#arpnetworks 2014-02-12,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
brycecup_the_irons: This may be of interest then ;) https://smokeping.cobryce.com/?target=Internet.NLNOGRING (I only just added it, so it's still empty) [00:10]
up_the_ironsbrycec: nice! [00:11]
brycecFeb 12 00:08:09 vps3 smokeping[16901]: FPing6: probing 53 targets with step 60 s and offset 37 s.
Feb 12 00:08:09 vps3 smokeping[16902]: FPing: probing 159 targets with step 60 s and offset 1 s.
wheee
[00:13]
up_the_ironsbrycec: how does that work anyway, like your smokeping is running on your VPS here, but it says "median RTT to ARP", so it seems like it is going to itself
i guess what i'm asking is, what exactly is it measuring
[00:13]
brycecHm, how odd... can't ping6 hurricane01.ring.nlnog.net (times out)
up_the_irons: "from ARP" used to say "from <hostname>" but I changed it to ARP to give a better global perspective
er, *from ARP
up_the_irons: where does it say "to ARP"?
[00:14]
up_the_ironsoh i meant "from" [00:15]
brycecoh heh
well the "from ARP" just means "from my VPS on kvr07 to arpnetworks01.ring.nlnog.net"
Which isn't overly useful I suppose, but the slaves are also hitting arpnetworks01.ring.nlnog.net
(And those slaves are also identified as "from <provider/ISP>"
[00:15]
up_the_ironsso the others (Chunkhost, Comcast, etc...) all feed into this "main" smokeping? [00:17]
brycecyes [00:17]
up_the_ironscool
is Comcast your residential ISP, or is that somewhere else?
TWC could be residential OR data center end
[00:17]
brycecSmokeping has a nifty master/slave architecture. The master and slaves both also collect data, but the master receives it all, stores it, graphs, etc
Comcast is my home connection
[00:18]
up_the_ironscool [00:18]
brycecTWC is a "business-class cable customer" [00:18]
up_the_ironsok
neato
[00:19]
brycec(I thought I'd documented soem of these details on the smokeping page... I'm wrong, apparently)
I plan to turn up another slave in an IO datacenter in the next few days too
(IO does their own multi-homing "blended internet")
[00:19]
up_the_ironswhich IO data center? [00:20]
brycecPhoenix [00:20]
up_the_ironsmaybe you did document it, but i haven't found it :) [00:20]
brycecI didn't find it either ;)
A client of mine has a half-cab in http://www.io.com/colocation/io-phoenix/ so I'll slip a slave in there.
Fun fact: That picture is not from the Phoenix DC. Dunno where from... but it's not in Phoenix :p
[00:21]
up_the_irons"No Monthly Recurring Fees for Cross-Connects", now that'd save me some money [00:22]
brycecheh [00:23]
up_the_ironsi would say 80% of data center pics are not the actual data center
pisses me off
;)
[00:23]
brycecMakes sense though, pricing-wise. Only pay for the resources (some guy) used. Afterwards, your stuff is just laying in a tray overhead... why should that cost money?
In my limited interactions, I like IO
[00:23]
up_the_ironsyeah, cross connects are a RAPE [00:24]
mercutiowas there just a network problem? [00:24]
brycecnot afaik [00:24]
up_the_ironsnot that i saw [00:24]
brycecWhy, would you like one? [00:25]
mercutiohah i think nodeping is having issues
how can thinks go up without going down
[00:25]
brycechahaha
they went down, but the down notification was lost due to things being down?
[00:25]
mercutiooh it's changing numbers rnadomly [00:25]
up_the_ironslike a BOSS [00:26]
mercutioso my cellphone don't group [00:26]
brycecIs that like blinking lights randomly, to look busy? [00:26]
mercutioheh
cloud core routers have a lcd
i mean seriously, if a router is working who wants to look at a lcd
[00:28]
up_the_ironssrsly [00:29]
brycecI can see how nodeping might be having some issues actually
https://smokeping.cobryce.com/?target=Internet.HENet.Europe.HEtserv11ams1v4 https://smokeping.cobryce.com/?target=Internet.HENet.Europe.HEtserv28waw1v4

both showing massive loss to ARP in the last few minutes
[00:29]
mercutioi'm not impressed by nodeping
oh wow
bah he tunnels
omg i wish amazon wouldn't email me about stuff i stuck in my cart
it emails me all the time
there seemed to be a little bit of a dip
but it wsa more liek total outage for a bit
[00:30]
brycec(returning to normal) [00:32]
mercutiothen ping came back less than before the outage
so i wonder if where was some hw chnage somewhere?
actually it's not total outage it's 19/20 packets dropped
but to my mind that means total outage :)
[00:32]
brycecbrycec sticks that in the SLA fine-print -- "service still available, does not count as downtime"
:P
[00:33]
mercutiooh weird minimum ping went interesting
suggesting los angels to nz
rather than la -> sj -> nz
i wodner if any2ix fell over temp
i don't think there's any way to view sessions ?
[00:33]
up_the_ironsbut are those graphs measuring tunnels?
seems like a lot of moving parts there
[00:36]
mercutiogah why is my irc suddenly laggy
it's wihtin nz
i think it's probably ddos
gah
[00:36]
brycecup_the_irons: my graphs are just from the VPS to the IP in the graph title. no tunneling [00:37]
up_the_ironsah ok [00:37]
brycecAnd if there's any way I can make that clearer, let me know [00:37]
up_the_ironscuz the list on the left says tunnels [00:37]
brycecI'll rename it ;) [00:37]
up_the_ironsOK:) [00:37]
dnestaticsafe: the smokeping webapp can be run as a PSGI app, if that helps :) [00:45]
brycecbrycec is running his as fastcgi [00:46]
dnedne runs his using starman [00:46]
brycecOtherwise all this attention would be crushing me :)
@imdb Starman
[00:46]
BryceBot[MOVIE] Title: Starman | Year: 1984 | Rating: 7.0 | Genre: Adventure, Drama, Romance | IMDB Link: http://imdb.com/title/tt0088172 [00:46]
mercutiomm
my whole dsl died
[00:46]
brycecouch [00:47]
mercutioikr [00:47]
brycecYou didn't really need it though, the DSL that is, right? I mean... there are plenty of sheep. [00:47]
dnebrycec: http://search.cpan.org/dist/Starman/ [00:47]
mercutiohaha [00:47]
brycecdne: yeah, that was #7 in my Google [00:47]
mercutioi dunno what happened yet
or how many people dropped, but it wasn't just me i know
my ssh stayed up :)
[00:47]
brycecI want to add historical traceroutes to my smokeping... But I can't decide on a user interface :( [00:50]
mercutiodamnit i think it dying again :( [00:51]
brycecup_the_irons: one other note: the v6 connectivity on Chunkhost, Comcast, and TWC is provided by HE tunnels. So the data may be "skewed" a bit :( [00:52]
up_the_ironsbrycec: ok [00:53]
brycec(Sorry, not much I can do about "native" v6 connectivity on those) [00:54]
up_the_ironsyeah
lots of packet loss on HE lon2 and ams1 nodes right now
[00:57]
mercutioapparently that ddos attack thing was bigger in europe than the US
i didn't really notice anything with that ddos fwiw
other than people talking about it :)
[01:01]
brycecy'all are the only I've heard of it :p [01:02]
BryceBot<mercutio> i ofap oetppfip fp e kitgpebiu pi p:) [01:02]
brycecdamnit perl [01:02]
mercutiowhat [01:02]
mike-burnsDid we just get Klingon'ed? [01:02]
brycecy// in perl meets sed's "use any symbol as a delineator" [01:02]
mercutiohaha [01:02]
brycecso y''
But I'm blaming perl for y//. <3 sed
[01:02]
up_the_ironsy'all are smokin' crack [01:05]
BryceBot<brycec> ButaI'mabrcmingapekrafokay//.a<3ased [01:05]
up_the_ironsYES [01:05]
brycecwell done. Now just lie on your side, the paramedics are on their way [01:06]
..... (idle for 21mn)
up_the_ironsmy gawd, the mail gem rocks
https://github.com/mikel/mail
[01:27]
antwoah...that was a lot of scrollback [01:38]
mercutiosometimes the channel is idle for a whole day basically..
not recently though
[01:39]
up_the_ironsyeah, lately there's been a lot of activity [01:41]
antsome more lines and it had maxed out my scrollback buffer [01:42]
up_the_ironshaha [01:43]
mercutioi found weechat is automatically logging
makes it easier to search for urls..
[01:45]
bryceclol [01:47]
.......... (idle for 48mn)
up_the_irons: Is there some reason I can ping my gw 174.136.103.129 but traceroutes fail? (apologies if it's a dumb question)
up_the_irons: I also have weirdness trying to traceroute to arpnetworks.com (I get just the first hope 174.136.103.129 and everything else times out)
[02:35]
up_the_ironsbrycec: hmmm not sure [02:36]
brycec(ipv4 btw)
v6 seems fine
[02:36]
up_the_ironspaste mtr report [02:37]
brycecmmkay
hm, mtr is happy, traceroute is not.
brycec is up way past bedtime :/
Makes me think I should be using mtr instead of traceroute in my logging
up_the_irons: yep, traceroute -I works (ICMP ECHO)
[02:37]
mercutiotraceourte is udp
oh
i'm slow
[02:40]
brycecheh
me too
apparently
[02:41]
up_the_ironsi always thought traceroute used icmp
ya learn something new every day!
ok, udp by default
[02:41]
antusing udp allows one to use traceroute as a regular user (at least under linux) [02:43]
brycecand without setuid'ing
as mtr is
[02:43]
antyeah [02:44]
mercutioit does on windows
i think
[02:46]
up_the_ironsso, interesting:
regular 'traceroute', for v4, uses UDP
but for v6, uses ICMP6
wait, n/m
i'm wrong
UDP for both
[02:47]
mercutioheh
i usuaully use mtr --report btw bryce
it works pretty well
[02:48]
up_the_ironsbrycec: anyway, the answer is, iptables on arpnetworks.com server is blocking something. i can see the traceroute if i disable it. [02:49]
mercutiocos often you want more than 3 pings to a destination even when doing a traceroute
if there's an actual issue..
if you just want to know the path, then mtr --report --report-cycles=1 is probably faster
traceroute takes ages while it times out
the only problem with mtr --report is that it cuts off the end of hostnames
and some hostnames don't map back to ip's
but you can use -n as well to get around that
often when tehre are actual outages, there'll be looping etc, or changed paths
while bgp reconverges
also for some reason mtr --report can often drop a single packet
[02:49]
brycecmercutio: actually my mtr line for logging is: mtr --report --report-wide --report-cycles 1 -o "N " google.com [02:52]
mercutioso if there's 10% packet loss it doesn't relaly mean anything [02:52]
brycec--report-wide ;) 02:49:10 < mercutio> the only problem with mtr --report is that it cuts off the end of hostnames [02:52]
mercutiooh i haven't tried report-wide
it still doesn't fix the issue that some things don't resolve
[02:52]
brycecI'm not concerned about actual ping times or loss in this case, just looking to record the route.
heh
[02:53]
mercutiook
i mean forwrad lookup
it does reverse lookup but some things only work in one direction
traceroute shows both
[02:53]
brycectraceroute also does AS lookup :) [02:53]
mercutiotrue
but you shouldn't need that
[02:53]
brycectrue, but I think it's neat [02:54]
mercutiowhois.radb.net/whois: Servname not supported for ai_socktype
hmm
wonder why my -A option isn't working
in theory asn support could be added to mtr
[02:54]
................ (idle for 1h16mn)
anti'm wondering where's the issue here: http://pastebin.com/nQDqXDuc . is it ntt? or telia? [04:11]
up_the_ironsant: i can reach it over ntt
from London
[04:15]
anthm..
brb lunch
[04:16]
ree [04:28]
up_the_ironsreee [04:29]
antok. now i totally suspect telia
when i try it with nagios.teuchert.org (same machine, just another ip address from the same /64) instead of wnd1 everything is fine.
and i already had such issues in the past
[04:31]
up_the_ironsouch [04:32]
antnow the issue is gone [04:39]
........ (idle for 35mn)
***toddf has quit IRC (Quit: leaving) [05:14]
......... (idle for 42mn)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
[05:56]
....................... (idle for 1h53mn)
abthorpet has joined #arpnetworks
mjp_ has joined #arpnetworks
KDE_Perr1 has joined #arpnetworks
DaCa_ has joined #arpnetworks
KDE_Perry has quit IRC (*.net *.split)
DaCa has quit IRC (*.net *.split)
tabthorpe has quit IRC (*.net *.split)
mjp has quit IRC (*.net *.split)
[07:49]
.................. (idle for 1h28mn)
brycecYep. http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes-us-europe.aspx [09:25]
............ (idle for 56mn)
toddfnote that cloudfare serves both coinbase and btc-e [10:21]
brycecAmong many others :p [10:23]
.................. (idle for 1h26mn)
***ant has quit IRC (Ping timeout: 245 seconds) [11:49]
ant has joined #arpnetworks [12:02]
................. (idle for 1h24mn)
pjs has quit IRC (Read error: Connection reset by peer)
pjs has joined #arpnetworks
pjs is now known as Guest53036
[13:26]
mercutiobrycec: news articles were a bit skimp on the ddos [13:38]
brycecNot surprising [13:38]
mercutioitnews.com.au is the first one i read [13:38]
brycecIt was linked off /. [13:39]
mercutioa lot of others were like 12 hours later or osmething
ahh ok someone posted to nznog
which is like nanog but for new zealand with less posts :)
[13:39]
............... (idle for 1h10mn)
***RandalSchwartz has joined #arpnetworks [14:49]
RandalSchwartzweird. Why won't my arp server connect to freenode? [14:49]
m0undsany specific server? [14:49]
RandalSchwartztried a few [14:50]
m0undsi'm connected now via ipv6
to asimov.freenode.net
[14:50]
RandalSchwartzI'll have to try again later [14:50]
m0undswait, no
i'm on v4
haha
[14:50]
***m0unds has quit IRC (Quit: reload)
m0unds has joined #arpnetworks
[14:50]
m0undshm
seems ok
[14:51]
RandalSchwartzweird… says my nick already in use
must've sorta connected already
Oh heh… it's this adium
[14:52]
***RandalSchwartz is now known as Randal
RandalSchwartz has joined #arpnetworks
RandalSchwartz has quit IRC (Remote host closed the connection)
Randal has left
[14:53]
grepidemic has quit IRC (Read error: Connection reset by peer) [15:03]
grepidemic has joined #arpnetworks [15:08]
bryceclolol [15:09]
...... (idle for 28mn)
***RandalSchwartz has joined #arpnetworks [15:37]
RandalSchwartzThere. back on again. [15:37]
***Guest53036 is now known as pjs [15:49]
.............................. (idle for 2h26mn)
grepidemic has quit IRC (Ping timeout: 272 seconds)
abthorpet has quit IRC (Ping timeout: 272 seconds)
mnathani has quit IRC (Ping timeout: 272 seconds)
[FBI] has quit IRC (Ping timeout: 272 seconds)
[18:15]
[FBI] starts logging #arpnetworks at Wed Feb 12 18:21:14 2014
[FBI] has joined #arpnetworks
[18:21]
m0undsAAAAHHHH [18:21]
***jlgaddis has quit IRC (*.net *.split)
jpalmer_ has quit IRC (Ping timeout: 260 seconds)
tabthorpe has joined #arpnetworks
tabthorpe has quit IRC (Changing host)
tabthorpe has joined #arpnetworks
hive-mind has quit IRC (Remote host closed the connection)
grepidemic has quit IRC (*.net *.split)
hive-mind has joined #arpnetworks
dj_goku has joined #arpnetworks
pcn has quit IRC (Ping timeout: 260 seconds)
mnathani has joined #arpnetworks
jpalmer has joined #arpnetworks
pcn has joined #arpnetworks
[18:23]
KDE_Perry has joined #arpnetworks
grepidemic has joined #arpnetworks
hive-mind has quit IRC (Ping timeout: 265 seconds)
KDE_Perr1 has quit IRC (*.net *.split)
acf_ has quit IRC (*.net *.split)
brycec has quit IRC (*.net *.split)
hive-mind has joined #arpnetworks
acf_ has joined #arpnetworks
jlgaddis has joined #arpnetworks
jlgaddis has quit IRC (Changing host)
jlgaddis has joined #arpnetworks
dj_goku_ has joined #arpnetworks
dj_goku_ has quit IRC (Changing host)
dj_goku_ has joined #arpnetworks
brycec has joined #arpnetworks
[18:48]
brycec<><
*<.<
>.>
[18:55]
***dj_goku has quit IRC (Ping timeout: 260 seconds) [18:59]
........ (idle for 35mn)
mercutio has quit IRC (Ping timeout: 264 seconds) [19:34]
mercutio has joined #arpnetworks [19:44]
....... (idle for 30mn)
grepidemic has quit IRC (Ping timeout: 245 seconds)
grepidemic has joined #arpnetworks
[20:14]
...... (idle for 25mn)
gizmoguy has quit IRC (Ping timeout: 272 seconds)
gizmoguy has joined #arpnetworks
[20:40]
gizmoguy has quit IRC (Remote host closed the connection)
gizmoguy has joined #arpnetworks
[20:51]
..... (idle for 23mn)
mnathanifor a Vmware VM purposed as a firewall to provide NAT services to other VMs would you recommend IPcop, Pfsense or some other firewall distro? [21:14]
.... (idle for 16mn)
brycecpfSense
I fucking <3 pfSense
so much.
[21:30]
m0undsyea, i didn't even know ipcop still existed [21:43]
jbergstroem+1 dat [21:43]
m0undspfsense for sure [21:43]
up_the_ironswe have at least a couple handful of customers using pfSense, seems very popular [21:46]
m0undsit's a good fw - i used it for like 5-6 years
and m0n0wall before it
[21:48]
mercutioi tried it once briefly
i prefer straight openbsd
but i like cli
as far as web ui's goes it seemed ok though
[21:54]
m0undsyea, pretty well designed ui
pretty flexible too, but i prefer cli as well
[21:56]
mercutiothere's also freebsd/pf as an option
freebsd 10 added smp support to pf
but i think for most people it isn't really necessary
[21:57]
m0undsyea [21:59]
........ (idle for 38mn)
mnathaniI am trying to get pfSense working as a router to route between different subnets
it says: ID ##apple Batch ##apple Evaluators Name1. Size2. Depth3.Nec Tiss Type4. Amt Nec Tiss5. Gran Tissue Type6. Amt Gran Tissue7. Edges8. Peri ulcer skinTotal
oops
it says DO not enter static routes for networks assigned on any interface of this firewall
my bad, windows box had local firewall on (wasnt responding to pings)
[22:37]
bryceclol
was gonna say that it "just works" :P
and be sure that there are pass rules in place
On the topic of pfSense, the interface is great and full-featured. It's solid and well-documented, I can turn it over to less-experienced persons. At the same time, i still have CLI access (and serial access) to perform more in-depth debugging.
[22:42]
mnathanihow is the OpenVPN integration? [22:50]
..... (idle for 20mn)
brycecWorks just fine
And I think with the latest release, I didn't have to add any manual configs
*parameters
[23:10]
..... (idle for 21mn)
(I use both client and server functions, btw) [23:32]
mnathaniup_the_irons: surely you mean dedicated customers running pfSense in a VM rather than VPS customers?
pfSense is really awesome from what I gather so far.
just came across: https://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker
[23:32]
brycectunnelbroker even links to that [23:45]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)