***: acf has joined #arpnetworks
acf is now known as Guest76170
koan_ has joined #arpnetworks
bonraton_ has joined #arpnetworks
medum_ has joined #arpnetworks
jpalmer has quit IRC (Ping timeout: 252 seconds)
bonraton has quit IRC (Ping timeout: 252 seconds)
koan has quit IRC (Ping timeout: 252 seconds)
medum has quit IRC (Ping timeout: 252 seconds)
mnathani has quit IRC (Ping timeout: 252 seconds)
mnathani1 has joined #arpnetworks
jpalmer has joined #arpnetworks
gizmoguy has quit IRC (*.net *.split)
kevr has quit IRC (*.net *.split)
kevr has joined #arpnetworks
gizmoguy has joined #arpnetworks
kevr has quit IRC (Changing host)
kevr has joined #arpnetworks
vtoms has joined #arpnetworks
toddf has quit IRC (Ping timeout: 245 seconds) brycec: Anybody on kvr07 see load issues over the last 5 hours or so?
My disk latency has suddenly trippled and it's causing various forms of havoc ***: awyeah has joined #arpnetworks m0unds: someone reverse engineered sign on and chat initiation protocols back in the early 00s, i'm sure you could find the tarball w/the source in it
re: AOL brycec: m0unds: you mean a protocol pre-OSCAR? Or are you talking about the OSCAR protocol? m0unds: i have no idea, it was 13+ years ago
probably could find it
don't care enough to :)
i'd imagine fundamentally the chat part of it wouldn't have changed too much
looks like the site that held the source of the revers eengineered stuff is gone (go figure)
reverse
it was posted in 2001
http://beta.slashdot.org/story/01/10/09/1826205/the-america-online-protocol-revealed closest i can find to info brycec: http://en.wikipedia.org/wiki/OSCAR_protocol BryceBot: Error in Wikipedia's response: m0unds: yea, that's not hte protocol used for aol chat though
that was for AOL IM brycec: Ahh that delineation was lost on me m0unds: the chat part of it was built into the stupid AOL client itself -: m0unds used to hang out in video games chat #6 when he was 8 or 9 m0unds: haha brycec: "aol chat" just redirects to Aol
IM m0unds: yeah, i think they shut ti down
it brycec: I meant on wikipedia :p m0unds: oh
lol brycec: so no help there m0unds: you had to use keyword "CHAT" to get to it in the client
i remember that uch
much
haha
looks like they mght have moved some of the chat functionality to AIM at some point
keep losing keystrokes - laggy, terrible VZW LTE connection brycec: mosh?
(the ssh-auth'd udp-based latency-friendly shell. Not the action)
*remote shell ***: toddf has joined #arpnetworks
ChanServ sets mode: +o toddf m0unds: not a fan
wasn't reliable at all for me
liked it a lot at home w/reliable wifi - could put my notebook to sleep and come back and resume my session. for whatever reason, it'd regularly kill remote sessions when i connected via unreliable cellular up_the_irons: brycec: i've seen some alerts for kvr07
looking into it; load seems fine atm brycec: Yay I'm not insane :)
My loadavg is still slightly higher than normal, but I agree it's calmed down a bit
(And still seeing a bit of a hit on my io/sec
http://i.imgur.com/g88HbIY.png
(the due to iowait, of course)
And here's an update latency chart http://i.imgur.com/oUwdysi.png RandalSchwartz: I wonder if there's some sort of attack going on brycec: It's the Internet, I always assume there's an attack happening :p RandalSchwartz: I got my HE ipv6 tunnel from my laptop working again.
too bad I got comcast'ed at home, and the tunnel can't work there any more. :( brycec: Comcast is blocking protocol41? RandalSchwartz: no... they provide their own router now.. instead of just a modem
so then my Apple Airport no longer has a public address. :(
and no, you don't get to opt out of that. staticsafe: can their device not be put in bridge mode? RandalSchwartz: no.
well - maybe, but not by me
googling seems to say that if you get enough supervisors on the phone, you might be able to get them to understand and deliver
I'm not interested in that much phone pain brycec: Weird. I still have just a simple modem. RandalSchwartz: ours just stopped working one day, and required my roommate to go pick a new one up, and it was like this
perhaps it's a regional thing
and we still don't get the native ipv6 they promised two years ago brycec: Bummer. I could get native ipv6 if I wanted, but I have no control of the address space or DNS RandalSchwartz: I think this is the modem they gave us, which is indeed part of an ipv6 strategy: http://www.arrisi.com/products/product.asp?id=79
press release: http://ir.arrisi.com/phoenix.zhtml?c=87823&p=RssLanding&cat=news&id=1880159 brycec: But since they control it, it's probably not configured to pull a v6 addy RandalSchwartz: yeah - according to their rollout, 18% of their customers have v6 now.
at that rate, I might have ipv6 in 2038. :) staticsafe: native IPv6 would be nice :( brycec: 2038... just in time for 32bit time rollover! RandalSchwartz: exactly
time and ipv4 rolling over at the same time
I have a database load for $client in my virtualbox that has now consumed 93 CPU minutes of mysqld
but I can't do anything next until it's done
so I'm basically surfing the net watching "top" :) brycec: I'm downloading a backup off a system and being reminded of how painful 100mbps is ***: pjs has quit IRC (Read error: Connection reset by peer)
pjs has joined #arpnetworks
jpalmer has quit IRC (Ping timeout: 258 seconds)
pjs is now known as Guest19894
NiTeMaRe has quit IRC (Ping timeout: 258 seconds)
Guest19894 has quit IRC (Ping timeout: 258 seconds)
jlgaddis has quit IRC (Ping timeout: 258 seconds)
pjs_ has joined #arpnetworks
NiTeMaRe has joined #arpnetworks RandalSchwartz: I got spoiled when i worked at oversee... they have dark fiber from the office tied directly to the backbone at one wilshire
I grabbed a 40GB image off my VPS as fast as my disk could write. :)
seeing as these machines are pretty close netwise to one wilshire
it was something like 4ms to ping, three hops awyeah: Hey does anyone here know sendmail? brycec: Yeah, uploading the backup to the new system was nice, limited only by disk IO (migrating an old server with only 10/100 to a VM on GbE links with good storage)
I know to avoid sendmail :P There are much more configurable options awyeah: lol I know
I run postfix. But I'm working with a sendmail install. ***: pjs_ is now known as pjs RandalSchwartz: yeah I stopped using sendmail years ago -: RandalSchwartz still has flashbacks of the Horror That Is M4 RandalSchwartz: all those crazy dnl()'s :) awyeah: LOL i know
Trying to figure out why this one server is rejecting me. Good thing I know the guy. RandalSchwartz: that means "I know the guy who knows the guy..."
at least postfix has almost-human-readable config files. :) awyeah: Yeah seriously RandalSchwartz: although you still gotta understand a lot about how mail actually works awyeah: I'm good with that part. RandalSchwartz: and you aren't programming a state machine using m4. :)
replace this with that, and go to state 7
add < > around that and go to state 12
it's like a friggin turing machine
I think I recall seeing rules that when recognizing a particular address, would actually solve towers of hanoi in the added header lines. :) awyeah: hah
lame
Well I figured out how to test the ruleset
now I have to figure out what the output means.
Looks like it's rejecting me, duh
rewritten as: < ? > < co > < ? > < + Connect > < 206 . 125 . 173 . 30 >
rewritten as: < reject > < co > < ? > < + Connect > < 206 . 125 . 173 . 30 >
Whatever that means. RandalSchwartz: thank you googles: http://www.jhnc.org/hanoi/sendmail-cf.html ***: jpalmer has joined #arpnetworks awyeah: I wonder if that means it's rejecting it because it's a .co address.
Yup, that was it... added a line in his /etc/mail/access and bam RandalSchwartz: I wonder how many other TLDs he's missing. :)
it's like those ancient "reject bad email" javascript checkers
good thing those are client-side awyeah: ah I see, he has a whole lot of tlds in his reject
whatever, it's his prerogative.
