and it works just fine. one of these days i'm going to buy another vps to collect the info for a sendbug. i've had this VPS since 4.7 so could be infrastructure related as well (ie. old KVM, old VM template etc.) CaZe: thank or the boot.conf idea. definitely popped that in. (using amd64 kernel) (non mp) What is it again? It drops pings? ping 174.136.100.18 Set pf debug logging… log fills with: /bsd: pf: icmp type 8 in wrong direction (1): ICMP out wire: this happens from all over the internet so i'm pretty sure it's not just my devices. :P Well, my snapshot is from August. 100 packets transmitted, 5 packets received, 95.0% packet loss Yes. who was complaining that i3 is 700kb yesterday? because it's not true ah, aslr How is it not true? I du -sh'd the src directory, phlux. maintainer claims it's mainly documentation that you're looking at says the source is not 700kb i3? ion3? i3wm .org is it a fork of ion? Doesn't look like it http://en.wikipedia.org/wiki/I3_(window_manager) they prob should have used a more differnt name then may be in tribute to it? *shrug* There was a lot of excitement over I3 a few months back hmm i been using ion for over 10 years so i suppose i'm not jumping at the chance to try other wm's unless can see benefit tried them all orig :/ benefit: Not writing config in LUA i don't do shit all lua, my config is simple i don't even write a config, it writes it for me but in the past i've changed some key bindings around to execute different stuff and that may or may not have involved lua it is good to see more people getting into tiling window managers though i found awesome meant constantly trying to rotate through different layouts i prefer to just set layout myself but i like they're using the new X stuff Awesome isn't perfect :/ But I've made it work for me. Besides there's only a couple layouts I use consistently Float, one of the tiling ones, and fullscreen i am quite enjoying urxvt only problem is i still haven't got the best colour scheme it actually feels faster than gnome-terminal and doesn't flicker flicker? xterm flickers o when you scroll gnome-terminal flickers white when you make new terminal urxvt does neither of those roxterm also goes white when you make new terminal (i use dark background) URxvt*background: #000229 have that as a background currently, it's like very dark blue i suppose now my main issue is that ssh connectinos to remote hosts can be too slow to connect i'm half tempted to use multiplexing which can speed it up, but can also mean they all die at once it's partially cpu speed partially latency partially os openbsd connects quicker than linux by about 2x for close hosts O_o 174 msce versus 279 msec, and the openbsd host is slower cpu with faster connect that's for ~10 msec away it's 4.1 seconds to connect to uk host #kiwiproblems heh yep i dunno maybe something needs caching DNS is the only thing you can cache here i remember a while back there was a https optimisation that chrome started doing that reduced one rtt but broke some sites dns is anycast should be fast it seems now days anycast is the main way to speed up dns but hardly anything seems to do anycast on reverse lookups and lots of dodgy sites have slow dns like if you do lookups on random ip's that connect to you uninvited that might be where its slowing down, openssh does reverse lookups on connecting IPs yeah cache at remote end but reverse dns isn't anycast i wonder what ttl it has 86400 2607:5300:60:e3a::1 - do a reverse on that, how long does that take you? host 2607:5300:60:e3a::1 0.00s user 0.00s system 1% cpu 0.633 total i'll try from somewehre else too real0m1.795s hmm huge diff both in nz actually that may have been nameservers with 86400 ttl i'm ahving problems finding the ttl using dig that particular PTR has 1800 TTL ahh try timing a host lookup on 202.49.67.22 host 2607:5300:60:e3a::1 0.00s user 0.00s system 1% cpu 0.322 total ;; Query time: 633 msec - resolving via local recursor host 202.49.67.22 0.00s user 0.00s system 1% cpu 0.462 total curious bryce has faster dns :) :D that's actually interesting static got same query time for my reverse lookup, as i got for his reverse lookup (dnsmasq on my router, spread between Google's public DNS servers v4 and v6, as well has HE's DNS servers v4 and v6) ;; Query time: 0 msec - now its in my cache :) bryce: using all-servers? lol staticsafe I run my own DNS recursors ahh i used to do that because why not :) using unbound? BIND because i do authoritative as well mercutio: yes, all-servers eww :/ brycec: that's what i shifted to doing at home *shrug* I've taken a liking to BIND i wonder why that other server i tried took 1.7 seconds probably didn't have cache of some steps before hand yep cold caches that's one of the reasons i don't run my own dns resolver I find that pointing my home network towards my 2 resolvers builds up a nice cache :) i wonder how many qps before it makes sense? 20? 100? 