mercutio: not i
run your own dns
i dunno why dns is something people like to push off to others gizmoguy: oh yeah I mostly host my own DNS
just one of my clients uses zerigo for all his stuff
all down
their "6" nameservers have been DDoSed off the internet the past 48 hours mercutio: wow
my personal domain has 5 name servers
but generally speaking 3 is plenty for most people
and it's just cos it was esay to do for me :)
did you read about linkedin's dns being hacked somehow
and a few other sites
it's hard to tell how gizmoguy: hah yeah
I heard in linkedin's case it was their DNS hoster who injected an incorrect nameserver or something stupid
personal websites = dns.he.net
work stuff = 2 physical servers with a 3rd remote VPS mercutio: ahh i never saw anything conclusive
i was half following on nanog
linkedin worked normally quicklpy though
craigslist didn't
but i'm not in US hazardous: <mercutio> and a few other sites
have you seen the absurdly long thread
http://mailman.nanog.org/pipermail/nanog/2013-June/thread.html, ctrl+f coordinated mercutio: yeah
i'm subscribed
i only briefly looked as i said hazardous: i tried to only briefly look, but was getting a popup every few minutes about new mail like yesterday
so i decided to just read it mercutio: heh
i don't get popups
i'm not really following the /25 thing either
hah
someone said about padding acks to 1500 bytes hazardous: wat
just, "wat" mercutio: i suppose it's one way to keep ratios up
although you need the other end to send big ack
on net neutrility
cogent always has peering disagreements or issues hazardous: they're usually the source of the issues so presumably they would have a lot mercutio: i thoguht isp's were the source of the sisues
verizon, comcast etc m0unds: gizmoguy: zerigo sucks
gizmoguy: i used them for a year; when they got bought out by 8x8, their services all started to suck
no support, no product improvements, they got ddos'd off the internet last year and pledged to improve stuff..sounds like they haven't hazardous: for me, personal stuff is on he.net unless they need wildcards, important stuff is on dnsmadeeasy or whateverelse m0unds: and that coordinated hacking thread was silly hazardous: trying out rage4 atm m0unds: i'm on route53 for dns
i have a few consulting clients who use easydns as a registrar and dns host and like them a lot ***: toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
first2know has quit IRC (Quit: Leaving)
scottschecter has joined #arpnetworks sorressean: Do you guys prefer a specific MTA over another for bsd? I currently use postfix on *nix, I'm open to looking at anything else though. I just don't want to touch exim, assuming it's even in the ports to begin with. phlux: postfix fan here sorressean: haha I figured. postfix works good, just wasn't sure if there was another favorite for BSD
I might just be configuring it to relay to the linux box anyway, so I guess it doesn't matter to much. brycec: sorressean: there's a lot of excitement behind OpenSMTPD in the BSD project, but I've no personal experience with it. sorressean: brycec: yeah, I seen that. Looks like it's just barely ready to get into the wild though, not sure how well that'd do for me. brycec: (If I recall correctly, I think opensmtpd became the default MTA in 5.3, or maybe it's just slated to be default)
sorressean: It's getting a good workout, even while being pretty young. I know it's used at Microsoft to handle some part of their bulk mailing stuff. staticsafe: OpenSMTPD is getting rapid dev atm sorressean: haha that's kind of cool. staticsafe: #opensmtpd btw :) sorressean: exchange is clearly the beast for the job. m0unds: MS uses postfix in their FOPE spam handling platform
is the opensmtpd implementation being used for transaction email or something? brycec: m0unds: I couldn't say, I'm not involved and it's not something easily searched in my irc logs m0unds: ah, gotcha ***: first2know has joined #arpnetworks
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit)
first2know has quit IRC (Remote host closed the connection)
first2know has joined #arpnetworks
toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf m0unds: if anyone's interested, oreilly media coupon code DSUG2 = 50% off ebooks ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
first2know has quit IRC (Ping timeout: 256 seconds) hazardous: i don't run any mta :<
or handle mail myself
that seems weird m0unds: i don't like running my own mail
it's a hassle to move it around, so i host mine via office365 phlux: What do you guys use to find out what is taking up the most amount of space on your FreeBSD servers? m0unds: http://www.freebsd.org/cgi/man.cgi?query=du&sektion=1 phlux: Eh
I ended up just using 'find /usr/home -type f -size +20000k -exec ls -lh {} ; | awk '{ print $9 ": " $5 }'
Displays everything in /usr/home > 20MB m0unds: it sure does ***: first2know has joined #arpnetworks
first2know has quit IRC (Ping timeout: 256 seconds)
first2know has joined #arpnetworks hazardous: m0unds i dont run my own mail at all because effort and deliverability
i use sailthru, ses and sendgrid for outbound
inbound is gandi or gapps or w/e depending on what it's for m0unds: hazardous: i just figure other people have the good hardware and redundant systems to handle it. gandi is awesome though, in general -: staticsafe hosts his own mail for certain stuff and has it hosted for certain other stuff phlux: I'm actually finally moving my stuff back to my own server this weekend
Thanks for reminding me m0unds: i've got an MTA for outbound-only, but that's it hazardous: m0unds for inbound mail at least
the one thing i do not want to deal with
is multiple redundant backups to not lose mail, and spam filters
i'd much rather have someone else just sort that out for me m0unds: yeah
i've had an acct w/spamexperts for a couple years as a filtering/continuity sort of hting
thing* hazardous: if i have important mail that needs to remain private, well, that's what client-side pgp is for ***: heavysixer has quit IRC (Quit: heavysixer) brycec: phlux: ncdu - ncurses du, browses the tree, sorts by space used, name, etc
oh and lets you delete from inside the app even (recursively) gizmoguy: m0unds: yeah.. that was my impression of zerigo
I'm moving him to route53 at the moment m0unds: gizmoguy: it's a bummer, because their services before acquisition were pretty alright gizmoguy: I assume on route53 they can zone transfer from a primary DNS server I host? staticsafe: gizmoguy: I use DNSMadeEasy for shit I need up, tis awesome brycec: I never liked that route53 (and some others) charge by the query :/ gizmoguy: "It supports slaving from a DNS master using IXFR (zone transfer) requests"
answered my own question brycec: Does that mean it can be converted to a master, gizmoguy ?
Or is it permanently slaved? gizmoguy: brycec: I want to run route53 as a permanent slave m0unds: eh, as long as the "per query" pricing is set at a reasonable threshold, it doesn't bother me in the slightest brycec: oh misunderstood m0unds: not like stupid dyn and their 600k query base limit gizmoguy: m0unds: seems to be like a cent per million queries or something m0unds: $.50 per million
i think staticsafe: does Route53 have v6 on any of their NSes? brycec: I wish I had a way to get an idea what my usage would be without moving to self-hosted or route53 m0unds: brycec: for my personal svcs w/email and stuff i average less than 100k/mo gizmoguy: "Amazon Route 53 supports both forward (AAAA) and reverse (PTR) IPv6 records. However, the Route 53 service itself is not available over IPv6 at this time."
:( brycec: Thanks that gives me some idea staticsafe: ~200,000+ queries on one of my domains
gizmoguy: meh lame m0unds: since most of my svcs are accessed by eyeball networks, i don't really care about ipv6 right now staticsafe: lulz gizmoguy: No m0unds, everyone on the edge of the internet has ipv6 enabled m0unds: WE DO? -: m0unds checks m0unds: nope. gizmoguy: every single person m0unds: hahaha
i had to ask comcast for ipv6 at home on my business acct
it's going to take them 3 weeks to alloc gizmoguy: ipv6 was deployed perfectly 5 years ago in my happy place in my head staticsafe: heh gizmoguy -: brycec is 100% IPv6 compat/capable
gizmoguy whoises everyone in the chan to see who is cool enough to have IRCv6 brycec: In fact, my ipv4 connection died one day and I didn't notice it. That was fun. -: m0unds puts on his best whois-pants gizmoguy: oh what's with stupid freenode hiding everyone's IPs brycec: I assure you gizmoguy I'm connected to Freenode over ipv6 gizmoguy: good work brycec
I am too :) m0unds: gizmoguy: it's not hiding mine -: m0unds panics
gizmoguy ddos's m0unds: nuuuuu brycec: gizmoguy's isn't hidden either :DDD
retaliate! m0unds: i can't, i'd knock all of nz offline gizmoguy: m0unds: take this: m0unds: :D gizmoguy: ~> ping6 -s 6400 2600:3c00::f03c:91ff:fe69:aef1
PING 2600:3c00::f03c:91ff:fe69:aef1(2600:3c00::f03c:91ff:fe69:aef1) 6400 data bytes
6408 bytes from 2600:3c00::f03c:91ff:fe69:aef1: icmp_seq=1 ttl=53 time=193 ms m0unds: ow gizmoguy: brycec: 09:25:12 [freenode] -!- brycec [~cobryce@unaffiliated/cobryce] staticsafe: heh gizmoguy: m0unds: "i can't, i'd knock all of nz offline
soo true brycec: lol -: staticsafe hits gizmoguy with 100mbit staticsafe: there goes nz m0unds: hahahah staticsafe: :P gizmoguy: we are connected to dialup to the US m0unds: it's an entire city block of modem banks gizmoguy: it's ok. we only have 5 people on the internet down here m0unds: under carefully constructed leanto structures staticsafe: lol gizmoguy: and it's timeshare too
so I have to get off soon
fred wants to use it -: staticsafe says hi to the other nz guy in here phlux: Moved my mail over to my own server again today m0unds: you get your "internet bill" on a monthly basis, and you're billed by the bps phlux: Feelsgoodman.jpg staticsafe: ohi mercutio! gizmoguy: he won't deny it staticsafe: i think mercutio works for an ISP in nz gizmoguy: his domain looks familiar
nznogger @ mercutio? staticsafe: his ISP peers with ARP Networks too lol m0unds: i read that as nzlogger gizmoguy: we all work double jobs in NZ
I'm sysadmin during the day, cut down trees in the weekend m0unds: do you wear high heels, suspenders and a bra? staticsafe: http://bgp.he.net/AS9559 i think is the one brycec: lol m0unds m0unds: i'm glad someone caught that, maybe gizmoguy: m0unds: not usually :P m0unds: (monty python ref) staticsafe: so gizmoguy zerigo is still down? gizmoguy: m0unds: I'm a lumberjack and it's ok ?
staticsafe: I think it might be back again
post mortem: http://www.zerigo.com/blog/2012/07/zerigodnsoutage staticsafe: er that post is from 2012 gizmoguy m0unds: lol gizmoguy: well I guess they didn't learn much then m0unds: that's the one i mentioned from last year when they said they'd "try harder" or something
hahahah gizmoguy: that's the newest post on their blog :S m0unds: zerigostatus.com
i think gizmoguy: http://zerigostatus.com/
a.ns.zerigo.net - Up
b.ns.zerigo.net - Down
c.ns.zerigo.net - Down
d.ns.zerigo.net - Up
e.ns.zerigo.net - Down m0unds: still fighting
hahaha gizmoguy: f.ns.zerigo.net - Down
2/6 ain't bad? phlux: What are the recommended administrative e-mail addresses? I know there's abuse@ and postmaster@, but are there any others? staticsafe: dns@ and webmaster@ m0unds: um, those are the two big ones - you could always add hostmaster if you manage your dns
webmaster is a great spam target staticsafe: ^ m0unds: for whatever reason, 80% of my admin address spam across all domains i run hits webmaster phlux: aren't there some that are required?
like, if the e-mail bounces, you could be written off as spam by the provider? staticsafe: eh, not really
i recommend keeping abuse@ and postmaster@ m0unds: with some of the sillier RBLs, they'll cry about abuse@ staticsafe: besides that *shrug* phlux: roger that..thanks -: staticsafe slaps opendns m0unds: ..? staticsafe: http://okazaki.tomoyo.ca/mtB.png my friend made a typo and it keeps doing that ***: knigma-m_ has joined #arpnetworks
knigma-m has quit IRC (Read error: Connection reset by peer) hazardous: i was really confused there for a second wondering who you are because one of my friends hosts his image off tomoyo.eu staticsafe: yes wintereise uses tomoyo.eu ***: knigma-m has joined #arpnetworks
knigma-m_ has quit IRC (Read error: Connection reset by peer) gizmoguy: lol postgres- supported_versions: WARNING: Unknown Debian release: 7.1 hazardous: how do you know her, staticsafe m0unds: haha hazardous: also is it an anime or something. ***: knigma-m has quit IRC (Read error: Connection reset by peer)
knigma-m_ has joined #arpnetworks staticsafe: its a character from an anime ***: knigma-m_ has quit IRC (Read error: Connection reset by peer)
knigma-m has joined #arpnetworks hazardous: oh
do you like anime? staticsafe: yes m0unds: what's an anime? gizmoguy: m0unds: "What anime sounds like to your parents" - http://www.youtube.com/watch?v=a0g8bwYzMyU staticsafe: lol m0unds: ahahahahah
that's fantastic
http://www.youtube.com/watch?v=37dBT09KryA this was listed as "related" gizmoguy: that dude creepy ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer) m0unds: he sure is
the base ids rules on srx devices will protect against..winnuke
i don't know why that's so amusing hazardous: what's winnuke? m0unds: http://en.wikipedia.org/wiki/Winnuke hazardous: oh m0unds: yeah, ancient
haha hazardous: lol i don't know those OSes
my first comp was win xp phlux: what..?
how old are you? m0unds: the first computer i ever used was an IBM express
my dad's company sent it to our house for him to generate quotes on hazardous: um
a teenager
;s phlux: yeah I figured you had to be hazardous: people in another channel were like what the fuck when they found out my first internet connection was broadband phlux: The first computer I remember us having was some huge white laptop hazardous: lol phlux: I think it only had DOS on it
oh man m0unds: my dad also ended up with an NEC laptop that booted from 3.5" floppy and had an external 4800baud modem phlux: I first got into Linux during my family's 56k days
I'll never forget playing with ppp for the first time
I almost gave up on Linux
this was back when Corel offered a Linux suite hazardous: i remember using ubuntu version 9.04? as a little kid
:3 phlux: I remember when there was no Ubuntu and the world was better for it! m0unds: heh hazardous: terms i don't know: baud m0unds: http://en.wikipedia.org/wiki/Baud phlux: terms you should google: baud m0unds: 4800 baud = 4800 bits per second
orrrrr 4.8kbit/sec hazardous: isn't ~5kb/s basically 56k m0unds: slightly less than .6KB/sec hazardous: wat m0unds: 4.8kbit/sec = .6KB/sec
you'd be hard pressed to get much more than 5KB/sec over 56k
my first linux use was redhat 4
my friend's brother was an intern at intel, and they had him learning how to use it. i borrowed the discs and installed it on my old 486 ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
HighJinx has quit IRC () gizmoguy: 9600 baud 4 lyf m0unds: O NO U DINT
or do you mean, like, literally gizmoguy: I don't really bother changing my kit off 9600 baud m0unds: because you're in nz gizmoguy: makes it harder to guess what speed I set it up to
I really <3 the gear that does baud-negotiation
I've got an HP switch that does it
you serial in to it at any sped
hit enter a few times and it works out what speed you're talking to it at
^ the future right there m0unds: i don't know if i can handle how bad these scaled images look on this ereader
i might have to resort to reading in the browser or something
http://sdrv.ms/1aDNEmy ***: dj_goku has quit IRC (Ping timeout: 276 seconds)
dj_goku has joined #arpnetworks mercutio: up_the_irons: how much capacity does arp have to any2ix? could it be congesting? hazardous: hey up_the_irons, whenever you're back - what kind of spec can i get for around 200ish? preferably with ssds mercutio: icmp deprioritisation and return routes etc makes it harder to tell
hmm facebook looks ok
well 1 msec jitter
maybe other end or maybe the san jose / los angeles thing N3RG4L: hi guys
any idea which encoding is this ? "Çñ®PNl?4Ó!?¬ØQìw" mercutio: nope
maybe unicode?