Back to Home / #linode / 2011 / 09 / Prev Day | Next Day
#linode IRC Logs for 2011-09-07

---Logopened Wed Sep 07 00:00:06 2011
---Daychanged Wed Sep 07 2011
00:00<Kyhwana>Hm, so, this is weird. There's a box that when we plug it into the LAN (on some unmanaged switches) causes everything on those switches to loss packets/massive ping times
00:00<chesty>turn off spanning tree on the port (just a guess)
00:00<dwfreed>Kyhwana: sounds like eitther a badly configured box or a bad ethernet cable
00:00<@jed>caker cheats
00:01<Kyhwana>wasn't ethernet cable and there was no configuration change
00:01<dwfreed>jed: I take it you just played a game with caker and he won?
00:01<Kyhwana>wasn't the switches either. It was always this box.
00:01<Kyhwana>It's happened on a few other of these boards. (Supermicro X8DTH)
00:01<@jed>I've een on !pi duty for a while, and I missed it
00:02<dwfreed>Kyhwana: It's possible the network card is going bad
00:02<linbot>Kyhwana: Point (0.11698057, 0.42433738) lies within the unit circle. Hits: 108191 of 137356 (π ≈ 3.150674160575439 - 0.009081506985646). http://π
00:02<dwfreed>jed: !pi duty?
00:02<Kyhwana>possibly, but a full power cycle fixes it and it doesn't happen for another six months (then it happens to a completely different board)
00:08-!-devcomp [] has joined #linode
00:16-!-akhomenko [] has joined #linode
00:20-!-techhelper1 [] has joined #linode
00:20<newbie>how do i update /etc/hosts iduring the initial setup?
00:21<nDuff>newbie, ...well, if you want to do _anything_ automatically during initial setup, you'd best be working from a StackScript
00:23-!-andrew_ [~andrew@] has joined #linode
00:24<dcraig>if I find a stackscript I like, the way to use it is to cut and paste all that code into the box in the manager?
00:26<newbie>i was just following the guidelines for the setup, but not sure how to do the step for etc/hosts edit. i did mysql stackscript installation
00:26<newbie>i mean the lamp one
00:29-!-andrew [~andrew@] has quit [Ping timeout: 480 seconds]
00:35<kerle>newbie: the lamp guide for which distro?
00:37<newbie>i'm following this guide, stuck at the edit /etc/hosts step
00:37-!-devcomp [] has quit [Ping timeout: 480 seconds]
00:37<newbie>did the ubuntu installation with LAMP stack
00:38<kerle>newbie: ok, how are you stuck?
00:39<newbie>what's the command to start editing the /etc/hosts file?
00:39-!-jcn [] has joined #linode
00:40<kerle>newbie: sudoedit is a good candidate
00:40<kerle>newbie: sudoedit /etc/hosts
00:44<linbot>New news from forums: CentOS 6 in Sales Questions and Answers <>
00:48<chesty>centos looks to be in bad shape :( stupid lone russians
00:52-!-andrew_ [~andrew@] has quit [Quit: Ping Timeout]
00:53<newbie>thanks kerle. so what would be my system's domain name to put there?
00:54<dcraig>there needs to be some sort of library article about host naming strategies
00:55<dcraig>I like to go with
00:55<chesty> is cute
00:56<newbie>those names are arbitrary?
00:56<dcraig>there's often not a 1-to-1 correspondence between servers, IPs, and hostnames
00:56<dcraig>a single server can have multiple ipv4 and ipv6 IPs and "handle" stuff for countless domain names
00:57<amitz>in relation to previous ranting, i find a (probably undefined but) disturbing behavior. if a fifo blocked 2 echo statement trying to feed the fifo, and the fifo is read, one of the feeding will fail (terminates) in debian squeeze.
00:58<kerle>newbie: correct, mostly arbitrary for /etc/hosts
00:58<newbie>so i can put whatever i want?
00:58<dcraig>newbie, if you own, you might name your machine something like
00:59<dcraig>and then perhaps DNS could be configured such that pointed to your IP, and vice versa
00:59<chesty>the relationship between /etc/hosts and /etc/hostname is important. they have to line up
00:59<newbie>got it thanks
01:00<dcraig>I'm becoming a fan of trying to get away with not messing with /etc/hosts and /etc/hostname at all
01:00<dcraig>linode already assigns you a hostname of sorts, and most of the time the system can figure out what it is
01:00<johnm>newbie: i agree with dcraig. leave the settings on the host and set your pretty name in DNS
01:01<dcraig>but I think this is a controversial position!
01:01<johnm>i live for controversy!!
01:01<bob2>newbies will be 80% less confused over the medium term if their hostname is 'foobar', fqdn is '' and A and rdns match
01:01<johnm>less chance of screwing yourself over if you don't f''' with it
01:01<bob2>especially when they install postfix and no one wants their mail
01:01-!-ksdf2[zz] [] has joined #linode
01:02<dcraig>I doubt I'd want their mail regardless
01:02<johnm>they are probably a spammer and I don't want their mail ;-0
01:02<dcraig>thanks mike
01:03<dcraig>in the default configuration, the A and PTR records already match
01:09-!-JoshMargulis [] has joined #linode
01:09-!-newbie [] has quit [Quit: CGI:IRC (Ping timeout)]
01:15-!-Hellojere [~Hellojere@] has joined #linode
01:15-!-alexgordon [] has quit [Quit: Leaving...]
01:20-!-jcn [] has quit [Ping timeout: 480 seconds]
01:23<vraa>for a long time i didn't understand hostnames and fqdns
01:23<vraa>the linode library is helpful in this in the tutorials
01:25-!-LK- [] has quit [Remote host closed the connection]
01:25-!-fcoury [] has quit [Remote host closed the connection]
01:25-!-niftylettuce [] has quit [Remote host closed the connection]
01:25<dcraig>if you're just going to name your hosts after planets, then the hostname itself ends up carrying very little meaning
01:25<dcraig>almost as little meaning as, say,
01:25<vraa>why is that?
01:25<vraa>how did you know i use planets?
01:26<dcraig>I'm just reading the library guide where they suggest using planets
01:27<dcraig>lots of people suggest not naming the machines after their function, because the function may change over time, a single server can have multiple functions, etc.
01:27-!-arooni-mobile [~arooni-mo@] has quit [Ping timeout: 480 seconds]
01:27-!-LK- [] has joined #linode
01:27-!-fcoury [] has joined #linode
01:27<kerle>sometimes planets change, too. sorry, pluto.
01:28<vraa>i named mine mercury because it was my first
01:29<dcraig>and there's a pretty big camp that thinks the IP address should be defined only once in DNS, such as with IN A
01:29<dcraig>and then if cutename is also hosting your www server and ftp server, you make CNAMES like www IN CNAME cutename
01:29<vraa>i'm sure if it was really big deal, ubuntu-server would do it already
01:30<dcraig>but folks around here are very anti-CNAME
01:30<bob2>I'm pro-simplicity
01:30<bob2>and explaining to people where they can use CNAMEs and where they can't is tedious
01:30<dcraig>it's very simple to just have to update your IP address in one record
01:32<kerle>heck, I don't remember that myself, I would have to check when messing with records which can be CNAMEs
01:32<dcraig>I guess it's just most important to understand the different tradeoffs inherent in all the possible ways you might choose to configure things
01:32<bob2>it is true, but the details are usually quite tangental to what people actually want to do
01:32-!-niftylettuce [] has joined #linode
01:33<dcraig>CNAMEs are so simple though... if a hostname has a CNAME record, it can not have any other records, and it inherits all the records of its target
01:33-!-sivy [~sivy@] has joined #linode
01:33<linbot>New news from forums: How to solve DB replication problem? What if we use Cloud? in General Discussion <>
01:34<bob2>also can't be the target of a MX
01:34<bob2>and people use always end up trying to add them to the root of a zone
01:34<bob2>-> "what's a NS record what's a SOA record"
01:36<peer2>cnames cant have multiple records, right?
01:36-!-peer2 is now known as peerAU
01:36<dcraig>like you can have multiple A records for a hostname?
01:37<dcraig>they can't
01:37<peerAU>thought so
01:37-!-dmor [] has joined #linode
01:37<dmor>anyone from linode around?
01:38<peerAU>i totes forgot to setup my mailserver o.o;;
01:38<dcraig>if you were running your own nameserver, you could configure it to sometimes return one answer and sometimes return a different answer...
01:38-!-chews [] has joined #linode
01:39<peerAU>im using linode's manager
01:39<peerAU>i have enough to worry about
01:39<KyleXY>dmor: that's a pretty stupid question to ask
01:39<bob2>KyleXY: be nice
01:39<KyleXY>dmor: I mean, this *is* #linode..
01:39<dcraig>linode's dns manager doesn't let you do anything crazy
01:39<KyleXY>bob2: I'm just pointing out the obvious :)
01:39*KyleXY isn't being mean
01:39*KyleXY is actually sort of being funny.
01:39<bob2>you are
01:40<dcraig>it's been like an hour since any linode staff has said anything
01:40<dcraig>they might not be around right now
01:40<dmor>that's not to say anyone who actually works there is on right now
01:40<KyleXY>bob2: Man, now if only emotions traveled on the internets :(
01:40<bob2>dmor: likely better to file a ticket if it needs a linode staff reply
01:40<dmor>bob2: agreed, was just hoping to get a quick response this way
01:41<dcraig>their response time on tickets is like 10 seconds
01:41<@jed>dmor: if it's specific to your account, I have to direct you to a ticket. that said, shoot
01:41<@jed>and you have 11 seconds before I fall asleep
01:41-!-zeade [] has joined #linode
01:41<dmor>jed: just wanted to check if a host machine was having issues, I'll file a ticket
01:42<@jed>define 'issues'
01:42<@jed>I'm unaware of any
01:42<dmor>it seems as though the disk io is slow
01:42<@jed>ticket time. be sure to include vmstat 1 30
01:42<@jed>we'll check it out
01:42<dmor>will do, thanks
01:44<chews>jed where is your node?
01:44<chews>sirry dmor rather
01:44<@jed>the cloud.
01:45<chews>as i am in the same boat
01:45<chews>yeah, freemont 303 is giving me pain
01:45<chews>it seems
01:45<dcraig>instead of using names like fremont, you should just use letters, like A, B, C...
01:45<dcraig>and then make it so one person's A is another person's B, etc.
01:46<Musfuut>jed could I pm you please
01:46-!-dmor [] has left #linode []
01:46-!-dmor [] has joined #linode
01:46<@jed>Musfuut: is it something that could be handled in a ticket? I'm due for sleep
01:46<Musfuut>it will be brief I promise
01:47<Musfuut>Thank you
01:47-!-Hoggs [] has joined #linode
01:48<amitz>nDuff: sorry, were you testing it inside gnu screen?
01:51<KyleXY>So, that's wonderful
01:51<KyleXY>When freenode AKILL'ed all of and removed it
01:52<KyleXY>it managed to effectively, in a way, ddos
01:52<KyleXY>POST 500 (Internal Server Error)
01:52-!-gasparro [] has quit [Ping timeout: 480 seconds]
01:52<dcraig>is irccloud like mibbit+bnc?
01:52<KyleXY>dcraig: not nearly as ugly.
01:53<KyleXY>dcraig: And from what I understand, erlang
01:53<dcraig>why does freenode care what irc client people use?
01:53<dcraig>is it because they all show up from the same IP?
01:53<KyleXY>dcraig: It was a fuckup
01:53<KyleXY>they meant to akill
01:53<KyleXY>instead, they did *
01:53<KyleXY>boom went many people, and now they're stuck trying to reconnect
01:53-!-gasparro [] has joined #linode
01:54<KyleXY>and it managed to cause an error somewhere along the line,
01:54<dcraig>my little irc network is configured such that mibbit can pass along the user's actual IP
01:54<KyleXY>dcraig: Ditto
01:54<KyleXY>it's rather easy
01:54<dcraig>I imagine irccloud could support a similar feature
01:54<dcraig>maybe they do
01:54<KyleXY>dcraig: That's not the goal behind it,
01:55<dcraig>what was the goal I said?
01:55<KyleXY>dcraig: they're trying to hide the user's IP's
01:55<KyleXY>dcraig: It's a "feature,"
01:55<dcraig>oh, I didn't think that was the goal
01:55<KyleXY>dcraig: jmcantrell!u324@gateway/web/
01:55<dcraig>I just thought that was a side effect of using a web-based irc client
01:55<KyleXY>dcraig: It was just a mistake on freenode's end
01:56<KyleXY>u324 being that specific users id, probably
01:56-!-karstensrage [] has quit [Remote host closed the connection]
01:56<dcraig>freenode's annoying anyway
01:57<dcraig>it's nice that debian and linode have their own irc network :p
01:58-!-bbtech [~bbtech@] has quit [Ping timeout: 480 seconds]
01:58-!-BurnoPuntzJones [] has joined #linode
02:00<KyleXY>dcraig: it's only natural, eh?
02:02<Obsidian|server>freenode's run as well as a rental car.
02:03-!-bbtech [~bbtech@] has joined #linode
02:03<JoshMargulis>Anyone have thoughts on why a mysql slow log does not show queries?
