#arpnetworks 2015-04-25,Sat

relrod_ is now known as relrod [11:26]
staticsafe: you around? [11:34]
........... (idle for 51mn)
.... (idle for 17mn)
anis is now known as anisfarhana
anisfarhana has quit IRC (Changing host)
anisfarhana has joined #arpnetworks
mercutio: i am now [12:56]
staticsafe: you think up_the_irons will announce IPs for a VPS without my own AS? [13:06]
mercutio: nope
you have a /24 ?
staticsafe: do you have a /24 ?
staticsafe: yes [13:13]
mercutio: and is your provider just advertised it with their own ASN atm? [13:13]
staticsafe: indeed [13:14]
mercutio: it's aRIN? [13:14]
staticsafe: yes [13:14]
mercutiolooks to be $550 for an ASN and $100/year
on arin's fee schedule page.
the general issue with multiple providers doing that is it's harder to tell if people are spoofing or such.
staticsafe: im looking to move from my current provider, i'll be asking them to drop the announcement as soon as I'm done moving some stuff [13:15]
mercutioyou could always ask
new asn's juumped to 32 bits too.
staticsafe: nods [13:18]
mercutiothere's no real ip to asn mapping
but if too asn's advertise the same ip address it can look like one provider is spoofing the other provider
actually i wouldn't worry too much, it used to be common.
but it's not considered good practice
wow the average programmer is 42.8 years
err average age for
.... (idle for 18mn)
mnathani_: how can you have your own IP space but no AS Number? [13:53]
staticsafe: someone else is announcing the IP space [13:56]
mercutioarin fees are so much smaller than apnic fees.
mnathani_: that's actually pretty common for legacy space.
mnathani_: can you multihome like that
with no AS
with no AS
staticsafe: nope [14:01]
mercutio: in theory yes. [14:01]
mnathani_: would require coordination among providers? [14:01]
mercutio: nope [14:01]
mnathani_: inbound multihoming or outbound ? [14:02]
mercutio: you can do both [14:03]
mnathani_: does it require anything special from the providers [14:03]
mercutionot really, this is how things like google getting spoofed happens
there's quite a few instances of route hijacking that happen
there's various levels of filtering...
but overall it's a sorry state of affairs.
that said; it's easy to hijack. but it's also reasonably easy to notice hijacking
but there's a reasonably real concern that if it got possible to make false certs easily for instance, it'd be easy to spoof paypal
if you can do damage in a short period of time, ..
something like that
it's one of those issues that people have known about for years..
just like the other issue where you can spoof anyone's ip
the spoofing people's ip addresses makes ddos's harder to track.
and it seems to be less of an issue than it used to be.
but i don't know if it is that providers have done more to stop it, or if there are just more easily hackable sites to ddos from.
RandalSchwartz: there must be well known solutions to system being down when a cron job is schedule to run it anyway lataer. [14:12]
mercutio: arp stops you ddos'ing from random ips. [14:13]
RandalSchwartz: I seem to recall something like "anacron" or something [14:13]
mercutioRandalSchwartz: chronie
and anacron
that stuff all got fixed years back
when linux on desktop became common :)

seems to be lots of information on there.
RandalSchwartzthanks [14:14]
so enzu(budgetvm) leaked routes on any2ix recently.
mnathani_: anyone else tracking the stock price of Amazon and Microsoft over the last few days? [14:23]
mercutio: nope, si it going downor up? [14:23]
mnathani_both going u p
MSoft %10
Amazon closer to %15
i wonder why
amazon web services made shit loads of money
mnathani_: its a solid product offering [14:27]
mercutioit never impressed me :/
at the low end it pretty much sucks to my mind
but they are pretty well known with some big customers.
i really don't understand why people like netflix use aws
mnathani_: Api to control the vms, regions for redundancy [14:30]
mercutioi suuppose it has that going for it
but they have all of their servers everywhere
youu'd think they could just go in house
netflix's web site is pretty bad actually [14:38]
hmm they have a case study
10s of thousands of instances
sounds really expensive :/
mnathani_: thousands of instances and hundreds of open connect appliances at the expense of service providers everywhere [14:48]
.... (idle for 15mn)
m0undsthey didn't design it to be used like a cloud server
"cloud" server in quotes (e.g. a VPS w/dedicated storage)
i think that's the biggest thing lots of folks don't get (not saying you don't, but it's a common misconception about aws and azure both)
brycec: m0unds++ [15:14]
RandalSchwartzOoooh.... fcron.
like regular crons on steroids
brycec: I remember fcron (et al) from my Gentoo days... [15:15]
.......... (idle for 46mn)
mercutiodid anyone ever use the at command?
it seems underused
i uused to just use sleep &&
................... (idle for 1h33mn)
grodyuse atq on fbsd
especially when doing updates to firewall or something critical to a server coponent incase i slam myself out remotely.. have a backup command ready to fire off after x time if i didnt jump in and stop it
s/atq/at/ - although atq is a command related too
just seemed cleaner using it in scripts instead of sleep and &(&&)
it's been around forever, i just don't see it uused much
grody: i still suspend, bg, fg, jobs a lot too [17:42]
mercutio: yeah i do a bit [17:42]
grodyah crap, i broke my bloody aosp repo again - my isp must ♥ me, be downloading like the end of the world is nigh
13GB a pop to download it again
maybe should get a good copy, tarball it, then if i break again just use the good repo
running out of space though... and places to put drives
mercutiocan'y you just back it up
oh right yeh do that :/
or just zfs snapshot it
............... (idle for 1h12mn)
.................... (idle for 1h37mn)
brycecmercutio++ I was going to suggest the same thing (until I got caught up this far)
I typically transfer between 500GB and 1TB a month, my ISP can suck it.

