Anybody on kvr07 see load issues over the last 5 hours or so? My disk latency has suddenly trippled and it's causing various forms of havoc someone reverse engineered sign on and chat initiation protocols back in the early 00s, i'm sure you could find the tarball w/the source in it re: AOL m0unds: you mean a protocol pre-OSCAR? Or are you talking about the OSCAR protocol? i have no idea, it was 13+ years ago probably could find it don't care enough to :) i'd imagine fundamentally the chat part of it wouldn't have changed too much looks like the site that held the source of the revers eengineered stuff is gone (go figure) reverse it was posted in 2001 http://beta.slashdot.org/story/01/10/09/1826205/the-america-online-protocol-revealed closest i can find to info http://en.wikipedia.org/wiki/OSCAR_protocol Error in Wikipedia's response: yea, that's not hte protocol used for aol chat though that was for AOL IM Ahh that delineation was lost on me the chat part of it was built into the stupid AOL client itself haha "aol chat" just redirects to Aol IM yeah, i think they shut ti down it I meant on wikipedia :p oh lol so no help there you had to use keyword "CHAT" to get to it in the client i remember that uch much haha looks like they mght have moved some of the chat functionality to AIM at some point keep losing keystrokes - laggy, terrible VZW LTE connection mosh? (the ssh-auth'd udp-based latency-friendly shell. Not the action) *remote shell not a fan wasn't reliable at all for me liked it a lot at home w/reliable wifi - could put my notebook to sleep and come back and resume my session. for whatever reason, it'd regularly kill remote sessions when i connected via unreliable cellular brycec: i've seen some alerts for kvr07 looking into it; load seems fine atm Yay I'm not insane :) My loadavg is still slightly higher than normal, but I agree it's calmed down a bit (And still seeing a bit of a hit on my io/sec http://i.imgur.com/g88HbIY.png (the due to iowait, of course) And here's an update latency chart http://i.imgur.com/oUwdysi.png I wonder if there's some sort of attack going on It's the Internet, I always assume there's an attack happening :p I got my HE ipv6 tunnel from my laptop working again. too bad I got comcast'ed at home, and the tunnel can't work there any more. :( Comcast is blocking protocol41? no... they provide their own router now.. instead of just a modem so then my Apple Airport no longer has a public address. :( and no, you don't get to opt out of that. can their device not be put in bridge mode? no. well - maybe, but not by me googling seems to say that if you get enough supervisors on the phone, you might be able to get them to understand and deliver I'm not interested in that much phone pain Weird. I still have just a simple modem. ours just stopped working one day, and required my roommate to go pick a new one up, and it was like this perhaps it's a regional thing and we still don't get the native ipv6 they promised two years ago Bummer. I could get native ipv6 if I wanted, but I have no control of the address space or DNS I think this is the modem they gave us, which is indeed part of an ipv6 strategy: http://www.arrisi.com/products/product.asp?id=79 press release: http://ir.arrisi.com/phoenix.zhtml?c=87823&p=RssLanding&cat=news&id=1880159 But since they control it, it's probably not configured to pull a v6 addy yeah - according to their rollout, 18% of their customers have v6 now. at that rate, I might have ipv6 in 2038. :) native IPv6 would be nice :( 2038... just in time for 32bit time rollover! exactly time and ipv4 rolling over at the same time I have a database load for $client in my virtualbox that has now consumed 93 CPU minutes of mysqld but I can't do anything next until it's done so I'm basically surfing the net watching "top" :) I'm downloading a backup off a system and being reminded of how painful 100mbps is I got spoiled when i worked at oversee... they have dark fiber from the office tied directly to the backbone at one wilshire I grabbed a 40GB image off my VPS as fast as my disk could write. :) seeing as these machines are pretty close netwise to one wilshire it was something like 4ms to ping, three hops Hey does anyone here know sendmail? Yeah, uploading the backup to the new system was nice, limited only by disk IO (migrating an old server with only 10/100 to a VM on GbE links with good storage) I know to avoid sendmail :P There are much more configurable options lol I know I run postfix. But I'm working with a sendmail install. yeah I stopped using sendmail years ago all those crazy dnl()'s :) LOL i know Trying to figure out why this