02:03-!-BurnoPuntzJones [] has quit [Quit: CGI:IRC (Ping timeout)]
02:05-!-ksdf2[zz] [] has quit []
02:08-!-johnm [] has quit [Quit: CGI:IRC (Ping timeout)]
02:10<Defenestrator>JoshMargulis: so it sounds like it *is* logging something, just not what you expect?
02:11<JoshMargulis>it is just not logging any SQL statements, which is what I expect
02:11<Defenestrator>sometimes a large # of smaller queries can slow things down, and random bystanders get blamed
02:12<Defenestrator>Is MySQLd restarting that often?
02:13<JoshMargulis>not sure if it is restarting that often. I am using Heartbeat/DRBD with two Linodes. I don't think this is starting and killing the daemon that often, but do not know for sure.
02:13<Defenestrator>error.log looks kinda big
02:15<JoshMargulis>The error.log file contains the following three lines repeated:
02:15<JoshMargulis>InnoDB: Unable to lock ./ibdata1, error: 11
02:15<JoshMargulis>InnoDB: Check that you do not already have another mysqld process
02:15<JoshMargulis>InnoDB: using the same InnoDB data or log files.
02:15<bob2>mysql </3
02:20<JoshMargulis>@bob2: any more constructive thoughts ? :)
02:20<linbot>irc is not twitter
02:21<Defenestrator>O_o I'd say check what it says.. make sure you don't have multiple mysqld instances starting up
02:22<Defenestrator>I'm not entirely sure what mysqld does when it can't lock ibdata1. I'd expect it to choke and die
02:22<dominikh>the thought of mysql choking to death amuses me :)
02:23-!-chews [] has quit [Quit: CGI:IRC]
02:24-!-Berto [] has quit [Quit: Leaving]
02:25<ajmitch>@bob2 what do you mean it's not twitter? #mysqlhate #randomcrap
02:25-!-dmor [] has quit [Quit: dmor]
02:25<dcraig>you put a @ before bob2
02:25<ajmitch>oh no
02:25<dcraig>instead of putting a comma after bob2
02:25-!-dmor [] has joined #linode
02:26<bob2>dcraig, indeed
02:26<dcraig>or maybe even a colon, if you're feeling brazen
02:26<ajmitch>that's getting pretty daring
02:26<bob2>dcraig, I quite like the comma
02:26<dcraig>bob2: good to know.
02:26-!-Lucent [] has quit [Ping timeout: 480 seconds]
02:27-!-dmor [] has quit []
02:27<linbot>New news from forums: Understanding Dual Stack in Linux Networking <>
02:28<JoshMargulis>I see the following for mysqld:
02:28<JoshMargulis>:~$ ps aux|grep mysqld
02:28<JoshMargulis>mysql 2032 0.1 4.4 110252 22356 ? Ssl 23:24 0:00 /usr/sbin/mysqld
02:28<JoshMargulis>root 2693 0.0 0.1 1840 584 ? S 22:13 0:00 /bin/sh /usr/bin/mysqld_safe --defaults-file=/etc/mysql/my.cnf --pid-file=/var/run/mysqld/ --socket=/var/run/mysqld/mysqld.sock --datadir=/var/lib/mysql --user=mysql
02:28<JoshMargulis>mysql 2837 0.9 10.1 191688 51280 ? Sl 22:13 0:42 /usr/sbin/mysqld --defaults-file=/etc/mysql/my.cnf --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/run/mysqld/ --socket=/var/runmysqld/mysqld.sock --port=3306
02:28<dcraig>that dual stack forum post is giving me a headache
02:28<@jed>actually, that wasn't bad
02:28<bob2>jed, go to bed
02:28<@jed>fixing something
02:28<@jed>it's your fault
02:30-!-ttvd [] has joined #linode
02:30<ttvd>hi, does anyone use dynadot?
02:30<ttvd>they seem to be down
02:30<ttvd>and so is their dns..
02:31<bob2> 14096 IN A
02:31<bob2> 7106 IN A
02:31<boba>ruh roh
02:31<ttvd>do you know what's going on with them?
02:31<ttvd>site is down
02:31<bob2>ttvd, what is your domain?
02:31<ttvd>is this related to patriot act thing?
02:31<boba>It appears to be up
02:32<bob2>your site resolves ok for me
02:32<bob2>but their dns is highly fragile
02:32<ttvd>maybe they are trying to get it back up
02:32<ttvd>i thought tinydns failed on my linode
02:32<ttvd>i am using google dns and i can't resolve either of my domains, neither i can resolve dynadot
02:32<ajmitch>bob2: it's marginally better than ns1 & ns2 having the same IP address
02:33<Daevien>ajmitch: how do you know it's not the same machine with both ips :p
02:33<dcraig>they're not talented enough to get one machine to have two IPs
02:33<@jed>people like to knock over DNS services, I'm guessing a DoS
02:33<Daevien>heh ouch
02:33<ttvd>i've never seen them down in like 8 years
02:34<ttvd>ok thanks guys
02:37<dcraig>even the best networks are occasionally unreachable, so if you have both of your nameservers on the same network, there will be times when your hostnames can not be resolved
02:38<ttvd>well i am using dynadot dns
02:38<ttvd>yah, i see what you are saying
02:38<dcraig>dynadot could run their second nameserver in a different location
02:38-!-gadams [] has joined #linode
02:39*gadams aha
02:39<gadams>What's going on?
02:39<@jed>your mom.
02:39<gadams>jed, do you ever sleep?
02:39<@jed>no, I wait
02:40<dwfreed>jed: are you secretly chuck norris?
02:40<@jed>vote huckabee, bud
02:41-!-ttvd [] has quit [Quit: Leaving]
02:41<gadams>Ron Paul is where its at
02:43-!-fcoury [] has quit [Ping timeout: 480 seconds]
02:43-!-niftylettuce [] has quit [Ping timeout: 480 seconds]
02:43-!-LK- [] has quit [Ping timeout: 480 seconds]
02:44<dwfreed>jed: no thanks, I'm more of a democrat
02:44<dcraig>heh, I got kicked off that irccloud thing :(
02:45<dwfreed>yeah, it's like completely dead, as their setup couldn't handle the mass rejoins of their users after the freenode kline
02:45<dcraig>certainly they're not still mass rejoining
02:45<dwfreed>they are
02:45<dwfreed>it's going slow as freenode ratelimits joins from a host
02:46<dcraig>what a train wreck
02:46<dwfreed>the freenode oper that placed the original kline didn't realize that the username is unique to a user
02:47<dwfreed>and so klined *
02:47-!-Lucent [] has joined #linode
02:47<dcraig>it's a pain to have to remember which IP addresses are used by multiple users
02:47<gadams>oh dear, someone did a good oops.
02:47<dcraig>is freenode supposed to maintain some list of irccloud-like services?
02:48<KyleXY>dcraig: you don't understand eh?
02:48<dwfreed>dcraig: it's mostly done by request of the service, i think
02:48<KyleXY>dcraig: IRCCloud is recognized by freenode, I:Line and all
02:48<dcraig>I understand fine
02:48<KyleXY>dcraig: u3321@gateway/web/
02:49<KyleXY>dcraig: for example.
02:49<KyleXY>dcraig: so yes, a staffer should obviously know..
02:49<dcraig>a web-based irc client has to go around and try to convince all the irc networks to give their users special treatment, and irc networks then have to allow that is essentially an open proxy server to connect unlimited clients to their network
02:50<KyleXY>dcraig: When in reality, this was the worst mistake any oper on any large network could've made.
02:50-!-atula [] has quit [Quit: Leaving]
02:50<dcraig>and then irc networks have to educate all their staff that some list of IP addresses is allowed to be abusive
02:50<KyleXY>dcraig: derp, try again
02:50-!-smed [] has quit [Read error: Connection reset by peer]
02:50<KyleXY>dcraig: Each user gets a userid as an ident
02:50<KyleXY>if a user becomes abusive, easy fix
02:51<dcraig>yeah, ban the open proxy server
02:51<KyleXY>dcraig: akill by ident
02:51-!-smed [] has joined #linode
02:51<KyleXY>dcraig: OK, you're saying it like this
02:51<KyleXY>dcraig: linode is a potential open proxy server.
02:51<KyleXY>dcraig: service even
02:51<dcraig>but in your way the folks running the irc network need to remember all the web-based irc clients and know to make special allowances for them
02:51<KyleXY>so, we're getting some bad stuff from this subnet
02:52<KyleXY>the solution isn't to ban *!*@* is it?
02:52<dcraig>if you run a BNC on your linode and let 200 people connect, yes, you will end up getting your linode's IP banned from most irc networks
02:52<boba>(I would like to see them try that, actually >:D)
02:52<KyleXY>Or if someone wants to fork in 20 bucks
02:52<KyleXY>and then all they have to do is fork in a buck per IP and a reason (not hard to come up with)
02:52-!-scorche [] has quit [Read error: Connection reset by peer]
02:52<KyleXY>it's essentially the same exact thing with irccloud
02:52-!-BBHoss [~bbhoss@] has joined #linode
02:53<dwfreed>You wouldn't make it past 10 users or so, before you hit Freenode's default connection limit
02:53<dcraig>yes, and irc networks ban such IP addresses (or subnets) routinely
02:53<KyleXY>dcraig: the solution is not to ban the entire linode subnet, that'd be retarded
02:53<KyleXY>dcraig: I can guarantee you a LOT of people on freenode are on a linode box,
02:54<dominikh>so, you're comparing banning one host with banning a subnet now?
02:54<linbot>New news from forums: New entry for deny hosts, action needed? in Linux Networking <>
02:54<dcraig>but they're not all connecting from the same IP
02:54<dominikh>thus completely ignoring dcraig's point?
02:54-!-Pupeno_ [] has joined #linode
02:54<KyleXY>dominikh: The point behind this all was someone fucked up, and they realized it after they hit enter..
02:54<Defenestrator>JoshMargulis: er, yeah, that looks like 2 instances of mysqld running. Not good.
02:54<dcraig>and in most cases where your linode example is concerned, perhaps 1 or 2 people are connecting from the same IP, not hundreds
02:55<dcraig>KyleXY, it wasn't much of a fuckup... there was abuse from an IP, and they blocked that IP... end of story
02:55<KyleXY>dcraig: They're a beta service, if you want to fork in the money for them to give each one of their users a free IP, meh, go ahead.
02:55<dcraig>it's not freenode's fault that 200 people are using that same IP, or whatever
02:55<KyleXY>dcraig: They also said it was a mistake, and someone didn't read before hitting enter.
02:55<JoshMargulis>Defenestrator: the other Linode server is running one instance of mysqld, seems like this is the way Heartbeat/DRBD is supposed to work
02:56<Defenestrator>JoshMargulis: I'd suggest stopping mysqld, killing any remaining mysqld instances, and then starting it up again
02:56<dwfreed>KyleXY: freenode staff were not told that irccloud uses unique idents for unique users, so the staff member who placed the kline assumed that they were random, and so their only course of action was to kline *
02:56<KyleXY>dwfreed: from what I'm reading from werdan, that's not the case.
02:56<dcraig>I feel like we're at an impasse where I think irccloud should pass on the user's real IP, and you think irccloud should go around getting special treatment from all the irc networks
02:57<KyleXY>dcraig: then you lose 50% of the point of a bouncer.
02:57<Defenestrator>JoshMargulis: still doesn't sound right to me having more than one instance of mysqld running. Pretty sure it's a bad thing even if it's not the cause of your issues
02:57<KyleXY>At least for whom they're targetting
02:57<dcraig>90% of irc networks allow you to hide your IP from other users on the network
02:57<KyleXY>dcraig: not without a catch, most of the time.
02:57<KyleXY>freenodes for example is waiting 2 weeks.
02:58<JoshMargulis>I guess I'll ask one of the Linode guys that wrote the HA library article
02:58<Defenestrator>DRBD with MySQL's a bit odd too, but not unheard of
02:58<KyleXY>dcraig: I see your point, I'm just putting my points out there too,
02:58<dcraig>where's it say 2 weeks?
02:58<KyleXY>dcraig: Mainly because this is a cool debate
02:59<KyleXY>One moment, getting clarification.
03:00<KyleXY>dcraig: The reply was it depends on the staffer,
03:01<dcraig>so just keep asking until someone says yes?
03:01<KyleXY>From what I see a majority of them go by the pseudo "2 week" policy
03:03<dcraig>so freenode makes people wait 2 weeks to hide their IP, so then irccloud has to offer a service whereupon they hide your IP for you, but then irccloud has to arrange for I:lines from freenode so that the irccloud users with the hidden IPs can connect... and then freenode goes ahead and accidentally bans all the irccloud users anyway because not everyone got the memo regarding the irccloud open
03:04-!-scorche [] has joined #linode
03:04<KyleXY>dcraig: It's a standard bouncer service man
03:04<KyleXY>dcraig: just like any shell provider
03:04<KyleXY>or more specifically, people like geekbouncers..
03:05<dcraig>the cool shell providers have hundreds of IP addresses with really awesome vhosts
03:05<KyleXY>Not sure where you pulled hundreds from
03:05<dcraig>yeah, some of them have thousands
03:05<KyleXY>I've seen a max of like 30 on the decent providers.
