[00:10] up_the_irons: This may be of interest then ;) https://smokeping.cobryce.com/?target=Internet.NLNOGRING (I only just added it, so it's still empty) [00:11] brycec: nice! [00:13] Feb 12 00:08:09 vps3 smokeping[16901]: FPing6: probing 53 targets with step 60 s and offset 37 s. [00:13] Feb 12 00:08:09 vps3 smokeping[16902]: FPing: probing 159 targets with step 60 s and offset 1 s. [00:13] wheee [00:13] brycec: how does that work anyway, like your smokeping is running on your VPS here, but it says "median RTT to ARP", so it seems like it is going to itself [00:13] i guess what i'm asking is, what exactly is it measuring [00:14] Hm, how odd... can't ping6 hurricane01.ring.nlnog.net (times out) [00:14] up_the_irons: "from ARP" used to say "from " but I changed it to ARP to give a better global perspective [00:15] er, *from ARP [00:15] up_the_irons: where does it say "to ARP"? [00:15] oh i meant "from" [00:15] oh heh [00:16] well the "from ARP" just means "from my VPS on kvr07 to arpnetworks01.ring.nlnog.net" [00:16] Which isn't overly useful I suppose, but the slaves are also hitting arpnetworks01.ring.nlnog.net [00:16] (And those slaves are also identified as "from " [00:17] so the others (Chunkhost, Comcast, etc...) all feed into this "main" smokeping? [00:17] yes [00:17] cool [00:17] is Comcast your residential ISP, or is that somewhere else? [00:17] TWC could be residential OR data center end [00:18] Smokeping has a nifty master/slave architecture. The master and slaves both also collect data, but the master receives it all, stores it, graphs, etc [00:18] Comcast is my home connection [00:18] cool [00:18] TWC is a "business-class cable customer" [00:19] ok [00:19] neato [00:19] (I thought I'd documented soem of these details on the smokeping page... I'm wrong, apparently) [00:19] I plan to turn up another slave in an IO datacenter in the next few days too [00:19] (IO does their own multi-homing "blended internet") [00:20] which IO data center? [00:20] Phoenix [00:20] maybe you did document it, but i haven't found it :) [00:21] I didn't find it either ;) [00:21] A client of mine has a half-cab in http://www.io.com/colocation/io-phoenix/ so I'll slip a slave in there. [00:22] Fun fact: That picture is not from the Phoenix DC. Dunno where from... but it's not in Phoenix :p [00:22] "No Monthly Recurring Fees for Cross-Connects", now that'd save me some money [00:23] heh [00:23] i would say 80% of data center pics are not the actual data center [00:23] pisses me off [00:23] ;) [00:23] Makes sense though, pricing-wise. Only pay for the resources (some guy) used. Afterwards, your stuff is just laying in a tray overhead... why should that cost money? [00:24] In my limited interactions, I like IO [00:24] yeah, cross connects are a RAPE [00:24] was there just a network problem? [00:24] not afaik [00:24] not that i saw [00:25] Why, would you like one? [00:25] hah i think nodeping is having issues [00:25] how can thinks go up without going down [00:25] hahaha [00:25] they went down, but the down notification was lost due to things being down? [00:25] oh it's changing numbers rnadomly [00:26] like a BOSS [00:26] so my cellphone don't group [00:26] Is that like blinking lights randomly, to look busy? [00:28] heh [00:28] cloud core routers have a lcd [00:28] i mean seriously, if a router is working who wants to look at a lcd [00:29] srsly [00:29] I can see how nodeping might be having some issues actually [00:29] https://smokeping.cobryce.com/?target=Internet.HENet.Europe.HEtserv11ams1v4 https://smokeping.cobryce.com/?target=Internet.HENet.Europe.HEtserv28waw1v4 [00:30] both showing massive loss to ARP in the last few minutes [00:30] i'm not impressed by nodeping [00:31] oh wow [00:31] bah he tunnels [00:31] omg i wish amazon wouldn't email me about stuff i stuck in my cart [00:31] it emails me all the time [00:31] there seemed to be a little bit of a dip [00:31] but it wsa more liek total outage for a bit [00:32] (returning to normal) [00:32] then ping came back less than before the outage [00:32] so i wonder if where was some hw chnage somewhere? [00:32] actually it's not total outage it's 19/20 packets dropped [00:32] but to my mind that means total outage :) [00:33] * brycec sticks that in the SLA fine-print -- "service still available, does not count as downtime" [00:33] :P [00:33] oh weird minimum ping went interesting [00:33] suggesting los angels