is it poor practice to run ntpd from VPSs ?
i had it suggested to me it was wasteful
That's odd.  My ntpd is still unable to sync
maybe arp changed policies
used to work just fine
what policy would there be to disallow this? filtering 123 or something?
I'm checking another arp box
the non-VPS arp box is peering ntp just fine
ahh - this other VPS is peering only via v6.
perhaps a ipv4 port 123 block has been installed for all VPS
When the big NTP DDOS was going down, ARP firewalled it
ahh
I thought up_the_irons had un-blocked it since
perhaps we can turn it back on then?
FWIW RandalSchwartz, my NTP is peered v4 and v6 just fine
maybe just some netblocks then
(or at least I think it's just fine...)
RandalSchwartz: gimme server IP and i'll see if it is in the "bad ntp hosts" list
<-- not an expert on ntpq output
up_the_irons: any interest in running an arp time server to go with the dns servers? it'd be nice to hit a local time server vs laboring the ntp pool
is this still accurate? http://support.arpnetworks.com/kb/main/how-to-configure-ipv6-on-freebsd
I can't find my mail on how to repair my v6.
yes, i'm interested, just not enough time to do it
RandalSchwartz: i believe it is accurate up to 9.x
Nice pun.
hahahaha
maybe a bunch of us customers could chip in to bounty fund it?
i didn't even notice...
i'd offer $10 toward it
so if my default route is $x::1, can I still use $x::0 as my IP address?
i'd consider that :)
RandalSchwartz: i believe so; no specific ordering on the gateway is required AFAIK
anyone else be interested in pooling in to get an arp time server or two in place?
i suppose even 1 would suffice, with a preferred tag on it in ntp.conf
actually i'm not sure if prefer reduces load to other servers, or if it just bumps the weight-of-value
I don't think throwing more money at up_the_irons is going to give him the time to set one up.
*shrug*
well, it would raise the priority, cuz instead of working XYZ hours on $client work, I can then do the NTP servers
I stand corrected :)
PRIORITEHZ!
how about a twitter broadcast? i'd suggest email blast but that's for up to decide
could there be an order form set up for 'sponsor arp ntp servers' that customers can easily go to, put in the contribution amount, and hit order? then you can just process using cc on file
twitter broadcast, yes; email blast, no (the only emails that go to everyone are the sales receipts)
i'm trying to think of the simplest way to do it
that would make it even harder ;)
yea
cuz i'd need to make the form
how would you want to structure this?
and cc processing
yea
Simplest thing: Bitcoin wallet.
hmm, interesting
i don't have bitcoin unfortunately, but i'd still want to contribute toward this
darn it... doesn't look like you can reset ipv6 while the box is up... I guess I have to finally reboot.
no kidding?
i think there are a handful of a sites that do bounty stuff
service netif restart; service routing restart ?
well pick one and i'll be your first to donate server brother
RandalSchwartz: how much uptime you have on that?
Uh - I don't want to kill my v4
which host?  kvr08?
but it looks like there's no "stop" or "restart" commands for the v6 stuff
why not just do ifconfig manually ?
well I'm afraid of screwing up v4. :)
fortune favors the bold
Wow, now that's a heckuva reason to run updates on a Friday afternoon :)
fortune -a favors all.
is there an easy way to remove all ipv6 routes so it'll build them up again?
maybe this for bounties: https://www.bountysource.com/
dunno if it is only for code though
RandalSchwartz: ah ok
route flush inet6 ?
no... that's still not enough :(
... default                           2607:f2f8:3080::1             UGS         em0
but ping6 ip6.me doesn't work
em0 says inet6 2607:f2f8:3080:: prefixlen 64
RandalSchwartz: you firewalling icmp6 by any chance?
no
curl ip6.me also does nothing
can you mtr -6 red.stonehenge.com ?
http://www.reddit.com/r/cryptodev/comments/24u17d/bountysource_now_supports_bitcoin_for_funding/
cryptodev approved :)
icmp6 is required for neighbour discovery in ipv6. I wasn't asking about the ping :P
I have no v6 firewall rules that I'm aware of.
I'll check though
RandalSchwartz: nope. I also can't ping your ::1 gateway
so something is still broken there.
(traceroute/mtr gets me 2607:f2f8:a654::1 and nothing further)
(coming from ARP btw)
up_the_irons?  need a ticket on it?
yes, but trust me, nothing has changed
bbiab
LIES. As a service provider, all you do is change things and lie about it and make people upset, because that's a solid business strategy :P
^ sarcasm, btw
Hm my ntp just isn't happening... nothing in tcpdump
RandalSchwartz: You don't have a /48 by any chance?
yes, I have a /48
RandalSchwartz: Ah, so you should be using ff.... for your gateway
fe80::1
RandalSchwartz: and set fe80::2/64 as your interface's ip
any other addys like 2607:f2f8:3080:: are just aliases
(The wiki article you cited is only for the default /64 type configuration)
how do I say that in rc.conf?
RandalSchwartz: the IP? Just replace 2607:f2f8:3080:: with it. The aliases... fuck if I know :P
well... I have to have that
https://forums.freebsd.org/viewtopic.php?&t=26400
A nice purple link...