03:05<KyleXY>And we wondered where all our ipv4's went ;)
03:05-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
03:06-!-BBHoss [~bbhoss@] has joined #linode
03:07-!-BBHoss_ [~bbhoss@] has joined #linode
03:07-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
03:23-!-gadams [] has quit [Quit: Leaving]
03:28<Musfuut>Is it possible to boot a custom kernel without pv-grub? I don't care about the reason, just is it physically possible to do. Thanks in advance.
03:29-!-fcoury [] has joined #linode
03:30<chesty>not on linode it isn't
03:30<bob2>how do I <contexless odd thing> without using <simple documented solution> for <no reason given>?
03:30<Musfuut>You certain? :) sorry for asking that
03:35-!-peerAU [] has quit [Ping timeout: 480 seconds]
03:36-!-sivy [~sivy@] has quit [Remote host closed the connection]
03:37<chesty>there's no secret options, you choose a linode kernel or pv-grub
03:37-!-sivy [~sivy@] has joined #linode
03:37<Musfuut>Ok thank you chesty, that is extremely good to know right now :)
03:38-!-niftylettuce [] has joined #linode
03:40-!-savetheinternet [] has joined #linode
03:40<linbot>New news from forums: (Dovecot) Mail folders in Email/SMTP Related Forum <>
03:40<savetheinternet>Anyone else having issues in Fremont?
03:41<sirpengi>savetheinternet: what sort of issues?
03:41<savetheinternet>Timeout issues.
03:41<sirpengi>my irc connection is through my linode in Fremont, so my node is doing just fine
03:42<sirpengi>(seeing that I'm still here)
03:42<sirpengi>timeouts while you're doing what?
03:42<savetheinternet>Nevermind, then.
03:43-!-savetheinternet [] has quit []
03:45-!-sivy [~sivy@] has quit [Ping timeout: 480 seconds]
03:46-!-LK- [] has joined #linode
03:46<JoshMargulis>HELP!! with DRBD, both of my nodes are saying they are secondary and the other is unknown
03:47<bob2>you are brave
03:49-!-bbtech [~bbtech@] has quit [Ping timeout: 480 seconds]
03:53<linbot>New news from forums: Convert Drupal-6.22 to Mercury/Pressflow - fatal PHP errors in Web Servers and Web App Development <>
03:54-!-xiphias [] has joined #linode
03:55-!-Aka [] has quit [Quit: leaving]
03:56-!-Aka [] has joined #linode
03:56-!-avit [] has quit [Quit: avit]
04:01-!-bbtech [~bbtech@] has joined #linode
04:01-!-akhomenko [] has quit [Quit: CGI:IRC (Ping timeout)]
04:06-!-zeade [] has quit [Quit: Leaving.]
04:19-!-deming [] has joined #linode
04:21-!-Tigeda [] has quit [Ping timeout: 480 seconds]
04:26<Daevien>akerl: archbang (new version of it out just tonight as i was debating my options. it's arch + openbox setup, pretty decent base that is fairly minimal) running pretty well.
04:28-!-johnathanb [~johnathan@] has joined #linode
04:29-!-memecake_ [] has joined #linode
04:32<xiphias>I read in the FAQ that at the Atlantis data centre the standard IRC ports are filtered, are there any other ports blocked? Are any ports blocked at the other data centres?
04:32-!-smed [] has quit [Read error: Connection reset by peer]
04:33-!-smed [] has joined #linode
04:34<boba>not aware of port filtering at the other locations
04:35-!-memecake [] has quit [Ping timeout: 480 seconds]
04:37-!-Jippi [~jippignu@] has joined #linode
04:37<Solver>`I should think the Atlantis DC would be full of water :)
04:38<boba>think its in an old meat packing factory?
04:38-!-walterheck [] has joined #linode
04:40<boba>no i made that up
04:41<boba>ah, yes, meat freezer warehouse :3
04:42<Solver>so they had good AC already then :)
04:47-!-bbtech [~bbtech@] has quit [Ping timeout: 480 seconds]
04:50<xiphias>nice... Is there any traffic shaping implemented other than potentially enforcing your cap?
04:50<Daevien>50mbit outgoing by default so you don't nuke your cap, put in a ticket and they can up it if you want, just have to be aware of the consequences
04:56-!-BBHoss [~bbhoss@] has joined #linode
04:56-!-BBHoss_ [~bbhoss@] has quit [Read error: Connection reset by peer]
04:57-!-JoshMargulis [] has quit [Quit: JoshMargulis]
04:59-!-jpignite [] has joined #linode
04:59-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
04:59-!-BBHoss [~bbhoss@] has joined #linode
04:59<jpignite>hello linode people
04:59<jpignite>i am having trouble upgrading ubuntu
04:59-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
04:59<jpignite>it seemed like everything worked normally, but now I cannot ping or ssh my linode
04:59-!-BBHoss [~bbhoss@] has joined #linode
04:59<jpignite>any guidance?
05:01<jpignite>i can lish
05:01<jpignite>or use the ajax console
05:01<jpignite>it looks like my iptables are borked
05:01-!-tiny [] has joined #linode
05:01<jpignite>but i can't restore them b/c the file system is read-only
05:02-!-walterheck [] has quit [Quit: Computer has gone to sleep]
05:02<jpignite>on second thought
05:02<jpignite>that is not it
05:03-!-deming [] has quit [Remote host closed the connection]
05:05<xiphias>Any one from Australia/New Zealand that can comment on latency to any of the data centers?
05:05<xiphias>my intention is private use, not a public/commercial site
05:06-!-alexgordon [] has joined #linode
05:06<boba>you can traceroute/mtr to those servers too if you like
05:09<xiphias>sweet, I've already traceroute to :), which a geo ip service tells me is in GA
05:09<ajmitch>xiphias: generally fremont will be the fastest
05:10<boba>the host for is actually in dallas texas :)
05:11*ajmitch gets about 165ms to fremont from nz
05:12-!-Boohemian [] has quit [Ping timeout: 480 seconds]
05:15-!-peerAU [] has joined #linode
05:16<xiphias>geo ip service stands corrected, lol
05:18-!-walterheck [] has joined #linode
05:19<xiphias>thanks for your help, the faq has got everything else I want to know covered
05:21-!-xiphias [] has quit [Quit: leaving]
05:23-!-peerAU [] has quit [Ping timeout: 480 seconds]
05:23-!-smed [] has quit [Read error: Connection reset by peer]
05:24-!-smed [] has joined #linode
05:25-!-Boohemian [] has joined #linode
05:47-!-walterheck [] has quit [Quit: Tribily - Monitor your servers more easily! - ]
05:48-!-peerAU [] has joined #linode
05:48-!-peerAU [] has quit []
05:49<marius>This is how badass my boss is, he got that
05:49-!-Jippi [~jippignu@] has quit [Quit: Jippi]
05:49<marius>For the office :D
05:49-!-walterheck [] has joined #linode
05:49<marius>hells yeah
05:50<chesty>with a bit of water
05:50<marius>and taste
05:51<chesty>the taste is in your head. both colours taste of sugar, your brain just thinks they taste different
05:52<chesty>my dad used to have a slurpy machine 25 years ago, it had two huge gas bottles
05:52<marius>The big question is; are brainfreezes bad for your health
05:52<marius>there's no gas in these...
05:52<marius>oh, it's not slurpies, it's slushies
05:53<chesty>there's a difference?
05:53<marius>and my boss modified them, ripped them apart, they amde oto much noise, so he fitted them with cpu and psu fans instead xD
05:53<marius> have no idea if there's a difference, I would think so since the ydistinguish at ice-bars :P
05:54<chesty>i think thats like asking what the difference between nike shoes and puma shoes
05:55<marius>there's a bigass kittycat on the puma ones!
05:56-!-burningdog [~roger@] has joined #linode
05:56<chesty>the slurpies 25 years ago were way better
05:56<chesty>and get off my lawn
05:57<lastnode>distros back then were way better
05:57<lastnode>damn ubuntu kids get off my lawn
05:59<marius>In thebpast 30 minutes I've had like 20 brainfreezes
06:00<marius>can't be good for my poor brain
06:00<marius>oh chesty! I know a difference!
06:00<marius>slurpies you throw at gleeks
06:00<marius>slushies you drink :3
06:00-!-Knight [] has quit [Quit: Leaving]
06:01-!-Dedalo [~fff@] has joined #linode
06:03-!-walterheck [] has quit [Quit: Computer has gone to sleep]
06:04-!-tiny [] has quit [Quit: Leaving]
06:04-!-daftspunk [] has joined #linode
06:05<daftspunk>hey guys
06:05<daftspunk>can someone assist with setting up a CNAME?
06:07<marius>errm, there's not much ot assist with...
06:07<AlexC_>daftspunk: do you really need a CNAME?
06:07<daftspunk>just wondering how i receive one from another host to my node?
06:08<marius>you set up a virtual host for whatever the cname is
06:08<marius>as long as the cname is poitning to somethign that also point sto your node of course
06:08<daftspunk>obviously other host will have the CNAME definition, but what do i do on the linode side to receive it? under DNS
06:08<AlexC_>daftspunk: "recieve it"??
06:08<Kyhwana>make sense
06:09<mikegrb_>mmm cake
06:09<AlexC_>daftspunk: in basic terms, think of a CNAME as an alias. If I have a CNAME of '' to '', a DNS lookup for '' will return the A record of 'cake.longcat.or'
06:11<AlexC_>hopefully that will make you understand that your question makes 100% no sense
06:11<daftspunk>ok just followed that logic, and it seems like i dont have to set up anything to "receive it"
06:11<daftspunk>so i could create a CNAME and point it to and it will work?
06:12-!-BBHoss [~bbhoss@] has quit [Remote host closed the connection]
06:13<daftspunk>so is this right a CNAME redirects hostname -> hostname, whereas A record redirects hostname -> ip address?
06:14<AlexC_>daftspunk: nothing is redirected, DNS resolves. When you do a DNS lookup on a CNAME, the response will essentially tell the client doing the lookup to start again at the value of the CNAME ... which would then go on to resolve the A record of that
06:14<AlexC_>daftspunk: try it, add a CNAME to one of your domains to another domain, say ''. Then do a `dig +trace A` and look what happens
06:16<daftspunk>thats awesome! ok so redirect is the wrong word
06:16<AlexC_>very much so
06:16<daftspunk>so knowing that, what is the role of MX and how is it different?
06:17<Kyhwana>MX is fore mail
06:19<daftspunk>i know its for mail and has priorities, does it "route" like a CNAME or resolve like an A record?
06:19<AlexC_>daftspunk: `dig MX`
06:20<daftspunk>i'm gonna go with CNAME but with a priority structure?
06:22<daftspunk>...and for a different protocol ?
06:23<lastnode>im trying to setup rsycn from a /var/spool/ directory to a remote server. is it safe to run ssh-keygen as root to generate a key?
06:23<zibri>daftspunk: SRV
06:24<zibri>but it's not as easy as that. the client needs to look at SRV records for them to be useful. it's widespread for e.g. XMPP
06:26<daftspunk>so is this how can resolve to multiple servers (TCP 6667) ?
06:27<hawk>daftspunk: That's probably just a matter of multiple A records
06:29<daftspunk>oh right so SRV is still mail related
06:29<AlexC_>lastnode: yes
06:30<AlexC_>daftspunk: no. However MX records should really be SRV records, but that's just the way it is. SRV you could put any service in
06:31<daftspunk>because smtp is a dinosaur?
06:31<lastnode>AlexC_: is it also safe to run scp as root? the gfiles im gonna rsync will be root owned
06:31<hawk>daftspunk: No, SRV is generic in its design... But it's only widely supported for some new protocols
06:32<AlexC_>lastnode: yes
06:32<AlexC_>lastnode: however, if you can use a less privileged user then go for that
06:33<daftspunk>how do they get a hostname to resolve based on location/ping/round-robin or whatever? does this have anything to do with a LOC record?
06:34<AlexC_>daftspunk: round-robin would just be multiple A records for example, and the resolver cycles through them. Location, you'd need to look into something like geocast/anycast (though I'm not the guy to ask about this)
06:34<lastnode>AlexC_: im trying to rsync database dumps
06:34<lastnode>auto generated database dumps
06:34<lastnode>would anyone having my root public key
06:35<lastnode>be a liability?
06:35<AlexC_>lastnode: why do you think it's called public?
06:35<lastnode>yeah, just cehcking :)
06:36-!-Cromulent [] has joined #linode
06:38-!-johnathanb [~johnathan@] has quit [Ping timeout: 480 seconds]
06:39<linbot>New news from forums: [ Poll ] Linode vs. TOR and internet privacy in Customer Testimonials <>
06:41-!-bbtech [] has joined #linode
06:43-!-bbtech_ [~bbtech@] has joined #linode
06:43-!-abaddon [] has joined #linode
06:44<daftspunk>oh 1 more question, how does a dns server use itself as a nameserver, isn't the cyclic reference?
06:44<daftspunk>the=that a*
06:45-!-JoshMargulis [] has joined #linode
06:46<ivan`>is there something up with AT&T<->NJ NAC?
06:46<daftspunk>eg: whois uses and - how is that possible?
