#arpnetworks 2015-04-01,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***grody has quit IRC (Ping timeout: 255 seconds) [00:31]
........... (idle for 52mn)
toeshred has quit IRC (Ping timeout: 255 seconds) [01:23]
grody has joined #arpnetworks [01:33]
pyvpxthere are plenty of ways to speak with the IPv4 world if you are IPv6 only internally. and if more folks were IPv6 internally, they'd naturally lean towars 'speaking' natively to the rest of the IPv6 world...and then IPv4 might be relegated to the token ring of history.
only problem is IPv6 still kind of sucks.
[01:35]
.... (idle for 17mn)
mercutiothe whole ipv4 vs ipv6 thing is interesting
there's a high interest in being "ipv6 ready"
but low interest in actually using ipv6
[01:52]
...... (idle for 29mn)
***toeshred has joined #arpnetworks [02:21]
..... (idle for 20mn)
plettgrody: DECT doesn't use the 2.4G ISM band
Not in the UK, at least
[02:41]
.......................................................... (idle for 4h46mn)
mkbmercutio, if you've got a firewall dropping idle connections, do you know of any way to figure out where it is? [07:28]
.......................... (idle for 2h7mn)
lilyso, apparently my host was ddosed over the weekend. gotta love spring break. the host is up but the network route is blackholed. whats the process for getting this back on the network?
most places just do like 24 hour block, but this has been down for days now
[09:35]
milkilily: send an email to support [09:41]
.......... (idle for 46mn)
NiTeMaRen locate /connect OFTC
er
try that again?
[10:27]
....... (idle for 33mn)
mercutiomkb: it's usually the modem/router
lily: any idea why it was ddosed?
[11:01]
lilyefnet haters [11:03]
mercutioerk efnet sucks
i got ddos'ed on efnet once
[11:03]
lilybeen there too long to leave [11:03]
mercutiobecause someone wanted my nick [11:03]
lilyyeah
I have a channel thats been established for a decade
I am a popular target sometimes
[11:03]
BryceBotThat's what she said!! [11:04]
lily;) [11:04]
mercutioefnet sucked a decade ago to
too
[11:04]
lilyoh sure [11:04]
mercutioit's nothing new
but last i knew they still hadn't implemented services
or any kind of room management
[11:05]
lilycorrect
its the wild west
[11:05]
mercutioor any way to hide what ip you're using
so people get ddos'ed
[11:05]
lilypeople get ddsed on every network. [11:05]
mercutioi haven't been ddos'ed since using efnet?
since not using efnet
[11:06]
lilyddos is the internet equivalent of tagging
its stupid
[11:06]
mercutiohappens more in poorer areas? [11:06]
lilyheeh
I dunno, lots o popular websites get hit too
[11:06]
bryceclol mercutio [11:11]
lilythe IP I chat from is ddos protected (on another provider), and they dont usually decide to spray everything in my domain down
but its spring break I guess
packet party
[11:12]
........ (idle for 38mn)
mkbmercutio, it's outbound from ARP [11:50]
mercutiomkb: damn i cant' follow now [11:53]
mkbmercutio: the connection dropping [11:53]
mercutiooh you're losing connections from arp to somewhere else?
inside tmux or such
[11:53]
mkbyeah
I mean like once a week
[11:54]
mercutiois it routing via arp, or initiated from arp? [11:55]
mkbfrom here [11:55]
mercutiooh only once a week
that could jsut be network glithces
lots of adsl modems here used to drop connections after a minute or two idle
which could easily be more than once a day if you didn't enable "keep alive"
irc has server pings
so is never truly idle
[11:55]
mkbeven IRC drops occassionally. network glitches it looks like [11:57]
brycecDoesn't tmux's default config have a clock, so it's redrawing at least once a minute. [11:57]
mercutiomy freenode drops about once 1 to 8 weeks
once every
but sometimes if it drops once it'll drop again shortly after
brycec: yeh
brycec: but i think he's talkinga bout losing irc connection?
mercutio does tmux deatch sometimes
well ^Bd
[11:58]
mkbbrycec, if I ssh from inside tmux that connection could be idle (not that ssh doesn't enable keepalive) [11:59]
mercutiolike when i'm sick of getting distracted :) [11:59]
mkbheh [11:59]
brycecVery true. I didn't know if you were running tmux on the remote side
(s/running/using/)
[11:59]
mercutiossh doesn't enable keepalive by default
i don't have keepalive enabled anywhere myself.
[12:02]
mkbmercutio, man ssh_config, /TCPKeepAlive
'The default is "yes"'
[12:03]
mercutioit does key renegotiation occasionally, but that's not often enough to stop nat systems that drop connections a lot
mkb: oh?
[12:03]
brycecBut that's not the same as the server ping. That's just a basic TCP keepalive packet [12:03]
mkbright
ServeAliveInterval is server ping and that is disabled
[12:03]
mercutioi think you need tcp keealive enabled in kernel for that?
oh it does have that enabled by default too. interestnig.
[12:04]
mkbBSD wll do it when SO_KEEPALIVE is set on the socket or the global sysctl is set; I would hope Linux does too [12:05]
mercutioi'm out of date it seems :) [12:05]
mkbI just looked at BSD's code this morning :) [12:05]
mercutiowhere are you sshing to from arp?
is it to your home or something that has nat and a cheap router?
[12:06]
mkbI'm not. I used to use bgp-spamd and the bgp connection would come undone all the time (it keeps a counter and bgpctl show displays it so I noticed...
now there's freenode
what prompted the question was a connection to arp actually
I leave my work computer on and connected and it's invariably disconnected in the night
[12:06]
mercutiobasically most cheap adsl/vdsl/cable/etc routers have really short timeouts to conserve memory [12:07]
mkbat work we've got our own AS and real routers :) [12:07]
mercutiomemory got raised a while ago, but i think the short timeouts persisted to a degree. [12:07]
mkbbut the firewall may be interfering [12:08]
mercutiomy desktop is still crashing :(
i was trying to test ssh connections dying
[12:08]
mkbanyway I left it on with TCPKeepAlive no and ServerAliveInterval on so we'll see what that does [12:09]
mercutioi'm going to do it from my server :/
ok two ssh's to arp to persist inside a tmux :)
i still can't figure out why my desktop is crashing
also the ethernet is wedging occasionally, for some strange reason too
which seems strange considering it's i217v
oh seems like it could be a tso bug from what google says
it seems both intel and broadcom seem to acquire a lot of bugs.
and are both the generally "preferred" server ethernet adapters.
[12:09]
***HotTopic has joined #arpnetworks
HotTopic has left
[12:31]
............ (idle for 58mn)
pjs has quit IRC (Read error: Connection reset by peer)
pjs has joined #arpnetworks
pjs is now known as Guest1495
t1495Gues has joined #arpnetworks
Guest1495 has quit IRC (Ping timeout: 255 seconds)
[13:31]
t1495Gues is now known as pjs [13:48]
......... (idle for 42mn)
mkbmercutio, get to work implementing the new RFC into your TCP stuff :)
scenic routing
[14:30]
mercutiohaha
i have not seen, got a link?
i've just noticed that on fast hosts, using my own curl instead of curl improves performance significantly
i mean i knew it used less cpu and could go faster on really fast networks.
i just didn't expect normal fast hosts for it to make a difference
of like 10 to 20% or something
kind of makes me want to make my curl less ugly :)
[14:31]
mkbhttps://tools.ietf.org/html/rfc7511 [14:44]
brycecDon't forget https://tools.ietf.org/html/rfc7514 [14:44]
mercutiodamn it needs ipv6
RECN
haha
[14:45]
.... (idle for 16mn)
RandalSchwartzsomething odd on kvr07?
my server just went wonky
I'll try a reboot
[15:01]
mercutiohow does amazon get away with having such terrible search? [15:15]
RandalSchwartzyeah - my server still running like molasses [15:17]
mercutiosems strange
bad network or disk or cpu or what?
[15:18]
RandalSchwartznot sure [15:18]
mercutiotracing to kvr07 looks fine [15:18]
brycec(heh, I used to have a vps on kvr07, but no longer) [15:18]
RandalSchwartzyeah... it seems better now.
maybe had a noisy neighbor for a bit
first thing that broke was ssh
hmm. just got a nagios "total processes" alert
maybe I'm getting mail-bombed?
(it's our mail machine)
[15:18]
mercutiois it in swap? [15:22]
RandalSchwartzlooking now
no...
[15:22]
mercutioi've noticed an increase in smtp auth attacks recently in general
ssh has had them for ages regularly
but smtp used to be much more occassional
[15:22]
RandalSchwartzloadav only 2.35 [15:23]
mercutioi like to stay under 0.6 myself :) [15:23]
BryceBotThat's what she said!! [15:23]
mercutioof course that's an arbitary number.
and bsd has higher load averages than linux etc.
[15:23]
RandalSchwartztotal procs only 93
I wonder what my alert is looking for
[15:24]
mercutio2.35 on bsd isn't so bad
doesn't it tell you?
it may have culled smtp processes?
[15:24]
RandalSchwartzI'm just viewing through pagerduty [15:24]
mercutioare you using postfix? [15:24]
RandalSchwartzyes
because M4 sucks. :)
[15:24]
mercutiodo you have maxproc set for smtp in master.cf ? [15:25]
RandalSchwartzhmm. good question [15:25]
mercutioit defaults to off
but i recommend setting it
[15:25]
RandalSchwartzyeah, that would make sense [15:25]
mercutiomy personal mail server has it set to 8
buut if lots of users i'd set it a bit higher
well it depends
i'm going straight through to amavis too
so that amavis procesess it before it hits quueue
smtpd_client_connection_count_limit=2
i'm also setting that
so that any one client can't do more than 2 connections
[15:26]
RandalSchwartzlooks like it defaults to 100
so yeah - I can probably crank that back
[15:27]
mercutioyeah
if you do the client connection limit it'll make you get less alerts
if one user throws many connections at it
if you get 25,000 connections you're screwed whatever you do :)
[15:27]
RandalSchwartzheh [15:28]
mercutiowelll ddos type from random ip's [15:28]
RandalSchwartzok - changed value and "service postfix restart" [15:29]
mercutioyou only need reload
it can take up to a minute for reload to work
[15:29]
RandalSchwartzI'm never sure, especially on master.cf [15:29]
mercutiobut reload is all you need on most postfix changes [15:29]
RandalSchwartzsimple enough to just restart [15:29]
mercutiook. [15:29]
RandalSchwartzserver seems sensible now.
haven't rebooted it in quite a few months though
maybe it was just being bitchy
anyway... pagerduty is happy again.
[15:29]
mercutioheh.
postfix has heaps of new things i haven't paid attention to
the last big change i made is goign straight to amavis instead of going through the mail queue first.
[15:32]
RandalSchwartzI'm using mailroute.info instead [15:37]
mercutiohaven't heard of it
i've been using amavis forever
there may be better options now, but don't want to use something external really
[15:38]
RandalSchwartzit's a paid service
they have access to information I can't possibly have
[15:38]
mercutioi don't get much spam
i do get quite a few promotions
especially from amazon
[15:39]
RandalSchwartzmerlyn@stonehenge.com has been very public for two decades [15:39]
mercutioand the normal linkedin crap etc.
most of my spam comes from google, yahoo etc.
ie free email
[15:39]
........ (idle for 38mn)
up_the_ironslily: lol "packet party" [16:18]
lily:) [16:18]
up_the_ironsmercutio: and lol for suspecting DDoS happens more in poorer areas ;) [16:19]
mercutioup_the_irons: well it was more tagging that happened in poorer areas
err happens
ddos's on efnet are probably just young kids
when i was yonger making free phone calls was popular etc.
but now things seem more destructive towards individuals
[16:28]
up_the_ironsyeah [16:30]
...... (idle for 29mn)
mercutiowhy does windows run out of memory with 32gb of ram on a desktop?
bloody braindead.
[16:59]
...................... (idle for 1h47mn)
***dj_goku_ has joined #arpnetworks
dj_goku has quit IRC (Ping timeout: 265 seconds)
[18:47]
............ (idle for 57mn)
cloudkitsch has joined #arpnetworks [19:46]
............ (idle for 58mn)
cloudkitsch has quit IRC (Remote host closed the connection) [20:44]
...... (idle for 29mn)
mercutioi need a proper target to test on verizon's network, anyone got any ideas?
something that doesn't block ping
oh, verizon.net :)
[21:13]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)