to nz [00:33] rather than la -> sj -> nz [00:34] i wodner if any2ix fell over temp [00:34] i don't think there's any way to view sessions ? [00:36] but are those graphs measuring tunnels? [00:36] seems like a lot of moving parts there [00:36] gah why is my irc suddenly laggy [00:36] it's wihtin nz [00:36] i think it's probably ddos [00:36] gah [00:37] up_the_irons: my graphs are just from the VPS to the IP in the graph title. no tunneling [00:37] ah ok [00:37] And if there's any way I can make that clearer, let me know [00:37] cuz the list on the left says tunnels [00:37] I'll rename it ;) [00:37] OK:) [00:45] staticsafe: the smokeping webapp can be run as a PSGI app, if that helps :) [00:46] * brycec is running his as fastcgi [00:46] * dne runs his using starman [00:46] Otherwise all this attention would be crushing me :) [00:46] @imdb Starman [00:46] [MOVIE] Title: Starman | Year: 1984 | Rating: 7.0 | Genre: Adventure, Drama, Romance | IMDB Link: http://imdb.com/title/tt0088172 [00:46] mm [00:46] my whole dsl died [00:47] ouch [00:47] ikr [00:47] You didn't really need it though, the DSL that is, right? I mean... there are plenty of sheep. [00:47] brycec: http://search.cpan.org/dist/Starman/ [00:47] haha [00:47] dne: yeah, that was #7 in my Google [00:47] i dunno what happened yet [00:47] or how many people dropped, but it wasn't just me i know [00:48] my ssh stayed up :) [00:50] I want to add historical traceroutes to my smokeping... But I can't decide on a user interface :( [00:51] damnit i think it dying again :( [00:52] up_the_irons: one other note: the v6 connectivity on Chunkhost, Comcast, and TWC is provided by HE tunnels. So the data may be "skewed" a bit :( [00:53] brycec: ok [00:54] (Sorry, not much I can do about "native" v6 connectivity on those) [00:57] yeah [00:57] lots of packet loss on HE lon2 and ams1 nodes right now [01:01] apparently that ddos attack thing was bigger in europe than the US [01:01] i didn't really notice anything with that ddos fwiw [01:01] other than people talking about it :) [01:02] y'all are the only I've heard of it :p [01:02] i ofap oetppfip fp e kitgpebiu pi p:) [01:02] damnit perl [01:02] what [01:02] Did we just get Klingon'ed? [01:02] y// in perl meets sed's "use any symbol as a delineator" [01:02] haha [01:02] so y'' [01:03] But I'm blaming perl for y//. <3 sed [01:05] y'all are smokin' crack [01:05] ButaI'mabrcmingapekrafokay//.a<3ased [01:05] YES [01:06] well done. Now just lie on your side, the paramedics are on their way [01:27] my gawd, the mail gem rocks [01:27] https://github.com/mikel/mail [01:38] woah...that was a lot of scrollback [01:39] sometimes the channel is idle for a whole day basically.. [01:39] not recently though [01:41] yeah, lately there's been a lot of activity [01:42] some more lines and it had maxed out my scrollback buffer [01:43] haha [01:45] i found weechat is automatically logging [01:46] makes it easier to search for urls.. [01:47] lol [02:35] up_the_irons: Is there some reason I can ping my gw 174.136.103.129 but traceroutes fail? (apologies if it's a dumb question) [02:36] up_the_irons: I also have weirdness trying to traceroute to arpnetworks.com (I get just the first hope 174.136.103.129 and everything else times out) [02:36] brycec: hmmm not sure [02:36] (ipv4 btw) [02:36] v6 seems fine [02:37] paste mtr report [02:37] mmkay [02:37] hm, mtr is happy, traceroute is not. [02:38] * brycec is up way past bedtime :/ [02:39] Makes me think I should be using mtr instead of traceroute in my logging [02:40] up_the_irons: yep, traceroute -I works (ICMP ECHO) [02:40] traceourte is udp [02:40] oh [02:40] i'm slow [02:41] heh [02:41] me too [02:41] apparently [02:41] i always thought traceroute used icmp [02:41] ya learn something new every day! [02:41] ok, udp by default [02:43] using udp allows one to use traceroute as a regular user (at least under linux) [02:43] and without setuid'ing [02:44] as mtr is [02:44] yeah [02:46] it does on windows [02:46] i think [02:47] so, interesting: [02:47] regular 'traceroute', for v4, uses UDP [02:47] but for v6, uses ICMP6 [02:48] wait, n/m [02:48] i'm wrong [02:48] UDP for both [02:48] heh [02:49] i usuaully use mtr --report btw bryce [02:49] it works pretty well [02:49] brycec: anyway, the answer is, iptables on arpnetworks.com server is blocking something. i can see the traceroute if i disable it. [02:49] cos often you want more