| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | ant has quit IRC (Ping timeout: 250 seconds)
ant has joined #arpnetworks | [06:50] |
| .......................................................................... (idle for 6h5mn) | ||
| mnathani1 has joined #arpnetworks
mnathani has quit IRC (Quit: WeeChat 0.4.3) mnathani1 has quit IRC (Client Quit) mnathani has joined #arpnetworks | [12:56] | |
| mnathani | Test | [13:11] |
| RandalSchwartz | Test succeeded! | [13:19] |
| brycec | Test failed. | [13:21] |
| ......... (idle for 43mn) | ||
| well that was fun... some kind of blip in connectivity
Anyone else? | [14:04] | |
| Might not have been network, my VPS' loadavg hit at least 30 according to munin once things came back. | [14:17] | |
| mercutio | what host? | [14:30] |
| brycec | kvr21
from about 13:45-14:00 ARP time my VPS became unresponsive (syncthing even claimed "Paused state detected, possibly woke up from standby."), then when it came back it got slammed and triggered its OOM killer too I'm still poking through my logs to figure out what happened No reboot or anything at least. Looking at my smokeping slave access logs (the slaves connecting to the master which is this VPS), it looks like there were a handful of missed check-ins. There should be several every 60 seconds, but in that period, at least 1/3 are missing. Packet loss maybe? :/ Looking like it was isolated to ipv6 connections? | [14:33] |
| mercutio | checking disk situation first | [14:38] |
| brycec | Cool. I'm not finding much in the way of definitive evidence of what exactly happened (I wasn't paying attention at the time either) :/ | [14:39] |
| ..... (idle for 23mn) | ||
| *** | mkb has quit IRC (Ping timeout: 240 seconds) | [15:02] |
| mkb has joined #arpnetworks | [15:11] | |
| ................ (idle for 1h18mn) | ||
| jcv has quit IRC (Quit: leaving)
jcv has joined #arpnetworks | [16:29] | |
| ......................... (idle for 2h2mn) | ||
| medum has quit IRC (Ping timeout: 240 seconds)
medum has joined #arpnetworks | [18:32] | |
| ..................... (idle for 1h40mn) | ||
| mnathani_ | I have what seems like a NAT issue
weechat relay on my android device is setup to connect to my residential Public IP this works fine when I am on 4G / LTE but when I return to my home wifi, connecting to this public IP fails | [20:13] |
| brycec | @google hairpin nat | [20:15] |
| BryceBot | 260,000 total results returned for 'hairpin nat', here's 3
Hairpinning - Wikipedia, the free encyclopedia (https://en.wikipedia.org/wiki/Hairpinning) In network computing, hairpinning describes a communication between two hosts behind the same NAT device using their mapped endpoint. Because not all ... Hairpin NAT - MikroTik Wiki (http://wiki.mikrotik.com/wiki/Hairpin_NAT) Sep 16, 2010 ... In the below network topology a web server behind a router is on private IP address space, and the router performs NAT to forward traffic to its ... EdgeMAX - NAT Hairpin (Nat Inside-to-Inside / Loopback / Reflection) (https://help.ubnt.com/hc/en-us/articles/204952134-EdgeMAX-NAT-Hairpin-Nat-Inside-to-Inside-Loopback-Reflection-) Aug 13, 2015 ... Overview. Readers will learn about the NAT Hairpin for EdgeRouter. Typically, a NAT Port Forwarding rule is used from the outside network to ... | [20:15] |
| brycec | ^ That's the name for your issue :)
(Specifically you lack hairpinning) | [20:15] |
| mnathani_ | now all I need to do is figure out how to solve it
GW is Mikrotik if that helps | [20:16] |
| brycec | @google hairpin nat mikrotik | [20:16] |
| BryceBot | 409 total results returned for 'hairpin nat mikrotik', here's 3