06:47-!-joar_ [] has joined #linode
06:48<AlexC_>!mtr ivan`
06:48<linbot>mtr combines the functionality of traceroute and ping into one easy to use tool, and the output can be useful for determining where the source of a problem is. It can be downloaded from or for Windows. MTR summaries can be retrieved in-channel using the command !mtr-CITY where CITY is fremont, atlanta, newark, dallas or london.
06:48<hawk>daftspunk: There's the concept of glue records
06:49<hawk>daftspunk: (extra A records for such NS hosts added in the parent zone)
06:49-!-bbtech [] has quit [Ping timeout: 480 seconds]
06:49-!-bbtech_ is now known as bbtech
06:49<hawk>daftspunk: Also, whois is not dns, don't rely too much on it
06:49<daftspunk>so glue records are defined at the domain registry?
06:51<hawk>daftspunk: Essentially in situations like that you would have to provide your registrar with both names and IP addresses of the nameservers
06:52<daftspunk>is that a common type of setup?
06:53<hawk>It's not uncommon.
06:54<daftspunk>awesome so when i move foxyhost to linode all i do is notify the registrar of the nodes ip and when the lookup expires every domain using those nameservers will be switched over
06:54<AlexC_>you're planning on running your own nameservers?
06:55<daftspunk>why not?
06:55<Kyhwana>so uh, what are you going to run your own nameservers on?
06:55<AlexC_>because it makes no logical sense, especially with an answer like that daftspunk
06:55<daftspunk>lol its just how it's set up now, i guess i could ask the boss
06:56<Kyhwana>er, so you have two seperate boxes running your nameservers?
06:56<AlexC_>daftspunk: Linode provides you with 5 geographicaly diverse nameserves and a great interface (and API) to manage the zones. Running your own nameservers is pretty dumb unless you have a good reason
06:56-!-Terabyte [] has quit [Ping timeout: 480 seconds]
06:56<daftspunk>yeah one in AU and one in US
06:56<Kyhwana>and your nameservers aren't the same boxes/hosts as what your domains are on?
06:56<daftspunk>well right now as an example, i dont wanna have to change nameservers on 100+ domains
06:56<AlexC_>daftspunk: please don't take this personally, since we all have to learn, but your earlier questions about DNS don't fill me with condifence of you running a nameserver
06:57-!-JediMaster [] has joined #linode
06:57<daftspunk>understood, i was planning on doing plenty of test runs first, plus i have an exisiting (functional) environment to work from
06:58<daftspunk>Kyhwana: ns1 houses all the websites, ns2 is just a backup
06:58<AlexC_>daftspunk: it's good to learn from it, yes. But why bother when Linode will do a much better job, for free :)
06:58<JediMaster>hi guys, I've just been given a 90 question, 18 page "Information Security Due Diligence Review" document to fill out for a very big client (ugh!) and need one of the admins to answer a few questions
06:58<daftspunk>AlexC_: will linode let me us or do i have to change 100 domains to use
06:59<JediMaster>daftspunk: you can make your point to their ip with the correct glue records etc.
06:59<linbot>If you have a question, please just ask it. Don't look for topic experts. Don't ask to ask. Don't PM! Don't ask if people are awake, or in the mood to help. Just ask the question straight out.
06:59<AlexC_>daftspunk: but note; there is no guarantee that the IP addresses of will not change
07:00<JediMaster>Kyhwana, aimed at me?
07:00<JediMaster>Kyhwana, I have too many questions to ask in public chat tbh
07:01<daftspunk>the secondary issue is cPanel support i guess, the server i set up yesterday needs have its DNS managed using the linode GUI and the cPanel records are rendered useless
07:01-!-fisted_ [] has joined #linode
07:01<AlexC_>daftspunk: my plan of action would be to: 1) add the zones into Linode DNS Manager, 2) Change nameservers. 100 isn't going to take that long
07:01<AlexC_>JediMaster: email/ticket may be easier
07:01<JediMaster>yeah I think it may
07:01<daftspunk>lol i appreciate that but pestering the customers for their login details isn't no feasable
07:02<AlexC_>management fail :P
07:02<daftspunk>i dont see the big deal running our own ns?
07:03<AlexC_>daftspunk: 1) you only have 2 locations, 2 < 5. 2) you need to manage it your self
07:04<AlexC_>I mean sure, do it if you want ... it isn't going to bother me, just I see no need especially when there is obviously a lot to still learn (which again is not a bad thing)
07:04<daftspunk>so its an over engineered solution? its been working sweet so far management wise
07:04<AlexC_>daftspunk: it's a "solution" your company has come up with to a problem that doesn't exist
07:04<AlexC_>at least, the problem doesn't exist now - I don't know your past
07:05<daftspunk>ideally i'd like to be able to do a seamless transfer
07:05<AlexC_>daftspunk: do you have AXFR enabled? If so, you can just import the zones into Linoe DNS with 1 click
07:05<AlexC_>(if not, then enable AXFR)
07:06<lastnode>does mutt have a separaet aliases file?
07:07<lastnode>email sent from mutt doesnt use my hostname set in /etchosts and /etchostname
07:07-!-fisted [] has quit [Ping timeout: 480 seconds]
07:07<AlexC_>lastnode: Distro?
07:08<zibri>lastnode: check /etc/mailname
07:10<daftspunk>AlexC_: yep i can enable it
07:10<daftspunk>but realistically how difficult is setting up a server to act as a nameserver? im guessing intermediate difficulty...
07:12<AlexC_>daftspunk: then it'll take no time at all to import the zones (you could use the API as well)
07:12<Kyhwana>lol cpanel
07:12<daftspunk>rgr that, i just dont like my chances of getting clearance on changing the 100 domains
07:13<daftspunk>yeah its whm all teh way
07:13<AlexC_>daftspunk: 100 is a small amount. At my previous work I was dealing with ~8k domains
07:13<AlexC_>oh, and no API for the DNS. Death.
07:14*daftspunk turns key
07:15<daftspunk>no doubt the leg work can be knocked over in a morning, all on different registrars, customers not knowing their details, resetting passwords...zzzzz
07:15-!-DephNet[Paul] [] has joined #linode
07:15<daftspunk>obtaining access is the difficult part
07:15<AlexC_>daftspunk: maybe it's time to propose them moving registrar to one you control? I know the headache you're going to have all too well
07:16<daftspunk>i totally agree with that ^
07:16<AlexC_>"I dont know the password ... can't you hack in?"
07:16<AlexC_>yes client, yes, of course
07:17<daftspunk>when the designated email address is on an expired hostname, thats fun
07:18<daftspunk>fax 100 points of id to... yep im over this already
07:20<daftspunk>at any rate my bro is a network admin, he can bail me out on my ns adventures :D
07:20<daftspunk>epic fail would be bringing down 100 sites
07:21<daftspunk>there's always the option of reverting the glue reference
07:22-!-AlexC_ [] has quit [Quit: Lost terminal]
07:22-!-AlexC_ [] has joined #linode
07:39-!-pclissold_ [] has joined #linode
07:42<AlexC_>stupid question; anyone alive? Since I reconnected none of the chanells I'm in have anyone talking which is quite strange :P
07:42<@Praefectus>you reconnected to the zombie apocalypse, RUN FO YO LIFE
07:43-!-wkl [~wkl@] has quit [Quit: wkl]
07:44-!-pclissold [] has quit [Ping timeout: 480 seconds]
07:44-!-pclissold_ is now known as pclissold
07:45<lastnode>dead island
07:45-!-Cromulent [] has quit [Remote host closed the connection]
07:46<JediMaster>hey admins... ticket # 589393...
07:46<JediMaster>I feel sorry for whoever gets it to answer ;-)
07:47<JediMaster>feel free to pass it on to someone with some more time
07:49*JediMaster wonders if Linode will do their magic and reply in 5 minutes
07:49*JediMaster took 20 minutes to write the questions
07:52<JediMaster>52 questions including sub-questions =)
07:55<JediMaster>10 minutes! I think I've made the admins cry
07:58<JediMaster>pfft, that's already 10 seconds per question
08:02<JediMaster>Praefectus: keeping score?
08:03<JediMaster>Praefectus: also, slow moving, slow moving and clever, or runners?
08:05<@Praefectus>JediMaster: im answering your ticket and its gonna be a bit
08:06<chesty>is $20/month really worth answering 52 questions?
08:07<Kyhwana>oh, some stupid security PCI audit?
08:09-!-quicksketch [] has quit [Quit: quicksketch]
08:10-!-quicksketch [] has joined #linode
08:10<linbot>New news from forums: Linode DNS Manager or Cpanel help in Linux Tips, Tricks, Tutorials <>
08:11<Kyhwana>lol cpanel
08:12-!-mathew [] has joined #linode
08:15<@heckman>Awesome, DNS is broken
08:15<Kyhwana>maybe it's that guy running cpanel?
08:15-!-Deegie [~Deegie@] has joined #linode
08:15<JediMaster>Praefectus: the zombie questions are far more important
08:16<@Praefectus>just finished #48
08:16<JediMaster>Praefectus: and thanks btw =)
08:17<JediMaster>Praefectus: starting at #1?
08:17<JediMaster>kk, thanks =)
08:17<hawk>heckman: Very awesome indeed
08:18*heckman actually needed it
08:19<JediMaster>Praefectus: btw these are all in relation to the London DC, I'm presuming most of the answers will be the same for all of them
08:19<@Praefectus>i figured as much
08:20*rnowak has awakened
08:20<JediMaster>sorry again for the huge list of questions, big companies really are rather anal about data protection
08:21*Praefectus sends them mikegrb_ for their anality
08:21<JediMaster>rightly so, look what happened to Sony!
08:21<@Praefectus>im at #52, steppin out for a smoke quick
08:21<JediMaster>no worries, thanks
08:22*rnowak sends in a ticket with 50 questions... 50 questions regarding cakes
08:22<rnowak>they better know it, or damnit!
08:22*JediMaster looks at mikegrb_
08:22<mikegrb_>mmm cake
08:22<JediMaster>no mmm cake?
08:22<JediMaster>there we go
08:23<mikegrb_>mmm bacon
08:23<AlexC_>bacon is better
08:23<mikegrb_>mmm bacon
08:23<JediMaster>bacon cakes
08:23<JediMaster>cakes with bacon
08:23<JediMaster>cake with bacon
08:23<AlexC_>I don't think that would taste too nice
08:23<rnowak>Bacon goes with everything.
08:23<JediMaster>I just thought mikegrb_ would get all excited about the prospect
08:25-!-nmudgal [~tracker@] has joined #linode
08:26<mikegrb_>mmm bacon
08:26<JediMaster>heh, death by bacon
08:26<mikegrb_>mmm cake
08:26<AlexC_>cake or death?
08:27*AlexC_ <3 Eddie Izzard
08:28<daftspunk>hmmm do you have a flag?
08:28<AlexC_>hehe, that is a good one
08:30-!-stafamus [] has joined #linode
08:31<AlexC_>urgh, now I'm on IRC and watching Eddit Izzard sketches ... maybe one day I'll perfect the art of working
08:31<linbot>New news from forums: How an I change the parameterip_pkt_list_tot of iptables? in General Discussion <>
08:33<@Praefectus>JediMaster: up to 74 now
08:34<JediMaster>Praefectus: cheers
08:34-!-michaelguterl [] has joined #linode
08:35<JediMaster>Praefectus: going to setup 4 small linodes + nodebalancer, can we make sure the linodes, when upgraded before going live that they all go on different hosts?
08:35<@Praefectus>thats done by default dawg
08:36<JediMaster>Praefectus: yeah doesn't happen if you run out of availability though, had 4 x 4GB linodes on the same host 2 months ago, but got them migrated
08:36<@Praefectus>small = 512?
08:36<JediMaster>yeah to start with
08:36-!-Hoggs [] has quit [Read error: Connection reset by peer]
08:36<@Praefectus>then they should go to separate hosts just fine, if they dont jus open a ticket and let us know
08:37<JediMaster>thanks, will do
08:38-!-daftspunk [] has quit [Quit: CGI:IRC (Ping timeout)]
08:38*heckman pokes again
08:38<Kyhwana>maybe they got hacked agian
08:38<lastnode>could nullmailer getting caught in a perpetual loop cause cpu overhead?
08:38-!-stafamus [] has quit [Ping timeout: 480 seconds]
08:38<@heckman>Getting a DNS SERVFAIL now.
08:39<lastnode>my cpu is at 12%, netowrk at 25k from 8pm last night till 6am this morning
08:39<lastnode>then drops to zero
08:39<lastnode>6am is the time i was in here removing mail.err and mail.warn and removing nullmailer
08:39<hawk>heckman: That's what I got earlier when you mentioned it
08:39<@heckman>Well I was earlier too.
08:41-!-bbtech [~bbtech@] has quit [Ping timeout: 480 seconds]
08:42<JediMaster>balls, I have to think of 4 more star wars themed hostnames now =(
08:43<@heckman>why not just lucas? Bit shorter.
08:43<JediMaster>nah, these are character names, but I've run out of original star wars film characters
08:44<hawk>JediMaster: Aha, so now you're forced to take Jar Jar, bwahahaha
08:44<JediMaster>have one single *spit* windows 2k8 server, so called that JarJar
08:44<@Praefectus>thrawn, jango, executor
08:44<@Praefectus>^3 you arent using yet
08:44<JediMaster>thrawn was only in the books, not thought of jango though
08:45<JediMaster>yes, I'm ashamed to say I read the thrawn books when I was small
08:45<JediMaster>Praefectus: was trying to avoid the new film characters, I don't think jango was in the old ones right?