RandalSchwartz: so it would be like ifconfig_interface_ipv6="inet6 fe80::2 prefixlen 64" ifconfig_interface_aliasX=inet6 2607:f2f8:3080:: prefixlen 64"
(I like to expand the :: in configs for clarity too, but that's just me)
yeah - I got that
ok em0 looks good
routes look good
but I still can't get out
no - fe80::2 is only on lo0
that can't possiibly work
and default also went to lo0
also not working well
unless that lo0 is magic
lol so your config didn't apply right :P
... ipv6_ifconfig_em0_alias0="fec0:0:0:2::80/64"
.. ipv6_ifconfig_em0_alias0="fec0:0:0:2::80/64"
RandalSchwartz: fe80:: is a link-local address, so it can be wherever
oops
right but there's no fe80::2 on em0
Specifically, you put it on your em0 and up_the_irons has his stuff configured to point at you
RandalSchwartz: well you need to put it there :P ifconfig_interface_ipv6="inet6 fe80::2 prefixlen 64"
(I assure you this works for many customers, including yours truly, albeit I'm on Debian)
I don't have anything that said ifconfig_interface_ipv6 before
do I need to add %em0 to ipv6_defaultrouter ?
does accept_rtadv need to be 1 or 0
AHH
that did it.  ipv6_defaultrouter="fe80::1%em0"
essential piece missing
Yes, link-local address needs the link specified
congrats
try mtr -6 red.stonehenge.com
works
and curl ip6.me shows 2607:f2f8:3080:: properly
>.>
all is good now
<.<
18684 packets transmitted, 18683 received, 0% packet loss, time 18762ms
Not bad
1kpps
er, 100pps
should my address also be fe80::2%em0 ?
I don't have that there
oh wait, that's inherent
yeah :)
I'm config'ing _em0
Oooh... and ntp is working too
Lucky you :)
woo grats randal
Yeah - I haven't had ipv6 since like february
oooh - that means I can connect to ipv6 freenode again
now I just need to understand where /48 fits in :)
Hmm.
RandalSchwartz: pretty simply, ARP just routes any traffic destined to that /48 to your fe80::2
All I did was copy the information from the portal into /etc/hostname.em0.
Simply put, it's just there. Add aliases as desired.
caze from #c?
#c?
CaZe: Which is great if you're on OpenBSD, however RandalSchwartz is not... Also, has a /48 which gets routed differently from the /64 most users have.
Well that's just being crazy.
It is. And that's why up_the_irons has a big warning "if you can't figure this out, I'll just switch you back to a /64" or such
"Please note, however, that this is an experts only option. That is, we assume you know how to set up your side. We will not provide additional support for your end of the link; rather, we will revert it back to the default /64 setup if you can't get it working."
http://support.arpnetworks.com/kb/main/what-is-the-difference-between-my-ipv6-64-assigned-space-and-48-allocated-space
so does anyone else run tinyproxy on their vps?
phlux: as it happens, I do
never use it... but it's there if I need it
oh... so shouldn't both of my fe80:: be /48 instead of /64 ?
no wait, that'd be silly
Wow, answered yourself before I could :p
Yeah the /64 applies to the fe80:: subnet
instead... I carve out the next /64, and it could be on a separate segment
repeat 65534 more times :)
Bingo.
do I turn on rtadv at some point?
or is this more or less automatic now?
No need. ARP doesn't do rtadv or anything
rtadv/slaac/etc has no place here
Everything you just did is statically configured
I mean if I start building a topology of /64's
wb
there.  on IPv6 on IRC again
just like the old days
I suppose you could, if you wanted to... But I would stick with statically configuring things.
(depends what you're using the /64s for as well)
I'd like to allocate a segment for openvpn, and a segment for the other end
I think openvpn is compatible now...
I know there's something you can do with ipv6 and openvpn... but I haven't messed with it.
I only just started setting up my own ipv6 tunnels
... http://openvpn.net/index.php/open-source/faq/77-server/287-is-ipv6-support-plannedin-the-works.html
so i moved my network over to inspircd due to a majority vote
and now i feel like a loser
considering my speeds were roughly 1/5 of this a few weeks ago, I'm happy with this: http://www.speedtest.net/my-result/3487294027
also lol@carrier/server listings
ew inspircd
eww IRC, oh wait...
could be worse... we could be on EFNET. :)
wow IRC had 10 million peak users in 2003, but now averages 400k users at peak
I wonder if they counted AOL chat in that
Yes! Figured out my boneheaded ntp problems. It's no wonder NTP never even tried to reach out to my peers, I had "interface listen lo". You'd think that only meant listen, but apparently it tried to use that for outbound connections to peers too.
"listen lo" is like some navel gazing thingy
Thank you #arpnetworks for motivating me to figure out my issue :)
up_the_irons is at Starbucks... again. :)
How does RandalSchwartz know this?
Foursquare checkins
Same way he knows I'm at Busby's West. :)
aol chat was irc...?
I don't think it was
I was told by an AOL insider that they used the ircd code
it never "appeared" to be IRC
but it had most of the same basic infrastructre for scaling
RandalSchwartz: LOL
irc.aol.com used to link to efnet iirc
netcom "chat"  was irc.
whoa can u do that from FourSquare? ;)
you're facing, northwest right now? :)
VPSs don't have 2 NICs correct? (one for public network traffic, the other for private/vlan)
I think those both show up as em0
(freebsd)
I'm surprised to see that irc.aol.com is a thing
And by thing, I mean DNS A record
both?
i wonder if aol 'rooms' were backed by irc servers in the past
mus1cb0x: there's just a single interface.
ok ty
heh aol
ME TOO!!!!!!!!!11
% telnet irc.aol.com 6667
Trying 205.188.149.22...
so it doesn't seem to work
or maybe you have to be on aol to use it
does aol still exist?
http://get.aol.com/plans/dial-up-internet.php?regtype=upsell&ncid=crosssellusaolp00000044
seems they do