***: grody has quit IRC (Read error: Connection reset by peer)
grody has joined #arpnetworks
acf___ has joined #arpnetworks
acf__ has quit IRC (Ping timeout: 250 seconds)
jpalmer has joined #arpnetworks
sng has joined #arpnetworks sng: I don't suppose any staff are around at the moment? RandalSchwartz: if it's a question, ask it. if it's something that has to change, support@ sng: Well it's a bit of an unusual question. Basically I'm doing a presentation at BSDCan on virtual networking and was trying to get with somebody who might be able to hook me up with a VM or two for a few weeks.
Long shot but worth asking. :)
Also. You Merlyn? RandalSchwartz: I am sng: Cool. You likely don't recall but we meet briefly a few years back. Good to say hi again. RandalSchwartz: cool! pyvpx: sng: what kind of VM? RandalSchwartz: sng - digitalocean.com - you can have a BSD VM up in just 55 seconds BryceBot: That's what she said!! RandalSchwartz: $5/month... and use the promo code FLOSS and you get $10 credit.
it's not Arp, but Arp isn't really set up for short churn like that. sng: RandalSchwartz: Yeah. I like ARP but might not be the best option for this. RandalSchwartz: and yes, I have a freebsd box running there just to do my 9.x and 10.x package builds so I can upgrade my Arp box from 8 to 9 to 10 trivially sng: pyvpx: A few boxes for demo purposes.
Customer: Telarix
Customer #: 43799
Equipment Location/POD: MIA
Event Type: Planned
Risk Level(1-4): 4
Date and Time Requested: MNCC
Scope of Work/Purpose: Add routes at customer request.
Team or Engineer to Perform the work: Netops
Pre-Change Testing Conducted: N/A
Technical Peer Review Performed by: See CR case notes
Maintenance Window Duration:
Customer Impact: none expected
Contact Information for the person requesting the change:
For technical issues regarding this change, contact
================================================
CHANGE
================================================ RandalSchwartz: what is all this? sng: Device name/IP: MIA43799VFW001 -- 10.124.28.28
conf t
route outside 173.252.152.135 255.255.255.255 10.124.28.2 1
route outside 173.252.152.154 255.255.255.255. 10.124.28.2 1 RandalSchwartz: bad paste? sng: end
wr mem
================================================
CHECKOUT
================================================
sh route outside 173.252.152.135
sh route outside 173.252.152.154
================================================
BACKOUT
================================================
Device name/IP: MIA43799VFW001 -- 10.124.28.28
conf t
no route outside 173.252.152.135 255.255.255.255 10.124.28.2 1
no route outside 173.252.152.154 255.255.255.255. 10.124.28.2 1
end
shir.
shit.
Sorry.
Yeah. Bad paste. RandalSchwartz: fascinating stuff though :) sng: Heh.
Not as bad as it could have been. ***: thestereobus has joined #arpnetworks
thestereobus_ has joined #arpnetworks
thestereobus has quit IRC (Ping timeout: 256 seconds)
thestereobus_ is now known as thestereobus
thestereobus has quit IRC (Quit: thestereobus)
cpet has joined #arpnetworks mercutio: my irc warns me if i try to pate taht much stuff brycec: As does mine (irssi and weechat both)
And my company XMPP just auto-converts it into a pastebin :D I love that. mercutio: oh on jabber i like just pasting large amounts of stuff generally
on skype on the other hand it's never wide enough
and so you can't read things like his no route outside lines. brycec: heh. Lines longer than 750 characters, or messages more than 3 lines long get converted into a pastebin to keep the groupchat from being flooded, but still shows the start of the first line. mercutio: it depends how many people you have talking really cpet: paste all the things brycec: We also don't want to needlessly fill the replay buffer cpet: personally I don't like having to load a browser to view something someone pastes, and I will ignore all pastebin's but thats me mercutio: i actually dislike it most when there's a paste intermixed with other content
which tends to happen on irc becausue clients send slow to not kick in auto flooding kicks, whereas jabber etc will tend to stick them all in one go. brycec: (And Jabber supports embedded newlines, where IRC does not) cpet: hnenlnlno
heh
my only means of comms these days is IRC or Email
which didin;t go to well with the ex as I don't use a cel
so trying to comm with me was a rather pain but bleh
with tech savvy freinds I add an account for them and I chat with them using old school ntalk :P mike-burns: I have far too many smartphone-based communication methods. Real friends are on IRC, obviously. cpet: I would use pidgeons if I had the time to care for them mercutio: cpet: what about phone calls? cpet: Home land only
and that is if choose to answer or not mercutio: damn, you seem to be making yourself unavailable. mike-burns: Are phone calls still relevant? I don't get many, and I do Serious Business. mercutio: mike: i make more than i receive. cpet: I just email mercutio: but to me, i'm probably split about 50/50 between phone and skype audio calls these days. cpet: sadly I lost a job cause I refused to create a skype account mercutio: i prioritise real world over phone over email generally cpet: chances are I will reply to an email quicker than I would take a call mercutio: i just feel better with immediate feedback etc.
