#arpnetworks 2014-06-19,Thu

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)
WhoWhatWhen
***dne has quit IRC (Remote host closed the connection)
dne has joined #arpnetworks 		[00:23]
............ (idle for 55mn)
erratic_ has quit IRC (Ping timeout: 240 seconds) [01:18]
.................... (idle for 1h39mn)
dj_goku has quit IRC (Ping timeout: 255 seconds)
erratic has joined #arpnetworks
erratic is now known as Guest87324 		[02:57]
....... (idle for 32mn)
DaCa has quit IRC (Ping timeout: 276 seconds)
DaCa has joined #arpnetworks 		[03:30]
....................................... (idle for 3h13mn)
staticsafemercutio: http://nzix.net/peers.html [06:43]
***Guest87324 has quit IRC (Ping timeout: 252 seconds) [06:53]
................... (idle for 1h33mn)
dferris has quit IRC (Quit: leaving)
dferris has joined #arpnetworks 		[08:26]
................................ (idle for 2h37mn)
dferris has quit IRC (Quit: Lost terminal) [11:03]
cpinkus has quit IRC (*.net *.split)
brycec has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
hazardous has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
BryceBot has quit IRC (*.net *.split)
up_the_irons has quit IRC (*.net *.split)
josephb has quit IRC (*.net *.split)
cpinkus has joined #arpnetworks
brycec has joined #arpnetworks
jcv has joined #arpnetworks
Hien has joined #arpnetworks
eryc has joined #arpnetworks
hazardous has joined #arpnetworks
pjs has joined #arpnetworks
josephb has joined #arpnetworks
up_the_irons has joined #arpnetworks
BryceBot has joined #arpnetworks
barjavel.freenode.net sets mode: +o up_the_irons
NiTeMaRe has joined #arpnetworks
cpinkus has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
brycec has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
hazardous has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
BryceBot has quit IRC (*.net *.split)
up_the_irons has quit IRC (*.net *.split)
josephb has quit IRC (*.net *.split)
NiTeMaRe has joined #arpnetworks
cpinkus has joined #arpnetworks
brycec has joined #arpnetworks
jcv has joined #arpnetworks
Hien has joined #arpnetworks
eryc has joined #arpnetworks
hazardous has joined #arpnetworks
pjs has joined #arpnetworks
josephb has joined #arpnetworks
up_the_irons has joined #arpnetworks
BryceBot has joined #arpnetworks
barjavel.freenode.net sets mode: +o up_the_irons 		[11:08]
........................................ (idle for 3h17mn)
erratic has joined #arpnetworks
erratic is now known as Guest21703 		[14:33]
................ (idle for 1h16mn)
Guest21703 has quit IRC (Ping timeout: 240 seconds) [15:50]
mercutiostatic: what about it?
static: the silly visualisation thingy? 		[16:03]
gizmoguyI thought it was cool [16:11]
mercutioi didn't? [16:12]
gizmoguysuch a killjoy mercutio [16:12]
mercutioi tried looking around at it
i can't tell what's connected to what, too much data
all it seems to say to me is that vocus is huge 		[16:12]
gizmoguythe clustering is cool
so the right side of the map is new zealand 		[16:15]
up_the_ironslol i totally remember phtml; fuck i'm old [16:15]
mercutioi nwver understood why people didn't do cgi's in c back then.
considering the cpus were slow, and memory was limited 		[16:17]
up_the_ironscgi's in perl were much easier [16:17]
mercutioand perl was really slow/bloaty [16:17]
up_the_ironsit was fast enough [16:17]
gizmoguymercutio: http://nzix.net/nzix-map/#HIX-CITYLINK-NZ-AP%20Hamilton%20Internet%20Exchange%20%28Citylink%29,NZ
best IX in NZ right there 		[16:17]
mercutiowell id id find the web too slow in general :)
so i stuck to irc hah
i can't see it gizmo?
it's just showing the wide map
actually mod_perl wasn't too bad 		[16:17]
gizmoguymercutio: exactly
or does linking the fragment not work? 		[16:19]
brycecup_the_irons: ntp reminder [16:19]
gizmoguyanyway do a search for HIX and click on it [16:20]
up_the_ironsbrycec: where did we leave off? i think i swapped the conversation from my mind; need more RAM!
brain RAM 		[16:21]
mercutiook
i can't believe they called it hix
hix finds chix instead
whcih is tiny 		[16:21]
m0undshix is right below chix... [16:22]
mercutiooh it didn't bring up the search results the frist time for some reason
his has less connections than plain :/ 		[16:22]
gizmoguyDTS is at HIX too, it's just not showing up for some reason [16:23]
mercutiomaybe with ufb more people will connect to it [16:23]
m0undshttp://www.nmix.net/ [16:24]
mercutiooh dear, this looks like it's from the 90s [16:24]
m0undsit sure is
1997, in fact 		[16:24]
mercutiois it meant to be 256 colour friendly
hy is there dithering in the anti aliasing
10/100 switch for servers and router conenctivity
the main peering in nz started in 99
but there was some peering before that
but gizmo will know more about that than me i imagine
http://www.nmix.net/people.html
nice graphs
The page on pricing for connecting to the NMIX is due to be updated.
so what happened to nmix? 		[16:24]
gizmoguyyeah so I think it all started with "NZIX"
I even found the email post from Lindsay when it was decomissioned - http://list.waikato.ac.nz/pipermail/nznog/2001-August/003161.html 		[16:27]
mercutioahh [16:27]
gizmoguyunfortunately it's a little hard to search for "NZIX" now :) [16:28]
mercutioyeah [16:28]
gizmoguyhaha - http://wand.net.nz/wits/nzix/1/
we have network traces!
Capture Start (Local) Thu Nov 12 10:56:44 1998
Capture End (Local) Sun Apr 11 14:11:12 1999
Packets Captured 238 million
lolz. back when the internet was easy 		[16:28]
mercutiodo you read nznog gizmo? [16:29]
gizmoguyyup [16:29]
mercutiosee the post just now?
i don't quite get it 		[16:29]
gizmoguyfrom Dean? [16:29]
mercutioi can't see any labels
yeh
i just see lots of circles with a - in the middle 		[16:29]
gizmoguythe AS numbers are written in the circles [16:30]
mercutiooh
it's tiny writing 		[16:30]
gizmoguyat least they are when I load the PDF in google doc [16:30]
mercutioand google docs won't zoom in enough [16:30]
gizmoguyzoom in man
get better eyes 		[16:30]
mercutioi'm at maximum zoom!
google drive the app is currently unreachable
gah 		[16:30]
bryceclol up_the_irons no worries, I know exactly what you mean
(Also my computer was just throwing a swapping fit) 		[16:32]
mercutiohmm even when i sdave the image and zoom it's hard to read the numbers [16:32]
up_the_ironsbrycec: haha [16:33]
brycecup_the_irons: You asked if ARP should just point at my own, I suggested ARP has its own instance unattached to my account. You asked what was needed, I said a "small" would be more than enough. (think I gave some specific specs, don't remember) Oh, and Debian Wheezy for the image. [16:33]
up_the_ironsah ok [16:34]
mercutiohmm can you print it?
it doesn't work for me 		[16:34]
brycec(I'll leave the ARP management user on there, I'll set it up with user-login only +sudo for management, I'll set up ntpd and apticron, then I'm hands-off just letting it run, plus updates) [16:35]
up_the_ironsroger that
brycec: think of a spiffy hostname 		[16:35]
m0undsdingus [16:37]
mercutiotime [16:37]
brycecI was going to say "ntp1" bug dingus is good. So is hiccup
Also, tick, or tock 		[16:37]
mercutioor ticktock
you could always cname ntp1 to it 		[16:38]
bryceche probably will, but the admin side still gets a special name... [16:39]
m0undsa super scientific study of drug mentions on twitter has ruled that albuquerque is the meth capital of the us
"by a landslide" 		[16:42]
mercutiohaha [16:42]
m0undsgo figure people might talk about breaking bad on twitter [16:42]
up_the_ironsnot naming it dingus [16:42]
brycecSPOILER ALERT [16:42]
mercutioand denver is the stoner capital? [16:42]
m0undslol
JERK 		[16:42]
up_the_ironstry again :) [16:42]
m0undsCO
yea
whatsit 		[16:42]
antup_the_irons: zeit [16:43]
brycecup_the_irons: Chronos [16:43]
m0undsthrobbingdumptruck [16:43]
brycecLOL [16:44]
mercutiouhh [16:44]
m0undsfilet-o-fish [16:44]
up_the_ironsant: YES
ant wins 		[16:44]
brycecI'm down with zeit
@wiki Zeit 		[16:44]
BryceBotZeit :: Zeit (English: Time) is the third album by the German electronic music group Tangerine Dream. A double LP, it was released in August 1972, being the first release featuring Peter Baumann, who joined then-current members Christopher Franke and Edgar Froese. Overview The style of this album is slower and more atmospheric than their previous albums. Its atmospheric drone... http://en.wikipedia.org/wiki/Zeit [16:44]
up_the_ironsbrycec: chronos is good too, but i like the German flair of zeit [16:44]
m0undsyard-o-beef [16:44]
mercutiom0unds has strange ideas on hostnames :) [16:45]
m0undstangerine dream ftw
mine are all named after pelican songs 		[16:45]
up_the_ironsm0unds: LOL [16:45]
m0undshaha [16:45]
mercutiom0unds: what aer your own boxes called? [16:45]
m0undssirius, pulse, mammoth [16:45]
mercutionot quite so bad :) [16:46]
m0undsalso wangsmith [16:46]
up_the_ironsm0unds: tangerine dream could almost be a porn star name [16:46]
m0undshahaha, yeah
probably is a stripper's name somewhere 		[16:46]
up_the_ironssrsly [16:46]
brycecWhat /hasn't/ been used as a stripper's name? [16:48]
m0undsyard-o-beef
i hope
well, maybe a male stripper's name
or filet-o-fish i guess, that'd be pretty bad too 		[16:48]
up_the_ironslol
next time i go to a strip club i'm tellin' them my name is "yard-o-beef". I will report on the results.
;) 		[16:49]
m0undshahah [16:49]
mercutiodo strip clubs ask names? [16:50]
brycecUsually only when you're coming in the back door [16:51]
up_the_ironsthe strippers do [16:51]
mercutioi thought they were kind of impersonal places.
ahh just to get you to like them so you give them money 		[16:51]
up_the_ironsyup [16:51]
mercutioi'd just say i was john doe probably [16:52]
up_the_ironsthey always ask names, try to be all friendly and stuff [16:52]
mercutioahh ok
up_the_irons: what dif you think of acf's route-map? 		[16:55]
up_the_ironsmercutio: looked promising [16:55]
mercutiocool. [16:56]
up_the_ironswhat's "z" in hacker... [16:57]
mercutioin l33t speak? [16:57]
up_the_ironsyep
1337 		[16:57]
mercutioi think it's just z? [16:57]
m0undsh4ckt3hpl4n4t [16:57]
up_the_ironswhat if it had to be a number... or a-f... you might see where i'm going with this... [16:57]
mercutioso like z317 [16:57]
up_the_ironslol [16:57]
mercutiofor zeit [16:57]
up_the_ironsyeah but i can't use 'z' in the IPv6 address :) [16:58]
mercutioUP_7|-|3_1r0||$ 1$ 1||70 L337?
http://www.brenz.net/services/l337Maker.asp 		[16:58]
up_the_ironsmaybe just ::3317 will do [16:58]
mercutiojust do f00f or something [16:58]
m0undshahaha [16:59]
mercutiob1ff [16:59]
up_the_irons2317 [16:59]
mercutiob00b5 [16:59]
up_the_ironslol [16:59]
mercutioofh it shoudl be 4 letters. [16:59]
up_the_irons2 = z, close enough [16:59]
m0undsi'm boring and just use a, b, c, d, e, f etc [16:59]
up_the_ironszeit's IPv6 will be: 2607:f2f8:0:102::2317
upon second glance, that is as boring as anything else... bah
next time, b00b 		[17:00]
mercutioyeah ther's no nice way to make ipv6 addresses look nice [17:02]
jpalmerthats what DNS is for, making ip's look nice :P [17:02]
***erratic has joined #arpnetworks
erratic is now known as Guest92183 		[17:12]
.... (idle for 15mn)
Guest92183 has quit IRC (Ping timeout: 240 seconds) [17:27]
.... (idle for 15mn)
erratic has joined #arpnetworks
erratic is now known as Guest32787 		[17:42]
mnathani7.1.3.2.0.0.0.0.0.0.0.0.0.0.0.0.2.0.1.0.0.0.0.0.8.f.2.f.7.0.6.2.ip6.arpa. 86400 IN PTR zeit.arpnetworks.com.
I guess one part has been taken care of 		[17:57]
up_the_ironsIt's all ready to go, i just need brycec to give me his pub key so he can login [17:59]
mnathanidoes it have its own vlan? [18:03]
mercutioheh, i'm sure people ask more technical questions here than other providers :) [18:03]
up_the_ironsit's on one of our regular VLANs [18:03]
mnathaniwhats the max mtu supported on the dedicated nics for the backup lan? [18:07]
up_the_irons9K [18:08]
mercutionice
i wish "the internet" supported large mtu's 		[18:09]
mnathaniup_the_irons: is there a sample /etc/sysconfig/network-scripts/ifcfg-eth1 script for CentOS for use with the dedicated NIC
my attempt to initialize the NIC: Bringing up interface eth1: Device does not seem to be present, delaying initialization. 		[18:11]
up_the_ironsno sample. it's just a regular NIC
the link-local that you should be able to reach is: fe80::21b:21ff:fe93:3e08 		[18:12]
Guest32787I notice pretty consistently my ssh connection drops, it could possibly be due to the internet connection I'm on but I doubt this because I've never had problems before?
also I'd like to know how this person is able to talk to my broadcast
[252089.854106] iptables denied: IN=eth0 OUT= MAC=52:54:00:27:25:50:00:0d:65:ab:c8:bf:08:00 SRC=71.6.135.131 DST=206.125.168.79 LEN=40 TOS=0x00 PREC=0x00 TTL=117 ID=49532 PROTO=TCP SPT=32560 DPT=80 WINDOW=3474 RES=0x00 SYN URGP=0
wait nevermind it was blocked but still
I did not know that was even possible. 		[18:16]
mnathani[root@cgirun ~]# ping6 -I eth1 fe80::21b:21ff:fe93:3e08
PING fe80::21b:21ff:fe93:3e08(fe80::21b:21ff:fe93:3e08) from fe80::5054:ff:feb7:223e eth1: 56 data bytes
64 bytes from fe80::21b:21ff:fe93:3e08: icmp_seq=1 ttl=64 time=1.29 ms
up_the_irons: success! 		[18:21]
up_the_ironsmnathani: awesome!
Guest32787: what's the other MAC?
that does indeed look weird 		[18:23]
Guest32787https://gist.github.com/paigeadele/92d7290e761e56e88a43 [18:23]
BryceBotGist: "https://gist.github.com/92d7290e761e56e88a43" [18:24]
Guest32787pretty happy with it over all [18:24]
up_the_ironsboth of those give me 500 errors [18:24]
***mnathani has quit IRC (Read error: Connection reset by peer) [18:27]
up_the_ironsGuest32787: well, to the rest of the internet, they don't know it's a broadcast. broadcast addresses are routed the same way. i don't think my core is going to deny that as a valid address even if it *is* the broadcast on your vlan. i suspect the same would happen if someone sent a packet to your network number (the all zeros subnet address)
so, *shrug*, i think it's normal 		[18:28]
***mnathani has joined #arpnetworks [18:36]
Guest32787yeah I think so too
I've never setup a network this way sadly so its just unusual to me 		[18:36]
***Guest32787 is now known as erratic [18:37]
erraticdifferent stuff to look for [18:37]
I just decided it would be fun to start up my windows vm, and configure the network adapter to bridge my laptop's vpn adapter and see if I can configure a static v4/v6 address for it and it worked
I kinda wish it didnt' because, the vpn client connects to openvpn, which deals/pushes a config based on the CN of the client certificate
and I wish it would only allow IP settings as per that config to be allowed for that client but oh well 		[18:45]
http://www.petros-project.com/
up_the_irons: can I possibly pay for my service for the months to come in advance?
and possibly later if necesarry on a case by case basis just pay an additional $5 for 200GB of extra bandwidth when needed? 		[18:51]
..... (idle for 22mn)
mercutioerratic: you can just deny access to broadcast address
lots of people block it for various reasons 		[19:15]
mnathaniup_the_irons: how do I verify if my mtu setting is working when accessing the backup server?
things like: ping6 -M do -s 8972 fe80::21b:21ff:fe93:3e08%eth1 dont seem to work 		[19:19]
mercutioyou are using ipv6
you need to go smaller 		[19:21]
erraticmercutio: already done [19:21]
mercutio28 bytes is for ipv4 [19:21]
mnathaniping6 fe80::5054:ff:feb7:223e%eth1 -M do -s 10500
I meant 1500, does not work
perhaps not all switches have jumbo frames enabled 		[19:31]
mercutionot all hosts accept large pings too
just see if tcp/ip traffic works
tcpdump
and check what the mtu says 		[19:44]
mnathanils works in a directory when I am connected via the linklocal ssh to the backup server from my vps, but ls -l does not work.
verified using 2 different vps
not sure if it has to do with the 9000 byte mtu 		[19:51]
..... (idle for 20mn)
set the MTU back to 1500 and things are working now [20:13]
mercutiothere may be a mtu issue somewhere in the middle :)
pmtu doesn't work usually
i imagine his switches are fine, adn it may be the linux host that it goes via 		[20:14]
brycecIIRC up_the_irons may have to set the MTU of your bridge to the backup VLAN [20:16]
m0unds^
was just thinking that 		[20:16]
bryceclol [20:17]
mercutiooh or that [20:17]
brycecHey m0unds quick question - how much bandwidth (network/disk) does one of your cameras chew up? [20:17]
m0undsum, lowest bitrate we're using is on wlan segments and that's 1mbit/sec
typical is 2mbit 		[20:18]
brycecThat's no tooooo bad. [20:18]
m0undsthat's 720p @ 30ips, h264 2mbit [20:18]
brycecWas talking with a guy tasked with quoting cctv for a school [20:18]
m0undsah [20:20]
brycec(And wondered what kind of storage was required)
"hey, I know a guy..." 		[20:20]
m0undsyeah, it's not too bad [20:20]
brycecThis school ended up with 900 cameras, and they wanted all video stored off-site
Much laughing was laughed. 		[20:20]
m0unds900 cameras at a school? [20:21]
brycecbrycec shrugs [20:21]
m0undswtf
hahah 		[20:21]
brycecBig school I guess, maybe multiple campuses. [20:21]
m0undsah
okay, then that makes sense
i was thinking..high school or something 		[20:21]
brycec(I really don't know) [20:21]
m0undsoffsite video wouldn't be too bad, assuming offsite could mean different location within like 70km [20:22]
mercutiodark fibre? [20:22]
brycecIt was for some city's public schools, and the way he talked, it was for one school. But doesn't matteer. [20:22]
m0undsyea [20:22]
bryceclol
School district was definitely looking to cheap out, so no fibre 		[20:22]
m0undsah, so magic remote video storage [20:23]
brycecRegardless, that's ~3GBps... [20:23]
up_the_ironsmnathani: for your host on kvr29, try the mtu thing again [20:23]
m0undsyeah, a bit goofy [20:23]
up_the_ironsbridge was still 1500, as well as physical int; looks like i never made that change on that host (need to add it to puppet) [20:23]
brycecm0unds: Not very smart people are involved too... not surprising, really. I'm waiting for a multicast flood :D [20:24]
m0undsbwahaha
we're gonna be adding some cameras at an admin building about 7mi from this facility
our IS dept is having 70 pairs of SM run between here and there 		[20:24]
brycecFun fun! [20:26]
m0undsyup [20:27]
brycecWelp I'm out again... adios [20:28]
m0undsttyl [20:28]
....... (idle for 30mn)
***DaCa has quit IRC (Ping timeout: 245 seconds)
DaCa has joined #arpnetworks 		[20:58]
mnathaniup_the_irons: 9000 byte mtu on kvr29 is a go.: 8408 bytes from fe80::21b:21ff:fe93:3e08: icmp_seq=1 ttl=64 time=1.13 ms
probably something similar on kvr02 		[21:02]
mercutioany performance difference? [21:04]
mnathanisent 395 bytes received 1857525269 bytes 30702903.54 bytes/sec
atleast 1.5 times faster
without the 9000 mtu:
sent 395 bytes received 1857525269 bytes 20081358.53 bytes/sec
is there a way to cycle the colours assigned to nicks in weechat?
brycec and m0unds got assigned the same color and now I have a page full of cyan. (They had a lot of back and forth messages in the last hour) 		[21:07]
bryceclol mnathani I know what you mean
especially hard to read things with nicks of the same length 		[21:21]
***dj_goku has joined #arpnetworks [21:28]
mnathaniI gues I could just quit weechat and re-join [21:33]
***mnathani has quit IRC (Quit: WeeChat 0.4.2)
mnathani has joined #arpnetworks 		[21:33]
mnathanino go: still the same colours for brycec and m0unds [21:34]
brycecmnathani: If it's like the irssi plugin, it's based on the length of the nick [21:35]
.... (idle for 15mn)
m0undswee, my AC blew up [21:50]
mercutioeek [21:54]
brycecAt least you had AC to blow up :p
up_the_irons: zeit's setup 		[22:01]
mnathanibrycec: is it limited to respond only to ARP addresses? Or will it be part of a larger pool - open to all ? [22:04]
brycecI set it up publicly
Even part of pool.ntp.org
up_the_irons is free to object
http://www.pool.ntp.org/scores/2607:f2f8:0:102::2317 http://www.pool.ntp.org/scores/208.79.89.249 		[22:04]
mnathanibrycec: cool [22:06]
brycecOnly 100mbps so don't flood it >.>
<.<
(or maybe it's mirrors.arpnetworks.com that's 100mbps) 		[22:06]
mnathanintpdate: 20 Jun 01:11:05 ntpdate[2086]: step time server 208.79.89.249 offset -170.759611 sec [22:11]
brycecsheesh mnathani [22:13]
m0undshaha, i don't think houses exist in NM without some form of climate control
unless you live in a 200 year old half-buried adobe thing in taos or something
haha 		[22:14]
brycecm0unds: Up on the Canadian border (or close to) they do. Well most new houses have central heat/cool. But apartments are lucky if they have a little wall/window unit. [22:15]
m0undsyeah, i had a friend who lived in victoria and didn't have AC
but i said NM :)
not cananadada
my buddy's apt in southern california didn't have AC either, now that i think about it (seal beach area) 		[22:16]
brycecharsh [22:17]
....... (idle for 34mn)
mercutiois it just me or is verizon/comcast looking better tonight [22:51]
acf_not Verizon
according to smokeping anyway 		[22:53]
mercutiocomcast has 0 packets dropped with 100 packets [22:54]
acf_comcast is super intermittent
http://kremvax.acfsys.net/smokeping.cgi?target=Remote.comcastnet 		[22:54]
mercutiooh wow
and verizon is slightly intermittent
maybe i was just lucky
now i'm finding loss 		[22:55]
acf_ah [22:56]
mercutiohave you tried curl with smokeping? [22:56]
acf_you mean instead of fping?
I haven't 		[22:56]
mercutioor as well
it's pretty good for showing throughput 		[22:56]
acf_I'll have to configure that up [22:57]
mercutioit's not too bad
http://pastebin.com/2TNdU3tb
i forced ipv4 and noproxy
as i have http_proxy in envronment and restarted smokeping
and ipv6 gives different performance to ipv4, and when you connect via hostname it can often default to it
giving misleading results. 		[22:57]
acf_thanks for the config
I'll drop it in 		[23:02]
mercutioi have a few targets
i just gave one as an example
i do most of my testing on port 24 to bypass proxies 		[23:03]
acf_bypass proxies?
where is the traffic proxied? 		[23:04]
mercutiotransparent proxies
anywhere 		[23:05]
acf_I actually wasn't aware that existed
on the public internet 		[23:05]
mercutiotraffic is transparent proied on most isp's here [23:06]
mnathanihow can a transparent proxy be detected?
is it stuff is forefront or squid? 		[23:06]
mercutiolots of them spoof the client ip these days
tcptraceroute is usually the easisest way 		[23:06]
acf_why would they want/need to have them? [23:07]
mercutioperformance, bandwith savings
i'm in favour of proxying tbh
i wish things like wikipedia would cache better though
and it means if there's connections like wifi it tends to improve performance
or overloaded web sties
3g networks do it soemetimes too afaik 		[23:08]
up_the_ironsmnathani: roger on the 9000 mtu
brycec: thanks for setting up zeit! i don't mind it being part of pool.ntp.org, as long as that dumb monlist thing is turned off (e.g. the NTP amp. attacks we saw a couple months ago) 		[23:13]
acf_up_the_irons: quick question
is it possible for arp metal customers to be on the backup network? 		[23:15]
mnathaniyou are already on gigabit LAN, so whats the point?
perhaps the jumbo frames, maybe 		[23:16]
acf_yeah
jumbo frames, and inter-customer connectivity 		[23:16]
up_the_ironsacf_: i haven't done that before. all ports are access ports (not trunk), or in non-cisco speak, they are untagged ports. so i can't give ARP Metal customers the backup vlan tag. However, with some modifications, it's not impossible. [23:17]
mnathaniup_the_irons: any idea why the 9000mtu wouldnt work on my kvr02 VPS? [23:18]
brycecup_the_irons: Yep, long-patched in ntp, And i've double-checked it. [23:18]
mercutioso port wuold have to be switched to trunk [23:19]
mnathanibrycec: did you install something like fail2ban or apf/bfd for the ntp server to deal with brute force attempts [23:19]
up_the_ironsmnathani: cuz i haven't made the same changes as i did on kvr29
brycec: awesome, tnx
brycec: the ssh port should be changed; cheap way to avoid a potential of problems 		[23:19]
mercutioacl ssh? [23:21]
.... (idle for 16mn)
up_the_ironsto all who would like to beta test zeit (our new official NTP server, thanks to brycec), you can use: zeit.arpnetworks.com [23:37]
brycecmnathani: fail2ban
up_the_irons: sure, one sec
up_the_irons: everything looking clean with your tcpdumps? 		[23:37]
up_the_ironsyeah, not much traffic :) [23:38]
brycecnot yet anyways
My ARP VPS has 602 hosts in its monlist, but it's been public for a little while 		[23:38]
up_the_ironscool [23:40]
mnathani: your kvr02 vps should be good to go with mtu 9k now also [23:51]
↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)