#arpnetworks 2013-12-23,Mon

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***gcw|mini1 has quit IRC () [00:03]
..... (idle for 20mn)
robnerd is now known as robonerd [00:23]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[00:37]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[00:43]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
xiphias has quit IRC (Changing host)
xiphias has joined #arpnetworks
[00:50]
................ (idle for 1h16mn)
SpeedBus has quit IRC (Ping timeout: 272 seconds)
mnathani has quit IRC (Ping timeout: 272 seconds)
mnathani has joined #arpnetworks
SpeedBus has joined #arpnetworks
[02:07]
........................................................ (idle for 4h38mn)
m0unds has left "taking down ipv6" [06:48]
m0unds_up_the_irons: no packet loss so far [06:57]
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[06:59]
m0unds has joined #arpnetworks
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[07:07]
toddfhmm, I see v6 traffic but not v4 traffic (v4 gw at my vps is 'ping: sento: Host is down' ugh [07:13]
m0undsweird
i had some weird thing with my /48 that made me think i screwed up configuration, but turned out it was something else
unrelated to me fatfingering anything, which was nice
[07:14]
toddfodd I have one vps that works and another which doesn't [07:15]
m0undshuh [07:15]
toddfbad vlan config or something?
aka I get icmp replies from the router from a different host on the same vlan
[07:15]
m0undsyeah, sounds like it could be [07:16]
toddfcan ping from hosta -> hostb and hosta -> gw, but hostb does not reach the gw
manually setting arp yields little success either, hrmph
guess I'll try powering off the vps and powering it back on incase it re-plumbs something
v6 works so I think its external to the vps itself though
[07:16]
***heavysixer has quit IRC (Quit: heavysixer) [07:26]
................ (idle for 1h18mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[08:44]
................. (idle for 1h22mn)
TheHiTCH_ has quit IRC (Read error: Connection reset by peer) [10:06]
.... (idle for 17mn)
TheHiTCHO has joined #arpnetworks [10:23]
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[10:36]
m0undswoo [10:47]
***qbit has quit IRC (Quit: leaving) [10:49]
toddfhmm, still no IPv4 access from my kvr22 vps .. anyone else on kvr22 ? [11:00]
.... (idle for 15mn)
***heavysixer has quit IRC (Read error: No route to host)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[11:15]
m0undsyep
% ping google.com
PING google.com (173.194.33.2): 56 data bytes
64 bytes from 173.194.33.2: icmp_seq=0 ttl=53 time=27.247 ms
when did you lose ipv4?
[11:16]
***heavysixer_ has joined #arpnetworks
ChanServ sets mode: +o heavysixer_
[11:19]
brycectoddf: so is this a new host on an existing account/vlan? Did you get another /30? Otherwise, there's only one usable IP in the /30 you normally get.... [11:20]
***TheHiTCH_ has joined #arpnetworks
heavysixer_ has quit IRC (Client Quit)
[11:21]
toddfnothing changed.
it is my 2nd oldest host in a group of 4 in this one account/vlan
brycec: just woke up this morning to no response on v4 but v6 works
stranger yet I can hit v4 on the other vps'en just not the gateway from this one host
[11:22]
robonerdtoddf ? haha, nice to see you over here too! :) [11:23]
brycecSounds like a good time to email up_the_irons [11:23]
toddfI don't even get arp is-at from the gateway from my arp who-has request on the afflicted vps
robonerd: you culled me from here to #coindev, remember?
brycec: done so a while back
fun reality is this is my mail server, so unless responses from tinder come via IPv6 he can't reach me back, emailed a followup from gmail as well
[11:23]
robonerdtoddf yea just forgot because you've become such a regular :D [11:24]
***heavysixer has quit IRC (*.net *.split)
TheHiTCHO has quit IRC (*.net *.split)
phlux has quit IRC (*.net *.split)
avj has quit IRC (*.net *.split)
xiphias has quit IRC (Ping timeout: 240 seconds)
hazardous has quit IRC (Ping timeout: 248 seconds)
[11:27]
m0undshuh. [11:30]
***hazardous has joined #arpnetworks
xiphias has joined #arpnetworks
[11:30]
toddfso .. anybody else on kvr22 ? [11:34]
***phlux has joined #arpnetworks [11:34]
m0undsyes [11:34]
toddfable to ping 8.8.8.8 ? [11:35]
m0undsable to ping whatever [11:35]
toddfcan you ping 208.79.89.90 ? [11:35]
m0unds% ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=50 time=26.977 ms
no
[11:35]
toddfhow about .91 ? [11:35]
m0undsno reply from that
yes
64 bytes from 208.79.89.91: icmp_seq=0 ttl=253 time=0.486 ms
[11:35]
***xiphias has quit IRC (Ping timeout: 240 seconds) [11:36]
toddf.90 is on kvr22 .. v4 issues .. .91 is on kvr14 .. v4 works fine
same vlan
so its not a cabling issue to the gateway, you're able to do v4 fine from kvr22
and its not blocking on my host (I can tcpdump and see traffic flowing out, but not in)
and I can ping between my vps on v4
just the gateway doesn't respond to my .90 ip
time to try an IPv4 alias I guess
incase somehow my .90 ip got blacklisted for $automated_bogus_reason or somesuch
[11:36]
***xiphias has joined #arpnetworks [11:37]
toddfnot that I'm aware of any $automated_reasons ever but I'm grasping at straws at this point [11:38]
***qbit has joined #arpnetworks
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[11:40]
toddfgrmph, even an inet alias doesn't speak v4 for this system, what gives I wonder? [11:44]
***xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[11:49]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[11:56]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[12:05]
xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
[12:14]
........... (idle for 53mn)
r0ni has joined #arpnetworks [13:08]
LLKCKfanI was wanting to know if there is a way to find out why my computer is acting like it is on dailup when I am on cable and getting my full speed [13:20]
brycecYes. Next question? [13:20]
m0undsbrycec: is there a santa claus/ [13:22]
LLKCKfanI was wanting to know if there is a way to find out why my computer is acting like it is on dailup when I am on cable and getting my full speed [13:27]
robonerdLLKCKfan the past few years i've seen the US internet really slow down
massive latency added to almost every back haul/transit
on a lot of nodes
i have a feeling it's data snooping + channel splitting
[13:31]
LLKCKfan.it is not my speed [13:37]
brycecm0unds: As long as you believe, yes.
LLKCKfan: Just curious, what makes you think #arpnetworks is a good place to ask that question (over, and over, and over)?
[13:42]
m0undshmm
LLKCKfan: how is babby formed?
[13:48]
***xiphias has quit IRC (Ping timeout: 240 seconds)
xiphias has joined #arpnetworks
tmarble has joined #arpnetworks
[13:51]
tmarbleup_the_irons: did you see my e-mail? [13:55]
..... (idle for 23mn)
toddftmarble: if you sent email to support@arpnetworks.com then you'll get an automated response that says it's been received; when he responds is not guaranteed .. I've been down all day waiting on a v4 issue that I've never seen before [14:18]
tmarbletoddf: ok... it's kind of a personalized followup... not really apropos to escalate to support@ (yet :)
tmarble in UTC+1 atm... off to bed :)
[14:20]
..... (idle for 20mn)
mercutiotoddf: can you tunnel your traffic from one box to the other? [14:40]
toddfI've done so for mail
voip is not quite so easy
dns .. no tunnel required, it is resiliant
[14:40]
mercutiowhen you say you're on the same vlan on both boxes
i assume that means you can use a private ip address
and talk between the two
i dunno if you've doen that or not
[14:41]
toddfyou should know [14:41]
mercutiobut i'd be curious if that was working [14:42]
toddfat arpnetworks there is a single vlan for all boxes under one account [14:42]
mercutioyeah [14:42]
toddfI can do svlan(4) between the systems (providing arpnetworks removes a restriction that blocks it by default)
and I do end up doing that also
[14:42]
mercutiooh ok i fuond that vlan didn't work
vlan on vlan
[14:42]
toddfyes you can't do vlan inside vlan when he does vlan himself
but you can do svlan(4) because its intended to be nested inside vlan(4)
[14:43]
mercutioahh right
well the only tiem i had shared vlan was when i had the beta vm
but anyway, the boxes can reach each other?
[14:43]
toddfyes
I can reach via v4
v6 has always worked
but the one box cannot get even an arp entry to the v4 gateway
[14:43]
mercutiojust nothing comes in
so can you proxy arp on the working box
and forward traffic to the non working box?
with no tunnel
that sounds complicated
i wonder where up_the_irons is
[14:44]
toddfhadn't thought of that, that would do inbound, but outbound .. route through my other vps I guess? meh
busy I'm sure
[14:44]
mercutiohmm
does outbound static arp work?
[14:44]
toddftried it, no go [14:45]
mercutiohmm [14:45]
toddfI also confirmed another arpnetworks customer on kvr22 (where my afflicted vps resides) can reach the internet [14:45]
mercutioew're thjinking up complicated ways aren't we :/ [14:45]
toddfso I think it is something specific with my vlan between kvr22 and the v4 router [14:45]
mercutioi wonder if it's a mac address clash [14:45]
brycecSounds like toddf's vlan has become disconnected from the v4 router. [14:45]
mercutioi dunno what the automated mac creation is like [14:45]
brycec(Oh wait, you said other v4 hosts are fine. hm) [14:46]
toddfbrycec: except the vlan works from other kvr systems .. kvr27,kvr28,kvr14
so the map is
[14:46]
mercutiodoes the IP address with on your othewr host? [14:46]
brycecYeah, I ack'd that. [14:46]
toddfkvr27+kvr28+kvr14+kvr22 -> v6 ok
kvr27+kvr28+kvr14 -> v4 ok
kvr22 -> v4 !ok
[14:46]
mercutioif ip the other ip address works on the other host then i would anycast it :/
ie, put the same ip on both hosts
then enable forwarding on the working box
[14:47]
toddfhow do you anycast w/out a mac conflict
sure I did this convoluted setup at first
[14:47]
mercutioand set your default host [14:47]
m0undsi was having issues on my 22 box w/ipv6 packet loss last night [14:47]
toddfto avoid getting a /29 [14:47]
mercutiothen bounce the traffic from the working host
oh hmm
[14:47]
toddfbut VoIP love was not there, so I dropped it when I needed yet another separate v4 address [14:47]
mercutioit doesn't need to have an actual ip address on the working host
it just needs to arp for it
and route to the right place
mac conflicts don't matter
[14:47]
toddfI have everything working but VoIP .. guess I could try to nat VoIP out another ip or somesuch, bleh [14:48]
mercutiowell they don't most of the time
as long as either host works
but yeha you want proxy arp
[14:48]
toddfI tried putting another IP on the afflicted vps, and it didn't work any better [14:48]
mercutiorather than actual anycast
with bgp you could just advertise the ip as a /32
[14:48]
toddfguess I should check e.g. kvr14 to see if arp who-has is being broadcast for the afflicted ip
from the router
[14:49]
mercutioyeh i think it's mac address related [14:49]
toddfI tried changing my mac! [14:49]
mercutiodoes that work? [14:49]
toddfand it came back with v6 just fine, v4 no change [14:49]
mercutiogah [14:49]
toddfit is as if the plubmbing between kvr22 and the v4 router for my vlan only is busted [14:49]
mercutiodid you get your port shifted to gigabit? [14:50]
toddfyes [14:50]
mercutioi assuem that's where the problem is then
and the working one didn't?
[14:50]
toddfall of my vps'en are gigabit so far as I know
all 4
[14:50]
mercutiodamnit [14:50]
toddf;-) [14:50]
brycecdefinitely makes no sense, given that working paths overlap with the nonworking path. :( [14:51]
toddfI'm almost leaning towards something blowing some automated trigger in the switch for my vps traffic or something, though we've been repeatedly told no automatic triggers except port connection throttling on 22
so I'm guessing some wierd switch failure or somesuch
well I'm going to presume there are multiple switches involved
[14:51]
brycecThere's a UDP rate limit as well. But that's not a block. [14:51]
mercutiothat's why i was wondering if it effected gigabit vps
but not the oold one
[14:51]
toddfand that likely kvr14 is plugged into a different switch than kvr22 vs kvr28/kvr27 [14:52]
mercutioerr port
i'm on kvr15 i think
and i haven't experienced issues
[14:52]
toddfso it could be a misfire on the vlan config between the kvr22 switch and the v4 router, but not the v6 router [14:52]
mercutioit coul dbe [14:52]
toddffeel free to compare 0.v.freedaemon.com vs 2.v.freedaemon.com ;-) [14:52]
mercutioso
if you do proxy arp
and forward to the internal ip address
can you see receive traffic
[14:53]
toddfah, just realized another cluebit
kvr27 cannot reach kvr22 via v4
nor v6
[14:53]
mercutiohmm
but can via ipv6?
[14:54]
toddfbut kvr27 can reach google via v4 and v6 [14:54]
mercutiowell i'd g down the arp -s ... pub
route
and th en put it back when it's working right
[14:54]
toddf16:54:24.985632 00:1f:6c:92:7f:00 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 208.79.89.90 tell 208.79.89.89
I see that at kvr14
but I see this at kvr22
16:54:44.563261 52:54:00:ef:41:22 ff:ff:ff:ff:ff:ff 0806 42: arp who-has 208.79.89.89 tell 208.79.89.90
I see the 2nd packet at kvr14 also
but the 1st packet I don't see at kvr22
so arp magic is not fixing my ethernet segment breakage between kvr22 and v4 router
[14:55]
mercutioi just realised..
when iw as saying about doing arp stuff.. i was thinking you wouldn't have stateful filtering
but you migt
and that can break too
[14:56]
toddfyes
I'm going to try it on a vps that doesn't have any fancy filtering
[14:56]
mercutioahh
with openbsd you have to append no keep state
[14:57]
up_the_ironstoddf: can you give it another try [14:58]
toddfup_the_irons: hi!
workie!
[14:58]
up_the_ironstoddf: this is my fault; i made a change on kvr22 yesterday, and something broke :(
I apologize
[14:58]
toddfvoip phone registered and all manner of things are working now [14:58]
up_the_irons(it only affected people on the GigE router, which is very few)
w00t nice
[14:58]
toddfkvr27 can now talk to kvr22 via v4 as well
on my vlan
[14:59]
brycecThe prodigal up_the_irons returns! [14:59]
up_the_ironslol [14:59]
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[14:59]
toddfit was fun given another user was on kvr22 and his v4 worked fine, but didn't think to ask about gige bits
now my backup bogus backup mx works
[15:00]
up_the_ironsyeah sorry for the wasted diagnostic time [15:00]
toddfI'm understanding of the scenario given I've been in your shoes more often than not [15:01]
brycec(It's not like there was anything else to do while it was down, right? :P) [15:01]
toddfbrycec: exactly, I have all 3 dns servers working now as well as a result [15:01]
bryceclol good :)
toddf: I assume geographically diverse too?
[15:01]
mercutiooh up_the_irons is around :) [15:02]
brycecbrycec pays dns.he.net $0 to provide some very nice dns service [15:02]
m0undshaha
they send you invoices for $0
[15:02]
brycecNo... [15:03]
toddfbrycec: two at arpnetworks (one was misconfigured aka firewalled to /dev/null) and one at home (suceptable to power outages) [15:03]
m0undsoh, you actually do pay them? i figured you meant the free authoritative stuff
i use route53 for critical stuff
[15:03]
brycecm0unds: I use their free stuff. There's no invoice involved. It's my authoritative too. [15:03]
m0undsoh, i was joking about the $0 invoice (cuz it's free) [15:04]
brycecI highly recommend it, even if just for backup. Can't beat 5 separate anycast servers. [15:04]
toddfI do IT consulting and service an isp in my client portfolio. if I can't get dns and mail and such right, why bother? sure I could outsource to dns.he.net but where's the ability to say "i do this for myself, I can do this for you too" ? ;-) [15:04]
mercutioi hate web interfaces for dns myself [15:05]
brycecI see your point. Even so, I would suggest using them for backu/slave. Part of doing IT is knowing good vendors after all [15:05]
mercutiohe.net is good now? :) [15:05]
brycecwwere they evil before? [15:05]
mercutiothey're good at supporting ipv6.
they had heaps of power outages at one of their datacentres
fremont?
[15:05]
brycecAh. I've had issues with their tunneling, absolutely. [15:06]
mercutioand they're generally known to be subpar for ipv4 connectivity [15:06]
brycecBut never a DNS issue. [15:06]
mercutiobut cheap
in ipv6 they're pretty good though
i dunno, i don't even know who's good :/
i mean some people say level3 are good, but level3 still have issues
it's well known that cogent are bad bad bad
[15:06]
brycecagreed [15:07]
mercutioit's generally consdiered that at&t aren't that great
for a wihle a lot of people seemed to be pushing web sites to cloudflare
and omg, so many performance issues suddenly with sites that shifted
[15:07]
toddffunny, btc-e.com is on cloudfare [15:09]
mercutioi'd still probably consider some of the better cdn providers to have higher qaulity dns though
is it randomly slow?
[15:09]
toddfthey do have occasional hiccups, and indeed it is randomly slow
I just programmed patience into my bot and don't generally notice as a result
[15:09]
mercutiolike 5 seconds to load a page slow?
and was it reasonble consistent prior?
i mean some sites that moved to cdn's had backend issues prior like for instance reddit
so it can be hard to know if it's the cdn or the backend
[15:09]
toddflike I know about these errors enough to put them into the public api:
https://github.com/toddfries/Finance-btce/blob/master/lib/Finance/btce.pm#L375
[15:10]
mercutiobut generally speaking, if a site performs consistently, then goes on cdn and goes randomly slow, i blame the cdn [15:10]
toddfI've never known btc-e.com before cloudfare so I can't comment [15:11]
mercutiohahahahaha
as an end user i've found cachefly consistently good
i think it's kind of expensive though
yeah from $99/month
[15:11]
m0undswith monitoring i do on page loads for clients on paid cloudflare, the page loads from a bunch of locations in the us are within 5% avg
maybe it's an international thing, idk
but +/- 5% speed in ms for page loading from cloudflare
e.g. for eyeballs, not noticible
[15:14]
***heavysixer has quit IRC (Quit: heavysixer) [15:15]
mercutioit may be an international thing
but i was getting slow performance when it hit the
hangon it was slow performance when i hit the CA node..
but i think it wasn't so bad with the TX node
from a vps
but i suppose CA may get more ddos attacks from china :/
[15:23]
m0undsyea [15:25]
***[NSA] has joined #arpnetworks [15:26]
up_the_ironsLOL
the [NSA] has arrived
[15:27]
mercutiooh the new dc thing is happening next year isn't it? [15:28]
brycec[NSA]: meet [FBI] [15:28]
up_the_ironsthat is one of my goals, yes [15:34]
mercutiocool [15:35]
.... (idle for 19mn)
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[15:54]
.... (idle for 15mn)
heavysixer has quit IRC (Quit: heavysixer) [16:09]
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[16:21]
heavysixer has quit IRC (Quit: heavysixer) [16:33]
......... (idle for 44mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[17:17]
heavysixer has quit IRC (Quit: heavysixer) [17:29]
.... (idle for 15mn)
r0ni has quit IRC (Ping timeout: 240 seconds) [17:44]
................... (idle for 1h33mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[19:17]
LLKCKfanI was wanting to know if there is a way to find out why my computer is acting like it is on dailup when I am on cable and getting my full speed [19:24]
***TheHiTCH_ has quit IRC (Remote host closed the connection)
TheHiTCHO has joined #arpnetworks
TheHiTCHO has quit IRC (Remote host closed the connection)
TheHiTCH_ has joined #arpnetworks
[19:28]
CaZeLLKCKfan: No, there isn't. [19:31]
***TheHiTCH_ has quit IRC (Remote host closed the connection)
TheHiTCH_ has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
[19:32]
LLKCKfanTherehas to be [19:35]
CaZeNo way. [19:43]
***TheHiTCH_ has quit IRC (Remote host closed the connection)
TheHiTCHO has joined #arpnetworks
[19:55]
LLKCKfanYou do not want to help [19:56]
brycecLLKCKfan: you keep asking the same damn question, over and over, without providing information. Why do you even ask in #arpnetworks at all?? [19:59]
***TheHiTCHO has quit IRC (Ping timeout: 260 seconds) [20:00]
brycecAnd then silence... We ask questions, you don't answer. Why do you bother? [20:13]
..... (idle for 21mn)
***TheHiTCHO has joined #arpnetworks [20:34]
............... (idle for 1h13mn)
hazardous1i want to say that the answer might be because you're using a rural 'cable company' that maxes out at 512kbps
and has 10gb caps
after which you're throttled to 64kbps
and they apparently have a single t1 total
[21:47]
bryceclolol [21:48]
.......... (idle for 49mn)
***LLKCKfan has quit IRC (Ping timeout: 240 seconds)
LLKCKfan has joined #arpnetworks
[22:37]
.............. (idle for 1h6mn)
LLKCKfanI was wanting to know if there is a way to find out why my computer is acting like it is on dailup when I am on cable and getting my full speed [23:47]
CaZeLLKCKfan: No. [23:50]
LLKCKfanI GET MY FULL SPEED
THAT IS NOT WHAT I AM ASKING ABOUT
[23:54]
CaZeLLKCKfan: No. [23:58]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)