that sounds annoying cpet :) cpet: you want immediate reply from me good luck with that
takes me 4 days to reply to my moms emails mercutio: i sometimes don't notice emails though cpet: :P mkb: unfortunately the people I do business with love phone calls cpet: mostly do the lack of interest of "how are you" mkb: they never seem to say anything useful during them though mercutio: mkb: haha
i like having multiple methods of communication really cpet: mkb thats about 75% of humans these days mercutio: if everything was phone or email or real world then it'd be more incovenient cpet: I hate when you take a girl out she insists on facebooking while shes talking to you so her attention to you islike 65% mkb: heh mercutio: cpet: then abandon her :) cpet: I normally just walk up and leave leaving her with the bill
yeah mkb: once this guy calls me up 30 minutes before the conference call wanting to know what I was going to say in 30 minutes mike-burns: You're more boring than Facebook? cpet: shes msgs me after "hey where are you"
and I go "home you seem to be more interested in facebook" mercutio: mike: well he did say that he doesn't like answering the phone suggesting that he probably likes to be prepared in advance
so impromptu dates may be hard. BryceBot: That's what she said!! cpet: mike-burns younglings seems to facebook more than eating these days mike-burns: lol @ BryceBot . mercutio: cpet: are you younug? cpet: another thing that pisses me off is when a girl answers her phone and goes outside, like she has something to hide I answer and talk when I had my cel mkb: I completely abandoned facebook a few years ago and haven't looked back cpet: mercutio if you count 31 as young mike-burns: Wait so, either you're complaining about younglings because you're older, in which case maybe you should date someone your own age, or you're complaining about younglings because you're also young, in which case you are quite the rebel and maybe you'll stop rebelling so much in a decade. cpet: mostly answer and say "busy tlak later" "hang up" mercutio: cpet: not particularly, no. i was just wondering about yong uns and fb cpet: mike-burns youngest ive been with so fare was 21 mercutio: i'm cuuriosu about this next generation coming up cpet: the one who insisted facebook was more important was 33 I think mercutio: so apparently 12 year olds gneerally have cellphones these days mkb: she actually said that or just acted like it? mercutio: i didn't have a cellphone until i was 18 or 19 mike-burns: I got my first at 26.
I'm not sure if it's actually important. mkb: mercutio: their attention span is going to be so messed up mercutio: but it didn't seem common to hvae cellphones in school when i was at scohol
mkb: my attention is kind of bad :) mike-burns: I'm sure we had things growing up that our parents didn't, like TV or healthy food or something. cpet: When you leave your cel at the restaurant, roof after working on AC or ex gf's house you tend to wonder "why do I evene have one" mercutio: but yeah it's probably going to be worse. mike-burns: Apparently the current average attention span is 8 seconds.
Goldfish: 9 seconds. cpet: I see my cuz who can't leave her cel for 5 mins mercutio: sometimes i wish i could see what i was like as a kid ;) cpet: and I make fun of her and say the bf can't wait 5 mins for a reply mercutio: because memories always kind of filter through current notions etc. cpet: I was less of a prick when I was a kid mercutio: heh i had a friend who used to always keep forgetting things really quickly cpet: now people talk to me and I have to do some things in my head to see if it's worth talking or not mercutio: but it was mostly about what he was doing cpet: I forget things really quick just cause I don't care heh mercutio: cpet: i forget things i'm not using,.. cpet: russian dewd gave me some money to create a email server took me a week to do something that could of taken hours to do mercutio: like if someone tells me that something that i have no use for, i don't recall it
but if i'm doing something and need to know something and ask someone something and they tell me i'll remember it
there's two components to memory... storage and recall.. cpet: and shits to give mercutio: and a lot of memory problems can just be related to not deciding to store, and psychological.
there's so much information these days it caneasily feel like you're going to overload.
cpet: setting up an email server is kind of complicated these days cpet: if you consider what mrs cookbook says on facebook as "information"
mercutio depends if you want all the addons mercutio: cpet: well uusually you do... cpet: on my personal server I login and use mutt
no imap/etc.. or web based email
but thats personal pref
so my email server took an hour to setup mercutio: so you need dkim, spf, spam filtering, virus filtering, reverse dns, rbl filtering, imap, webmail, ...
on my personal server i do the same cpet.
but my personal server still needs rbls etc. cpet: spam is filtered using dspam mercutio: and it still has spf records etc.
it's all evolved over time though, so i have no idea how long it took to setup cpet: i do the basic and just have the client tell me what else until hes happy and gives me $$ mercutio: cpet: ick :) cpet: anti virus in email is rather vague since most desktops have a anti virus client that filters out email mercutio: yeh cpet: as well as spam
kaspersky does spam filtering
I just create some procmail magic mercutio: i use procmail too heh cpet: but just adding in rbl's kill off a lot of it
or just block off china
:P mercutio: yeha it does help, but i've been getting russian dating spam recently. cpet: nothing wrong with russian dating spam
enjoy the chicks
then block mercutio: cpet: i'm in new zealand, ... some idiots hvae blocked NZ in the past becausue it's in APNIC space...
so sometimes similar to china ip's..
these days you can get better china ip lists. cpet: well
nothign is ever perfect mercutio: yeah i don't want false positives. cpet: if you want your inbox clean as a virgin good luck mercutio: i hate having to check my spam folder. cpet: i just add in a header +++SPAM++++
and keep in my inbox
I run FreeBSD as a desktop so viruses are no use to me
I used to have zoho getting 50-60 spams a day mercutio: ahh ok i go into a diff mailbox. cpet: now I switched over to mail.ru and get 1/2 a week mercutio: my email address is on the web etc.
i got this old domain name
and i tried doing a catch all
and there was so much crap that came in :)
err an expired domain cpet: I have scripts that detect a lot of logins from x and sumps it to my pf table
and bye bye spam
most sane email server will hit your server once
most bad guys will rape your server until blood comes out
doing my stas i see mostly from china nigeria and ru but since I have clients from ru I leave those out mercutio: most of my spam comes from google etc. cpet: no @gmail can enter my mail
sorry but no
i use mailinator a lot for temp
such as dating sites
let the whole world know my user and pass for anatasiadate.com
heh mercutio: haha
some sites block mailinator.
it's pretty cool how they managed to make it efficient etc. cpet: you can add your domain to it
and anything @domain.com will work
the downside to this is email is open so emails about your girlfreind dumping you well gets spread to all
as much as I don't care she did heh mercutio: haha cpet: she used to get threats and death threats after freinds found out online
funny shit mercutio: what why cpet: people are weird I guess
i get a lot of them as well
i just ignore them
working on a rig you get a lot of scum
such as refusing to give someone a towel renders you a few threats, etc..
but IT doesn't pay well here which is why I have a lot of clients in ru grody: i keep on breaking freebsd
all my 8.x boxes are fine.. but every box im using 10.x i keep fluffing and i have nfi why RandalSchwartz: your 8.x boxes might have problems in another two months. :) grody: mm.. hence why im forcing my hand on 10 m0unds: haha grody: it just does a few things differently and im not used to that method RandalSchwartz: I went only to 9
that currently has the same LT as 10
until they press 10 out further, no gain
unless I am mis-membering grody: ahhah.. finally my jails are playing ball
must admit, i do set my fbsd up odd
one more reboot to be sure....
.oO(and this is where it all comes apart) RandalSchwartz: yeah... 9.3 and 10.1 both have the same EOL mercutio: what's 9.2's eol? grody: im actually sorta cheating atm RandalSchwartz: 9.2 not listed grody: i went and installed pfsense and bodging up some jails inside it mercutio: oh freebsd 9.2 is already eol apparently RandalSchwartz: should upgrade. :) grody: 2.2.2 runs 10.1 RandalSchwartz: yeah
... https://www.freebsd.org/security/security.html#sup mercutio: this is silly, why do we have to upgrade all of the time RandalSchwartz: features!
it's not like you have to pay, or anything mercutio: so freebsd 9.2 was released sep 30 2013, and it's already eol.