I'm surprised nobody else has complained to him about this
But, it's just a local ham radio group, so it's probably mostly .org/.com/.net stuff RandalSchwartz: yeah - why would people in columbia be sending him mail? :)
Oh darn... I thought it was done... mysqld popped away from top
but it came right back. :(
nearly 118 cpu minutes now
over a 3 hour period brycec: Maybe they have and he couldn't receive their email :P 11:41:55 < awyeah> I'm surprised nobody else has complained to him about this
I never really grasped "cpu time" ***: kevr has quit IRC (Ping timeout: 246 seconds) awyeah: haha that's true. ***: kevr_ has joined #arpnetworks RandalSchwartz: it's like lunch time, but doubly so. :) brycec: up_the_irons: thanks for the ticket response :) (so here's an IRC response) up_the_irons: :) hazardous: you know something i've never really thought about
what do people think about replying to a closed ticket saying thanks, potentially reopening it
it seems like it'd annoy people but be a nice thing to others
if it was me i'd be annoyed at the unnecessary notification and reopening but then i'd feel bad up_the_irons: dang, my console server running OpenBSD has finally crashed i believe.. little atom box with > 1000 days uptime
people say thanks all the time
and i reply with something like 'No problem!' and then re-close it ;) RandalSchwartz: whoa. red has been up for 240 days!
no wonder everything is so out of date. :)
and I *still* haven't fired up my new VPS
(Neil keeps stealing all my spare time) up_the_irons: still?! haha RandalSchwartz: I'm tempted just to do an in-place update
but I don't know if I can go from 8.3 right to 10.1
maybe I'll rehearse that in a virtualbox
the trouble is that I have about three hours of research to do about how to do the upgrade before I can even start
but it'll be more like six hours to build the new box and transfer over all the data.
Ahh... I know what I'll do... I'll create a minimal install on the second box... and use it as a cloud backup... grab a snapshot of everything in case I have to regress.
then convert over to pkgng, and svn sources, fetch the 10.0 source, and just try to compile the world. :)
just talking out loud, of course. :) ***: vtoms has left brycec: Annoys the heck out of me. If the ticket says "closed" on it, I don't reply. If it doesn't, then I might reply thanks. And recently, I had an Nvidia ticket wherein I could reply with the option of not reopening the ticket, which I did. 12:20:54 < hazardous> it seems like it'd annoy people but be a nice thing to others
More annoying still is when I do as up_the_irons does, re-close and they reply again. -: up_the_irons thinks brycec is annoyed easily up_the_irons: ;) brycec: up_the_irons: Or perhaps I deal with a lower class of idiot up_the_irons: lol brycec: (And I admit, my fuse is a bit short)
Let's just say that Doctors are some of the dumbest tech users ever. -: brycec is also having one of those "Say What again one more time, i dare you -- and I'll quit on the spot" days brycec: s/days
s/days/weeks BryceBot: >>> brycec is also having one of those "Say What again one more time, i dare you -- and I'll quit on the spot" weeks brycec: well, it's been going on years now... RandalSchwartz: up_the_irons - looks like my ntp block is still in place. :(
I'm getting ntp but only via ipv6 brycec: RandalSchwartz: you might want to noquery your host ;) up_the_irons: RandalSchwartz: ip? kvr host? brycec: 208.79.95.2 is his ip
$ ntpq -p 208.79.95.2
208.79.95.2: timed out, nothing received
but I can hit his ipv6 RandalSchwartz: "noquery"? brycec: @google ntpd noquery BryceBot: 2,690 total results returned for 'ntpd noquery', here's 3
6.5. ntpd access restrictions (http://support.ntp.org/bin/view/Support/AccessRestrictions) Restrictions are used to control access to your ntpd and are, unfortunately, one of ... Users of NTP versions prior to 4.2.7p26 should either use noquery or disable ...
Network Time Protocol daemon - ArchWiki (https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon) Apr 2, 2014 ... The NTP Project provides a reference implementation of the ... ntpd (with ntpq or ntpdc), and noquery prevents dumping status data from ntpd ...
