***: qbit has quit IRC (Quit: WeeChat 1.4)
qbit has joined #arpnetworks
ziyourenxiang has quit IRC (Quit: Leaving)
brycec: FYI dns.he.net (and all of *.he.net) are having DNS issues - returning empty zones for all queries.
(strangely, tunnelbroker.net is unaffected)
mhoran: Yeah. Not good. :(
brycec: records are starting to reappear now at least
mhoran: Yay.
I only use them as a slave so I guess they had some catastrophic failure!
brycec: (Not yet my whole zone, but a couple records I've tried so far)
I once used them as secondary, then decided to stop wasting my time with my own and go 100% them, afterall they've got massive geographic redundancy and such...
Regretting that now
Weighing a "proper (paid)" dns provider or running my own+he.net for backup
Thinking I'll run my own for a bit, that way I can get an idea of queries-per-month and know how much $provider would cost
ant: well, they returned nxdomain+noerror to queries, so a resolver would cache the response until the negative cache ttl expires and not even try to query another server. so even with other nameservers from other providers some clients would still fail to resolve names under affected domains
***: dne has quit IRC (Ping timeout: 260 seconds)
dne has joined #arpnetworks
jpalmer: brycec: I used he.net for dns for a long time. now I pay the 50c/month for amazon route53.
brycec: If only Route53 supported dual-home access
jpalmer: how do you mean, split views?
brycec: v4 and v6 addresses on their nameservers
I'm currently setting up CF with a test domain of mine
(CloudFlare)
jpalmer: oh, yeah cloudflare is a pretty decent option for dns too.
brycec: Yep, free too
Which is a plus
jpalmer: used them for years as well. Kim and Todd were my friends.
(kim and todd were the names of the 2 DNS servers assigned to my properties.)
oh, I see. by dual-home you meant dual stack. yeah, R53 isn't available via v6 yet.
brycec: Yeah I mis-spoke, sorry :(
jpalmer: np, was just confused for a minute. I was like "uhh, if AWS is anything.. they are multihomed.. so what am I missing" lol
mnathani_: I use dnsmadeeasy - a paid DNS servic
s/servic/service
BryceBot: <mnathani_> I use dnsmadeeasy - a paid DNS service
mercutio: i wish cloudflare didn't need to take over dns :)
up_the_irons: me too
-: dne replaced dnsmadeeasy last year with 3 geographically distributed freebsd virtual machines running nsd
dne: now I can automate zone updates using a version controlled ansible playbook
staticsafe: that is what I do as well! I use BIND instead though
(and Linux)
mhoran: I've been happy with my transition to nsd.
Since BIND was removed from base, I decided not to keep it.
But I could keep my zone files, which was great.
up_the_irons: i like nsd too
mercutio: i shifted from bind 4 to tinydns years ago
openbsd sticking with bind 4 over bind 8 was interesting.
but bind seemed to get worse :)
i've never understood why people wanted to distribute dns when their site was small and non-redundant
there's a slight performance win if you do anycast, but without anycast what use is having dns up if none of your content works
it's kind of like when people used to do backup mx to receive mail when their net connection went down, and then all the spam comes in the back door
although mail delays can be quite bad if you have patchy internet
staticsafe: distributing DNS is cheaper [citation needed] than distributing HTTP
(also DNS is not relevant to just HTTP, reliable DNS means things like e-mail, VOIP etc. works)
not just monetary cost but knowledge cost, distributing DNS is as simple as running two instances of $AUTHDNSSOFTWARE in two separate networks
HTTP requires knowledge of load balancing basics, HTTP basics, SSL termination etc.
mercutio: yeah it's way harder
but if you have a single location with all of your services, and dns works but nothing else works it doesn't help much
you don't really need citation, distributing dns is obviously simpler
staticsafe: :P been stick in paper writing mode for school
stuck*
mercutio: heh
if you have an intermittent dns server it can create delays
mhoran: Having DNS distributed could make it easier to recover from a failure of that single point of failure.
mercutio: so if you have dns in two different locations it can actually increase your chances of performance deficits.
mhoran: Having your MX record not drop off the face of the earth is pretty good.
mercutio: mhoran: now /that/ is true.
mhoran: Given it takes time to change records at your registrar, having that distributed and easy to fail over is nice. So That's why I do it, even though everything else is on ARP.
mercutio: i have distributed dns, and i do think overall it's a good idea, it's just not necessarilly that important.
mhoran: It's a pain in the ass to change shit for my .at domain.
