[00:09] *** Guest52803 is now known as easymac [00:09] *** easymac is now known as Guest96446 [01:09] *** Guest96446 is now known as easymac [01:10] *** easymac is now known as Guest78361 [02:02] is it normal for the he.net tunnel servers to have high pings? [02:02] maybe cos it's free [02:03] i'm getting 135 to 145 msec ping to tunnel end point in lax, then like 190 msec to ge9-12.core1.lax1.he.net [02:10] *** Guest78361 is now known as easymac [02:11] *** easymac is now known as Guest37300 [02:28] mercutio: You could check out https://smokeping.cobryce.com/?target=Internet.HENet [02:29] which fpings all HE tunnel endpoints from ARM [02:29] ahh cool [02:29] oh [02:29] it's hop one after tunnel endpoint that's the issue [02:29] *ARP [02:29] and it's an issue even getting to www.he.net over the tunnel from lax [02:29] where www.he.net is in fremont afaik [02:31] cool [02:31] very useful none hte less [02:31] https://smokeping.cobryce.com/?target=Internet.HENet.NorthAmerica.HEtserv15lax1v4 [02:31] looks coincidental [02:32] but i'm on tserver15.lax1 [02:32] and it seemed to be getting worse and worse [02:32] That would be the same server [02:33] it is [02:33] it's called tserv anyway [02:33] i wasn't thinking and completed it :) [02:33] you'd said "but I'm on" so I thought that you thought you were on a different one [02:33] (it's 02:31, I'm very tired) [02:33] heh [02:34] (so I could've misread, or misunderstood) [02:34] it sucks when you want to test stuff [02:34] and then you find random other unrelated issues :/ [02:34] but it does seem that by far he.net having issues seems to be the central issue with arp ipv6 atm [02:35] and it's hard to know if they're deprioritising tunnel servers or not [02:35] you'd think they wouldn't because advertising and all [02:37] looks like i should get fremont tunnel though [02:38] hmm, los angeles is full now it says [02:44] yeh fremont is more stable [03:11] *** Guest37300 is now known as easymac [03:12] *** easymac is now known as Guest88284 [04:12] *** Guest88284 is now known as easymac [04:12] *** easymac is now known as Guest36510 [05:12] *** Guest36510 is now known as easymac [05:13] *** easymac is now known as Guest96443 [06:13] *** Guest96443 is now known as easymac [06:14] *** easymac is now known as Guest78631 [07:14] *** Guest78631 is now known as easymac [07:15] *** easymac is now known as Guest47870 [08:15] *** Guest47870 is now known as easymac [08:15] *** easymac is now known as Guest77483 [09:15] *** Guest77483 is now known as easymac [09:16] *** easymac is now known as Guest48181 [10:17] *** Guest48181 is now known as easymac [10:17] *** easymac is now known as Guest2326 [10:35] i wonder if i could get a tour of he's fremont dc :D [10:47] mercutio, is there a provider physically located in NZ that offers dedi (looking for a buddy) [10:47] ? [10:48] think it's you lives out that way... [11:18] *** Guest2326 is now known as easymac [11:18] *** easymac is now known as Guest58118 [12:18] *** Guest58118 is now known as easymac [12:19] *** easymac is now known as Guest14559 [12:49] grody: i'm not sure if there's anything good as far as good spec, service, network, etc. [12:49] on front pages or anything [12:51] ugh. racking my brain trying to figure out how to save off ACLs & xattrs w/ rsnapshot/rsync to a ZFS share. i guess this would be the only way: http://superuser.com/questions/247689/backup-file-attributes-restore-them-later [12:53] JC_Denton: that looks like a way [12:53] i don't envy your position :) [12:53] mercutio: yeah. i could run the job after rsnapshot runs. my only concern would be if the file's ACL is changed during that time. [12:53] seems unlikely, though. [12:54] is this for windows acl's or something [12:54] nah, POSIX [12:54] have some interesting dirs that allow things like Apache to write, other users