↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
Who | What | When |
---|---|---|
mercutio | erratic: nothing wrong with faster speeds
but it doesn't necesarily help :) for some reason i seem to get faster lan 10gbe performance with linux 4.3 over linux 4.2. but i'm still curious why linux 4.2 dips :) but yeah, hardware is only side of the equation you have software etc too, which can greatly impact performance. like the old default retransmit time of 3 seconds meant if you lost one of your initial packets you easily wait an extra 3 seconds for a short (say 4k) document. but especially with smaller files stuff like that can make much more difference than link speed. | [00:10] |
.................................... (idle for 2h57mn) | ||
*** | jpalmer_ has quit IRC (Ping timeout: 276 seconds)
jpalmer has joined #arpnetworks | [03:11] |
................................................ (idle for 3h57mn) | ||
shafire has joined #arpnetworks | [07:09] | |
shafire | hi | [07:10] |
BryceBot | hi | [07:10] |
shafire | can I use the ips from the ipv4 /29 subnet also for other vps? | [07:10] |
...... (idle for 25mn) | ||
*** | ziyourenxiang has joined #arpnetworks | [07:35] |
...... (idle for 25mn) | ||
ziyourenxiang has quit IRC (Quit: Leaving) | [08:00] | |
....... (idle for 33mn) | ||
mkb | shafire: yes | [08:33] |
up_the_irons | shafire: yup | [08:34] |
mkb | obviously only here (well you could tunnel, but that'd be so slow) | [08:34] |
up_the_irons | mnathani_: but those foundry switches still do 4096 active vlans; that's why i chose them actually. Nothing else in the price range did that. | [08:35] |
RandalSchwartz | happy festivus! | [08:39] |
up_the_irons | mercutio: you can default route with just 2000::/3 ? man, ya learn something new every day...
now i'm gonna read up on vxlan too... | [08:41] |
.................. (idle for 1h26mn) | ||
shafire | mkb: up_the_irons: can I also bridge the ips? | [10:08] |
up_the_irons | shafire: whatever you can do on the same broadcast domain should work | [10:09] |
shafire | I am looking for following setup: internet <eth0> VM1 (pfSense [firewall]) <eth1> private network <eth1> VM2 (some linux) | [10:09] |
................... (idle for 1h34mn) | ||
brycec | Yes you can
(Speaking as someone that has stuff behind an OpnSense VM on an ARP dedicated server ) (of course pfSense wouldn't be "eth") | [11:43] |
shafire | how is opensense?
and what do you mean with "eth"? how is your setup? | [11:49] |
brycec | On BSDs, there is no "eth" driver. Depending on the VM setup, you'll either have em or vio.
Opnsense is great (nb: not a typo, there are only 2 'e' in Opnsense) And my setup is a standard bridged configuration with Opnsense sitting on the public side, performing bridging+filtering (no NAT) to a private VLAN. | [11:51] |
shafire | thats what I want
had you pfsense on your radar too? or directly opnsense? | [11:59] |
brycec | I've used pfSense for upwards of a decade :P I'm actually moving away from it to Opnsense. | [12:00] |
mercutio | you normally only have eth0
well on vps's. oh, so you're creating a vlan for eth1 bryce. | [12:13] |
brycec | QinQ, baby | [12:15] |
mercutio | yeh qinq is a nice idea
i prefer openbsd for firewall over freebsd myself. pfsense seemed pretty nifty for "just working" when i tried it though | [12:15] |
brycec | And Opnsense continues that "just works"-ness | [12:21] |
mercutio | i wouldn't think you'd change if that wasn't the case :) | [12:21] |
brycec | I love OpenBSD and use it extensively. But for certain scenarios, I need a point-and-click UI I can point less-advanced individuals at. | [12:22] |
mercutio | yeah
if using command line and vim etc pf on openbsd is nicer and there's less crap freebsd reminded me of slackware when i first used it with all this dialog stuff and redundant stuff you don't need installed by default | [12:22] |
brycec | Not to mention updates/maintenance are a bit simpler - click the update button rather than worrying about what's going to break. | [12:22] |
mercutio | pfsense i suspect gets rid of a lot of that at least. | [12:22] |
brycec | pfSense is based off NanoBSD ;) (which is FreeBSD with all the crap stripped out)
@wiki NanoBSD | [12:23] |
BryceBot | FreeBSD :: FreeBSD is a free Unix-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD). Although for legal reasons FreeBSD cannot use the Unix trademark, it is a direct descendant of BSD, which was historically also called "BSD Unix" or "Berkeley Unix". The first version of FreeBSD was released in 1993, and today FreeBSD is the most widely used... http://en.wikipedia.org/wiki/FreeBSD | [12:23] |
brycec | (FreeBSD v6 introduced "NanoBSD utility")
(https://www.freebsd.org/doc/en/articles/nanobsd/howto.html for those so inclined) | [12:24] |
shafire | and private lan is between vps possible?