Hairpin NAT - MikroTik Wiki (http://wiki.mikrotik.com/wiki/Hairpin_NAT) Sep 16, 2010 ... In the below network topology a web server behind a router is on private IP address space, and the router performs NAT to forward traffic to its ... Port Forwarding from inner network to inner network (hairpin NAT) (http://superuser.com/questions/663820/port-forwarding-from-inner-network-to-inner-network-hairpin-nat) Oct 22, 2013 ... I've successfully setup a port forwarding on a Mikrotik router that translates every request going to WAN ip address on port 8844 (let's say: ... routing - mikrotik nat redirect to local from local - Stack Overflow (http://stackoverflow.com/questions/20163669/mikrotik-nat-redirect-to-local-from-local) I'm using Mikrotik 750GL and I have such a problem: ... your situation need something called Hairpin NAT... all the explanation i will tell you ... | [20:16] |
| brycec | :p | [20:16] |
| mnathani_ | @google mikrotik hairpin | [20:16] |
| BryceBot | 452 total results returned for 'mikrotik hairpin', here's 3
Hairpin NAT - MikroTik Wiki (http://wiki.mikrotik.com/wiki/Hairpin_NAT) Sep 16, 2010 ... In the below network topology a web server behind a router is on private IP address space, and the router performs NAT to forward traffic to its ... Port Forwarding from inner network to inner network (hairpin NAT) (http://superuser.com/questions/663820/port-forwarding-from-inner-network-to-inner-network-hairpin-nat) Oct 22, 2013 ... I've successfully setup a port forwarding on a Mikrotik router that translates every request going to WAN ip address on port 8844 (let's say: ... DHCP/DNS, Port Forward, Hairpin... - MikroTik RouterOS (http://forum.mikrotik.com/viewtopic.php?t=99867) DHCP/DNS, Port Forward, Hairpin... Post by bhlowe » Tue Aug 25, 2015 10:11 pm. Automatically assign DNS record for DHCP client_id [off, dynamic and static, ... | [20:16] |
| mnathani_ | lol | [20:16] |
| mercutio | it would be nice if ipv6 was everywhere
nat is so ick | [20:29] |
| mnathani_ | I was ISP Summit Canada today, and folks there believe IPv6 will be ubiquitous within the next 2 years | [20:30] |
| mercutio | hmm
i'm pessimistic | [20:30] |
| mnathani_ | I think we will see a lot more CGNAT type stuff before IPv6 becomes mainstream | [20:31] |
| brycec | I'm realistic :P | [20:31] |
| mercutio | is this about having ipv6 support available opt-in
or sites actually serving on ipv6? | [20:31] |
| mnathani_ | ISPs rolling it out to subscribers | [20:31] |
| brycec | Though I was surprised to see TWC offering native IPv6 at the home office.
(tcpdump picked up their RAs) | [20:31] |
| mnathani_ | I'd like to know when it will be OK to provide IPv6 only connections | [20:32] |
| brycec | I've been seeing more ISPs offering it than I have websites serving over it.
Google, Facebook, Wikipedia (aka: like 75% of my browsing) are all IPv6 which is great. But Twitter and Netflix are not. | [20:32] |
| mnathani_ | Skype isnt either | [20:33] |
| brycec | Well Netflix actually seems to vary - right now is IPv6 apparently.
(Last I'd checked it was IPv4) | [20:33] |
| mnathani_ | I get BLOCKED
when browsing with IPv6 on | [20:36] |
| brycec | Hulu and Amazon are both IPv4-only as well | [20:37] |
| mercutio | are any public news sites on ipv6 at all?
maybe some cdn ones | [20:37] |
| brycec | Does google.com/news count? :P
wikinews.org is ipv6 | [20:37] |
| mercutio | ebay, amazon, paypal are all ipv4 only
i mean like cnn, fox etc to use american examples :) | [20:37] |
| brycec | I thought you said news, not drivel? | [20:38] |
| mercutio | haha
even if you don't read them lots of people do | [20:38] |
| brycec | And those all return no ipv6 DNS records.
[for me] | [20:39] |
| mercutio | yeah same
i just tried heh, the local news stuff here is ipv4 only too actually ipv6 adoption is rather weak locally | [20:39] |
| brycec | I blame the hobbits. | [20:39] |
| *** | Speakz has joined #arpnetworks | [20:40] |
| mercutio | i just think no-one cares
the biggest news site is using coldfusion | [20:40] |
| brycec | brycec knows a CF dev. He hates it. | [20:40] |
| mnathani_ | my weechat-relay server is running on : 10.10.2.2 port 8001 as well as public IP: port 60001 | [20:40] |
| brycec | That's good to know. I'll start DDOS'ing 10.10.2.2 right away. | [20:41] |
| mnathani_ | what do I need to change this config to: /ip firewall nat add chain=srcnat src-address=192.168.1.0/24 dst-address=192.168.1.2 protocol=tcp dst-port=80 out-interface=LAN action=masquerade | [20:42] |
| brycec | dst-address should be your external IP
dst-port should be 60001 to-address should be 10.10.2.2 (I might be unclear about the port)... | [20:43] |
| BryceBot | That's what she said!! | [20:43] |
| mercutio | any port in a storm | [20:44] |
| brycec | heh | [20:44] |
| mnathani_ | :-) | [20:44] |
| brycec | (Full disclaimer,I'm just going off that mikrotik wiki page, and don't actually know this syntax in the slightest) | [20:44] |
| mercutio | i prefer to touch routeros as little as possible
so don't have deep understanding | [20:44] |
| brycec | (re-reading the wiki, apparently you should ignore what I've said :P) | [20:45] |
| mercutio | mercutio rereads
i don't think i understand the problem | [20:45] |
| brycec | Problem is that from inside his network, he cannot reach $extip:60001 | [20:46] |
| mercutio | oh, you can't connect to your public ip from internal | [20:46] |
| brycec | From outside his network, that works. | [20:46] |
| mercutio | yeah that makes much more sense
i'm sure that's googleable | [20:47] |
| brycec | mercutio: read scrollback ;) | [20:47] |
| mercutio | i mean not the wiki | [20:47] |
| brycec | it was Googled, and here we are now :P | [20:47] |
| mercutio | but real useres.
users the wiki is terrible i'd check the forums | [20:47] |
| brycec | Aw I thought it looked promising. Only difference between the example and mnathani_'s situation is there's a port forward too, not 1:1 port numbering. | [20:47] |
| mercutio | why not just relay to arp? | [20:48] |
| brycec | well there were forum results for that too. :P http://stackoverflow.com/questions/20163669/mikrotik-nat-redirect-to-local-from-local seems promising (complete with port number change) | [20:48] |
| mercutio | relaying through your home setup seems messy
or use a dns naem | [20:48] |
| brycec | If only he had some kind of public server... | [20:49] |
| mercutio | and give internal ip for local lookup | [20:49] |
| brycec | split-horizon DNS? | [20:49] |
| mercutio | yeah | [20:49] |
| brycec | Of course he'd have to change the internal port number too, but no reason not to | [20:49] |
| mercutio | with dnsmasq it's real easy to overload
so you just force a diff ip for local | [20:49] |
| brycec | (It certainly is) | [20:49] |
| mercutio | 1 to 1 port mappings are more sensible too | [20:50] |
| brycec | Not sure I 100% agree with that | [20:50] |
| mnathani_ | I can change the port | [20:50] |
| brycec | Especially with things like RDP - you can't change Windows' port it listens on, and all number of bots look for 3389 | [20:50] |
| mnathani_ | either the public, or the internal one | [20:50] |
| mercutio | oh true
yeh that's windows though i was thinking normal servers :) | [20:50] |
| mnathani_ | actually through a registry change you can change the windows rdp port | [20:51] |
| mercutio | with windows it's probably better to vpn in | [20:51] |
| brycec | And then there are ISP's that block 25/80/443 so you have to port-forward, but you still want the convenience internally | [20:51] |
| mnathani_ | @google change rdp port windows | [20:51] |
| BryceBot | 59,000 total results returned for 'change rdp port windows', here's 3
How to change the listening port for Remote Desktop (https://support.microsoft.com/en-us/kb/306759) Describes how to change the port that Remote Desktop listens on. ... Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has ... Change the Remote Desktop Connection port to your Windows Server (https://kb.iweb.com/entries/23462112-Change-the-Remote-Desktop-Connection-port-to-your-Windows-Server) Mar 29, 2013 ... Windows servers are remotely accessible with Remote Desktop via the TCP 3389 port (default port). In some situations, as when you wish to ... Change Remote Desktop RDP Port (http://tweaks.com/windows/50743/change-remote-desktop-rdp-port/) Port 3389 is the home of the remote desktop protocol that powers Remote Desktop Services on all modern versions of Windows. If your... | [20:51] |
| brycec | (It's always better to VPN in. Or at least do a SSH port-forward)
(Incidentally, that's what I've done in the past with weechat relay) (JuiceSSH) | [20:51] |
| mercutio | i just run weechat inside tmux myself | [20:52] |
| mnathani_ | I think I got the ports and IPs correct, but the out interface is confusing me
I dont have one labeled LAN | [20:55] |
| mercutio | maybe it's a friendly name? | [20:55] |
| mnathani_ | reminder: /ip firewall nat add chain=srcnat src-address=192.168.1.0/24 dst-address=192.168.1.2 protocol=tcp dst-port=80 out-interface=LAN action=masquerade | [20:55] |
| mercutio | out-interface= .. maybe your core issue | [20:55] |
| mnathani_ | I have something called bridge-local | [20:56] |
| mnathani | Hello
Bridge Local worked | [20:57] |
| mnathani_ | never mind
it kicked me off | [20:58] |
| *** | Speakz has left | [21:00] |
| mnathani_ | checking the stackoverflow link now | [21:03] |
| mnathani | Test 2 | [21:08] |
| mnathani_ | brycec: Thank you! Your assistance was much appreciated. I can now weechat over wifi at home | [21:11] |
| brycec | Heh, very good :) | [21:15] |
| .......... (idle for 48mn) | ||
| mercutio | https://twitter.com/arpnetworks/status/664003063124992000 | [22:03] |
| BryceBot | TWITTER: Checking out Telehouse in Germany https://t.co/2htmDzosjp (Tue Nov 10 08:54:01 +0000 2015, retweeted 1 times) | [22:03] |
| mercutio | hmm | [22:03] |
| *** | awyeah has quit IRC (Read error: Connection reset by peer)
awyeah has joined #arpnetworks | [22:10] |
| mercutio | erk
lag 82.398 | [22:11] |
| brycec | PING www.telehouse-rechenzentrum.de (85.90.40.37) 56(84) bytes of data.
64 bytes from telecloud.eu.com (85.90.40.37): icmp_seq=1 ttl=123 time=137 ms | [22:12] |
| mercutio | weird the lag went away, i tried to mtr and there was no loss
well other than layer3 deprioritisation | [22:13] |
| brycec | Telehouse looks quite a bit like a prison https://goo.gl/maps/58NckLhMN512 | [22:14] |
| mercutio | 272 msec from nz
data centres are ugly generally i don't want a pretty data centre myself omg | [22:14] |
| BryceBot | That's what she said!! | [22:14] |
| brycec | lol | [22:15] |
| mercutio | it's even worse than normal :) | [22:15] |
| brycec | Looks totally different from the front side though https://ssl.panoramio.com/photo/92207614 | [22:15] |
| mercutio | it looks like a very old building
it's weird how big it is but not tall weird no ipv6 | [22:15] |
| brycec | (that ping, btw, was from ARP) | [22:16] |
| mercutio | i have 134 from arp | [22:16] |
| brycec | I imagine up_the_irons will arrange transit | [22:16] |
| mercutio | go figure
i don't know much about germany data centres | [22:17] |
| brycec | Actually, Google indidcates that Telehouse has IPv6 in several locations
NY, Bulgaria, etc | [22:18] |
| mercutio | well not their primary site
oh telehouse is UK based isn't it? | [22:19] |
| brycec | Well Telehouse Europe is :p | [22:20] |
| mercutio | oh
www.telehouse.net says location of london, Uk | [22:20] |
| brycec | There's also Telehouse America :P | [22:21] |
| mercutio | cloudflare noc is european.
it's pretty hard to tell where things are based these days :) | [22:21] |
| brycec | "Together with its parent company, KDDI and sister company Telehouse Europe, Telehouse America operate a total of 44 Telehouse-branded global data centers in 23 cities throughout Asia, Africa, North America and EMEA." | [22:21] |
| mercutio | since 1990 when it pioneered Europe's first purpose-build data centre in London.. | [22:22] |
| brycec | CloudFlare has NOCs all over, as evidenced by a NOC Engineer job listing in SFO. | [22:22] |
| mercutio | ahh true, the peering one is somewhere near sweden i'm guessing from phone number
actually it's uk | [22:22] |
| brycec | Well they do have a Stockholm location https://www.cloudflare.com/network-map/ | [22:23] |
| mercutio | cloudflare is growing quite raidly from what is aw
saw it's kind of cool because everyone can have CDN didn't really like the akamai high charging that discouraged small sites. even their pay for pricing isn't that high oh yeah nginx just added http/2 to beta version so http/2 should be around in nginx stable soonish | [22:23] |
| ................. (idle for 1h21mn) | ||
| *** | dj_goku_ has quit IRC (Read error: No route to host)
chrismsnz has quit IRC (Ping timeout: 244 seconds) chrismsnz has joined #arpnetworks dj_goku has joined #arpnetworks dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [23:46] |
| BryceBot has quit IRC (Ping timeout: 244 seconds)
dj_goku has quit IRC (Read error: No route to host) dj_goku has joined #arpnetworks BryceBot has joined #arpnetworks | [23:55] | |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |