[00:32] Well it's not trivial... And the name is typically already there, as the domain component of the hostname [00:32] (I haven't looked to see if the lg passes -n) [00:52] isnt the skype infra still very separated from the rest of MSFT? [00:53] To my knowledge, yes, but I doubt it will stay that way. Like most things, it will eventually get folded in, one way or another. [01:06] *** LT has joined #arpnetworks [02:15] mnathani: probably in theory if someone was to modify the code [02:17] mnathani: not sure of the best way to get a list of numbers to naem mappings - i usually use whois, but there may be limits to crawling that. [02:17] http://bgp.potaroo.net/cidr/autnums.html [02:17] ahh found this [02:20] flags destination gateway lpref med aspath origin [02:21] I 8.8.8.0/24 208.79.88.2 200 0 15169 [02:21] [GOOGLE] g [02:21] so saying something like that would be fine? [02:21] like [GOOGLE] etc for the diff providers after the numbers. [02:22] i wonder if it's better to change the looking glass or bgp show rib [02:28] *** carvite has quit IRC (Ping timeout: 245 seconds) [02:32] *** carvite has joined #arpnetworks [07:19] *** neish_ has joined #arpnetworks [07:20] *** neish has quit IRC (Ping timeout: 256 seconds) [07:22] *** dj_goku_ has joined #arpnetworks [07:23] *** abthorpet has joined #arpnetworks [07:24] *** tabthorpe has quit IRC (Read error: Connection reset by peer) [07:24] *** dj_goku has quit IRC (Read error: Connection reset by peer) [07:24] *** Seji has quit IRC (Read error: Connection reset by peer) [07:25] *** Seji has joined #arpnetworks [09:33] *** LT has quit IRC (Quit: Leaving) [10:03] *** pjs_ has joined #arpnetworks [10:04] *** pjs has quit IRC (Read error: Connection reset by peer) [10:10] *** pjs_ is now known as pjs [11:04] pjs ! [11:09] *** fink has joined #arpnetworks [11:09] yo RandalSchwartz [11:10] RandalSchwartz: do you happen to have your Virtualbox configs for your arpnetworks VPS's at hand? i'd like to compare notes [15:33] mercitio: yeah something like [GOOGLE] [15:34] or even hyperliks to bgp. he. net./as15169 etc for each AS in the path [15:34] mercutio ^ [15:35] well that file i found has names like that. [15:35] i think hacking in support to bgpctl show rib is probably best [15:35] but then people will want traceroute support :) [15:35] bgpctl show rib is show ip bgp [15:36] just more people understand it when it's said show ip bgp [15:36] my openbsd instance doesn't have a useful route table. [15:36] so i need to get that sorted, then i could try implementing it on there first. [15:36] but i'm pulled in a few directions atm [15:37] I 192.67.222.0/24 208.79.88.135 100 51 2914 12179 62638 i [15:38] usually I don't see Internap in the best AS path [15:46] *** fink has quit IRC (Quit: fink) [16:04] to quickly find ASN info: https://raw.githubusercontent.com/up_the_irons/arpnet-toolbox/master/asn.sh [16:04] I just type "asn.sh " [16:04] up_the_irons: what do you think about me modifying traceroute / bgpctl to show from db the name? [16:05] i imagine it shouldn't be too difficult. [16:06] actually, as a first step, i suppose the footer could have something that does a javscript query to do a lookup [16:06] where you manually type in the ones you're curious about [16:06] not something i'm going to worry about, but feel free to take a stab at it if you like. keep in mind people are using the lg now, so treat it as such (e.g. no breaking it ;) [16:06] up_the_irons: yeah, i'd do it somewhere else first. [16:06] cool [16:06] on that note, can i get a copy of the routing table on my vps? [16:07] ? [16:07] just another peer [16:07] like, you want to peer with it? [16:07] i could get a peer from somewhere else to test. [16:07] yeah peer with it and get full table. [16:07] go ahead and peer with yourself [16:07] ok :) [16:07] that sounds kinda dirty. dunno why... [16:07] i probably can't look at this until weekend. [16:07] hahaha [16:08] no worries [16:08] i was also thinking that it'd be kind of useful to be able to do a few quick lookups [16:08] and traces. [16:08] like google, etc. [16:08] and back to yourself. [16:08] That's what she said!! [16:08] BryceBot: no [16:08] Oh, okay... I'm sorry. 'and back to yourself.' [16:09] s/e.g./ie./ [16:09] likie.ogle, etc. [16:09] d'oh [16:09] like he.net's looking glass makes it quick/easy to traceroute back to yourself. [16:09] lol [16:09] but yeah the name thing actually kind of bugs me [16:09] i just do whois AS [16:09] and remember 2914, 174, etc. [16:09] like a few of them. [16:10] did u guys see that Level 3 bought TWTelecom? [16:10] yeah [16:11] i dunno what it means, other than way more data centres. [16:11] do twtelecom have a large network? [16:12] I'd assume TWT is the backbone for Time Warner Cable... but that's an uninformed assumption. [16:12] [in which case, perhaps a better network experience for those customers] [16:13] when level3 got announced i got way more traffic on anycast for some reason. [16:13] it was surprising. [16:13] i added prepends. [16:14] "tw telecom was originally founded as Time Warner Communications in 1993 as a joint venture between US West and Time Warner Cable. Time Warner Telecom rapidly evolved into a business provider specializing in fiber-based last mile solutions." [16:15] (So... separate) [16:15] i was reading something interesting about fiber providers in the US having huge costs to get government permission for laying cables. [16:15] doubling the cost etc. [16:15] and google somehow managed to bypass all of it. [16:16] mercutio: Is that long-haul fibre? [16:16] but i'd hate to feel like i was forced onto google fiber myslef. [16:16] brycec: yeah i think so [16:16] we say fibre here, but i realise it's kind of us-centric here :) [16:16] I was unaware that Google had long-haul fibre of their own [16:17] I say fibre too, because I can spell :P [16:17] well i imagine they need it to go between neighbourhoods. [16:17] and it looked like google may haev fiber from kanas to dallas, chicago, san jose [16:17] kansas sucks for transit from what i could tell. [16:18] That would be news to me, since there's already fibre between everywhere [16:18] well yeah it's probably someone elses fiber. [16:18] Lots of dark fibre around here -laid and unused, comparatively cheap to buy [16:18] yeah so it's probably lease. [16:18] i'm half interested in US net topography. [16:18] I can see how laying new fibre across the country would be expensive and subject to US permits [16:19] But can't see how that would apply to existing fibre. [16:19] but it's hard when you're not in it i suppose. [16:19] some places seem extra bad. [16:19] like tampa, florida is pretty bad. [16:19] Bad in what sense? [16:19] kansas, kc i s pretty bad [16:19] i dunno about states hah [16:19] (Don't get me wrong, Tampa is bad in many ways :P) [16:19] well like tampa has internet going via miami often [16:20] even though tampa and miami are ages away [16:20] Miami is a major transit point for the US to the carribean [16:20] but it goes the long way around georgia [16:20] and so on [16:20] yeah. [16:20] if you're near a major transit point you have quite direct routes. [16:20] ... You might want to check a map. Tampa - Miami is only a couple of hours' drive. [16:20] but like kansas you're often stuck with chicago/dallas. [16:21] (And Georgia is in the opposite direction) [16:21] it seems to increase latency [16:21] hmm [16:21] yeah but atlanta is out east. [16:21] All three are "out East" :p [16:21] ok north east. [16:21] Negatory [16:21] so you take a quite roundabout way to get there i meant [16:21] see: Map [16:22] damp i need a site to test again [16:22] i suppose georgia doesn't look that bad [16:22] http://upload.wikimedia.org/wikipedia/commons/f/f2/US_map-South_East.png Florida is the most south-easterly state (Miami, Tampa, Orlando, etc), with Georgia (Atlanta) bordering on the north.) [16:23] why is georgia to miami to tampa so high ping then. [16:23] No idea [16:23] No logical reason [16:23] A little odd that you aren't seeing Atlanta - Orlando - Tampa though [16:23] orlando is uncoommon [16:24] jacksonville happens sometimes. [16:24] I see ORL far more often [16:24] actually i know someone in spring hill which is near tampa [16:24] Heck, HE has a POP in ORL [16:24] and their route is actually not terrible [16:24] like 215 msec from new zealand [16:24] * brycec knows someone in Tampa too [16:24] when arp is 140 msec. [16:24] That's not unreasonable... [16:24] but it does varies. [16:25] err vary. [16:25] i was playing with this geoip stuff to route stuff to vps's and then go to web sites. [16:25] considering west coast -> orlando is about 90-120ms for me, a 70ms difference is reasonable [16:25] the other thing i noticed is web sites aren't hosted in many places for common ones :) [16:25] 90 to 120 hmm [16:25] they were on brighthouse networks. [16:25] which i'd never heard of before [16:26] I've heard the name before. Definitely not Level3 scale [16:26] they use level3! [16:26] they're not like cox using cogent [16:26] i wonder what it's like from arp [16:27] it's 70 msec from arp [16:27] via level3 [16:27] but yeah, most of my testing was with web sites and vps's and so on [16:28] it seems level3 just show los angeles to tampa jump so it's hard to know what it's like [16:28] except it's somehow only 55 msec. [16:28] mercutio: This is from arp to a server in Orlando http://sprunge.us/XdOh [16:28] and that's reallyt relaly uncommon from my earlier looking [16:28] mercutio: And this is from my office in the pacific nw http://sprunge.us/CJER [16:28] yeah it looks like level3 have sensible routes [16:29] i'm going to tryh e;) [16:30] i so prefer arp's looking glass [16:30] https://smokeping.cobryce.com/?target=Internet.HENet.NorthAmerica :) [16:30] damn he.net is slow [16:30] damn no tampa [16:31] You have too many active queries. Please wait at least 60 seconds before submitting additional queries. [16:31] grr [16:31] it's cos i tried adding on la [16:31] This command is not available for core1.lax2.he.net at this time. [16:31] 75.435 ms136.187 ms74.274 msv114-tpafl14-ear2.bhntampa.com (71.44.2.49) [16:32] that hop has terrible icmp deproropsoitaiton acutally [16:32] ahh but it's the same to the hop that doesn't. [16:33] so yeah it's 58 to 60 msec on arp, nad 74.3 to 75 msec on level3 [16:33] err on he.net [16:33] so i suppose it's only 15 msec more, and that's fremont. [16:33] i think their traceroute is udp too [16:34] Bright House? [16:34] yeh [16:34] oh you know what, he.net aren't even carrying the traffic. [16:37] damn arp for having good transit [16:38] oh cool cogent have a looking glass [16:39] even cogent is good weird [16:41] so yeah, maybe it's moot to there now. [16:43] i still wonder why slashdot.org has high pings from arp [16:44] but they're on savvis. [16:44] and i think savvis is probably just crap [16:44] it's like 160 msec ping to chicago. [16:49] o_O [16:56] i dont' really care about slashdot, it'se just bene a reference site since the 90s [17:00] +1 on the asn.sh script, however I would probably like to modify it to allow searching with AS12345 as well as simply 12345 [17:01] ^ up_the_irons [17:10] so fare ive been here for a fvew days all i see if mercutio bitching about pings [17:12] cpet: it's a pretty quiet channel. And to be fair, that's about 50% of what we've seen from you :P [17:14] cpet: What would you like to see from this channel? :P [17:16] se drugs and tool? [17:16] er sex [17:16] That's what she said!! [17:16] lets give cpet a break, bitching about pings when all you got is satellite for connectivity seems fair to me [17:16] now that is funny [17:16] you may continue [17:17] are you a customer yet, cpet? [17:17] naw I just asked for a donation to port a filesystem to FreeBSD [17:17] but I think ill give up since its been 3 days [17:17] take care all [17:18] *** cpet has left "WeeChat 0.4.3" [17:18] mnathani: go ahead and modify, then send me a pull request ;) [17:18] Huh. Slightly odd. [17:19] umm.. ask for a donation and then bitch when it takes too long.. guess who's not getting a donation now? [17:20] I think his complaint was a lack of any reply [17:20] * brycec stabs his computer [17:20] up_the_irons: I have never sent a pull request before, do I first clone the repo, make the change and then send you a request? [17:20] I meant fork [17:21] mnathani: Yes. If you're on Github, it makes it all pretty easy [17:21] s/clone/fork [17:21] up_the_irons: I have never sent a pull request before, do I first fork the repo, make the change and then send you a request? [17:21] mnathani: In fact [17:22] mnathani: In fact, you can do it all on the site itself, just open https://github.com/up_the_irons/arpnet-toolbox/blob/master/asn.sh click the edit "pencil", make your changes, commit, and submit the pull request [17:22] I'm honestly a bit surprised this isn't written in Ruby :p [17:22] no reason to use ruby [17:22] if shell is all i need, i use shell [17:22] wow i didn't know you could do a pull request like that... [17:24] Makes simple fixes (like grammar, typos, etc) really easy :D Only downside is I don't get to name the branch. [17:26] * brycec clicks save, clicks "Create pull request" [17:26] https://github.com/up_the_irons/arpnet-toolbox/pull/1 [17:29] what in the hell... [17:29] ASN=${1##AS} [17:29] that actually works? :) [17:29] http://tldp.org/LDP/abs/html/string-manipulation.html [17:30] And in general, yes it does. [17:30] that's amazing [17:30] merged [17:30] My favourite tricks are the default value assignments [17:30] Sweet - but, does the script actually work? :p [17:30] and yes, it does :) [17:31] As expected? Excellent. [17:31] (more fun: http://tldp.org/LDP/abs/html/parameter-substitution.html) [17:32] (I use it for things like: SOMEVAR=${1:-BLAH} ; if [ "x$SOMEVAR" = "xBLAH" ] ; then echo YOU FAILED ; exit 1 ; fi) [17:38] i think i still prefer using a database [17:38] there's something ick about calling lynx [17:38] Agreed about lynx, but at least it's caching [17:39] (I prefer curl, for starters) [17:39] heh [17:40] asn.sh: line 5: syntax error near unexpected token `newline' [17:40] oh that doesn't get raw does it [17:41] asn.sh: line 35: lynx: command not found [17:41] it's still not working [17:41] Well lynx was removed from OpenBSD base :P [17:41] i'm using linux [17:42] Apparently Linux without lynx [17:42] oh [17:42] Unheard of. [17:42] i need to prepend 0 [17:42] this is bizzare [17:42] for... "0lynx"? [17:42] oh it cached my lynx not found [17:43] haha [17:43] * mhoran doesn't even understand what's going on. [17:43] LOL [17:43] Very "dumb" caching is what's going on [17:44] ahh this is nicer [17:44] you can just change lynx to links [17:44] and it looks better [17:44] now i can uninstall lynx again :) [17:44] Technically one could make a quick call to stat to check the datestamp of the file to introduce some expiry [17:44] it's too much information for me anyway [17:46] damn this file is 7mb [17:48] ok i have my own hack nearly ready [17:59] ok [17:59] working [17:59] this is messsy too i have http proxy that helps [18:00] http://pastebin.com/DLJ3D17q [18:00] % sh myasn.sh 17746 [18:00] AS17746 ORCONINTERNET-NZ-AP Orcon Internet,NZ [18:00] % sh myasn.sh 9559 [18:00] AS9559 PLAINCOM-NZ Plain Communications Ltd,NZ [18:00] that's what my version does [18:00] but it's not actually caching the huge file it's curling [18:01] which would be a more sensible place to cache. my web proxy does, so it doesn't matter for me. [18:02] if [ -n "$2" ]; then [18:03] rm $AS_FILE [18:03] fi [18:03] haha [18:03] brycec: i think you can do an if-modified somehow [18:04] curl -I --header 'If-Modified-Since: DATE-FORMAT-HERE' [18:09] i suppose you could have both modes with -v to show more information [18:11] mercutio: Even then you're still "slow" because you're making a request to the backend *every time* [18:11] Also the backend webserver would need to properly support i-m-t [18:11] brycec: oh i'm goign to predownload i think [18:11] it probably does. [18:11] Most do on static files, but dynamic stuff is up to the script [18:12] what do you think about my way of outputting versus the verbose way? [18:12] hmm [18:12] well you can cron it for once a month :/ [18:12] this isn't dynamic anyway [18:12] Last-Modified: Thu, 06 Nov 2014 01:14:47 GMT [18:13] Age: 1642 [18:13] you still may not want to update lal the time [18:14] AS393392 PNWUPRIMARYPUBLIC - Pacific Northwest University of Health Sciences,US [18:14] 1642 seconds? that's about a half hour? [18:14] wow i've never seen ASN's that high before [18:14] heh [18:14] yeah it seems that way [18:14] so yeah you may want to update less frequently [18:15] like once a month [18:15] if it hasn't been updated in over a month [18:15] i will have to look into that later. [18:15] I like up_the_irons' approach, since the ASN-name pairings aren't going to change, just the addition of new ASNs. You only need to update when you hit an unknown ASN-name mapping. [18:15] for my modifcations [18:15] mine's doing that too [18:16] it's not caching the 7mb file :) [18:16] but they do change btw [18:16] when companys change ownership usually the name changes [18:19] it's just less to cat, and changing links to curl awk/sed/grep [18:20] but yeah i wonder if having on the footer of output some links would be handy too [18:20] it's all c though, so ... it's a bit messier :) [19:02] brycec: why does this not work: http://pastebin.com/x3gYP1WE [19:02] trying to match lowercase / uppercase as/ASN [19:02] lol [19:03] For starters, I don't think ### is a thing (I could be wrong?) [19:03] But mainly because you keep overwriting $ASN with $1 (modified) [19:03] mnathani: you probably want to keep the first line, and make the following lines ASN=${ASN#... [19:04] (And I'm sure there's a simpler, cleaner solution too) [19:05] This was my first attempt: http://pastebin.com/0fnKARPZ [19:05] before I saw your one liner [19:05] unsuccessful too [19:07] If you're getting that complicated, you might just consider using sed to extract a number from $1 [19:08] wow [19:08] it'll be AS or [19:08] just do a bloody s/^AS// [19:08] s/$/i/ [19:08] just do a bloody s/^AS//i [19:28] https://github.com/up_the_irons/arpnet-toolbox/pull/2 [19:28] working using sed [19:46] nice [19:48] :-) [19:52] facebook has their own http server [19:53] i've only just started exploring nginx [20:26] did they get back to you regarding dns [20:26] and geolocation was it? [20:26] *** toeshred has quit IRC (Quit: WeeChat 1.0.1) [20:29] *** toeshred has joined #arpnetworks [20:35] ^mercutio [21:15] they got back to me asking for more information [21:15] a bit of to and fro [21:15] then nothing for a couple of days [21:15] so i emailed them again today. [21:15] i improved my facebook temporarily by using unbound's ability to send domains to different parent dns [21:15] does the issue impact many users? [21:16] but i hate doing that. [21:16] yeah, heaps from my research. [21:16] at least here. [21:16] they probably don't care much about new zealand though [21:16] is Australia in the same boat? [21:17] well australia has their own server [21:17] and there's a double hop peer with them there [21:17] and it still doesn't direct to it [21:17] ie one in betwen hop in AS PATH [21:17] it's doubled up too - there's two providers with one in between ASN [21:17] where does your facebook traffic end up presently with no DNS hacks? [21:18] i think their server selection needs an overhaul. [21:18] umm it varies between uhh [21:18] hangon [21:18] you to our Ashburn (ASH) and Forest City, NC (FRC) Data Centers. [21:18] forest city, and ashburn [21:18] so ages away [21:19] bu thtere's some stuff hitting prc too