200 ? heh i benchmarked heaps of dns resolvers before then found that the way i was benchmarking didn't really measure real world performance it's a kind of complex issue http://stats.asininetech.com/asininetech.com/uriel.asininetech.com/bind9.html - this one is also my mail server, so lots of queries like no-one in nz probably looks up domains in ethiopia so everyone will have slow lookups to there yes but that doesn't matter so if you randomly pick domain names you'll probably find some international focused dns stuff will be faster than local stuff but if you pick real usage domains, closer will be better like facebook has a high chance of being cached I originally started doing my own DNS because my ISP's one was so shit do you run web stats? i see lots of spikes heh web stats? like looking up heaps of reverses using webalyser or such http://mx1.stats.staticsafe.ca/ in a cron job nope hmm i wonder what the spikes are then more e-mail ahh pflogsumm wow you hardly have any rejections my rejection rather is like 10x my received or something s/rather/rate/ heh what'st htat SASL LOGIn thing someone trying to brute force you? yea noticed not unusual oh actually my rejection rate went down a lot still higher than yours as you can see, its my mailing list e-mail, so not a lot of spam date received delivered deferred bounced rejected -------------------------------------------------------------------- Apr 28 2013 957 675 109 7 9105 Apr 29 2013 1611 1116 199 20 5606 Apr 30 2013 3762 2557 175 1 1580 actually 0 spam from non-list sources it's kind of ireregular it seems my reject count is unusual, its actually just greylisting oh i use zen.spamhaus.org which im thinking of disabling i don't greylist anymore it's too annoying when you're waiting for a mail yea i use postscreen with zen.spamhaus.org and some other black lists oh so it just doesn't reach postfix yea postscreen is <3 but yeah, i dunno why apr 28 was so bad and apr30 good it won't do much harm, it's just one of those things i occassionally notice i imagine peoelpe without zen.spamhaus.org get a lot more spam? yea zen kills a lot of stuff it's annoying how wasteful of resources mailing lists are but as ssd's get cheaper etc i suppose people are likely to care less and less amavisd-new takes care of the rest i'm using amavis too and dkimproxy I use opendkim for DKIM checking and signing and dcc, and razor, and pyzor etc. i used to use dspam I was thinking of dspam but meh i'm actually still getting some phishing coming through i dunno dspam started going wrong and amavis can't feed it anymore it expires tokens so if you stop feeding it stuff it goes weird i think that was it yea possibly it's obvious phishing stuff though i dunno how to block it easily though 57444 N May 04 Kiwibank ( 254) Kiwibank internet banking customer support 51094 O Mar 11 ASB Bank ( 73) Hello ASB Customer 57338 O May 02 ASB Bank Limite ( 132) Irregular Activity On Your Account. etc i actually surprisingly little spam on even my main accounts get* bank phishing seems popular and fedex and paypal i'm not even using kiwibank or asb bank though the real problem is that lots of bank email looks like spam too with html and crap heh sent from weird remote mail servers my bank sends me 1 e-mail per month hmm so does mine saying i should pay my credit card heh it's even using domainkeys and not coming from a dodgy looking server yea banks usually do I know Paypal uses it for sure lots don't use spf still my one is now at least but it's ~all oh wow way more are since i last checked i do -all on most of my domains hey the other two are using -all why can't my bank! wow only one bank i checked so far has no spf the all the rest have -all except my bank hah ok 2 don't have anz and bnz hangon maybe anz isn't a bank rbc.com. 300 IN TXT "v=spf1 mx ip4:142.245.29.128/28 ip4:142.245.61.128/28 -all" oh it is it just sucks at google :) that your bank? nice yea carribbean? nope, royal bank of canada yeh it asked me what country i am in they are international yea do tehy use windows or linux? no idea curk tells me that they don't tell me what web server they run and all their pages say .html :/ the online banking stuff is a CGI app ok so probably unix maybe solaris or aix or something i'm always hesitant when i see aspx on a bank maybe shouldn't worry so much heh they may write their passwords down on paper and throw them in the trash for all i know actually i haven't heard much in the way of bank security issues ok i better go to supermarket before storm starts New to bsd... which bsd is recommended to be used a webserver openbsd or freebsd? Either one. FreeBSD is probably easier for a newbie to get started though. Damn a friend just bought me a absolute openbsd 2nd edition... Then just use that. It's not *that* different. But i got the impression openbsd was more for routing It does routing very well, but it does serving very well too FreeBSD is meant more for serving, though, yes. Im a little confused coming from linux. Linux is retarded. hahahha ouch i have like 6 servers at work alll rhel I'm sorry that you pay for the ability to use free software. lol lol the hostility I gotta go eat dinner :) Good luck. FYI #FreeBSDHelp on EFNet is good. I'm kidding around, but I do hate Linux. ok cool thank you aha ttyl thank you so I did some more customizing to i3's bar: http://www.phluxbox.com/img/air8ai.png For the wireless network, it colors the essid based on the connection quality, and it does the same for battery percentage based on where it's at :) thompson! but that's kind of cool your color scheme reeminds me of solarized hmmm where it says mpd arist song name do you find it's often difficult with long artists / song names or does it up more space to the left Well, I'm doing it. I'm going back to hosting my own e-mail. Lord help me. hahaha dkim, spf, domainkeys, amavis, dspam, spamassassin so many complications :) good luck heh. Well... I'm just getting dspam set up now, looks like it includes vlamav. clamav. I do need to get the SPF records in i use clamav from amavisd-new i don't find clamav hits much but hitting anything is better than nothing true mercutio: it uses up more space to the left mercutio: it just depends on how long the artist/song is. If you don't want it to do that, though, you can use ${scroll 15 $mpd_artist - $mpd_title} but I wasn't really a fan of how it scrolled oh cool Yeah. dspam is sucky to set up.