15.9. Understanding the ntpd Configuration File (https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/html/System_Administrators_Guide/s1-Understanding_the_ntpd_Configuration_File.html) The nopeer option prevents a peer association being formed. The noquery option prevents ntpq and ntpdc queries, but not time queries, from being answered. ***: toddf has quit IRC (Ping timeout: 252 seconds) RandalSchwartz: I made the two security fixes up_the_irons: RandalSchwartz: verified there is no block on your IP
Must Be You(tm) ;) RandalSchwartz: disable monitor restrict default ignore brycec: RandalSchwartz: basically, your NTP instance lets the world use you to ddos RandalSchwartz: bryce - old news, already fixed
and it was working last night
something is still filtering today brycec: If it was fixed, then I wouldn't be able to "ntpq -p you"
RandalSchwartz: just for fun, would you mind sharing your ntp.conf so we/I can proofread? RandalSchwartz: I added the two lines that were asked of me in the security brycec: (And try running it myself and see what happens) RandalSchwartz: I just pasted the two uncommented lines here. :)
those two lines, plus the pool settings
those two lines were in the security memo sent to me
so if they don't fix it, then something is awry brycec: (Oh right, it's the monlist command specifically) RandalSchwartz: So I'm still wondering what's different between last night and today
or if those commands above actually ruin it as a valid ntpd for ipv4. :) brycec: Nah should be fine
But just for fun, RandalSchwartz why not share your ntp.conf. I'll drop it on my VPS, see if the same thing happens.
Then we know if it's your config (or NTP version) or ARP RandalSchwartz: dude... I pasted the two lines, the other three are the pool settings
but I've just now updated to the recommendation for https://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html
under "unix ntpd"
and now it seems to work better brycec: Sorry, default ntp.conf in my experience is more than just 5 lines, so I thought you were just pasting snippets RandalSchwartz: I left the disable monitor in
but those other things are the proper "client only" settings apparently
no - I didn't see any need to change anything else. :)
Not a tweaker brycec: fwiw, this is mine - 95% Debian's default, with a few more servers added http://sprunge.us/RYZY RandalSchwartz: cool ***: toddf has joined #arpnetworks
ChanServ sets mode: +o toddf brycec: (I was having issues with mine staying stuck in INIT forever, so I added more servers... didn't help. Issue turned out to be a random "listen" line at the top) ***: gizmoguy has quit IRC (Ping timeout: 246 seconds) up_the_irons: anyone used these? http://www.newegg.com/Product/Product.aspx?Item=9SIA2W014B1465
can't find a "PRO" version
but it's 1TB SSD for like $500 brycec: (Damnit Newegg changed their item number format)
I've seen the name "Samsung 840" cropping up in a few places lately, all positive feelings. But no personal experience.
(and those mentions usually only in 120-500Gb range) ***: gizmoguy has joined #arpnetworks m0unds: up_the_irons: my buddy is using a pair of them in his workstation and he's had good luck
i've had bad luck w/samsung stuff myself, but i seem to be out of the ordinary
as far as comcast's router modem stuff, buy a modem from amazon, tell comcast to take theirs back. they have a compatibility list and as long as you get something from it, they can't say no staticsafe: im using a Samsung 840 in my desktop as well m0unds: for consumer svc anyway. if it's a biz line w/static IP, it's a different story staticsafe: its working out quite well m0unds: i had to RMA an 840 pro that just died, took 14 biz days to get the replacement
http://mydeviceinfo.comcast.net/ RandalSchwartz up_the_irons: m0unds: roger RandalSchwartz: yeah - I was at that page
might mean I can "bring my own modem" to comcast
worth it if I get root brycec: I've brought my own modem to Comcast in the past, no trouble mercutio: m0unds: that's actually the first samsung ssd failure i've heard of
i just got a samsung evo sdcard, haven't tried it yet m0unds: RandalSchwartz: the biggest positive is that you're not leasing a modem. pays for itself the first year. only downside i can think of is that if the modem fails outside the mfg warranty period, you have to buy a new one
mercutio: i'm lucky like that, haha brycec: even if it were in the warranty period, you'd be out a modem until it's replaced. comcast is a near-instant replacement hazardous: brycec: some of my friends service doctors/professors/whatever and it does seem that the more letters they have after their name than in it the more.. i guess, angry at everything not going their way it is
kind of amusing brycec: It is kind of... until they're berading you for their shit not working because they don't understand wtf they're doing (and their outsourced Indian tech support frustrates them even more) ***: Konata has joined #arpnetworks
Konata has quit IRC (Quit: Leaving...)