which is closer [21:19] and i'm not sure where it is but it seems west coastish [21:19] the other 2 seem halfway around the globe? [21:19] yeah [21:19] it comes into facebook's network in san jose. [21:20] running traceroute -A [21:20] http://pastebin.com/k7JU8WpE [21:20] have you tested other NZ networks that have public looking glasses [21:20] pastebin always has kaptcha [21:21] new zealand networks don't have looking glasses :/ [21:21] i've tested other ones i ahve access too [21:21] to [21:21] weoll one other one i have access to, and got a couple of people to test themselves. [21:21] so there's at least 4 networks that have issues [21:23] http://pastebin.com/HVErFSga [21:23] that's sydney [21:24] weird, i dunno why it says AS1221 on hop 3 [21:24] that's 9559 too [21:24] here is a trace from UK: [21:24] https://gist.github.com/anonymous/1917708951399df0f7f8 [21:24] Gist: "https://gist.github.com/1917708951399df0f7f8" [21:24] you're going to the same dc as me :) [21:25] maybe frc is their default? [21:25] my uk vps goes there too [21:25] oh [21:26] except my one connectoins to facebook in the uk! [21:26] 5 linx.br01.lhr1.tfbnw.net (195.66.225.69) [AS10026/AS4637] 4.896 ms 4.877 ms 4.859 ms [21:27] maybe facebook geolocates based on friends, and connections and news interests and likes. LOL :-) [21:27] i dobut it :) [21:27] i think their network is just non ideal [21:27] like they should terminate in london [21:27] if they're going to accept traffic in london [21:27] even if they just put the page together there and get the information from further away [21:27] at least that's what i'd do :) [21:27] maybe they havent figured out how to replicate everything everywhere? [21:28] they can still pull in stuff from remote [21:28] spdy really benefits from having close servers [21:28] that can pull stuff in from afar [21:28] cache it locally though? [21:28] and tehy're using spdy. [21:28] yeah cache locally is good [21:28] but even not caching you can still get some benefit [21:28] https has 5 rtt latency often [21:28] fewer roud trips? [21:28] yeah [21:29] utilize compression? [21:29] there's various ways to improve it [21:30] it gets really complicated. [21:31] old nginx has a bug, where if you have more than 4k of data it waits an extra rtt. [21:31] which means if you have large certificates it delays [21:31] normal ssl can't do quick start with some buggy implementations which means browsers require NPN and one other thing [21:31] enabled. [21:31] some secrecy thing [21:32] spdy improves things too [21:32] npn and forward secrecy [21:32] https://istlsfastyet.com/ [21:32] it still makes sense to have close https servers though [21:33] with normal http you want to be < 20 msec ping [21:33] beyond that it starts mattering less. [21:33] are you active on nznog? [21:33] but 100 msec ping is definitely bad. [21:33] yeah. [21:33] sort of. [21:33] i occassionally rant [21:33] i'm a ranty kind of guy :/ [21:33] That's what she said!! [21:33] I wonder if there were any facebook performance related discussions on here [21:34] nznog hardly has anything technical on it tobh [21:34] tbh [21:34] there was someone talking about akamai years ago [21:34] i've had a pet peeve against akamai for years. [21:34] i did this proxy mesh thing years ago, to try and get browsing faster [21:35] by bouncing to local hosts. [21:35] this was before linux had native 10 packets sending etc. [21:35] and i implemented the 10 packets thing early, and did shaping to limit max speed. [21:35] and i had it so i'd do persistent connections to the vairous proxies [21:35] and do a geoip lookup to know which to send to. [21:36] in the end i got web page load times down from about 1400 msec to about 1200 msec average. [21:36] but that doesn't show the whole picture - often there were quite noticable latency improvements to less popular more weird web sites. [21:36] and one of the slowest web sites was a local news site. [21:37] one of the fastest web sites was typekit.com [21:37] i tested on various isp's too. one isp was more like 1600, the other was more like 1800 [21:37] typekit.com has changed since i tested. [21:38] but yeah typekit didn't have low ping or anything [21:38] they just were sensible [21:38] i think tehy've moved data centres too. i'm pretty sure they used to be at steadfast. [21:38] hi!!!!!!!1 [21:38] hey hazardous [21:38] sup [21:38] not much [21:38] i'm ranting again it seems. [21:39] nznog exists? [21:39] yeah. [21:39] the non-nanogs (and i guess eu) were almost barren the last time i clicked through a link and ended up there somehow [21:39] nanog -> ausnog -> nznog [21:39] now i'm feeling old, i've been on nznog since about 2001 i think. [21:40] going off on a random tangent i'm really surprised about chrome [21:40] recently people have been talking aabout the impact of 1 gigabit fibre connections. [21:40] that it's getting slower and slower? [21:40] i don't really look at naalytics but i was tracking down some attempted exploits in access.log and http://i.imgur.com/TBCMa6u.png [21:40] that's from the last 6h of one of my sites and it's just a giant mindfuck [21:41] i wasn't expecting it to be skewed that hard [21:41] wow i had to decrease my zoom :) [21:41] 75% wow. [21:41] i'm getting so pissed off at chrome. [21:41] it keeps being slow [21:41] it's a gaming fansite; with adblock rates around 90% [21:41] i was expecting some chrome skew, but not that far [21:42] i use adblock [21:42] yeah i'd except 50 to 60% [21:42] when you say gaming web site [21:42] there's no competition anymore [21:42] even opera is using chrome [21:42] i mean video game graphs and analytics [21:42] nah, opera is still there (uses useragent, not rendering engine or whatever) [21:42] somewhere around 0.1% [21:42] lemme double check [21:42] opera is lumped in with "other" [21:43] and isn't at 0.1% [21:43] ahh ok [21:43] do you use chrome? [21:43] i use firefox day to day [21:44] i use chrome for testing sites [21:44] actually chromium nightly [21:44] ahh ok [21:44] i can't deal with chrome day to day because i actually want my tracking beacons blocked [21:44] i isntalled canary [21:44] it keeps crashing [21:44] i can't do anything [21:44] like chrome's plugin hook system is really really weird [21:44] everything is pretty much a basic userscript [21:44] you can see this with some extensions in devtools [21:44] oh woot canary is working again [21:44] there's like a .css file loaded in after domcontentloaded [21:44] that tries to css display:none!important hide things like share buttons [21:45] instead of actually blocking the content from loading in the first place [21:45] wow canary scrolls way faster than chrome [21:45] oh nah it's just this page [21:45] also blocking specific elements in chrome is akin to getting told to gfy [21:45] i hate it how variable chrome scroll speed is [21:45] firefox adblock has decent ruleset engine, i can tick things like third party and edit a regex [21:45] actually even facebook is scrolling fast now [21:46] chrome adblock is infuriating [21:46] and essentially stops at css rules [21:46] yeah [21:46] and trying to block things that are invisible, like if i wanted to block */analytics/beacon.aspx$ [21:46] not happening, period [21:48] i want adblock on tablet [21:48] i wonder if anyone has forkced chromium yet. [21:48] adblock on tablet is pretty much like [21:48] and tried to make it nicer [21:48] hosts file at best [21:49] firefox has adblock addon on their mobile firefox [21:49] yeah that sucks [21:49] but it's useless at best [21:49] i might do a proxy for it [21:49] i dunno [21:49] i really wish mobile providers didn't utterly fuck any http connection [21:50] i should not have to be wasting battery life and data quota to have a usable internet [21:50] because vpn and crypto padding and whatever else [21:50] yeah [21:50] since i can't visit many sites on mobile [21:50] it's fine here [21:50] i'm on tmobile and they filter all "18+ content" automatically [21:50] and don't allow me to remove webguard [21:50] you were in australia right? [21:51] i'm in the states [21:51] (this literally includes reddit api calls, so i can't even browse askreddit) [21:51] oh [21:51] i got you confused with someone else [21:51] i think light vpns are needed [21:51] this also includes DPIing all http traffic for user agents too [21:51] that use fast light encyption [21:51] That's what she said!! [21:51] for non critical things. [21:51] like [21:52] on my phone, the actual mobile device itself [21:52] so they stop casual snooping and interjection [21:52] if i spoof a firefox useragent [21:52] it will block all data [21:52] and upsell me a tethering package [21:52] why [21:52] oh [21:52] all http requests are hijacked to their page [21:52] all dns requests return nxdomain + A record pointing to them [21:52] they also hijack actual dns server traffic [21:52] if you use 8.8.8.8, they route that to their own systems [21:52] even if you change ports? [21:52] same with 4.2.2.1 and 4.2.2.2, etc [21:53] they hijack all dns traffic to/from those hosts [21:53] and redirect it to their own [21:53] that part is just completely bizarre [21:53] and ridiculous [21:53] this sounds ick [21:53] does your ip change much? [21:54] ideally speakign a light vpn that automagically worked when changing ip's woudl be great. [21:54] on mobile? yeah often [21:54] openvpn takes like.. a minute+ to establish link [21:54] and is completely impossible on low-signal areas [21:54] so it encodes everything relevant in udp packets. [21:54] or generic ip [21:54] http://esd.io/blog/t-mobile-dns-hijack.html has a writeup of it [21:54] depending on what is necessary [21:55] so that it doesn't need the ip [21:55] err for state [21:55] like.. they are actually abusing others' ip space [21:55] for their own ad pages [21:55] or at least can quickly reget it's state and work