to individually access & execute files, etc. [12:55] maybe i should try that [12:55] i've always used the normal unix permission system [12:55] hangon [12:55] so you have them on zfs [12:55] i like the ACLs, a lot more powerful [12:55] nah [12:55] oh [12:55] i setup a NAS with ZFS [12:56] and i'm trying to backup with rsnapshot [12:56] i see [12:56] which i've done to another ext4 system w/o issue, obviously :) [12:56] i was going to ask why you're using rsnapshot instead of zfs snapshot [12:56] but yeah, with no xattr support on ZFS for FreeBSD [12:56] i'm kinda up the creek w/o a paddle [12:56] you could make a zfs volume on it [12:56] hm? [12:56] and put ext4 on it :/ [12:56] zfs create -V 200G raid/aclbackup [12:57] or something [12:57] then mkfs.ext4fs /dev/zvol/raid/aclbacku [12:57] +p [12:57] sure it's not as clean [12:58] an interesting idea [12:58] but [12:58] hmm, opensolaris had acl support [12:58] no EA/ACL support on FreeBSD's extfs [12:58] ahh [12:59] my really hideous thought is to just make a huge ext4 container served out over NFS that the rsnapshot hosts mount [12:59] but to me that's hideous [12:59] so maybe the recursive getfacl solution is the trick [12:59] so the basic problem is not in zfs but in freebsd? [12:59] yeah, because Linux w/ ZFS supports xattrs and POSIX ACLs [13:00] then maybe you shoudl just use linux? :) [13:00] * mercutio is not suggesting windows [13:00] zfs on linux works ok [13:01] *shrug* [13:01] i bought a freenas mini, so it's running freenas [13:01] i actually kind of like it [13:08] ahh. [13:08] i just do things the manual way :) [13:08] i usually do the same until i get an admin headache ;) [13:11] i'm still wondering about grody's dedicated question :) [13:11] and where i'd go to try and get dedicated server heh [13:11] i could probably ask someone that lives out that way [13:12] the cheapest i've found so far is $295+GST [13:13] and that was without even having redundant power. [13:15] at least that list prices [13:15] there is somewhere i know is cheaper, but they have always been on the dubious side to me [13:19] *** Guest14559 is now known as easymac [13:20] *** easymac is now known as Guest15841 [13:21] there's actually quite a few places that do it it seems [13:21] but they all to have high prices for old hardware [13:23] like $250 for dell poweredge 1950 with 2gb of ram and 1 har-didsk [13:23] I thought tar and rsync both had switches to enable ACL copying. Think rsync's was X [13:24] -A, --acls preserve ACLs (implies -p) [13:24] -X, --xattrs preserve extended attributes [13:24] from my man page for rsync 3.1.1 [13:24] he's using rsnapshot though brycec ? [13:24] which does symlinks etc. [13:25] so even if tar and rsync can support acl's then if the underlying filesystem doesn't support it you're in a dark place. [13:25] (Unless I'm missing something, which I could well be) [13:25] mercutio: I was going with12:48:35 JC_Denton | ugh. racking my brain trying to figure out how to save off ACLs & xattrs w/ rsnapshot/rsync to a ZFS share. [13:25] oh hmm [13:25] i suppose it could end in tarball on the server :) [13:26] and still meet that [13:26] But apparently I was wrong about FreeBSD's ZFS supporting them in the first place. 12:53:57 JC_Denton | but yeah, with no xattr support on ZFS for FreeBSD [13:26] freebsd might now [13:26] freenas usually lags behind [13:27] apparently freebsd supports nfsv4 acl's [13:27] "man zfs" says xattr "is currently not supported on FreeBSD" for 10.1 [13:27] but acl stuff is still good [13:28] https://clusterhq.com/2014/09/11/zfs-suitable-replacement-file-system/ [13:28] this seems to haev a table [13:29] Or as you sorta-mentioned earlier, he could create disk volumes, exported over iscsi and mounted on each system [13:29] Then every guest can format it whatever filesystem works best for the machine being backed up, including ext4 with full ACL/xattr support [13:30] there's something dirty about using iscsi for a backup system :) [13:30] I disagree [13:30] a lot of os's go funny if backup server has issues [13:30] if using iscsi, nfs etc. [13:31] Can't say I've ever experienced that myself [13:31] well if it's down or such [13:31] i suppose as long as you have your cron script so it checks that its' not already running and don't type df it's not toob ad [13:32] although tehre can be things like locate etc too [13:32] Last I checked, locate's default config didn't index netfs mounts [13:32] (on Debian) [13:32] (but it's been awhile since I cared) [13:33] (And it's easy enough to add further exceptions) [13:34] hmm. [13:34] what do you think JC? [13:36] iscsi was my next thought, but meh [13:36] seems like a PITA for such a small backup set [13:37] heh [13:37] i think i could use rsnapshot's post exec to do the recursive getfacl [13:37] it's probably a hell of a lot easier [13:37] trying to decide if i could live with the small and significant chance of the ACL changing [13:37] Are you actively using acls/xattrs? It's been my limited experience that people don't, so perhaps you're not actually losing anything? [13:38] it sounded like he was [13:38] brycec: yeah, i'm using ACLs [13:38] i think the chance of losing things is similar to the chance of losing things from not backing up frequently enough [13:38] i was using xattrs too at one point courtesy of SELinux, but i've since turned that system off [13:38] if you're behind in time and some permissions don't work properly that you just applied [13:38] then at least it'll be stuff you've done recently that you were checking anyway [13:39] because you had to restore from backup.. [13:39] There's also the point to be made that if you're backing up data, you care about the data and not so much the properties of the files. (I worded that funny) [13:39] (tl;dr At least you backed up the contents of the files) [13:39] and having recent data with outdated permissions seems better than having stale data with up to date permissions [13:39] ^ or no data at all ;P [13:40] no data at all sounds easier :) [13:40] why would people want data anyway! [13:40] You can always just create new data [13:40] that's how i used to feel about backups [13:41] why would you want to cling onto the past? :) [13:41] uhh for personal stuff that is [13:41] yeah [13:42] shame ZFS on BSD doesn't have xattr [13:42] worse shame i think is that Linux doesn't support the richacls ZFS/NFSv4 has [13:42] well, support w/o patching the kernel and a ton of coreutils [13:43] aren't nfs acl's better than posix acl's? [13:43] i wonder if it's possible to store the stuff using nfs acl's rather than posix acl's [13:44] NFSv4/Windows ACLs are more fine-grained than POSIX ACLs. [13:45] so freebsd supports nfs acl's, so does freenas support? nfs may be simpler than iscsi [13:45] or it may be possible to use them anyway with rsync or such somehow [13:45] Or maybe just store a copy of the acls/xattrs (getfacls > blah) alongside the backup - no worries whether the underlying filesystem supports it, and no information lost. [13:45] brycec: that's the current plan, the issue is what happens if the ACL changes in between that short time [13:46] mercutio: yeah, rich/nfs acls are nicer, but there's no native linux support for them and rsync can't convert between thet wo [13:47] JC_Denton: take a dump before and a dump after. then compare the two after the copy [13:51] Heck even rsync isn't invulnerable to that and will complain if files have disappeared since rsync started running [13:51] That's why people take filesystem snapshots, backup from that, and destroy the snapshot when complete [13:51] So nothing is changing during the backup (relative to the backup process) [13:52] actually, duplicity might be a better bet for this, no? [13:52] since it tarballs first [13:53] You could just tar in the first place for that matter [13:53] Of course depending on how long the tar takes, you're looking at the same issue [13:53] I think it really boils down to how do you want your backup files, JC_Denton [13:53] *sigh* [13:53] *sigh* [13:53] https://bugs.launchpad.net/duplicity/+bug/558385 [13:54] eg: rsnapshot-like, just a bunch of dated tar files, something more advanced with incremental backups, etc [14:20] *** Guest15841 is now known as easymac [14:21] *** easymac is now known as Guest18142 [14:22] damn. caught my headphone cable on my chair and broke the suspension hardware on the left side. [14:22] audio-technica discontinued them too. grr. [14:34] hmm, zsh just made a huge change to cut and paste [14:34] i'm still trying to figure out how to deal with it :) [14:35] basically if you cut and paste stuff with new lines in it it will come through as a new line, rather than the end of a statement. [14:37] oh it's not so bad, you can still do multiple commands, you just press enter to do them all [14:40] I'm in favor. [14:40] yeh as soon as i realised you can press enter and do them all it's fine [14:41] i used to stick echo on the front of stuff i was cut and pasting [14:41] so as to not run it [14:41] or # [14:42] hopefully it makes the next ubuntu lts [14:43] actually it should [14:46] main concern would be getting used to it, and finding it hardly anywhere [14:53] just rolled a quick ruby script to do the acl and xattr dump on all three rsnapshot instances. cross your fingers for me :) [14:55] * mercutio crosses fingers [15:21] *** Guest18142 is now known as easymac [15:22] *** easymac is now known as Guest39286 [16:22] *** Guest39286 is now known as easymac [16:22] *** easymac is now known as Guest35441 [17:23] *** Guest35441 is now known as easymac [17:23] *** easymac is now known as Guest51726 [18:11] *** m0unds1 has joined #arpnetworks [18:11] *** m0unds has quit IRC (Read error: Connection reset by peer) [18:12] *** m0unds1 has quit IRC (Client Quit) [18:12] *** m0unds has joined #arpnetworks [18:24] *** Guest51726 is now known as easymac [18:24] *** easymac is now known as Guest70739 [19:09] *** NiTe_ has joined #arpnetworks [19:10] *** neish_ has joined #arpnetworks [19:12] *** gizmoguy_ has joined #arpnetworks [19:17] *** neish has quit IRC (*.net *.split) [19:17] *** trobotham has quit IRC (*.net *.split) [19:17] *** gizmoguy has quit IRC (*.net *.split) [19:17] *** rendrag has quit IRC (*.net *.split) [19:17] *** NiTe has quit IRC (*.net *.split) [19:17] *** RandalSchwartz has quit IRC (*.net *.split) [19:17] *** dne has quit IRC (*.net *.split) [19:18] *** NiTe_ is now known as NiTe [19:24] *** Guest70739 is now known as easymac [19:25] *** easymac is now known as Guest57846 [19:26] *** dne has joined #arpnetworks [19:32] *** mike-bur1 has joined #arpnetworks [19:32] *** ChanServ sets mode: +o mike-bur1 [19:37] *** mike-burns has quit IRC (Ping timeout: 272 seconds) [19:44] *** mike-bur1 is now known as mike-burns [20:11] *** hive-mind has quit IRC (Ping timeout: 265 seconds) [20:11] *** Seji has quit IRC (Ping timeout: 265 seconds) [20:12] *** Seji has joined #arpnetworks [20:13] *** hive-mind has joined #arpnetworks [20:25] *** Guest57846 is now known as easymac [20:26] *** easymac is now known as Guest29882 [21:18] *** rendrag has joined #arpnetworks [21:26] *** Guest29882 is now known as easymac [21:27] *** easymac is now known as Guest71863 [22:27] *** Guest71863 is now known as easymac [22:28] *** easymac is now known as Guest50219 [22:28] easymac seems to have issues for a while now [22:29] seems to be around once an hour [23:28] *** Guest50219 is now known as easymac [23:28] *** easymac is now known as Guest24371