[07:40] *** Erick- has joined #arpnetworks
[07:56] *** Erick- has left "."
[08:04] *** novae has quit IRC (Ping timeout: 252 seconds)
[08:07] *** novae has joined #arpnetworks
[08:07] *** novae has quit IRC (Changing host)
[08:07] *** novae has joined #arpnetworks
[08:34] *** novae has quit IRC (Ping timeout: 264 seconds)
[08:38] *** novae has joined #arpnetworks
[08:44] *** novae has quit IRC (Ping timeout: 252 seconds)
[08:47] *** Erick- has joined #arpnetworks
[08:48] *** novae has joined #arpnetworks
[09:10] <Erick-> admin on?
[09:45] <RandalSchwartz> does it have to be an admin?
[09:47] <Erick-> maybe not
[09:49] <RandalSchwartz> many of us are longtime arp customers.
[09:52] <Erick-> to enable my ipv6 ip's
[09:53] <RandalSchwartz> I think you already have the allocation and routing by default.
[09:53] <RandalSchwartz> at least I did when I started.
[09:53] <Erick-> I can only ping one of those ip's
[09:53] <Erick-> the ::2
[09:53] <Erick-> but ::3 is nothere to be found
[09:53] <Erick-> much less ::f000
[09:54] <RandalSchwartz> do you have a /64 or a /48?
[09:54] <RandalSchwartz> and what platform
[09:54] <Erick-> prefixlen 64
[09:55] <Erick-> freebsd
[09:55] <Erick-> 91 or 9.2
[09:55] <Erick-> 9.1 *
[09:55] <RandalSchwartz> ... http://support.arpnetworks.com/kb/main/how-to-configure-ipv6-on-freebsd
[09:56] <Erick-> did that
[09:57] <RandalSchwartz> then why are you talking about ::3?  did you add an additional interface?
[09:58] <RandalSchwartz> does netstat -rn show a default route for ipv6?
[09:58] <Erick-> good idea
[09:58] <Erick-> will try that
[09:58] <Erick-> brb
[09:59] * RandalSchwartz still wonders why Erick- mentioned :3 and ::f000, which aren't on that wiki page
[10:11] * brycec wonders too
[10:12] * Erick- gives up for now
[10:12] *** Erick- has left "."
[10:13] <RandalSchwartz> even curiouser
[10:13] <brycec> Oookay
[10:13] <brycec> It's something that Just Works
[10:13] <brycec> Perhaps he had some restrictive firewall rules?
[10:13] <RandalSchwartz> it just works, when you work it. :)
[10:13] * brycec works it
[10:13] <RandalSchwartz> ... https://www.youtube.com/watch?v=FFnG3jVWDaM
[10:13] <BryceBot> YouTube Music: "Aaliyah ~ Work It (Baby)" by RicoCoracao2011 (3m 26s), 3,770 views, 17 likes and 0 dislikes. Uploaded 2012-01-08T17:49:58.000Z.
[10:15] <brycec> My "working it" doesn't look anything like that, guess I'm a failure.
[10:38] <ant> well, he is gone now anyway, but i guess adding an additional ip address to his primary interface was what he wanted to do
[10:41] <brycec> Maybe he assumed that the entire /64 was routed to him, therefore his host should see/respond to ::3 and ::f000
[10:50] <RandalSchwartz> yeah - was wondering that
[10:50] <RandalSchwartz> like even though I have a ipv4 /28.. my host wouldn't respond to anything until I aliased it.
[10:50] <brycec> You have an entire /28? :P
[10:50] <brycec> oh wait you said v4 nvm me
[10:51] <brycec> True - perhaps he A) Doesn't get it, and/or B) Was expecting to see the traffic anyways, on tcpdump or the like
[11:09] <RandalSchwartz> I do have about 6 /48's of ipv6 though
[11:09] <RandalSchwartz> we had this conversation before, as I recall.
[11:10] <RandalSchwartz> about enumerating the stars in the sky or something
[11:12] <m0unds> hahaha
[11:13] <RandalSchwartz> according to wolfram alpha, I'd need 78 bits. Darn... not enough yet.
[11:13] <RandalSchwartz> ... http://www.wolframalpha.com/input/?i=2+to+the+78+power+divided+by+number+of+stars+in+the+sky
[11:14] <RandalSchwartz> my mere 60 bits * 6 isn't enough
[11:14] <RandalSchwartz> wait... isn't that a /50 ?
[11:15] <RandalSchwartz> 78 bits out of 128... would be /50 prefix
[11:16] <RandalSchwartz> yeah - so I can ennumerate all the stars in the observable univers 4 * 6 = 24 times!
[11:26] <brycec> lol yeah RandalSchwartz I recall that convo. But a whole ipv6/28...
[11:39] <plett> My work is an ISP, so we have a /32 of IPv6. But we also have the next 7 /32s after ours reserved for us at the RIR. So we can get a contiguous /29 of IPv6 should we have a need for it.
[11:43] *** dne has quit IRC (Ping timeout: 252 seconds)
[11:45] *** dne has joined #arpnetworks
[13:44] <RandalSchwartz> ugh.  how do I reboot a dedicated box?
[13:44] <RandalSchwartz> what the heck is IPMI?
[13:45] <RandalSchwartz> $client is dead in water until I get help
[13:45] <staticsafe> IPMI is out-of-band access
[13:48] <RandalSchwartz> Looks like I never got my openvpn credentials.
[13:48] <RandalSchwartz> Well, this sucks.
[13:48] <RandalSchwartz> I mean, I sent the request...
[13:48] <staticsafe> :o
[13:49] <RandalSchwartz> so crap... I have a primary box down (hard metal), and I can't bring it back up
[13:49] <RandalSchwartz> it makes the rest of $clients machine useless
[13:55] <brycec> That's weird, because I know up_the_irons makes it a point to test OpenVPN access before even setting up a dedi box
[13:55] <brycec> At least, up_the_irons has stated that he does in the past
[14:04] <acf_> I seem to remember having to install the OS myself on my dedicated box
[14:04] <acf_> using IPMI
[14:04] <m0unds> hm
[14:06] <RandalSchwartz> well - crisis resolved... but it revealed a hole in the process. :)
[14:07] <RandalSchwartz> good that we found that now, instead of those rare hours when up_the_irons is asleep :)
[14:08] <RandalSchwartz> pager duty says "all incidents resolved"  Yeay
[14:26] <brycec> acf_ makes a good point...
[14:27] <RandalSchwartz> I installed the OS myself using the virtual console
[14:27] <RandalSchwartz> I've never touched an IMPI before
[14:27] <RandalSchwartz> oh... I see what you're saying
[14:27] <RandalSchwartz> well, we had a contractor bring up the initial box
[14:27] <RandalSchwartz> (not me)
[14:27] <brycec> http://support.arpnetworks.com/kb/dedicated-servers/how-do-i-access-my-arp-metal-dedicated-server-console :P
[14:27] <RandalSchwartz> Yes - I see that.
[14:28] <brycec> Guess that explains why you don't have OpenVPN credentials
[14:28] <RandalSchwartz> but it just says "IPMI", but I have no idea what I will see once I go there
[14:28] <RandalSchwartz> right... wasn't until the first time I tried to find it on the ssh console thing that I noticed.
[14:28] <brycec> IPMI is a protocol too, it's not "one thing" that "you'll see"
[14:28] <RandalSchwartz> so what do you see here? :)
[14:28] <brycec> RandalSchwartz: start by installing openvpn and ipmitools on your workstation
[14:29] <RandalSchwartz> I have tunnelblick
[14:29] <brycec> oh you're on a mac
[14:29] <brycec> I have no idea how to ipmi from a mac....
[14:29] <RandalSchwartz> I wonder if macports has ipmitools
[14:29] * brycec hits up Google
[14:29] <RandalSchwartz> No match for ipmitools found
[14:29] <brycec> RandalSchwartz: looks like Mac already has ipmitool installed ?
[14:29] <brycec> https://developer.apple.com/library/mac/documentation/Darwin/Reference/Manpages/man1/ipmitool.1.html
[14:29] <brycec> Suggests that it's already there
[14:30] <RandalSchwartz> % man ipmitool
[14:30] <RandalSchwartz> No manual entry for ipmitool
[14:30] <brycec> My macbookpro 10.9 has it
[14:30] <brycec>  % which ipmitool
[14:30] <brycec> /usr/bin/ipmitool
[14:31] <brycec> (and the man page)
[14:31] <RandalSchwartz> running 10.8, not 10.9
[14:31] <brycec> I have no idea when it was introduced... I suspect earlier than 10.9 though
[14:31] <RandalSchwartz> risky to upgrade unless I've got a day to fix everything
[14:31] <RandalSchwartz> haven't had that day
[14:31] <RandalSchwartz> well... not on 10.8, so somewhere between 10.9.0 and yours :)
[14:32] <brycec> Or it was part of xcode
[14:32] <RandalSchwartz> I have xcode installed
[14:32] <RandalSchwartz> otherwise, I wouldn't be using macports :)
[14:32] <RandalSchwartz> or building emacs daily
[14:32] <brycec> heh
[14:32] <RandalSchwartz> without this tool, will I not be able to do anything?
[14:32] <brycec> (10.9.3 is current btw)
[14:33] <brycec> Short answer: yes
[14:33] <RandalSchwartz> I suspect I'll "migrate" to my next box, which will already have mavericks
[14:33] <brycec> I suspect there may be other tools out there that speak IPMI
[14:33] <RandalSchwartz> that way if something is broken, I can still use the old box for thatuntil fixed.
[14:33] <RandalSchwartz> Oh - it's in macports
[14:33] <brycec> There might even been some built-in web server on the ARP Metal box's IPMI controller
[14:33] <RandalSchwartz> I just typed it wrong
[14:34] <up_the_irons> RandalSchwartz: i re-sent your cert just now
[14:35] <brycec> RandalSchwartz: FYI ipmitool is installed as part of Apple's "Server Admin Tools"
[14:35] <brycec> (that's why I have it)
[14:35] <RandalSchwartz> thank you up_the_irons
[14:36] <RandalSchwartz> and ipmitool built successfully
[14:36] <RandalSchwartz> and yes, not running server
[14:36] <brycec> (You don't have to be running "server" just administering one, and even then it's still a free download)
[14:36] <brycec> (but no reason to install all that just for one tool)
[14:37] <RandalSchwartz> staring at manpage now
[14:37] <RandalSchwartz> maybe there's some tutorials
[14:37] <brycec> up_the_irons: reading the KB article, looks like there's no need to use ipmitool?
[14:37] <brycec> "Visit the link labeled IPMI URL"
[14:37] <brycec> suggests there's a web "viewer"
[14:38] <up_the_irons> RandalSchwartz: brycec : yeah i dunno why you guys are using ipmitool.  if you can run ipmitool, then you ALREADY have access to the server.  You want IPMI for things like out-of-band console, power control, etc...
[14:38] * RandalSchwartz is relocating, but will scroll back at new location
[14:38] <up_the_irons> so just visit the "IPMI URL" which is listed in the Portal for your particular ARP Metal(tm) machine.  you have to be on the VPN for that link to work.
[14:39] <brycec> lol sorry up_the_irons I was trying to help where I could. I've only dealt with ipmitool a little, to reboot boxes and monitor sensors.
[14:39] <brycec> A web interface on the BMC is just magic and voodo
[14:39] <brycec> *voodoo
[14:39] <brycec> (And don't even get me started on AMT or ASF, fucking Intel...)
[14:39] <up_the_irons> brycec: no worries :)
[14:39] <dne> up_the_irons: ipmitool works over the network too
[14:40] <up_the_irons> hmm.. i suppose that's true
[14:40] <dangel> ARP Metal \tm/ >_< \tm/
[14:40] <up_the_irons> hhahahahhaahah
[14:41] <up_the_irons> i should srsly use that
[14:41] <up_the_irons> there might even be a unicode version
[14:41] <dangel> lol
[15:36] <RandalSchwartz> unicode sucks, but it sucks less than everything before it.
[15:36] <RandalSchwartz> except, of course, just normal ascii. :)
[15:36] <RandalSchwartz> I mean... if ascii is good enough for Jesus, it's good enough for me.  I never saw any latin-1 or kanji in the bible!
[15:43] <ant> i did
[15:43] <dne> yeah I bet ascii works great for hebrew, aramaic and greek
[15:45] <ant> "Im Anfang erschuf Gott Himmel und Erde; die Erde aber war wüst und wirr, Finsternis lag über der Urflut und Gottes Geist schwebte über dem Wasser." <-- see, latin-1/unicode in the very first sentence ;)
[15:55] <RandalSchwartz> A passphrase is required to access the network
[15:55] <RandalSchwartz> what would that be?
[15:55] <RandalSchwartz> Oh ugh.  It's probably the one I didn't write down or put into 1Password
[15:56] <RandalSchwartz> Might have to start this all over
[15:56] <RandalSchwartz> ahh... guessed it in three
[15:58] <RandalSchwartz> heh.. the IPMI cert expired April 11, 2014
[15:58] <RandalSchwartz> oops
[15:59] <RandalSchwartz> Java... Ugh.
[16:00] <RandalSchwartz> except... it appears not to be updating
[16:00] <RandalSchwartz> so maybe this was all for naught. :(
[16:01] <RandalSchwartz> yeah... every time I want to do something interesting, it asks to update java
[16:01] <RandalSchwartz> and then does nothing
[16:03] <RandalSchwartz> ahh... need new java
[16:03] <RandalSchwartz> no auto install :(
[16:03] <RandalSchwartz> Oracle still messing things up
[16:03] <RandalSchwartz> THIS USED TO WORK.. :)
[16:04] <m0unds> ugh, really would love if qwest would fix this link flapping bullshit
[16:04] <m0unds> we have links at work from twt and qwest - twt is down because of a hardware failure and qwest is flapping every 3 minutes for 45-60 seconds
[16:12] <RandalSchwartz> well.. with java installed, now permits me to have reboot.  still don't know how to see virtual console.
[16:12] <RandalSchwartz> but I may be able to work that out later.
[18:45] <mercutio> randal: i've had issues with the new java and old applications
[18:46] <mercutio> you may actually find using an older version of java works better
[18:46] <mercutio> it was whatever the major version jump was?  6 to 7 or something
[18:48] <RandalSchwartz> osx apparently doesn't allow 6 anymore
[18:48] <RandalSchwartz> security issues
[18:49] <mercutio> use virtualbox
[18:49] <mercutio> well thats' what i did
[18:49] <mercutio> easier than trying to maintain multiple versions of java
[18:49] <mercutio> i also used xp, ... living on the edge..
[18:50] <RandalSchwartz> the trailing edge!
[18:51] <RandalSchwartz> there was an aviation wing design company that was very good at certain parts... and advertisted themselves as "the leading edge in trailing edge design"
[19:10] <m0unds> haha, nice
[19:50] <up_the_irons> using Docker with Chef / Kitchen.  This is actually pretty cool...
[19:57] <m0unds> http://i.imgur.com/PKOpseS.jpg
[19:58] <staticsafe> well crap
[19:58] <staticsafe> looks like HE's DNS service is down
[19:58] <m0unds> uh oh, their authoritative svc?
[19:58] <mnathani> staticsafe: wow, no kidding
[19:58] <staticsafe> testing atm, and yes their auth NSes
[19:59] <m0unds> ouch
[19:59] <mnathani> so much for anycast and free primary and secondary dns service
[19:59] <mnathani> I got responses from ns3 and ns4, but really long response time;; Query time: 1523 msec
[20:00] <m0unds> outages happen, anycast isn't magic
[20:01] <m0unds> yea, no answer at all for me from any of them
[20:01] <staticsafe> http://pastie.org/pastes/9348773/text?key=pgbgn6cqpdt9kmyrpznoa from my testing
[20:03] *** thestereobus has joined #arpnetworks
[20:03] <mnathani> dig dns.he.net @ns1.he.net  << that works though
[20:28] <RandalSchwartz> mnathani - you updated to allow their new slave to slave from you?
[20:28] <RandalSchwartz> oops... m0unds I mean
[20:28] <RandalSchwartz> they changed the machines they slave from
[20:28] <mnathani> RandalSchwartz: I was wondering
[20:28] <RandalSchwartz> if you have strict "no AXFR except for slaves", it'll break now
[20:29] <RandalSchwartz> I got email, but I don't care, because I allow AXFR from anyone
[20:29] <m0unds> RandalSchwartz: i don't use their svc, just know someone who does
[20:30] <m0unds> so i tested dig theirdomain.tld @ whateverns.he.net
[20:56] <brycec> I'm able to dig my domains currently... but it's been awhile since you mentioned the issue, so perhaps resolved
[20:59] <staticsafe> yeah
[21:36] <m0unds> can you dig it?
[21:37] <brycec> yes he can
[21:38] *** thestereobus has quit IRC (Quit: thestereobus)
[22:01] *** SpeedBus has quit IRC (Quit: SpeedBus@CrownCloud.net)
[22:58] <mnathani> staticsafe: Doesnt look like you have an A record defined for that domain. http://pastebin.com/bTRF07hY
[23:53] *** Guest68160 has joined #arpnetworks