things out when ip changes [21:55] one could argue that changing your dns servers from the isp-provided ones is pretty much saying "fuck you i want to opt out of your spam" [21:55] but they are refusing to obey that [21:55] and they also don't obey opt out anyway [21:55] so lol [21:56] i think it's perfectly ok in corporate networks to not allow external dns. [21:56] yes, but this is a consumer connection [21:56] but on the internet at large i think not [21:56] and there's a difference between blocking external dns [21:56] and hijacking MITM external dns [21:56] with your own spoofed, invalid replies [21:56] yeah [21:56] so do you use openvpn atm? [21:56] ya [21:56] also, their idea of "opt out" of their NXDOMAIN search result page [21:56] wanna guess what it is? [21:56] how well does that work? [21:57] what is it? [21:57] it uses javascript and cookies, the actual page is served, the nx domain is still hijacked [21:57] javascript checks if you have a cookie set to opt out [21:57] and just does a window.location="/404.html" [21:57] after the adpage has fully loaded [21:57] oh what [21:57] llllol [21:57] do you have 4g? [21:57] yes [21:57] is it ok speed? [21:57] but i'm rate limited to about 1 KB/sec after 5GB per month [21:58] at 1000-5000ms latency [21:58] i talked to someone on skype who was driving on tmobile [21:58] and it broke up heaps [21:58] it's good only in super urban areas i'd say [21:58] but i've done the same thing when driving before and never had issues [21:58] i have no problem in sf [21:58] i lose data service very fast leaving sf [21:58] in between sf and la, verizon seems to be the only one with coverage (sanely) [21:58] tmobile is kind of really really urban i guess? i dunno how to describe it [21:58] wow [21:58] that's a huge area [21:59] the only time i get good, stable service is near or in a major metro area [21:59] but they're cheap :) [21:59] tbh the part that pisses me off the most is how they lie about unlimited too [21:59] yes, it's unlimited, but no, it's not actually USABLE once you hit your cap [21:59] loading a 16KB JSON response [21:59] takes around 48 seconds [21:59] a random imgur jpg takes 3-6 minutes [21:59] we used to have that on dsl here [21:59] even irc lags [22:00] we had 64kbit rate limits [22:00] yeah, it's like [22:00] where it's meant to go to "dialup" speed [22:00] after your cap [22:00] like a stable 64kbit is fine [22:00] i have no problem with a very stable and consistent 64kbit [22:00] but there was like no buffering [22:00] but this is some really really bad software artificial throttling or something [22:00] and it was insanely slow with insanely high packet loss [22:00] and it would always get overshot all the time [22:00] and i average out to be ~1KB/s with prboably 50%+ packetloss [22:00] dialup was much more usable. [22:00] that said, a few years back i tried using dialup [22:00] even logging into msn etc is slow [22:00] i've never used dialup before so i don't have anything to compare against [22:00] all these ssl certificates etc are huge. [22:01] the local news web site that was slow before [22:01] they had a 4 meagbyte image today [22:01] did you enable ssl [22:01] lol [22:01] resized to a small image [22:01] one of my friends kept bothering me about why their site was so slow [22:01] on the page itself [22:01] it's like a straight off camera pic [22:01] they had a gallery with 10mb jpg's resized to like 320x240 [22:01] grid of about 50 of them [22:02] but like 500mb caps on internet are common here on cellphgones [22:02] and lots of people browse news on their mobile [22:02] the problem is whatever awful artificial throttling they use [22:02] i have no problem with a stable, steady 5 KB/s [22:02] i have a problem when it takes 15 minutes to load imgur.com/something [22:02] well that's what dialup gives you [22:02] yeah that's what rate limits / policers can often be like [22:02] esp at lower speeds. [22:02] like their 1kb/sec may actually be 64kbit [22:03] with like no queueing [22:03] it's r eally weird because on monitoring it looks like i burst up to 15KB/s for less than a second [22:03] and then drop to 9 bytes/second [22:03] for the next five minutes [22:03] openvpn is really unusable and annoying on high latency / random connectivity drop networks [22:03] several minutes to connect [22:03] mm [22:03] if you can tether [22:03] i'm trying to figure out what i can do [22:04] run a tpcdump and count how many packets it receives [22:04] if you're routing to it from a linux box you can change your route [22:04] like ip route change (your route) initcwnd 2 [22:04] i really don't get why every mobile provider here treats the internet as a molestation victim or something [22:04] and it'd probably go a little better [22:04] you used to be able to change window size too [22:04] ip route change 192.168.1.0/24 dev wlp3s0 proto kernel scope link src 192.168.1.9 initcwnd 2 window 8192 [22:05] that