randal: true RandalSchwartz: well... you pay in time and risk mercutio: it does mean you have to pay attention, but you should pay attention anyway. grody: i have a bot on an irc channel that pulls rss feeds for security advisories RandalSchwartz: yeah - I did all of neil's machines 8.4 to 9.3 over the past month mercutio: what i find a bit irritating is when there's "security" updates like a local user being able to DOS a server using tcp fast open. RandalSchwartz: seems to have worked well, so my machine is next. grody: that and a periodic script regularly emails me pkg audit issues too RandalSchwartz: pulls or polls? mercutio: the only DOS i've ever seen used to fork bombs.
which most servers aren't protected against :/ grody: RandalSchwartz, checks it like once an hour and will post any update.. so pull :P mercutio: but an out of control local user that can cause a server to crash is way less of a problem than remote root vulnerability or the like.
s/to/is/ BryceBot: <mercutio> but an out of control local user that can cause a server is crash is way less of a problem than remote root vulnerability or the like. mercutio: oh wrong line.
hah m0unds: haha mercutio: it should be are aynway i think,
i'm drinking my coffee, why won't it work damnit. m0unds: ugh, verifying x-plane 10 via steam took like an hour
i really wish i could just use their install utility instead mercutio: steam's really slow at verifying normally for some reason. m0unds: yeah, and this is 60GB of tiny files
so even slower mercutio: hard-disk or ssd? m0unds: hard disk, no reason to run it from an ssd
just reduces initial load mercutio: did you set hdparm -a
or readahead with /sys/block m0unds: ask me if i'm in linux
(hint: no) mercutio: oh you're in windows :/
hah
yeh lots of files and windows doesn't really work out that well
linux is ahead of windows in that respect
next you'll say you're using fat :) m0unds: what, i shouldn't be? mercutio: heh -: grody does a silly dance grody: now to figure out why this wont use virtio.. it;s slow as hell on disk mercutio: grody: on a vm? it might not be enabled..
if it was upgraded from old freebsd. grody: mercutio, nah fresh pfsense, then upgrade, then set in loader.conf - it detects the balooning, but nothing else mercutio: pfsense can run vm's? grody: not too major, it wont be doing disk stuff when it;s setup and maxing the disk only seems to kill 50% cpu, so it's kind of a nice slow down
lol nah
it's being ran in the vm
technically it //could// mercutio: well it still might not be enabled grody: bhyve mercutio: hmm
does bhyve support virtio/ grody: *shrug*
using pfsense on arp mercutio: oh, well, yeh, the arp vm might have virtio installed.
err setup grody: then did some aweful buggery to put jails on it - and after 2 days.. woohoo
it did in 10.1.. it sped things right up mercutio: yeah that does sound like buggery. grody: not sure whats going on with this
got them fully controlled in the firewall now mind, just have to get my services setup
have to dismantle my network @home, which means killing off my personal mta and rigging this back up to do that is being fun.. should only take a few hours to turn freebsd into a bloody mail server mercutio: this channel is offtopic more than it's on topic :) grody: heh heh mercutio: i've beem delaying moving my mail server for ages. grody: well, if people were to only chat when they needed help or support, nobody would ever chat :P mercutio: it seems like a pita :) grody: last time i temp moved my mta to arp, i left it there for gone 18 months mercutio: mine's on a vm in nz grody: mines currently sat on an kirkwood arm effort in my cupboard mercutio: yeah i need lots of ram for mutt grody: that was only temp too.. i normally have it sat on a vm in london mercutio: yeh i ssh to mine, so i need low latency :) staticsafe: i retired my self-hosted mail server back in Dec '14
https://asininetech.com/2014/12/20/adios-self-hosted-mail-server/ mercutio: i don't require the maintenance too bad grody: meh, the kirkwood handles
only a 1.2GHz w/ 512MB RAM.. but i only use it to drone stuff onto.. think it runs nginx, postfix and my irc bot
not looking forward to rebuilding the network
i have nfi how i ended up with such stupor mnathani_: http://imgur.com/9fzmpzl
4GB Monster VPS on sale. Now how does Google know to show me that Advert RandalSchwartz: yeah, I keep getting things of sites I visited
even if I'm already a great customer grody: what scares me i use someone elses computer, dont even log on, run a few searches and the ads i see appear
i keep seeing ads for arp RandalSchwartz: we had an #offtopic channel at $work, and people would occasionally ask work questions there. So I'd utter "off-off-topic alert!" staticsafe: rofl mercutio: i think sometimes being offtopic allows people to be on topic better BryceBot: That's what she said!! mnathani_: at IBM we used to use sametime chat, and it sucked mercutio: less prethinking and trying to be right and so on, and more just out with it mnathani_: you needed an invite to get in on a group chat
rather than have a dedicated channel mercutio: that sounds annoying
i don't get any ads myself :/ mnathani_: I normally dont get ads either
but needed to open a third gmail account so used IE
chrome and incognito were already in use m0unds: i stopped running my own mail servers in 2009 or 2010 mnathani_: fastmail m0unds ?
or Google Apps m0unds: personal stuff is on google, work stuff is on office365 ***: Hien has joined #arpnetworks up_the_irons: mnathani_: google picks it up from AdRoll i think, a re-marketing network RandalSchwartz: yeah
I could turn it off, but I find it amusing up_the_irons: we've used AdRoll for years RandalSchwartz: well - today might have been the last floss weekly ever that had a live chatroom
and went out live during the taping
twit.tv as of now will be going to a non-live-stream model grody: is there a pingable IPv6 like there is an IPv4 on ARP? RandalSchwartz: ping6 arpnetworks.com ?
Yeah - arpnetworks.com is on ipv6 grody: i want to use it for latency monitoring.. rather not ping the primary all the time
http://support.arpnetworks.com/kb/main/ip-address-for-ping-tests RandalSchwartz: like a ping is bad? :) grody: 1 a second 24/7 can be annoying for some RandalSchwartz: ahh, understandable grody: i got an IP blocked from google DNS for using their IPs RandalSchwartz: although it would be way below the "background radiation" of the internet as Steve Gibson puts it
I like that term
you open a machine to the net, you get a certain amount of inbound automatically grody: yea the scatter is always fun
a firewall i've been running at home has dropped over 400MB of packets from 2.51TB it's downloaded
over 7 months though
most of that 400 is just probes
s/is/are BryceBot: <grody> most of that 400 are just probes up_the_irons: i like that term too RandalSchwartz: occasionally steve gibson is useful
he grates me sometimes... because he can be close, but wrong. BryceBot: That's what she said!! mercutio: i think it's interesting how the background radiation varies so much by ip address.
as far as ping goes, it's really hard to know what to ping
like how is one supposed to know that 4.2.2.1 is good to ping but 4.2.2.2 isn't
and pinging web sites isn't generally good as they can be shifted onto cdn's frequently
and otherwise be different from the network you're pinging RandalSchwartz: I think the real question is, what do you hope to know by pinging? mercutio: that you're there, i can reach you
but it's like someone poking you on the shoulder, you may respond every time, or you may decide to stop responding if they endlessly do it RandalSchwartz: ping 127.0.0.1 :) mercutio: ping 224.0.0.5 RandalSchwartz: no puede grody: ideally a host within the network that is always on, it's more for monitoring connectivit.. pretty graphs and all that (and so i can smug it in peoples faces how my choice of services rock)
my vDSL @home over the last year has an average ping time of 13ms and not a great deal of loss mercutio: i graph my vdsl at home too
fq_codel really helps for ping. ***: qbit has quit IRC (Ping timeout: 245 seconds)
qbit has joined #arpnetworks
qbit is now known as Guest56962 mnathani_: has nobody been brave enough to install arch on an ARP VPS before? I noticed the ISO is not avaiable for loading RandalSchwartz: people still use linux? :)
I prefer real unix. mercutio: mnathani_: it should be, hmm..
it's in iso_library on mirrors
i think up_the_irons has to run something to pull it in
oh hangon i think it's my fault :/
so it should get pulled whenever things get pulled now. staticsafe: bird> show memory
BIRD memory usage
Routing tables: 71 MB
Route attributes: 30 MB
ROA tables: 192 B
Protocols: 155 kB mercutio: static: bird is nice and light :) staticsafe: Total: 101 MB
not bad for a full v4 table
yeah mercutio: Routing tables: 73 MB
hey you're below me
actually your protocols is above me
it's not too bad with openbgpd too
RIB using 174M of memory
hmm i suppose a bit higher staticsafe: a full v6 table is quite smaller mercutio: yeh
i do find bird still uses a little cpu with route updates,..