***: dwarren has joined #arpnetworks mnathani: anyone else experience a 5 minute network issue? mercutio: i have graphs
i can check
fine from here mnathani: perhaps it was just my vps mercutio: maybe
what kvr?
did you trace the kvr? mnathani: 30 mercutio: yeah hard to know, if it happens again try pinging kvr30 at the same tiem mnathani: will do brycec: KiSpeaking of weird connectivity issues, I'm getting 503's from ecx.images-amazon.com. Makes shopping hard. mercutio: hmm i never see 503s
is that internal server error?
or was that 500
oh http://ecx.images-amazon.com gives 503
it just don't tell me that it's a 503 ***: jbergstroem has quit IRC (Ping timeout: 246 seconds)
jbergstroem has joined #arpnetworks jpalmer: 503 usually is a proxy response, saying no backend servers are available to fulfill a request
and, I'm like 10 hours late. nevermind. brycec: lol, so late :P jpalmer: I know. as usual.
from now on, before I type in here, I'm going to check the time. if it's 5+ hours, resist the urge to type. lol m0unds: you could just type anyway and spark conversation about how late you are
could make a game out of it, commenting on stuff from last week
confuse everyone brycec: haha ***: neish has joined #arpnetworks mercutio: late responses seem fine by me sorressean: I'm setting up an SSL cert for a new site. I know this changes sometimes--is 2048 the best way to go right now? e.g: openssl genrsa -out ~/domain.com.ssl/domain.com.key 2048 kellytk: sorressean: Did you use a third party CA? I'm in the market so I'd be curious to know who you went with if so sorressean: kellytk: I'm going through namecheap, they have comodo SSL which is like $10.
I know there's way more expensive, but I don't need it. m0unds: i've used both gandi and startssl, both of those are alright too kellytk: That's a good deal. Yes I've been pointed to StartSSL. I found gandi didn't have a great reputation m0unds: how so? kellytk: I don't recall particulars m0unds: only caveat i can think of w/startssl is if you use the free cert product, you have to pay them to revoke mercutio: namecheap is cheap enough not to worry imo
you still need to to do chain certificates. m0unds: ah. was just curious because i've never heard anyone say anything bad about them (i've used them for 10+ years myself) kellytk: That's good to know BryceBot: That's what she said!! mercutio: but all the cheap ones are like that
sorressean: most of the stuff that needs to be none now days is on the server
you need to disable sslv3, tls1.0, use longer dh key
and some other stuff
now days hsts has become more popular too BryceBot: That's what she said!! mercutio: which forces ssl sorressean: yeah, I just didn't know if 2048 was good enough. mercutio: https://spritesmods.com/?art=hddhack&page=7 sorressean: or if there was anything else to keep in mind when generating. mercutio: generating i don't think so now
2048 is fine
someone got linux running on a hard-disk firmware sorressean: awesome. thanks.
also that's nuts. kellytk: That's impressive BryceBot: That's what she said!! mercutio: the killer ethernet cards are meant to run linux for qos
in general i think i like the idea of smart devices wehre part of it is the restricted normal firmware and part of it is closer access that OS can upload grody: that hdd hack is awesome
http://imgur.com/WVGGmqo curious pattern
thats just pinging the gateway too mercutio: that looks like buffer bloat grody: http://imgur.com/OMqVwRz
yup kellytk: grody: Which hour of the day is packetloss beginning?
I should also ask the timezone ***: mnathani_ has joined #arpnetworks mnathani_: what do folks think about the google restructuring / alphabet conglomerate? https://investor.google.com/releases/2015/0810.html mike-burns: It's a good effort to avoid a anti-trust lawsuit (or, is it a response to an existing suit?). m0unds: yea, that's what i was thinking too mike-burns mnathani_: I recall they had issues in Europe mercutio: It does seem that European countries are a bit more stringent.
I'm growing to quite like news.ycombinator.com -: brycec much, much prefers lobste.rs mercutio: oh?
never heard of it brycec: lol mercutio: just going there now brycec: cool
It was created because HN has come to suck, to put it bluntly mercutio: i never really read it much until someone was telling me about somethign that was on it
(hsawa)
which i still think is kind of nifty
erk maybe that's not quite it brycec: lobste.rs even has a lovely BBS interface :) mercutio: rwasa
https://news.ycombinator.com/item?id=9948749
i'm not a big fan of assembler web server, but the idea behind improving performance is still interesting. brycec: https://lobste.rs/s/chovpc :P mercutio: even if it's usually php etc that slow web sites down
they did assembler ssh implementation too
with their own ssl code
it's tls where it really bet nginx BryceBot: That's what she said!! mercutio: and alternative ssl implementations are important i think
the reason why rwasa is slower than nginx should be fixable
for some reason on localhost i find lighttpd performs better than nginx for me
but localhost is kind of a special case ***: jbum has joined #arpnetworks mercutio: oh, sendfile support was the reason nginx was faster.
there's also another cool web server that can do reordering and preloading
https://h2o.examp1e.net/ ***: jbum has left