It requires faxing them things!
staticsafe: good to know .at is still a PITA
mercutio: fax!
staticsafe: well
mhoran: I remember having to do that with Network Solutions, 10 years ago!
mercutio: when i first got my own phone line connected i needed to fax them stuff
i'm like what
mhoran: Hah.
mercutio: this was a while back, but even then fax wasn't common
staticsafe: Gandi required me to fax a form once for some ownership change stuff
I was like ...
BryceBot: That's what she said!!
mercutio: people used to do fax spam
the other day i added an extra digit to a phone number accidentally and hit a fax or a modem (i can't tell the difference)
although it sounded more like fax .. as it didn't have that 56k type extra whine in it
how well does fax go over long distance?
staticsafe: not sure, I don't think I've ever done that
mnathani_: I don't think fax works well over VOIP, but I might be wrong
mercutio: no inter state faxes?
well voip is special case
i tried doing fax from modem ages ago
actually i think i had my bbs so it could receive faxes
oh i did, there was some special number you could call and it'd fax back you a report on your phone line quality
or maybe you had to fax them and they faxed you back
staticsafe: anybody looking to understand HTTP load balancing should start with reading the haproxy documentation, it is fantastic
mercutio: i'd love to have the need :)
i find things like wikipedia and torrent sites and so on fascinating when they manage to do high load with low resources.
staticsafe: cache all the things
put Varnish in front of it!
mercutio: and get amiga reliability?
i'd rather just code my own backend in c :)
and have fast backend
there's lots of complications from template based cache systems
where the code is in one or more places and is all put together and presented by some "cache"
often what ends up happening is the cache helps when users aren't logged in, then not nearly as much when they are
because all the dynamic code has to still run, and caching static pages doesn't really help
and so the idea of templates is to mix some dynamic code with some static code, and be able to remember some useful parts of the page and not have to regenerate
usually with a ttl..
which often means that if you hit the ttl expiry suddenly your page load is slower
even if the average is good.
the main local news site here uses varnish, and quite frequently has slow page loads
staticsafe: yeah Varnish won't save your shitty code, bad SQL query design or other such issues
mercutio: apache traffic server actually has a nifty feature called stale-while-revalidate which isn't supported by many browsers.
but basically on a ttl expiry you can send old content, and then in the background fetch new content for the next load
staticsafe: :o
mercutio: the local news site is using cold fusion..
staticsafe: heh
mercutio: so yeah i expect shitty code :)
not that i've seen it.
but pages randomly don't work
mkb: does anyone know what they've done to completely break tab completion on linux?
mercutio: mkb: that's an open-ended question
mkb: I realize that :)
mercutio: linux itself doesn't have tab completion
mkb: bash
mercutio: i find bash terrible for tab completion
upgrade to zsh
mkb: half the time I press tab and it doesn't complete
mercutio: your problem may magically go away :)
mkb: then I type ls and it shows me the file clearly exists
mercutio: are they file names with weird characters in them?
mkb: no ordinary file names like grub.cfg
mercutio: i find bash completes file names when i'm expecting it to complete paramaters to the program i'm running
weird
mkb: grumble... I hate having to configure these things
mercutio: try pressing tab twice
like in /boot/grub i have grub.cfg and grubenv
mkb: I think it's trying to be hyperintelligent and only complete things it thinks can go there
mercutio: and so it doesn't complete by default
mkb: no I've pressed it like 20 times
BryceBot: That's what she said!!
mkb: hah
mercutio: chsh
knoxville: mercutio, hi
I've setup the BGP
solved
mercutio: knox: cool
mkb: I've noticed it won't complete directories sometimes...
mercutio: zsh shows grub.cfg* and grubenv* just below when i press tab once after /boot/grub/grub
bash does nothing in the same situation
if i press twice it shows the two names, then reshows my prompt on a new line
mkb: but it prints it out when you press twice
or does if I start the line with ls
but not with grub2-mkconfig -o ...