than 3 pings to a destination even when doing a traceroute [02:49] if there's an actual issue.. [02:49] if you just want to know the path, then mtr --report --report-cycles=1 is probably faster [02:50] traceroute takes ages while it times out [02:50] the only problem with mtr --report is that it cuts off the end of hostnames [02:50] and some hostnames don't map back to ip's [02:50] but you can use -n as well to get around that [02:51] often when tehre are actual outages, there'll be looping etc, or changed paths [02:51] while bgp reconverges [02:52] also for some reason mtr --report can often drop a single packet [02:52] mercutio: actually my mtr line for logging is: mtr --report --report-wide --report-cycles 1 -o "N " google.com [02:52] so if there's 10% packet loss it doesn't relaly mean anything [02:52] --report-wide ;) 02:49:10 < mercutio> the only problem with mtr --report is that it cuts off the end of hostnames [02:52] oh i haven't tried report-wide [02:53] it still doesn't fix the issue that some things don't resolve [02:53] I'm not concerned about actual ping times or loss in this case, just looking to record the route. [02:53] heh [02:53] ok [02:53] i mean forwrad lookup [02:53] it does reverse lookup but some things only work in one direction [02:53] traceroute shows both [02:53] traceroute also does AS lookup :) [02:53] true [02:54] but you shouldn't need that [02:54] true, but I think it's neat [02:54] whois.radb.net/whois: Servname not supported for ai_socktype [02:54] hmm [02:54] wonder why my -A option isn't working [02:55] in theory asn support could be added to mtr [04:11] i'm wondering where's the issue here: http://pastebin.com/nQDqXDuc . is it ntt? or telia? [04:15] ant: i can reach it over ntt [04:15] from London [04:16] hm.. [04:16] brb lunch [04:28] ree [04:29] reee [04:31] ok. now i totally suspect telia [04:31] when i try it with nagios.teuchert.org (same machine, just another ip address from the same /64) instead of wnd1 everything is fine. [04:32] and i already had such issues in the past [04:32] ouch [04:39] now the issue is gone [05:14] *** toddf has quit IRC (Quit: leaving) [05:56] *** toddf has joined #arpnetworks [05:56] *** ChanServ sets mode: +o toddf [07:49] *** abthorpet has joined #arpnetworks [07:50] *** mjp_ has joined #arpnetworks [07:52] *** KDE_Perr1 has joined #arpnetworks [07:55] *** DaCa_ has joined #arpnetworks [07:57] *** KDE_Perry has quit IRC (*.net *.split) [07:57] *** DaCa has quit IRC (*.net *.split) [07:57] *** tabthorpe has quit IRC (*.net *.split) [07:57] *** mjp has quit IRC (*.net *.split) [09:25] Yep. http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes-us-europe.aspx [10:21] note that cloudfare serves both coinbase and btc-e [10:23] Among many others :p [11:49] *** ant has quit IRC (Ping timeout: 245 seconds) [12:02] *** ant has joined #arpnetworks [13:26] *** pjs has quit IRC (Read error: Connection reset by peer) [13:28] *** pjs has joined #arpnetworks [13:28] *** pjs is now known as Guest53036 [13:38] brycec: news articles were a bit skimp on the ddos [13:38] Not surprising [13:38] itnews.com.au is the first one i read [13:39] It was linked off /. [13:39] a lot of others were like 12 hours later or osmething [13:39] ahh ok someone posted to nznog [13:39] which is like nanog but for new zealand with less posts :) [14:49] *** RandalSchwartz has joined #arpnetworks [14:49] weird. Why won't my arp server connect to freenode? [14:49] any specific server? [14:50] tried a few [14:50] i'm connected now via ipv6 [14:50] to asimov.freenode.net [14:50] I'll have to try again later [14:50] wait, no [14:50] i'm on v4 [14:50] haha [14:50] *** m0unds has quit IRC (Quit: reload) [14:51] *** m0unds has joined #arpnetworks [14:51] hm [14:51] seems ok [14:52] weird… says my nick already in use [14:52] must've sorta connected already [14:52] Oh heh… it's this adium [14:53] *** RandalSchwartz is now known as Randal [14:53] *** RandalSchwartz has joined #arpnetworks [14:53] *** RandalSchwartz has quit IRC (Remote host closed the connection) [14:54] *** Randal has left [15:03] *** grepidemic has quit IRC (Read error: Connection reset by peer) [15:08] *** grepidemic has joined #arpnetworks [15:09] lolol [15:37] *** RandalSchwartz has joined #arpnetworks [15:37] There. back on again. [15:49] *** Guest53036 is now known as pjs [18:15] *** grepidemic has quit IRC (Ping timeout: 272 seconds) [18:15] *** abthorpet has quit IRC (Ping timeout: 272 seconds) [18:15] *** mnathani has quit IRC (Ping timeout: 272 seconds) [18:15] *** [FBI] has quit IRC (Ping timeout: 272 seconds) [18:21] *** [FBI] starts logging #arpnetworks at Wed Feb 12 18:21:14 2014 [18:21] *** [FBI] has joined #arpnetworks [18:21] AAAAHHHH [18:23] *** jlgaddis has quit IRC (*.net *.split) [18:25] *** jpalmer_ has quit IRC (Ping timeout: 260 seconds) [18:28] *** tabthorpe has joined #arpnetworks [18:28] *** tabthorpe has quit IRC (Changing host) [18:28] *** tabthorpe has joined #arpnetworks [18:31] *** hive-mind has quit IRC (Remote host closed the connection) [18:34] *** grepidemic has quit IRC (*.net *.split) [18:38] *** hive-mind has joined #arpnetworks [18:39] *** dj_goku has joined #arpnetworks [18:39] *** pcn has quit IRC (Ping timeout: 260 seconds) [18:41] *** mnathani has joined #arpnetworks [18:43] *** jpalmer has joined #arpnetworks [18:43] *** pcn has joined #arpnetworks [18:48] *** KDE_Perry has joined #arpnetworks [18:49] *** grepidemic has joined #arpnetworks [18:50] *** hive-mind has quit IRC (Ping timeout: 265 seconds) [18:51] *** KDE_Perr1 has quit IRC (*.net *.split) [18:51] *** acf_ has quit IRC (*.net *.split) [18:51] *** brycec has quit IRC (*.net *.split) [18:51] *** hive-mind has joined #arpnetworks [18:53] *** acf_ has joined #arpnetworks [18:54] *** jlgaddis has joined #arpnetworks [18:54] *** jlgaddis has quit IRC (Changing host) [18:54] *** jlgaddis has joined #arpnetworks [18:54] *** dj_goku_ has joined #arpnetworks [18:54] *** dj_goku_ has quit IRC (Changing host) [18:54] *** dj_goku_ has joined #arpnetworks [18:55] *** brycec has joined #arpnetworks [18:55] <>< [18:56] *<.< [18:56] >.> [18:59] *** dj_goku has quit IRC (Ping timeout: 260 seconds) [19:34] *** mercutio has quit IRC (Ping timeout: 264 seconds) [19:44] *** mercutio has joined #arpnetworks [20:14] *** grepidemic has quit IRC (Ping timeout: 245 seconds) [20:15] *** grepidemic has joined #arpnetworks [20:40] *** gizmoguy has quit IRC (Ping timeout: 272 seconds) [20:40] *** gizmoguy has joined #arpnetworks [20:51] *** gizmoguy has quit IRC (Remote host closed the connection) [20:51] *** gizmoguy has joined #arpnetworks [21:14] for a Vmware VM purposed as a firewall to provide NAT services to other VMs would you recommend IPcop, Pfsense or some other firewall distro? [21:30] pfSense [21:31] I fucking <3 pfSense [21:31] so much. [21:43] yea, i didn't even know ipcop still existed [21:43] +1 dat [21:43] pfsense for sure [21:46] we have at least a couple handful of customers using pfSense, seems very popular [21:48] it's a good fw - i used it for like 5-6 years [21:48] and m0n0wall before it [21:54] i tried it once briefly [21:54] i prefer straight openbsd [21:54] but i like cli [21:55] as far as web ui's goes it seemed ok though [21:56] yea, pretty well designed ui [21:56] pretty flexible too, but i prefer cli as well [21:57] there's also freebsd/pf as an option [21:57] freebsd 10 added smp support to pf [21:57] but i think for most people it isn't really necessary [21:59] yea [22:37] I am trying to get pfSense working as a router to route between different subnets [22:37] it says: ID ##apple Batch ##apple Evaluators Name1. Size2. Depth3.Nec Tiss Type4. Amt Nec Tiss5. Gran Tissue Type6. Amt Gran Tissue7. Edges8. Peri ulcer skinTotal [22:37] oops [22:38] it says DO not enter static routes for networks assigned on any interface of this firewall [22:41] my bad, windows box had local firewall on (wasnt responding to pings) [22:42] lol [22:42] was gonna say that it "just works" :P [22:42] and be sure that there are pass rules in place [22:44] On the topic of pfSense, the interface is great and full-featured. It's solid and well-documented, I can turn it over to less-experienced persons. At the same time, i still have CLI access (and serial access) to perform more in-depth debugging. [22:50] how is the OpenVPN integration? [23:10] Works just fine [23:11] And I think with the latest release, I didn't have to add any manual configs [23:11] *parameters [23:32] (I use both client and server functions, btw) [23:32] up_the_irons: surely you mean dedicated customers running pfSense in a VM rather than VPS customers? [23:34] pfSense is really awesome from what I gather so far. [23:35] just came across: https://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker [23:45] tunnelbroker even links to that