08:46<@Praefectus>nope, the "old" ones only had his clone boba
08:47<linbot>New news from forums: Understanding Dual Stack in Linux Networking <>
08:47<JediMaster>you mean his father?
08:47<JediMaster>er son even
08:47-!-BarkerJr [BarkerJr@2002:1802:e75d:1:444c:9109:4cb2:2039] has quit [Ping timeout: 480 seconds]
08:47<@Praefectus>boba is a clone of jango
08:48<@Praefectus>SpaceHobo: the storm troopers were jango, kthx?
08:48<JediMaster>Praefectus: London is in HEX?
08:48<Nivex>SpaceHobo: BUT OUTSIDE IS SCARY!
08:49<JediMaster>Praefectus: I worked there for a while =D
08:49<@Praefectus>i jus pulled the address off their site
08:49<JediMaster>is that the right datacenter? as there are several
08:49<JediMaster>HEX is one of the smaller, older ones
08:50<@Praefectus>lemme check
08:50<JediMaster>there's Meredian Gate, Soveriegn house and a few others IIRC
08:50<@heckman>Telecity Powergate
08:50<@Praefectus>ya, powergate
08:52<JediMaster>Aww, not been to that one =(
08:52<JediMaster>Thanks very much for the essay of a reply Praefectus, hugely appreciated
08:52<@Praefectus>we have roving kitty snipers in our cage, so dont try gettin in there
08:53<@Praefectus>np, but ill kill you if you send another ticket like that
08:53<JediMaster>Praefectus = cciufo I take it?
08:53<JediMaster>kk, thanks again =D
08:55*JediMaster manages to hit add update instead of "uestions" and wonders how it happened
08:58<auraka>well about time Yahoo got rid of Carol
09:01-!-AphisOne [] has joined #linode
09:06-!-Pupeno_ [] has quit [Ping timeout: 480 seconds]
09:11*heckman slaps lastnode around a bit with a large cactus
09:12-!-nmudgal [~tracker@] has quit [Quit: Leaving]
09:13-!-Eriks [~Eriks@] has joined #linode
09:24-!-akerl [] has quit [Remote host closed the connection]
09:27-!-akerl [] has joined #linode
09:30-!-Pupeno_ [] has joined #linode
09:34<linbot>New news from forums: New entry for deny hosts, action needed? in Linux Networking <>
09:38-!-AphisOne [] has left #linode []
09:38-!-ngranek [~bigjocker@] has joined #linode
09:39-!-bbeausej [] has joined #linode
09:42-!-gasparro [] has quit [Quit: gasparro]
09:44<chesty> <- SpaceHobo
09:46-!-Dedalo [~fff@] has quit [Quit: Dedalo]
09:49<chesty>no, snus, tobacco though
09:49<chesty>SpaceHobo: you love it
09:49<chesty>just watch a few, that's you
09:51<praetorian> - how can anyone say this is a bad song
09:58-!-alforddm [] has joined #linode
09:59<chesty>SpaceHobo: you enjoyed them, didn't you?
10:03<praetorian>Topic: now that CaptainTaco has left Slashdot, is slashdot of any more use then normal
10:03<praetorian>most people did.
10:04<praetorian>or wilpower.
10:07*Hawson still scans the front page
10:07<Hawson>it's rare for me to actually read comments though
10:08<praetorian>i can summarise them for you if you want
10:08<praetorian># First post
10:09<praetorian> # Re: First post
10:09<praetorian> second
10:09<randallman>Forum culture has become so innane since the late 90s :)
10:09<Hawson>praetorian: aye. Which is why I don't bother with the comments usually, and when I do, the browse level is set to about 4...
10:11-!-robjensen82 [] has joined #linode
10:12-!-Guspaz [] has joined #linode
10:12<robjensen82>hi there, I have a .de domain that I'd like to use linode domain name servers for. Is there anything special I need to do to be able to do that?
10:14<akerl>robjensen82: Nothing special, no.
10:14<akerl>Point it at linode's nameservers, add records to the manager, just like any other domain
10:15-!-JSharp [] has quit [Quit: Leaving]
10:15<robjensen82>akerl: ok thanks. I'm using go-daddy for my domain name and for some reason their interface errors. I email their support and they came back with a long list of requirements for the name servers. Just thought there might have been something obvious I needed to do differently
10:16<@heckman>This may be different, as it hasn't come up in a few months, but last I heard the .de hostmaster doesn't allow using the Linode DNS NameServer to host authoritative DNS.
10:16<robjensen82>heckman: it seems that might be the case :/
10:16<praetorian>silly dermans.
10:17-!-niemeyer [] has joined #linode
10:19-!-vynsynt [] has joined #linode
10:19-!-Cromulent [] has joined #linode
10:19-!-userme [] has joined #linode
10:20-!-thingles [~thingles@] has joined #linode
10:22<linbot>New news from forums: Apparently random crashes in General Discussion <>
10:22-!-sivy [~sivy@] has joined #linode
10:25-!-vynsynt [] has quit [Quit: Leaving.]
10:25-!-vynsynt [] has joined #linode
10:28-!-alforddm_ [] has joined #linode
10:28-!-alforddm [] has quit []
10:30<alforddm_>sorry my kid was trying to drive his car on the keyboard
10:31*AlexC_ gives alforddm_ some points
10:32<@Perihelion>What kind of car?
10:32<akerl>Don't lie, you were the one playing with the car
10:33<@Perihelion>This is a test of your parenting skill, btw.
10:34-!-bbtech [] has joined #linode
10:34-!-internat [~nf@] has quit [Read error: Connection reset by peer]
10:35<alforddm_>lol it's a matchbox he loves them
10:35-!-internat [~nf@] has joined #linode
10:36-!-seanh-ansca [] has joined #linode
10:36-!-bbtech_ [~bbtech@] has joined #linode
10:40-!-Cromulent [] has quit [Remote host closed the connection]
10:42-!-bbtech [] has quit [Ping timeout: 480 seconds]
10:42-!-bbtech_ is now known as bbtech
10:53-!-webroasters [~wbeeler@] has joined #linode
10:57-!-jhulten [] has quit [Quit: Computer has gone to sleep.]
10:58<webroasters>hey guys. I have a question. I have a domain hosted with bluehost. I created a sub domain and pointed the sub domain to my linode server ip address (the main domain is not pointed to linode). when I ping the subdomain, nothing happens, it says "ping: unknown host"
10:59<akerl>webroasters: What's the subdomain?
10:59<akerl>(plus the actual domain)
11:00<webroasters>the main domain is "", and the subdomain is ""
11:00-!-robjensen82 [] has quit [Quit: robjensen82]
11:01<webroasters>it's setup correctly on my linode (Ubuntu 10.4 with LAMP setup, and Virtualhost records setup)
11:01<akerl>I see no A record for Are you sure you added the record properly, and allowed time for bluehost to propagate it?
11:01<akerl>I see no A record for Are you sure you added the record properly, and allowed time for bluehost to propagate it?
11:01<webroasters>how long do you think the propogation takes?
11:02<akerl>Not sure. I'd suggest checking with bluehost. Linode's manager updates on 15 minute intervals.
11:03<webroasters>ah, ok. I'll just check back later on, and if nothing has changed, then I'll get worried.
11:05-!-jpignite [] has quit [Quit: jpignite]
11:06*praetorian snugs against Perihelion
11:07<randallman>what, no comments about netbackup? :OP
11:07<praetorian>you deserve everything you have coming
11:08-!-bryen [~bryen@] has quit [Quit: follow @gnome_a11y on Twitter)]
11:09<praetorian>so .. new position .. same company starst in 7 weeks
11:09<praetorian>couldnt get away from my current position any sooner :(
11:10-!-stafamus [] has joined #linode
11:14-!-webroasters [~wbeeler@] has left #linode []
11:14-!-cygnei [~cygnus@] has joined #linode
11:15<amitz>praetorian: happy move?
11:18-!-JSharp [] has joined #linode
11:19-!-nmudgal [~tracker@] has joined #linode
11:21-!-hiru [] has joined #linode
11:22<hiru>Hi I want to know about yourDATA centers to choos
11:22<AlexC_>hiru: what would you like to know?
11:22<JshWright>where are you located?
11:22<hiru>SRi Lanka
11:23<JshWright>where are most of your users located?
11:23<hiru>Sri Lanka
11:23<hiru>over 90%
11:23<akerl>fremont, then? Try the speed tests
11:23<AlexC_>or London
11:23<akerl>London? (Maybe I'm geography failing)
11:24<JshWright>I'd go with fremont. Though, once you factor in the cross-pond latency, the extra 20ms to dallas might be worth the extra reliability
11:24<hiru>I need Best Server Plan you have.... than mean Best Uptime and good servers
11:24<akerl>Ah, it's further west than I'd thought. Yea, maybe london wouldn't be too bad
11:24<akerl>hiru: You want 100% uptime?
11:24<AlexC_>akerl: yeah, I'm not sure if straight across the water tubes would be quicker than land tubes to London :P
11:25<akerl>You want multiple servers, in multiple datacenters, running High Availability configs
11:25-!-copperx [~Adium@] has joined #linode
11:25<akerl>No single datacenter will give you 100%.
11:25<JshWright>hiru: they're all the same in terms of uptime and server performance (though the fremont datacenter has had its share of power related issues lately)
11:25-!-avit [] has joined #linode
11:25<JshWright>100% availability is impossible for any single location though...
11:26<hiru>Ya I know 100% is not possible
11:26-!-tktiddle [] has joined #linode
11:26<hiru>I want Best Server Plant from your
11:26<akerl>hiru: There is no "best dc"
11:26<hiru>Please give me correct answer
11:26<akerl>I just did
11:26<Nivex>hut hut, HIKE!
11:27<JshWright>as I said... Fremont seems to have some power issues, other than that, no one datacenter is more reliable than another (and frankly, fremont's reliablility is still pretty darn good)
11:27<Nivex>asking which dc is best is a bit like asking what is the best tool? A chainsaw won't do you much good when you need a #2 screwdriver.
11:27<hiru>where is your head office and your main servers are located... surely that will be the best place
11:27<akerl>hiru: That's not the case
11:28<chesty>fremont have plans to change ups brand, but we don't get updates from linode about the progress
11:28<JshWright>there are no production server located at Linode's office
11:28<AlexC_>I don't think you'd want a Linode hosted in their office
11:28<randallman>Nivex: or perhaps more like asking if a craftsman #2 screwdriver is better than a Snap on :)
11:28<akerl>Metaphors are like cars
11:29-!-jcn [] has joined #linode
11:29<hiru>for Example Godaddy have Asia Pacfic Data center. But Asia Pacif data center have lot of Band with Issu and Network issu
11:29<hiru>Godaddy US Data center is better than Asia pacic
11:30<akerl>hiru: Linode is not like godaddy
11:30<randallman>akerl: actually simile :)
11:30<dr_jkl>linode is nothing like godaddy
11:30<Nivex>Atlanta may still block ports.
11:30<randallman>since it contains like or as :0
11:30<akerl>randallman: simile is a kind of metaphor :)
11:30*Nivex goes to lunch
11:31<hiru>ok then tell me Trouble Free Linod Data Center to choose from :)
11:31<akerl>hiru: Canada
11:31<AlexC_>hiru: there isn't one
11:32<JshWright>all datacenters will have issues from time to time... that's just a fact of life
11:32<AlexC_>hiru: *all* data centers will have issues. *all* Linode hosts will have issues
11:32<AlexC_>pick the one that you get the best response time to (like you've been linked to 2 or 3 times), hiru
11:32-!-alforddm_ [] has quit [Ping timeout: 480 seconds]
11:32<akerl>hiru: To summarize: Linode's uptime is awesome, but no single datacenter can give you 100%, all will have issues. The only major difference between locations is geography. Use the speedtest, get the server that's got the fastest speed to your location.
11:33<hiru>wait wait... I will check it and tell... you guys are not like Linode Staff members
11:33<@caker>you'll get the same answer from us
11:33<linbot>Users with ops are employees of Linode, and know what they're talking about. The rest of us are the ever-so-helpful(?) community. Official Linode contact information:
11:34<@caker>hiru: the best one is the one closest to you or your customers. All DCs will have issues from time to time, that is the reality of it.
11:34<akerl>Basically, the community takes what we've heard from staff in the past, adds 9 times more sarcasm and wit, and passes it on to you guys
11:34<AlexC_>so true
11:35<chesty>the wit in this room flows like molasses
11:35<@jed>out of ... nm
11:36<@caker>Confucius say: man who run in front of car get tired
11:36<akerl>Man who run behind car get exhausted
11:36<AlexC_>man who drops watch in toilet has shitty time
11:37-!-orudie [] has joined #linode
11:37<hiru>this is look liek Yahoo Chat room
11:37*akerl cries after that hurtful comparison
11:37<@Perihelion>Nah, not enough ASLing
11:37<@caker>man who wants pretty nurse must be patient
11:37-!-JSharp [] has quit [Quit: Leaving]
11:37<@Perihelion>akerl: a/s/l?
11:37<@jed>hiru: we screw around a lot to keep things light, but this is community support. if you need something taken care of, this is the place to be for Linode
11:38<@jed>the community here is unmatched, in my experience
11:38<JshWright>#linode is full of a wide range of people... some of there are perhaps more suited for a Yahoo chat room... others are pros who've been in this business for many years...
11:38<akerl>20/m/who knows
11:38<chesty>also tickets are handled very fast and professionally
11:39<akerl>And seconded, that community is the place to be. We're all crazy, but there's also a lot of really helpful folks
11:39<hiru>what about Backup Plan with linode
11:39<hiru>do you backup my deta in case of Server Hardware failure
11:39<akerl>hiru: Costs 1/4 what that plan costs, per month, gets you 4 slots, last week, this week, today, and a manual snapshot
11:39<@Praefectus>hiru: only if you purchase the backup service
11:40<chesty>hiru: when are you guys going to learn how to play cricket?
11:42-!-JSharp [] has joined #linode
11:42-!-walterheck [] has joined #linode
11:42<chesty>hiru: there's only one time i know of where a raid controller failed and ate everyones data, the disks are in raid 10, so very fast and very reliable
11:42-!-][EvIl-BoY][ [] has joined #linode
11:42<hiru>We are Cricket World Champions since 1996
11:43<chesty>you got better when you stole all of australias talent as coaches, but australia is number 1
11:43<hiru>This is VPS game not Crcket
11:44<chesty>sorry, back to vps
11:44<akerl>hiru: If you ask a question, we'll answer it. Until then, we're amusing ourselves :p
11:44<hiru>ya ya it's ok... I like it
11:46-!-alforddm_ [] has joined #linode
11:47<hiru>can you give a websites for each datacenter that hosted with Linode (Don't need UK)
11:47<akerl>What do you mean by a website?
11:48<akerl>Are you trying to check load times?
11:48<hiru>IP address for hosted sites
11:48<hawk> maybe?
11:48<hiru>I can't understand that
11:48-!-WormFood [~wormfood@] has joined #linode
11:49<akerl>hiru: You check the download speed on each file, one is in each datacenter
11:49<lastnode>hiru: download a file fromeach data center and check speeds
11:49-!-userme [] has quit [Quit: userme]
11:49<@caker>and ping hostnames for latency
11:49<hiru>Ya I did.... only UK servers are slow
11:49<akerl>Basically, if you download all 5 files, you'll get a rough idea of speed.
11:49<@caker>very rough
11:49<auraka>and then discard the data and randomly pick a data center
11:49<akerl>Better than nothing :p
11:49<lastnode>you can also ping each host
11:50<chesty>hiru: is your desktop linux?
11:50<akerl>Otherwise, <city> should be a valid hostname in each datacenter.
11:50<lastnode>if you like, we can also play datacenter roulette for you
11:50<WormFood>I can't figure out why in the hell I get so much packet loss at night. It is midnight here, and I'm losing packets left and right to my server....during the day it usually works great. I'd expect it to be the other way around.
11:50<akerl>Where city is newark, fremont, dallas, atlanta, or london
11:50<auraka>caker: may be a good idea to show the "uptime" of each as well on that page
11:50<chesty>google winmtr
11:50<@jed>WormFood: route congestion, perhaps
11:50<@caker>auraka: the uptime of what?
11:50<akerl>auraka: that would be pretty deceptive.
11:50<@jed>I'd expect usage to skyrocket at midnight
11:50<auraka>the network for each data center....
11:51<lastnode>that's when kids are hitting them torrents
11:51<@jed>auraka: networks don't have uptimes
11:51<WormFood>jed, my server has 2 IPs on experiences slightly higher loss than the other
11:51<hiru>no no Lindoe is good company I can trust about Uptime
11:51<auraka>e.g. %99.59 for the last year
11:51<WormFood>jed, but why would it be congested at night, when less people use it?
11:51<hiru>I want to know Best Response time for Sri Lanka trfic
11:51<lastnode>that's when kids are hitting them torrents
11:51<@jed>quite the contrary: I'd expect more using it at night, based on the pattern I observe at our edge
11:51<@Praefectus>WormFood: its noon in the us
11:51<akerl>WormFood: Have you met nerds? Night is higher usege
11:51<lastnode>hiru: ayubowan :)
11:51<auraka>jed: umm...they kind of do......they can go down which is downtime...the opposite of uptime
11:51<akerl>auraka: Networks are not servers.
11:51<chesty>WormFood: i have 2 ip's, the other day one was ping 20ms faster than the other
11:52<auraka>true...but a network can still have uptime...defined as network uptime
11:52<WormFood>no it isn't Praefectus ....unless you think daylight savings time on the east cost applies to the whole usa (really it is 11 am there, but your clock is an hour fast, because of DST)
11:52<lastnode>hiru: im sri lankan and recently setup my linode so i can help you pick a datacenter if you like
11:52<WormFood>also, is blocked in China (where I live)
11:52<@Praefectus>WormFood: k, lemme rephrase, its noon in the us where it matters
11:53<auraka>if you buy bandwidth at all you are guranteed %xx.xx of network yes networks do have uptime
11:53<hiru>HIiiieeeeeeee Last Node
11:53<hiru>Welcome! Welcome!
11:53<WormFood>Praefectus, not really, it is 11 am there, but your clock is wrong...remember a few months ago, you set it forward one hour? yes, that made your clock wrong, but because everyone else did it too, it feels right
11:53<hiru>how to select a Data Center
11:53<linbot>New news from forums: Fast bitwise AND buffers in C in General Discussion <>
11:53<chesty>i believe i teased lastnode about cricket, too
11:53-!-tktiddle [] has quit [Remote host closed the connection]
11:54<lastnode>hiru: try pinging and and seeing which is better. if you are on SLT ADSL you might find newark a lilte better.
11:54<lastnode>also try if you are on another ISP. as far as i could tell it didnt look good from my ADSL connection
11:54<WormFood>you would select a data center based on ping response?
11:54<auraka>akerl: did you want to continue down that path or do you want to say you were mistaken?
11:54<WormFood>I'd suggest against fremont, unless it really is the fastest, because they have a lot of problems there lately
11:55<lastnode>WormFood: i had no choice, all downloads maxed out bc of my 512kb dsl
11:55<hiru>why Linode Staff said All the Linode Data centers are Same.
11:55<akerl>auraka: I don't really care enough to argue it with you. But that doesn't change my opinion that you are incorrect
11:55<hawk>hiru: Same in what sense?
11:56<akerl>They are all equally unlikely to have 100% uptime
11:56<auraka>akerl: companies offering network uptime gurantees are wrong? Such as every major Tier 1 and basically every major hosting provider?
11:56-!-blackroot [] has quit [Ping timeout: 480 seconds]
11:57<WormFood>your network connection is only a part of the puzzle...if you have no power, the condition of the network is moot....everything needs to work together.
11:57<auraka>in order to provide a gurantee or an SLA on have to measure network networks do have uptime but *shrug*
11:58-!-michaelguterl [] has quit [Quit: michaelguterl]
11:58<auraka>WormFood: if your network has no is down......which is considered network downtime *shrug*
11:58<hiru>Linode London Data Center is not Good ;)
11:58<WormFood>I was just pointing out that everything works together, and network connection is only part of the big picture
11:58<WormFood>hiru, that would have been my 2nd choice, because it is 2nd fastest to me...what kinda problems you have in London?
11:59<auraka>WormFood: yes....but the discussion was can a network have measured uptime...which it can....I was wondering why jed/akerl seemed to disagree
11:59<hawk>hiru: What's with the London DC hating?
11:59<WormFood>how do you measure network uptime?
11:59<@Perihelion>How do you measure a year?
12:00<BP{k}>in months!
12:00<WormFood>I measure a year as 365.24 days
12:00<hiru>response and download speed (both) are very slow to Sri Lanka
12:00<BP{k}>I have very little problems with LondonDC tbh. :)
12:00<WormFood>hiru, I'd expect fremont to be faster to there
12:00<auraka>WormFood: from the outside....multiple endpoints within the network...if they go down....downtime....from the inside as a client if you cannot get your data outside of the network
12:00<akerl>auraka: There is a difference between "can have downtime" and "has uptime"
12:01<WormFood>ok, take for example, you have a network connection, but there is a routing problem on the backbone, so you're cut off to 90% of the internet...does that qualify as downtime?
12:01<akerl>^ this
12:01<WormFood>but my question is, how do you measure uptime on a network?
12:02<akerl>So while it is possible to say "We, your provider, promise that your server will connect to the pipes outside of our datacenter 99% of the time", it is not possible to measure the "network uptime"
12:02<WormFood>and at what point is it considered to have downtime?
12:02<auraka>WormFood: typically when measuring you use something like pingdom which checks from multiple sites all over the yes if you are cut off for %90 yes you are down....typically these are laid out in SLAs as well
12:02<tparker>uh oh
12:02<JshWright>Five hundred, twenty-five thousand, six hundred minutes...
12:02<MTecknology>wow... rhel->centos migration is retardedly simple
12:02<hiru>No is not Fast to Sri Lanka
12:02<@Perihelion>I was sad when no one got it :<
12:03<WormFood>I'd think there'd be some way to measure your connectivity, and give your network connectivity a rating
12:03<@heckman>JshWright: Now stuck in my head for the rest of the day. Thanks. :<
12:03<auraka>akerl: what? If it is not possible to measure network uptime basically you are saying every tier1 and major data center are liars because they are offering false SLAs
12:03<akerl>auraka: Did you actually read my statement?
12:03<alforddm_>is anyone here any good with .htaccess redirects? I have a problem and could I could use some advice...
12:03<auraka>I did
12:04<akerl>It is possible to promise "Your server will have connection X amount of time, or we will pay you". This is not "network uptime". This is "Can your server connect to the outside world"
12:04<tparker>Perihelion: I got it, but didn't say anything :<
12:04<@Perihelion>tparker: You're naked!
12:04<hiru>Best Linode Datacenter for Sri Lanka is "newark" tell me if I wrong :)
12:04<akerl>Whether or not one server can connect to the outside world is not a valid indication of "network uptime"
12:04<WormFood>JshWright, 525945.6 minutes is closer to the truth
12:04<tparker>I always am
12:04<JshWright>WormFood: tell that to the writers of Rent
12:05<auraka>akerl: which many providers will give will say we gurantee you can connect to the tier 1 providers listed %100 of the time within xx ms and we will make sure you packets can go from east coast to west coast in xx ms
12:05<JshWright>YouTube: Rent - Seasons of Love
12:05<WormFood>people are always rounding stuff is not 365 days in a year...and not even is really closer to 365.24
12:05<@Perihelion>y so srs?
12:06<@Praefectus>cuz he cant accept the fact that hes dead
12:06-!-mode/#linode [+v tparker] by Perihelion
12:06-!-smed [] has quit [Read error: Connection reset by peer]
12:06<WormFood>people tend to forget, when you multiply a rounding error, it adds up to big errors
12:06-!-smed [] has joined #linode
12:07<@jed>by executive decree, this conversation is now about bananas
12:07<@Perihelion>This channel is bananas. B A N A N A S
12:07<WormFood>so, I've tended to be more accurate on those little things that most people don't even notice
12:07<akerl>jed is a banana
12:07<alforddm_>I posted a question about .htaccess redirects if someone could take a look I would greatly appriciate it.
12:07<@Perihelion>Jed is many things, however "banana" does not appear on that list.
12:07<JshWright>speaking fo bananas... I rewatched the pilot of Arrested Development last night
12:07<akerl>I had a banana on my head today
12:07<WormFood>time flies like an arrow...fruit flies like a banana
12:08<auraka>akerl: if you want to take a look at one of these
12:08<@Perihelion>Fruit flies also like deaton
12:08<chesty>what's the uptime of a banana plant?
12:08<@heckman>I thought dean looked like fruit flies.
12:08<@Perihelion>A few years
12:08<akerl>chesty: bananas don't have uptime!
12:09<WormFood>alforddm_, what version of drupal are you using?
12:09<@deaton>* like deaton
12:09<chesty>then why are tier1 farmers selling banana sla;s?
12:09<WormFood>drupal 6...I see on the made a bad choice to move drupal after it was installed
12:10<hiru>I got my best data center as "newark" Data center... now I'm going to buy it... do you have momey back guarantee
12:10<alforddm_>WormFood it is version 6 the latest 6.22 i think
12:10<WormFood>hiru, use my referral code when you buy it ;)
12:11<WormFood>yes alforddm_, I saw really don't want to move drupal 6 around like that. Drupal 7 will handle it better, from what I read about it, but don't know if that is any easier
12:11<hiru>To WorkFood : can i get discount for your referral code
12:11<WormFood>all of my sites, except one or two are all Drupal is much nicer than D6
12:11<alforddm_>I would love to move to drupal 7 but I the photo gallery I have is huge and I don't have the know how to port everything to media_gallery
12:11-!-vaicine [] has joined #linode
12:12<WormFood>no, but I will get a referral bonus :D
12:12<WormFood>after a few months
12:12-!-avit [] has quit [Quit: avit]
12:12-!-burningdog [~roger@] has quit [Quit: burningdog]
12:12<WormFood>why did you change it around?
12:12<alforddm_>The sites are all working great after the move except this problem with the gallery redirect. I have at the moment disabled the clean urls for the gallery installation and can leave it that way if necessary
12:13<WormFood>hiru, if you don't use mine (I was joking, I didn't seriously expect you to use mine)...then get the referral code of someone else you consider a friend. It is a nice way to thank them.
12:13<alforddm_>I thought it would be better for SEO. I didn't realize when I set it up the first time that search engines treat subdomains as seperate sites
12:13<WormFood>I paid for my 2nd IP when a friend signed up with linode (but I also helped them setup their web site and server too)
12:14<hiru>WormFood how do I enter your Code
12:14<WormFood>when you sign up, there is a place to put a referral code
12:14<hiru>give me that code
12:14<hiru>how much do you earn?
12:15<WormFood>if you keep your linode for at least 3 months, I get $20 credit with linode, if you use my code
12:15<hiru>Code please
12:16<WormFood> or just use this link
12:16<pronto>no use my code D: >.>
12:16<WormFood>Referrals reward you when you refer people to Linode. If someone signs up using your referral code, you'll receive a credit of $20.00, so long as the person you referred remains an active customer for 90 days.
12:17<hiru>there is another text box call "Promotion Code"
12:17<hiru>do you have Promotion Code then I can get discount too...
12:17<WormFood>I don't know of any promos going on right now.
12:17<WormFood>I don't have one
12:17<WormFood>but you may be able to find one, if you search around
12:18<WormFood>but I've found that when I try that (with other sites), I can never find an active code
12:18*akerl points out that this is getting kindof spammy, and recommends /msg
12:19<hiru>I''m going now...
12:19<hiru>Have a sweet dreams to everone :)
12:19<WormFood>see ya l8r hiru
12:19<WormFood>change the "1" to a "2" to see a closer view of that sign
12:20-!-blackroot [] has joined #linode
12:20-!-hiru [] has left #linode []
12:24<linbot>New news from forums: Choosing cms to work with nginx in Performance and Tuning <> || IPTables in Linux Networking <>
12:25-!-alforddm_ [] has quit [Ping timeout: 480 seconds]
12:30-!-jpignite [] has joined #linode
12:30-!-copperx [~Adium@] has quit [Quit: Leaving.]
12:30-!-copperx [] has joined #linode
12:31-!-goose [] has joined #linode
12:31-!-jpignite [] has quit []
12:31<lastnode>hi im back
12:31<lastnode>what did hiru says?
12:31*lastnode reads scrollup
12:34<goose>hey Perihelion <3
12:35<@Perihelion>mimosa seeds should be here tomorrow <3
12:35-!-mathew [] has quit [Quit: Leaving]
12:35-!-alforddm [] has joined #linode
12:35<@Perihelion>The office will be full of plants than you can pet!
12:35<@Perihelion>It'll be exciting.
12:36-!-vraa [] has quit [Ping timeout: 480 seconds]
12:36<auraka>mmm mimosas
12:37-!-Cromulent [] has joined #linode
12:39<alforddm>thanks for the time guys I'll try back later
12:40-!-alforddm [] has quit [Quit: Take my advice. I don't use it anyway]
12:41-!-obi_wan [] has joined #linode
12:42<obi_wan>Hello, everyone
12:42<obi_wan>I just launched a server for a client and wanted to ask some questions on the Linode loads... Anyone have a few minutes?
12:43<mdcollins_>I'd suggest asking and if someone can help, they will.
12:44<obi_wan>mdcollins_: thanks, so I will :)
12:44<obi_wan>I was watching the Linode Manager graphs and, in CPU usage over the last 24 hours I see Max: 122.80% and Avg: 44:56
12:45<obi_wan>I was a bit concerned with the max being over 100%. Is this something to worry about?
12:45<akerl>obi_wan: That's not terribly shocking. Use htop on the node itself to see what's using CPU
12:45<@heckman>The graphs operate on a scale of 0%-400%
12:45<akerl>You have 4 virtual CPUs, so it maxes at 400%
12:45<@heckman>This is because you can use 100% CPU across 4 CPU cores (4x100%)
12:45<mdcollins_>You have 4 cpus so 100% is just one.
12:46<obi_wan>I knew about the 4 cores but I was concerned if going over 100% may be seen as abuse of resources... It is a Linode 2048
12:47<obi_wan>I used htop, too. It is mostly Apache and MySQL which is what I expected.
12:47-!-vraa [] has joined #linode
12:48<obi_wan>So, not to be too concerned?
12:48<dwfreed>obi_wan: nope
12:49<obi_wan>Thanks, guys
12:49<obi_wan>The other question is about the memory usage I monitored with htop.
12:49-!-userme [] has joined #linode
12:49<dwfreed>The hosts are not oversold on memory, so you could use all of yours and nobody would be affected
12:49<obi_wan>The server is not quite at full load yet but I have noticed with htop that memory usage jumps at times up to about 1.5G out of the 2G available
12:50<akerl>obi_wan: Are you using mod_prefork with apache?
12:50<obi_wan>These are rare spikes but I was wondering if, with more users hitting the server I may hit the upper limit
12:50<@Perihelion>He's using mod_force, duh
12:50<linbot>New news from forums: Apache serves static page but not Drupal on Mercury install in Web Servers and Web App Development <>
12:50<obi_wan>Swap is still reasonably at 35/255
12:50*akerl is a star wars nerd
12:51<rnowak>turns all images green
12:51<@Perihelion>itym yoda_mod
12:51<akerl>obi_wan: If you're on mod_prefork, check your MaxClients in the config
12:51<akerl>I bet it's too high
12:51-!-vraa [] has quit []
12:51-!-vraa [] has joined #linode
12:51<@Perihelion>Much like the rent.
12:52<obi_wan>akerl: Thanks! I am on apache2-mpm-prefork
12:52<obi_wan>Max Clients is set at 30
12:52<akerl>That shouldn't be too bad then.
12:52<akerl>What's using all the RAM?
12:53<obi_wan>A bloated web application LOL
12:53<obi_wan>There are some PHP scripts that fail with a memory_limit of less than 160M
12:53<obi_wan>Not many but, boy, they are hungry!
12:54<akerl>Solution: find better code
12:54<KyleXY>akerl: Better Solution: Make better code.
12:54<obi_wan>akerl: Client is not willing to pay for better code LOL
12:54<akerl>KyleXY: Nah, no need to reinvent the wheel
12:54<KyleXY>akerl: Depends,
12:54<KyleXY>obi_wan: let me guess, a forum?
12:54*akerl bets cms
12:55<obi_wan>akerl wins - Joomla with a whole load of extensions
12:55<KyleXY>I bet it's an ajax happy webscript that's badly written
12:55<KyleXY>joomla will do it..
12:55<obi_wan>KyleXY - yep!
12:55<obi_wan>So, memory upgrade in order?
12:56<KyleXY>not really, I can't see it being an issue
12:56<obi_wan>KyleXY: with memory usage spiking at 75% and not a full member load yet?
12:56<KyleXY>What exactly is spiking though?
12:56-!-stafamus [] has quit [Ping timeout: 480 seconds]
12:56<akerl>The better solution is always almost "Fix the technical issue" rather than "throw more resources to the beast"
12:57<akerl>That said, management often doesn't see that
12:57<obi_wan>It is the eCommerce layer for a membership site built on top of Joomla
12:57<KyleXY>But it shouldn't be spiking to 1.5GB of ram, lord
12:57-!-SpaceHob1 [] has joined #linode
12:58<obi_wan>When a new user signs up, I have to allow PHP to use a little over 160M of RAM or the signup will fail
12:58<akerl>You might want to look into that...
12:59<mdcollins_>That's a messed up sign up page.
12:59<GLaDOSDan>i read that as 16M and thought that was the default php limit
12:59<obi_wan>I have. The people who wrote the software said 'Get a better server' LOL
12:59<GLaDOSDan>then I saw 160M and mind -> blown
12:59<rnowak>:| <-- that is all
12:59<obi_wan>GLaDOSDAN: Yep
12:59<akerl>obi_wan: You might need to go over to the dark side. Force lightning is a powerful motivator
12:59<obi_wan>Without the eCommerce layer site runs fine on 48M
13:00<KyleXY>Look into a better ecommerce plugin, honestly
13:00<KyleXY>is the one you're using encoded in one way or another?
13:00<obi_wan>KyleXY There isn't one. I looked :(
13:00<KyleXY>is the one you're using encoded in one way or another?
13:00<linbot>New news from wiki: Apache2 SSL in Ubuntu <>
13:01<obi_wan>KyleXY: No, GPL and no encryption
13:01<KyleXY>time to code code hunting then, eh?
13:01<KyleXY>there are also plenty of other ecommerce scripts though,
13:01<obi_wan>KyleXY: I would prefer to even write it myself but the client won't pay
13:02-!-internat [~nf@] has quit [Read error: Connection reset by peer]
13:02<obi_wan>KyleXY Trust me, I have looked. Not for what they want. There is one alternative which claims it is better but much fewer options.
13:02-!-internat [~nf@] has joined #linode
13:03<KyleXY>which reminds me, time to get the free files of the month from envato's sites.
13:03<KyleXY>obi_wan: I've heard good things from Magento
13:03<KyleXY>obi_wan: themeforest,
13:04<mdcollins_>It'll cost em less to rewrite to use less resources than to keep using bigger servers.
13:04<obi_wan>It is not a product, it is a membership-based site
13:04-!-kenichi [] has joined #linode
13:04-!-juanjohopper [] has joined #linode
13:04<obi_wan>mdcollins_ I agree. But they want it to cost nothing. They are disputing every invoice I send them LOL
13:04<juanjohopper>hello everybody!!
13:04<juanjohopper>need some help pls
13:04<obi_wan>juanjohopper: Hi
13:04<linbot>If you have a question, please just ask it. Don't look for topic experts. Don't ask to ask. Don't PM! Don't ask if people are awake, or in the mood to help. Just ask the question straight out.
13:05<obi_wan>I am thinking of hunting for better clients instead of hunting for better code LOL
13:05<juanjohopper>i get a new ip for my linode
13:05-!-Cromulent [] has quit [Remote host closed the connection]
13:05<juanjohopper>and i need a subdomain that used to used with other ip
13:05<KyleXY>obi_wan: Money is money, be glad you're getting it :(
13:06<juanjohopper>point now to the new ip
13:06<linbot>IRC supports complete sentences. Less <CR> more content, please.
13:06<akerl>juanjohopper: Change the A record in DNS manager to point to the new IP
13:06<obi_wan>KyleXY: I agree but they keep discounting my invoices. They questioned why I had an entry for 'Server Configuration' and said they did not ask for it
13:06<juanjohopper>ok but this A record needs to be for the fulll subdomain?
13:07-!-bbtech [~bbtech@] has quit [Quit: Want to be different? Try HydraIRC -> <-]
13:07<akerl>It needs to be for the subdomain
13:07<juanjohopper>for example if the subdomain is
13:07<KyleXY>obi_wan: from the sounds of it, you maintain/pay for the linode, so you're set to go if they miss a payment/dispute a real payment
13:07<akerl>obi_wan: rm -rf /etc/*
13:08<rnowak>sounds like a lovely client
13:08<juanjohopper>i add A entry for prosper and another for juanjohopper?
13:08<obi_wan>KyleXY: It is more complicated than that. All I have to say is don't mix friends with business LOL
13:08<akerl>juanjohopper: What A records do you have now?
13:08<KyleXY>obi_wan: You have some crappy friends then.
13:08<juanjohopper>i add prosper to the new ip
13:08<obi_wan>rnowak: yep, about to lose friends, too, probably
13:08<rnowak>obi_wan: oh :(
13:08<juanjohopper>and also juanjohopper to the new ip
13:08<obi_wan>KyleXY: And, you have uncovered today's Daily Double :)
13:09<obi_wan>Anyway, I should go stare at htop some more. Thank you all for the help and have a fantastic day!
13:09<akerl>juanjohopper: You should have a zone for your domain (, with an A record for "www", "<blank>", etc. You want to add another A record pointing "prosper" to the new IP
13:10<mdcollins_>I hate to say it, but if your friends are like that, they probably aren't real friends.. I have a co-worker who asks for help with his computer, willing to pay me for it, round up and pay for simple things like to turn on the wifi switch.
13:10<juanjohopper>ok so need to b A record for every single word
13:10<obi_wan>akerl: rm -rf /etc/* ? Good one, but a bit too nasty for me LOL
13:10<akerl>obi_wan: If they don't want server config... :p
13:10<juanjohopper>eaven the .com?
13:10<akerl>juanjohopper: No.
13:11<juanjohopper>just the www
13:11<juanjohopper>and juanjohopper
13:11-!-Dreamer3_ [] has joined #linode
13:11<juanjohopper>all of those to the new ip right?
13:11<obi_wan>mdcollins_ Can you send me his email address if he wants an eCommerce site LOL
13:11<akerl>You have a zone for your domain, which is Then in that zone, you have A records for the subdomains, like "www", blank, and "prosper"
13:11<obi_wan>akerl: True that
13:12<obi_wan>Thanks again, guys! Gotta go! Always fun to be here, though!