BryceBot: That's what she said!!
mercutio: yeh i'm starting the line with ls -l
works for me
although grub-mkconfig for me
mkb: os?
mercutio: arch linux
mkb: aha.. centos here
mercutio: hmm
i've had no problems with completion in years
but i don't regularly use bash
mkb: centos should have zsh package :)
-: mkb reboots it and wonders whether it'll come up with the right kernel without me sitting at the console
mercutio: mkb: is this centos 6 or 7?
mkb: 7
grub2 made configuration a lot more obscure
mercutio: oh
centos 7 is what switched to grub2 isn't it?
mkb: yeah
mercutio: yeh i hate grub2
i have been using systemd-bootd at home
mkb: they've written a bootloader!?
mercutio: i have weird issues with grub having extremely slow output
it's efiboot
err gummiboot
https://wiki.archlinux.org/index.php/Systemd-boot
and efi only
-: mkb isn't allowed to have fast output
mkb: 9600 baud !
mercutio: % cat /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options root=/dev/md1 rw
how's that for simple? :)
mkb: way better than the maze I have to go through with grub2
and sometimes it changes the default on my according to unknown heuristics
mercutio: yeah it's refreshingly simple
i have also set "editor 1", "timeout 3" "default arch" in /boot/loader/loader.conf
mkb: I think yum screws it up
mercutio: and have memtest and some other stuff in there
mkb: see I'm working on the kernel, so I'm always building new ones
and then yum comes along with an update to some super outdated kernel and sets the defaults
mercutio: have you considered doing dev in xen or kvm?
haha
why centos? :)
mkb: this other guy here does use kvm
mercutio: you can actually set the default kernel for grub
mkb: he also doesn't use tab completion because it wasn't in ultrix
mercutio: do you have /etc/default/grub ?
mkb: yeah
but I never did like it
mercutio: GRUB_DEFAULT="Arch Linux, with Linux linux"
you can do something like that
mkb: exactly
mercutio: although there's a new more complex way
it whines when you do it that way but still works :)
mkb: you need the exact string which is hard to get (okay grep 4.5.0+ /boot/grub/grub.cfg)
mercutio: at least on arch which does everything recent
mkb: yeah they won't update centos for a few years
mercutio: not if use vmlinuz-linux or such
and don't put your version number in it :)
mkb: we deploy on centos so... that's why I have to use it
mercutio: do you have virtual environment?
mkb: though I'm thinking about just using something else anyway.. not like the distro matters when you're working on the kernel
mercutio: you can actually tell xen or kvm just to boot a kernel direct
and then point it at the /
mkb: ooh that would be nice
mercutio: then you can continue using your normal userland
and it bypasses boot loader giving a bit quicker boot
and you can boot either one by having different templates or command lines
mkb: I'll have to look into that
mercutio: i tried witing my own simple OS kernel once
it was so annoying rebooting to test changes
mkb: I've tried more than once...
mercutio: i was using a fast booting 386 with grub booting off a floppy and doing a network load
mkb: I used qemu
mercutio: heh this was years ago :)
it's so much easier now
if i was to try again i'd just use xen or kvm
and virtio devices
no hardware support :)
people have been doing cool application as an OS stuff on xen
mkb: initrd takes forever...
mercutio: don't use it then
i'm still annoyed i need initrd for mdadm
you can also use lz4 to make it a bit faster to load if it's cpu bound
mkb: hmm I guess all I need is to compile enough modules in
mercutio: yeah you shouldn't need many.
mkb: I'm pretty sure I already do
make localmodconfig...
mercutio: well take it out and see if it breaks :)
mkb: oh that involves learning grub2 :(
mercutio: % lsmod | wc -l
176
haha
mkb: well it's easy enough to test by pulling it out at the boot prompt
53
mercutio: crazy eh?
this is arch default kernel
you mostly just need disk drivers
even network should be able to load after it's booted
***: dj_goku has quit IRC (Remote host closed the connection)
dj_goku has joined #arpnetworks
Lucifer333 has quit IRC (Quit: Leaving)