still works [22:05] like http://www.extremetech.com/extreme/193625-verizons-latest-privacy-wrecking-ploy-an-unblockable-supercookie-that-lets-anyone-track-you-on-the-internet [22:05] opt out isn't allowed [22:05] it's the most hilarious thing [22:05] so yaeh you have a route pointing to it with a low initial window size, adn a low window size [22:05] i imagine 8k may still be too much :/ [22:05] i don't linuxes unfortunately [22:05] i screwed around with stuff heaps on dialup [22:06] like on dialup i userd to use 296 mtu [22:06] i just pretend to be a sysadmin and hope things work [22:06] :^) [22:06] and 2k window size [22:06] so irc etc wouldn't lag out when downloading [22:06] and i wouldn't get 4 second delays etc [22:07] but in dialup days there was header compresion [22:07] compression, so overhead was reduced for lots of small packets [22:07] header compression basically doesn't work well now days [22:07] you need to disable window scaling, tcp/ip timestamps, etc etc. [22:07] and even then it doesn't scale [22:07] and it really hates dropped packets [22:07] is that what those weird "dialup accelerator software" things were [22:08] i honestly have never used dialup before [22:08] nah those recompressed images etc. [22:08] i always thought dialup accelerator was a joke [22:08] like bluray rewinder [22:08] nah it was real [22:08] there's actually some stuff going around now that you can use on faster connections [22:08] you can compress images to jpeg2000 or webp [22:08] to reduce size quite a lot [22:08] hardly any sites use webp or jpeg2000 [22:09] i use webp [22:09] cool [22:09] but that's partially because i have a caching proxy in front of my site [22:09] hardly anyone does though [22:09] not really a caching proxy [22:09] i have mod_pagespeed or whatever [22:09] yeah [22:09] it just rewrites the page and replaces images [22:09] you can use mod_pagespeed on a fowrad proxy [22:09] i really like one thing it does, which is add width="" and height="" elements for unstyled things [22:09] you may want to try it :) [22:10] could speed up your mobile openvpn [22:10] it seems like it loads in in a container instantly [22:10] so everything else is in place [22:10] so elements don't randomly move after the image late loads in [22:10] i was playing with apache traffic server implemetnation of it [22:10] cos i wanted to use it everywhere hah [22:10] android has native support for it [22:10] i think it's easier with apache though [22:10] the mod_pagespeed forward proxy thing [22:10] bypasses provider censorship too [22:10] yeah [22:10] but all your pages get tracked by google [22:10] since they run the proxy [22:10] what [22:11] oh [22:11] right [22:11] there's a built in option [22:11] i mean you can run it locally [22:11] they re-serve you compressed http over udp+tls [22:11] and also run dns on the other end [22:11] it's much, much faster [22:11] but.. you know, that [22:11] well that with your own server would be cool [22:11] i was going to do something like that hah [22:12] i mean the piss annoying part is that [22:12] damnit i need to stop procrastinating [22:12] i need to toglge it on and off all the time [22:12] if i keep openvpn on to browse reddit [22:12] if i accidentally open paypal app [22:12] there's some mod page speed stuff to be more conservative [22:12] i get my paypal account blocked and suspended/frozen [22:12] why? [22:12] cos you're proxying? [22:12] ya [22:12] they will freeze the account automatically [22:12] how do they know? [22:12] ip change [22:12] i've used paypal iwith proxy? [22:13] i would assume they have much more fine-grained databases for US geoip [22:13] nonresidential providers etc [22:13] compared to every other country [22:16] hmm [22:16] i used to proxy to US vps though [22:16] i haven't done that in ages though [22:17] i still want to look at ways to speed things up, but i want transparent and less http centric [22:17] often what i care more about is things like smooth ssh [22:18] it used to work to browse hulu heh [22:18] i wonder if arp works for hulu [22:19] about 3 or 4 isp's in new zealand are doing "global mode" now [22:19] so people can use netflix hulu and other geo locked things [22:19] like even large isp's! [22:19] apparently australian government suggested people do it for buying games on steam too [22:19] because steam charges different rates based on your country [22:20] apparently it's really cheap in russia btw [22:20] hulu should block arp iirc [22:20] lemme check [22:21] in the end i couldn't stand hulu ads [22:21] hulu on arp just links to http://www.hulu.com/help/articles/243651 [22:22] iirc they also check your PTR for things like 'pool' and 'dyn' [22:44] hmm hazardous: hulu works for me, (using ARP, I ssh, then use a SOCKS proxy) I am in Canada [22:52] nvm I get the anonymous proxy message now as well [23:26] *** fink has joined #arpnetworks [23:38] *** fink has quit IRC (Quit: fink)