one server is rejecting me. Good thing I know the guy. that means "I know the guy who knows the guy..." at least postfix has almost-human-readable config files. :) Yeah seriously although you still gotta understand a lot about how mail actually works I'm good with that part. and you aren't programming a state machine using m4. :) replace this with that, and go to state 7 add < > around that and go to state 12 it's like a friggin turing machine I think I recall seeing rules that when recognizing a particular address, would actually solve towers of hanoi in the added header lines. :) hah lame Well I figured out how to test the ruleset now I have to figure out what the output means. Looks like it's rejecting me, duh rewritten as: < ? > < co > < ? > < + Connect > < 206 . 125 . 173 . 30 > rewritten as: < reject > < co > < ? > < + Connect > < 206 . 125 . 173 . 30 > Whatever that means. thank you googles: http://www.jhnc.org/hanoi/sendmail-cf.html I wonder if that means it's rejecting it because it's a .co address. Yup, that was it... added a line in his /etc/mail/access and bam I wonder how many other TLDs he's missing. :) it's like those ancient "reject bad email" javascript checkers good thing those are client-side ah I see, he has a whole lot of tlds in his reject whatever, it's his prerogative. I'm surprised nobody else has complained to him about this But, it's just a local ham radio group, so it's probably mostly .org/.com/.net stuff yeah - why would people in columbia be sending him mail? :) Oh darn... I thought it was done... mysqld popped away from top but it came right back. :( nearly 118 cpu minutes now over a 3 hour period Maybe they have and he couldn't receive their email :P 11:41:55 < awyeah> I'm surprised nobody else has complained to him about this I never really grasped "cpu time" haha that's true. it's like lunch time, but doubly so. :) up_the_irons: thanks for the ticket response :) (so here's an IRC response) :) you know something i've never really thought about what do people think about replying to a closed ticket saying thanks, potentially reopening it it seems like it'd annoy people but be a nice thing to others if it was me i'd be annoyed at the unnecessary notification and reopening but then i'd feel bad dang, my console server running OpenBSD has finally crashed i believe.. little atom box with > 1000 days uptime people say thanks all the time and i reply with something like 'No problem!' and then re-close it ;) whoa. red has been up for 240 days! no wonder everything is so out of date. :) and I *still* haven't fired up my new VPS (Neil keeps stealing all my spare time) still?! haha I'm tempted just to do an in-place update but I don't know if I can go from 8.3 right to 10.1 maybe I'll rehearse that in a virtualbox the trouble is that I have about three hours of research to do about how to do the upgrade before I can even start but it'll be more like six hours to build the new box and transfer over all the data. Ahh... I know what I'll do... I'll create a minimal install on the second box... and use it as a cloud backup... grab a snapshot of everything in case I have to regress. then convert over to pkgng, and svn sources, fetch the 10.0 source, and just try to compile the world. :) just talking out loud, of course. :) Annoys the heck out of me. If the ticket says "closed" on it, I don't reply. If it doesn't, then I might reply thanks. And recently, I had an Nvidia ticket wherein I could reply with the option of not reopening the ticket, which I did. 12:20:54 < hazardous> it seems like it'd annoy people but be a nice thing to others More annoying still is when I do as up_the_irons does, re-close and they reply again. ;) up_the_irons: Or perhaps I deal with a lower class of idiot lol (And I admit, my fuse is a bit short) Let's just say that Doctors are some of the dumbest tech users ever. s/days s/days/weeks >>> brycec is also having one of those "Say What again one more time, i dare you -- and I'll quit on the spot" weeks well, it's been going on years now... up_the_irons - looks like my ntp block is still in place. :( I'm getting ntp but only via ipv6 RandalSchwartz: you might want to noquery your host ;) RandalSchwartz: ip? kvr host? 208.79.95.2 is his ip $ ntpq -p 208.79.95.2 208.79.95.2: timed out, nothing received but I can hit his ipv6 "noquery"? @google ntpd noquery 2,690 total results returned for 'ntpd noquery', here's 3 6.5. ntpd access restrictions (http://support.ntp.org/bin/view/Support/AccessRestrictions) Restrictions are used to control access to your ntpd and are, unfortunately, one of ... Users of NTP versions prior to 4.2.7p26 should either use noquery or disable ... Network Time Protocol daemon - ArchWiki (https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon) Apr 2, 2014 ... The NTP Project provides a reference implementation of the ... ntpd (with ntpq or ntpdc), and noquery prevents dumping status data from ntpd ... 15.9. Understanding the ntpd Configuration File (https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/html/System_Administrators_Guide/s1-Understanding_the_ntpd_Configuration_File.html) The nopeer option prevents a peer association being formed. The noquery option prevents ntpq and ntpdc queries, but not time queries, from being answered. I made the two security fixes RandalSchwartz: verified there is no block on your IP Must Be You(tm) ;) disable monitor restrict default ignore RandalSchwartz: basically, your NTP instance lets the world use you to ddos bryce - old news, already fixed and it was working last night something is still filtering today If it was fixed, then I wouldn't be able to "ntpq -p you" RandalSchwartz: just for fun, would you mind sharing your ntp.conf so we/I can proofread? I added the two lines that were asked of me in the security (And try running it myself and see what happens) I just pasted the two uncommented lines here. :) those two lines, plus the pool settings those two lines were in the security memo sent to me so if they don't fix it, then something is awry (Oh right, it's the monlist command specifically) So I'm still wondering what's different between last night and today or if those commands above actually ruin it as a valid ntpd for ipv4. :) Nah should be fine But just for fun, RandalSchwartz why not share your ntp.conf. I'll drop it on my VPS, see if the same thing happens. Then we know if it's your config (or NTP version) or ARP dude... I pasted the two lines, the other three are the pool settings but I've just now updated to the recommendation for https://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html under "unix ntpd" and now it seems to work better Sorry, default ntp.conf in my experience is more than just 5 lines, so I thought you were just pasting snippets I left the disable monitor in but those other things are the proper "client only" settings apparently no - I didn't see any need to change anything else. :) Not a tweaker fwiw, this is mine - 95% Debian's default, with a few more servers added http://sprunge.us/RYZY cool (I was having issues with mine staying stuck in INIT forever, so I added more servers... didn't help. Issue turned out to be a random "listen" line at the top) anyone used these? http://www.newegg.com/Product/Product.aspx?Item=9SIA2W014B1465 can't find a "PRO" version but it's 1TB SSD for like $500 (Damnit Newegg changed their item number format) I've seen the name "Samsung 840" cropping up in a few places lately, all positive feelings. But no personal experience. (and those mentions usually only in 120-500Gb range) up_the_irons: my buddy is using a pair of them in his workstation and he's had good luck i've had bad luck w/samsung stuff myself, but i seem to be out of the ordinary as far as comcast's router modem stuff, buy a modem from amazon, tell comcast to take theirs back. they have a compatibility list and as long as you get something from it, they can't say no im using a Samsung 840 in my desktop as well for consumer svc anyway. if it's a biz line w/static IP, it's a different story its working out quite well i had to RMA an 840 pro that just died, took 14 biz days to get the replacement http://mydeviceinfo.comcast.net/ RandalSchwartz m0unds: roger yeah - I was at that page might mean I can "bring my own modem" to comcast worth it if I get root I've brought my own modem to Comcast in the past, no trouble m0unds: that's actually the first samsung ssd failure i've heard of i just got a samsung evo sdcard, haven't tried it yet RandalSchwartz: the biggest positive is that you're not leasing a modem. pays for itself the first year. only downside i can think of is that if the modem fails outside the mfg warranty period, you have to buy a new one mercutio: i'm lucky like that, haha even if it were in the warranty period, you'd be out a modem until it's replaced. comcast is a near-instant replacement brycec: some of my friends service doctors/professors/whatever and it does seem that the more letters they have after their name than in it the more.. i guess, angry at everything not going their way it is kind of amusing It is kind of... until they're berading you for their shit not working because they don't understand wtf they're doing (and their outsourced Indian tech support frustrates them even more)