cannot find it on the page and the faq is currently not accessable | [12:25] |
mercutio | the faq isn't accessible?
normally all of your traffic is on one vlan, and you can communicate between vps's but it's over a single shared interface on each vps. so you can create tunnels back to one vps, or like brycec was saying you could create a vlan. | [12:27] |
shafire | yeah, not accessible: ping support.arpnetworks.com PING tenderapp.com (192.228.96.20): 56 data bytes Request timeout for icmp_seq 0
maybe it's only me, who knows | [12:29] |
mercutio | support.arpnetworks.com is working for me
both with http and with ping | [12:29] |
brycec | loads for me too | [12:31] |
mercutio | i suppose linking to http://support.arpnetworks.com/kb/vps/are-private-ip-addresses-available-for-vps-to-vps-communication won't work for you then | [12:31] |
brycec | lol | [12:31] |
shafire | no, not working | [12:31] |
brycec | Short Answer
Yes | [12:31] |
mercutio | can you do a traceroute? | [12:31] |
brycec | Long Answer | [12:31] |
BryceBot | That's what she said!! | [12:31] |
brycec | VPS' belonging to the same account are grouped into the same private VLAN. As such, you may assign any RFC 1918 private address to your interfaces. They will not conflict with any other customer.
Additionally, since the VPS' belong to the same private VLAN, using private addresses for VPS to VPS communication is not necessary. In fact, you can communicate between VPS' using their public IPs and since the traffic will not leave your VLAN, you will not be billed for the traffic. BryceBot: no | [12:31] |
BryceBot | Oh, okay... I'm sorry. 'Long Answer' | [12:32] |
shafire | somewhere in voxility.net | [12:32] |
brycec | Drop the traceroute in a pastebin to share | [12:32] |
mercutio | hmm support.arpnetworks.com is actually hosted with tenderapp
i think voxility is some kind of anti-ddos thing, and my route is going via any2ix so may bypass | [12:32] |
shafire | http://pastebin.com/Uxnaz7tC
it worked 2-4h ago | [12:33] |
mercutio | oh voxility is your provider?
what country are you in? | [12:34] |
shafire | UA | [12:35] |
mercutio | heh i don't have anywhere near there to test from
but when i try tracing from various places a lot of routes seem to go over he.net, so i wonder if you can get to www.he.net | [12:36] |
shafire | he.net works | [12:38] |
mercutio | hmm
https://www.voxility.com/shop/connectivity/internet/looking-glass?hostname=support.arpnetworks.com that's kind of nifty, not that it's working. | [12:38] |
brycec | cute
" 4.|-- FILTER-DDoS" | [12:41] |
mercutio | do you have another location you can use it from? | [12:43] |
shafire | yeah, I have a backup provider here | [12:47] |
..... (idle for 22mn) | ||
brycec: thanks for the information
the looking glass gives an error on all destinations or not? | [13:09] | |
brycec | I tried support.arpnetworks.com and arpnetworks.com - only support.arpnetworks.com gave an error, and from all sources. | [13:13] |
...... (idle for 25mn) | ||
mercutio | because it doesn't even seem to leave voxiility's network, i'd suggest to try asking voxility why it isn't working | [13:38] |
................. (idle for 1h22mn) | ||
*** | toeshred has quit IRC (Ping timeout: 272 seconds)
toeshred has joined #arpnetworks | [15:00] |
..................................................... (idle for 4h20mn) | ||
dfshjkl has joined #arpnetworks
erratic has quit IRC (Read error: Connection reset by peer) | [19:22] |
↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |