#arpnetworks 2014-07-02,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***Erick- has joined #arpnetworks [07:40]
.... (idle for 16mn)
Erick- has left "." [07:56]
novae has quit IRC (Ping timeout: 252 seconds)
novae has joined #arpnetworks
novae has quit IRC (Changing host)
novae has joined #arpnetworks
[08:04]
...... (idle for 27mn)
novae has quit IRC (Ping timeout: 264 seconds)
novae has joined #arpnetworks
[08:34]
novae has quit IRC (Ping timeout: 252 seconds)
Erick- has joined #arpnetworks
novae has joined #arpnetworks
[08:44]
..... (idle for 22mn)
Erick-admin on? [09:10]
........ (idle for 35mn)
RandalSchwartzdoes it have to be an admin? [09:45]
Erick-maybe not [09:47]
RandalSchwartzmany of us are longtime arp customers. [09:49]
Erick-to enable my ipv6 ip's [09:52]
RandalSchwartzI think you already have the allocation and routing by default.
at least I did when I started.
[09:53]
Erick-I can only ping one of those ip's
the ::2
but ::3 is nothere to be found
much less ::f000
[09:53]
RandalSchwartzdo you have a /64 or a /48?
and what platform
[09:54]
Erick-prefixlen 64
freebsd
91 or 9.2
9.1 *
[09:54]
RandalSchwartz... http://support.arpnetworks.com/kb/main/how-to-configure-ipv6-on-freebsd [09:55]
Erick-did that [09:56]
RandalSchwartzthen why are you talking about ::3? did you add an additional interface?
does netstat -rn show a default route for ipv6?
[09:57]
Erick-good idea
will try that
brb
[09:58]
RandalSchwartzRandalSchwartz still wonders why Erick- mentioned :3 and ::f000, which aren't on that wiki page [09:59]
brycecbrycec wonders too [10:11]
Erick-Erick- gives up for now [10:12]
***Erick- has left "." [10:12]
RandalSchwartzeven curiouser [10:13]
brycecOookay
It's something that Just Works
Perhaps he had some restrictive firewall rules?
[10:13]
RandalSchwartzit just works, when you work it. :) [10:13]
brycecbrycec works it [10:13]
RandalSchwartz... https://www.youtube.com/watch?v=FFnG3jVWDaM [10:13]
BryceBotYouTube Music: "Aaliyah ~ Work It (Baby)" by RicoCoracao2011 (3m 26s), 3,770 views, 17 likes and 0 dislikes. Uploaded 2012-01-08T17:49:58.000Z. [10:13]
brycecMy "working it" doesn't look anything like that, guess I'm a failure. [10:15]
..... (idle for 23mn)
antwell, he is gone now anyway, but i guess adding an additional ip address to his primary interface was what he wanted to do [10:38]
brycecMaybe he assumed that the entire /64 was routed to him, therefore his host should see/respond to ::3 and ::f000 [10:41]
RandalSchwartzyeah - was wondering that
like even though I have a ipv4 /28.. my host wouldn't respond to anything until I aliased it.
[10:50]
brycecYou have an entire /28? :P
oh wait you said v4 nvm me
True - perhaps he A) Doesn't get it, and/or B) Was expecting to see the traffic anyways, on tcpdump or the like
[10:50]
.... (idle for 18mn)
RandalSchwartzI do have about 6 /48's of ipv6 though
we had this conversation before, as I recall.
about enumerating the stars in the sky or something
[11:09]
m0undshahaha [11:12]
RandalSchwartzaccording to wolfram alpha, I'd need 78 bits. Darn... not enough yet.
... http://www.wolframalpha.com/input/?i=2+to+the+78+power+divided+by+number+of+stars+in+the+sky
my mere 60 bits * 6 isn't enough
wait... isn't that a /50 ?
78 bits out of 128... would be /50 prefix
yeah - so I can ennumerate all the stars in the observable univers 4 * 6 = 24 times!
[11:13]
bryceclol yeah RandalSchwartz I recall that convo. But a whole ipv6/28... [11:26]
plettMy work is an ISP, so we have a /32 of IPv6. But we also have the next 7 /32s after ours reserved for us at the RIR. So we can get a contiguous /29 of IPv6 should we have a need for it. [11:39]
***dne has quit IRC (Ping timeout: 252 seconds)
dne has joined #arpnetworks
[11:43]
........................ (idle for 1h59mn)
RandalSchwartzugh. how do I reboot a dedicated box?
what the heck is IPMI?
$client is dead in water until I get help
[13:44]
staticsafeIPMI is out-of-band access [13:45]
RandalSchwartzLooks like I never got my openvpn credentials.
Well, this sucks.
I mean, I sent the request...
[13:48]
staticsafe:o [13:48]
RandalSchwartzso crap... I have a primary box down (hard metal), and I can't bring it back up
it makes the rest of $clients machine useless
[13:49]
brycecThat's weird, because I know up_the_irons makes it a point to test OpenVPN access before even setting up a dedi box
At least, up_the_irons has stated that he does in the past
[13:55]
acf_I seem to remember having to install the OS myself on my dedicated box
using IPMI
[14:04]
m0undshm [14:04]
RandalSchwartzwell - crisis resolved... but it revealed a hole in the process. :)
good that we found that now, instead of those rare hours when up_the_irons is asleep :)
pager duty says "all incidents resolved" Yeay
[14:06]
.... (idle for 18mn)
brycecacf_ makes a good point... [14:26]
RandalSchwartzI installed the OS myself using the virtual console
I've never touched an IMPI before
oh... I see what you're saying
well, we had a contractor bring up the initial box
(not me)
[14:27]
brycechttp://support.arpnetworks.com/kb/dedicated-servers/how-do-i-access-my-arp-metal-dedicated-server-console :P [14:27]
RandalSchwartzYes - I see that. [14:27]
brycecGuess that explains why you don't have OpenVPN credentials [14:28]
RandalSchwartzbut it just says "IPMI", but I have no idea what I will see once I go there
right... wasn't until the first time I tried to find it on the ssh console thing that I noticed.
[14:28]
brycecIPMI is a protocol too, it's not "one thing" that "you'll see" [14:28]
RandalSchwartzso what do you see here? :) [14:28]
brycecRandalSchwartz: start by installing openvpn and ipmitools on your workstation [14:28]
RandalSchwartzI have tunnelblick [14:29]
brycecoh you're on a mac
I have no idea how to ipmi from a mac....
[14:29]
RandalSchwartzI wonder if macports has ipmitools [14:29]
brycecbrycec hits up Google [14:29]
RandalSchwartzNo match for ipmitools found [14:29]
brycecRandalSchwartz: looks like Mac already has ipmitool installed ?
https://developer.apple.com/library/mac/documentation/Darwin/Reference/Manpages/man1/ipmitool.1.html

Suggests that it's already there
[14:29]
RandalSchwartz% man ipmitool
No manual entry for ipmitool
[14:30]
brycecMy macbookpro 10.9 has it
% which ipmitool
/usr/bin/ipmitool
(and the man page)
[14:30]
RandalSchwartzrunning 10.8, not 10.9 [14:31]
brycecI have no idea when it was introduced... I suspect earlier than 10.9 though [14:31]
RandalSchwartzrisky to upgrade unless I've got a day to fix everything
haven't had that day
well... not on 10.8, so somewhere between 10.9.0 and yours :)
[14:31]
brycecOr it was part of xcode [14:32]
RandalSchwartzI have xcode installed
otherwise, I wouldn't be using macports :)
or building emacs daily
[14:32]
brycecheh [14:32]
RandalSchwartzwithout this tool, will I not be able to do anything? [14:32]
brycec(10.9.3 is current btw)
Short answer: yes
[14:32]
RandalSchwartzI suspect I'll "migrate" to my next box, which will already have mavericks [14:33]
brycecI suspect there may be other tools out there that speak IPMI [14:33]
RandalSchwartzthat way if something is broken, I can still use the old box for thatuntil fixed.
Oh - it's in macports
[14:33]
brycecThere might even been some built-in web server on the ARP Metal box's IPMI controller [14:33]
RandalSchwartzI just typed it wrong [14:33]
up_the_ironsRandalSchwartz: i re-sent your cert just now [14:34]
brycecRandalSchwartz: FYI ipmitool is installed as part of Apple's "Server Admin Tools"
(that's why I have it)
[14:35]
RandalSchwartzthank you up_the_irons
and ipmitool built successfully
and yes, not running server
[14:35]
brycec(You don't have to be running "server" just administering one, and even then it's still a free download)
(but no reason to install all that just for one tool)
[14:36]
RandalSchwartzstaring at manpage now
maybe there's some tutorials
[14:37]
brycecup_the_irons: reading the KB article, looks like there's no need to use ipmitool?
"Visit the link labeled IPMI URL"
suggests there's a web "viewer"
[14:37]
up_the_ironsRandalSchwartz: brycec : yeah i dunno why you guys are using ipmitool. if you can run ipmitool, then you ALREADY have access to the server. You want IPMI for things like out-of-band console, power control, etc... [14:38]
RandalSchwartzRandalSchwartz is relocating, but will scroll back at new location [14:38]
up_the_ironsso just visit the "IPMI URL" which is listed in the Portal for your particular ARP Metal(tm) machine. you have to be on the VPN for that link to work. [14:38]
bryceclol sorry up_the_irons I was trying to help where I could. I've only dealt with ipmitool a little, to reboot boxes and monitor sensors.
A web interface on the BMC is just magic and voodo
*voodoo
(And don't even get me started on AMT or ASF, fucking Intel...)
[14:39]
up_the_ironsbrycec: no worries :) [14:39]
dneup_the_irons: ipmitool works over the network too [14:39]
up_the_ironshmm.. i suppose that's true [14:40]
dangelARP Metal tm/ >_< tm/ [14:40]
up_the_ironshhahahahhaahah
i should srsly use that
there might even be a unicode version
[14:40]
dangellol [14:41]
............ (idle for 55mn)
RandalSchwartzunicode sucks, but it sucks less than everything before it.
except, of course, just normal ascii. :)
I mean... if ascii is good enough for Jesus, it's good enough for me. I never saw any latin-1 or kanji in the bible!
[15:36]
anti did [15:43]
dneyeah I bet ascii works great for hebrew, aramaic and greek [15:43]
ant"Im Anfang erschuf Gott Himmel und Erde; die Erde aber war wüst und wirr, Finsternis lag über der Urflut und Gottes Geist schwebte über dem Wasser." <-- see, latin-1/unicode in the very first sentence ;) [15:45]
RandalSchwartzA passphrase is required to access the network
what would that be?
Oh ugh. It's probably the one I didn't write down or put into 1Password
Might have to start this all over
ahh... guessed it in three
heh.. the IPMI cert expired April 11, 2014
oops
Java... Ugh.
except... it appears not to be updating
so maybe this was all for naught. :(
yeah... every time I want to do something interesting, it asks to update java
and then does nothing
ahh... need new java
no auto install :(
Oracle still messing things up
THIS USED TO WORK.. :)
[15:55]
m0undsugh, really would love if qwest would fix this link flapping bullshit
we have links at work from twt and qwest - twt is down because of a hardware failure and qwest is flapping every 3 minutes for 45-60 seconds
[16:04]
RandalSchwartzwell.. with java installed, now permits me to have reboot. still don't know how to see virtual console.
but I may be able to work that out later.
[16:12]
............................... (idle for 2h33mn)
mercutiorandal: i've had issues with the new java and old applications
you may actually find using an older version of java works better
it was whatever the major version jump was? 6 to 7 or something
[18:45]
RandalSchwartzosx apparently doesn't allow 6 anymore
security issues
[18:48]
mercutiouse virtualbox
well thats' what i did
easier than trying to maintain multiple versions of java
i also used xp, ... living on the edge..
[18:49]
RandalSchwartzthe trailing edge!
there was an aviation wing design company that was very good at certain parts... and advertisted themselves as "the leading edge in trailing edge design"
[18:50]
.... (idle for 19mn)
m0undshaha, nice [19:10]
......... (idle for 40mn)
up_the_ironsusing Docker with Chef / Kitchen. This is actually pretty cool... [19:50]
m0undshttp://i.imgur.com/PKOpseS.jpg [19:57]
staticsafewell crap
looks like HE's DNS service is down
[19:58]
m0undsuh oh, their authoritative svc? [19:58]
mnathanistaticsafe: wow, no kidding [19:58]
staticsafetesting atm, and yes their auth NSes [19:58]
m0undsouch [19:59]
mnathaniso much for anycast and free primary and secondary dns service
I got responses from ns3 and ns4, but really long response time;; Query time: 1523 msec
[19:59]
m0undsoutages happen, anycast isn't magic
yea, no answer at all for me from any of them
[20:00]
staticsafehttp://pastie.org/pastes/9348773/text?key=pgbgn6cqpdt9kmyrpznoa from my testing [20:01]
***thestereobus has joined #arpnetworks [20:03]
mnathanidig dns.he.net @ns1.he.net << that works though [20:03]
...... (idle for 25mn)
RandalSchwartzmnathani - you updated to allow their new slave to slave from you?
oops... m0unds I mean
they changed the machines they slave from
[20:28]
mnathaniRandalSchwartz: I was wondering [20:28]
RandalSchwartzif you have strict "no AXFR except for slaves", it'll break now
I got email, but I don't care, because I allow AXFR from anyone
[20:28]
m0undsRandalSchwartz: i don't use their svc, just know someone who does
so i tested dig theirdomain.tld @ whateverns.he.net
[20:29]
...... (idle for 26mn)
brycecI'm able to dig my domains currently... but it's been awhile since you mentioned the issue, so perhaps resolved [20:56]
staticsafeyeah [20:59]
........ (idle for 37mn)
m0undscan you dig it? [21:36]
brycecyes he can [21:37]
***thestereobus has quit IRC (Quit: thestereobus) [21:38]
..... (idle for 23mn)
SpeedBus has quit IRC (Quit: SpeedBus@CrownCloud.net) [22:01]
............ (idle for 57mn)
mnathanistaticsafe: Doesnt look like you have an A record defined for that domain. http://pastebin.com/bTRF07hY [22:58]
............ (idle for 55mn)
***Guest68160 has joined #arpnetworks [23:53]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)