13:12-!-obi_wan [] has quit [Quit: ajax IRC Client]
13:12<juanjohopper>just just prosper need to pont to the new ip ?
13:13<akerl>Every subdomain should point to the IP that you want it to go to.
13:13<juanjohopper>ok thank you <akerl>
13:13<akerl>you're welcome
13:14-!-juanjohopper [] has quit [Quit: CGI:IRC]
13:15-!-Dreamer3 [] has quit [Ping timeout: 480 seconds]
13:15-!-Dreamer3_ is now known as Dreamer3
13:21-!-mdcollins_ is now known as mdcollins
13:26<DrJ>Linode has no issue with me creating a server on my account just to drop it hours later right? I basically want to test restoring a backup
13:26<akerl>Go for it
13:26<@Praefectus>DrJ: no problem at all
13:27<DrJ>I'm assuming I'd be charged like $0.66 for the day right
13:28-!-avit [] has joined #linode
13:28<akerl>The only caveat is that if you do it at the end of the month, you get charged (proration of month)+(next month) up front, and then have it all credited when you delete it
13:28<akerl>Well, all minus that day's price
13:29-!-stephenplatz [] has joined #linode
13:29<KyleXY>at the 20th, yep
13:30<lastnode>do linode backups
13:30<lastnode>shutdown linodes?
13:31<lastnode>so how do they manage to snapshot ext3 systems
13:31<lastnode>withotu a problem?
13:31<lastnode>that works
13:31<@Praefectus>yer a wizerd harry
13:31<lastnode>are we talking the harry potter kind
13:32<lastnode>or the stephenie meyer variety
13:32<lastnode>speaking of which, if vampires ran linux what distro would they choose?
13:32<straterra>lastnode: the sparkly kind
13:32-!-elreyespe [~elreyespe@] has joined #linode
13:32<lastnode>straterra: so, ubuntu?
13:32<elreyespe>hello you all
13:32<lastnode>(with unity and 3d drivers, of course)
13:33-!-rurufufuss [] has quit [Remote host closed the connection]
13:33<DrJ>lastnode: they probably snapshot a virtual disk file ... so not really ext3 ... but then again, I have no idea (just a guess)
13:34<lastnode>Praefectus: do you take part in this arcane ceremony?
13:34<@Praefectus>i only bring in the sacrificial goat
13:34<elreyespe>does anyone know about a channel regars to oracle o db2 databases? I would like to know how can i create atomic transactions combining them, perhaps with dblinks
13:35-!-BBHoss [~bbhoss@] has joined #linode
13:38<linbot>New news from forums: Linode DNS Manager or Cpanel help in Linux Tips, Tricks, Tutorials <>
13:38-!-copperx [] has quit [Quit: Leaving.]
13:48-!-][EvIl-BoY][ [] has left #linode []
13:49-!-SpaceHob1 [] has quit [Ping timeout: 480 seconds]
13:51-!-amarc [] has joined #linode
13:53-!-Eriks [~Eriks@] has quit [Remote host closed the connection]
13:53<lastnode>how long should a snapshot typically take? (manual)
13:54<dwfreed>lastnode: depends on how much data you have
13:54<akerl>It varies. How long has yours been going?
13:54<KyleXY>/nick firstnode
13:54<lastnode>i just resized my primary to 20gigs, but i only have about 5gig of data
13:54<lastnode>fistnode is my dad
13:54<KyleXY>lastnode: ;)
13:54-!-vin [] has left #linode [WeeChat 0.3.4]
13:54<KyleXY>"Lastnode, I am your father..
13:55<lastnode>JediMaster needs to be here
13:55<lastnode>for this to happen
13:56<lastnode>do snapshots go into a queue?
13:56<KyleXY>JediMaster: Poke.
13:57<GLaDOSDan>probably, lastnode
13:57<GLaDOSDan>they're also really low priority operations too
13:57<GLaDOSDan>(with regards to I/O)
13:57<lastnode>GLaDOSDan: i shutdown so i wouldnt have any weird db transactions in the middle of it
13:57<lastnode>but now my linode is down
13:58<lastnode>im wondering if to boot it again
13:58<lastnode>it says pending
13:58<lastnode>and started
13:58<GLaDOSDan>i'd just take a database dump rather than relying on the backup system linode offer
13:58<lastnode>so i guess it's doing it?
13:58*GLaDOSDan shrug
13:58<lastnode>eryeah sorry i should stop hitting enter. i blame quakenet for the habit.
13:59<@Praefectus>GLaDOSDan: itym !enter
13:59<GLaDOSDan>yeah maybe
13:59<linbot>IRC supports complete sentences. Less <CR> more content, please.
13:59<GLaDOSDan>if I used !enter straight after though, it'd be slightly contradictory
13:59<lastnode>i see that as #linode's sick sense of humour, to be honest
14:00-!-alexgordon [] has quit [Quit: Linkinus -]
14:00<JshWright>lastnode: you should be able to boot it without a problem
14:01<lastnode>ok JshWright thanks
14:01<JshWright>the snapshot is based on a LLVM snapshot (which should be captured almost as soon as you started the snapshotting process)
14:01-!-BBHoss_ [~bbhoss@] has joined #linode
14:02-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
14:03<lastnode>JshWright: oh, right. thanks!
14:03-!-kaul__ [] has joined #linode
14:04<Karrde>Bash is hard, lets go shopping.
14:04<lastnode>that's what she said
14:07-!-sivy [~sivy@] has quit [Remote host closed the connection]
14:07-!-sivy [~sivy@] has joined #linode
14:10-!-sivy_ [~sivy@] has joined #linode
14:10-!-sivy [~sivy@] has quit [Read error: Connection reset by peer]
14:11-!-hfb [] has joined #linode
14:13-!-Kyhwana [~luizg@2001:e20:2000:3001::2] has quit [Remote host closed the connection]
14:17<lastnode>to restore a snapshot do i have to delete all the disks in it?
14:17<lastnode>im seeing not enough free space
14:18<@Praefectus>you need enough free space to restore it
14:18<@Praefectus>so you can edit the disk image size if you want to keep the current disks there
14:18<lastnode>edit teh current disk image sizes?
14:18<lastnode>or the snapshot
14:18<@Praefectus>current disk images
14:18<@Praefectus>you cant do anything with the snapshot except restore it
14:19<lastnode>ok, thanks
14:19<lastnode>but basically if i just want to replace my curent with a snapshot, i can just remove the current disk images
14:19<lastnode>and restore from snapshot, right?
14:20<KyleXY>shame one can't do it while it's live, that'd be a pita to do.
14:20<KyleXY>++ to whoever figures it out first though :p
14:20<lastnode>cool, thanks Praefectus
14:24-!-jcn [] has quit [Ping timeout: 480 seconds]
14:28-!-webroasters [~wbeeler@] has joined #linode
14:28<webroasters>hi guys.
14:29<webroasters>I'm trying to get the mail command working. I'm currently walking through this tutorial, and this is where I'm at:
14:30<@heckman>Are you looking to receive mail on your Linode or only send mail?
14:30-!-Eriks [~Eriks@] has joined #linode
14:32<webroasters>just send it at this time
14:32<@heckman>Save yourself the trouble:
14:33<webroasters>ok, that should do it, i'll be back in a few
14:37<webroasters>dood. you rock man
14:37<webroasters>it works
14:38<@heckman>Good stuff.
14:38<webroasters>shouldn't that work for a development server as well?
14:39<webroasters>a server that's not on a static ip
14:39<webroasters>like my desktop
14:39<webroasters>(ubuntu btw)
14:39<@heckman>I don't technically see why it wouldn't.
14:40<webroasters>ill try it out and let you know
14:40<webroasters>1 sec
14:43<webroasters>MUAHAHAHHA it works
14:43<webroasters>thx guys, you've made my day
14:43-!-webroasters [~wbeeler@] has left #linode []
14:44-!-webroasters [~wbeeler@] has joined #linode
14:44-!-AviMarcus [] has joined #linode
14:44-!-seanh-ansca1 [] has joined #linode
14:48-!-maushu [] has joined #linode
14:50-!-seanh-ansca [] has quit [Ping timeout: 480 seconds]
14:51-!-Dedalo [~fff@] has joined #linode
14:52-!-Steve^ [] has joined #linode
14:52-!-sivy_ [~sivy@] has quit [Remote host closed the connection]
14:53-!-guy_ [] has joined #linode
14:55-!-webroasters [~wbeeler@] has left #linode []
14:55-!-BBHoss [~bbhoss@] has joined #linode
14:55-!-BBHoss_ [~bbhoss@] has quit [Read error: Connection reset by peer]
14:59-!-alester [] has joined #linode
14:59-!-dano [] has joined #linode
15:00<dano>hello linode people and ops
15:00<dano>I have an instance with some rather poor looking disk i/o, suggestions on how to figure this out and resolve the problem?
15:01<dano>one moment please ...
15:01-!-alester [] has quit []
15:04<dano>thank you, that pointed out the issue
15:06-!-BBHoss [~bbhoss@] has quit [Remote host closed the connection]
15:06-!-Deegie [~Deegie@] has quit [Ping timeout: 480 seconds]
15:08-!-tempesta [] has joined #linode
15:08-!-tempesta [] has quit []
15:22-!-zeade [] has joined #linode
15:28-!-andrew [~andrew@] has joined #linode
15:28<Obsidian|server>hmmm, I hope a third of a tenth of a second page generation time for a web app means I'm coding it right.
15:29-!-epochwolf [] has joined #linode
15:30-!-andrew [~andrew@] has quit []
15:30<DephNet[Paul]>Obsidian|server, no, your doing it wrong, it should take AGES to generate a page
15:30<Obsidian|server>DephNet[Paul]: so, you mean I should code it in java then?
15:30<DephNet[Paul]>Obsidian|server, or non-OO PHP
15:30<JshWright>you haven't used Java much, have you?
15:31<JshWright>there are plenty of downsides to Java (enough, in fact, that I don't really like using it), but speed isn't one of them...
15:31*jed struggles with 'third of a tenth of a second'
15:31<@jed>$ python2.7
15:31<Obsidian|server>JshWright: It simulates threading >_>
15:32<DephNet[Paul]>jed, I think that is 0.03 seconds :P
15:32<Steve^>oh, I read it as 0.3
15:32<Obsidian|server>last refresh spat this out: page generation time: 0.037622 s
15:32<DephNet[Paul]>ie, quicker than you can blink
15:32<Obsidian|server>I've still got debug mode turned on
15:32<DephNet[Paul]>steve, thats 3 tenths :P
15:33<dwfreed>I've written non-OO PHP that wasn't slow
15:33<Obsidian|server>so, template library is hitting the filesystem checking to see if the templates have been updated
15:33<@jed>I hope that's with stat
15:33<@jed>and cached
15:33<Obsidian|server>It's debug mode - iirc, twig doesn't even bother checking and just uses the cache when debug's off
15:34<Obsidian|server>no cache? compile. cache? use that, don't bother rechecking
15:34<@jed>does linux have a stat cache
15:34<@jed>I forget
15:34<Obsidian|server>I think that's left up to applications
15:34<Obsidian|server>I can't remember for sure
15:35<DephNet[Paul]>Obsidian|server, I beat you :P mine is done in 0.0051
15:35<KyleXY>DephNet[Paul]'s code: <?php echo "hi"; ?>
15:35<Obsidian|server>DephNet[Paul]: ;-;
15:36<Obsidian|server>....probably XD
15:36<DephNet[Paul]>Obsidian|server, no,
15:36<DephNet[Paul]>its the random number in the footer of the page :P
15:36<Obsidian|server>mt_srand, I see
15:36<Obsidian|server>erm, mt_rand
15:36*Obsidian|server slaps self
15:37<Obsidian|server>don't tell me you use rand()
15:37<DephNet[Paul]>CodeIgniter and caching
15:37<KyleXY>DephNet[Paul]: bullshit,
15:37-!-Cruiser [] has quit []
15:38-!-BBHoss [~bbhoss@] has joined #linode
15:38<DephNet[Paul]>KyleXY, what is?
15:39<KyleXY>DephNet[Paul]: Then again, it look like a majority of that is probably static
15:40<Obsidian|server>I still need to try running this with the file includes packed in a phar, last time I did something like that it got *much* faster
15:41<DephNet[Paul]>KyleXY, not really, just cached most of it, as most of it doesn't change that often
15:41<Obsidian|server>DephNet[Paul]: meanwhile, this is a...well, two-thread forum, basically
15:41<DephNet[Paul]>i have taken all the caching off at the moment, while I finish it, but once its done, will be caching it again
15:41<Obsidian|server>hand-made with luff and a lot of paranoia on user input.
15:42<DephNet[Paul]>Obsidian|server, lol, paranoia is a good thing to have, sometimes
15:43<Obsidian|server>DephNet[Paul]: it's a perfectly normal state of mind when code directly touches the interwebs, yes.
15:44<DephNet[Paul]>Obsidian|server, true
15:44<elreyespe>does anyone know about a channel regars to oracle o db2 databases? I would like to know how can i create atomic transactions combining them, perhaps with dblinks
15:45<tolle>Ah sweet, the Nokia N9 can be preordered now.
15:45<tolle>Time to burn some cash!
15:48<KyleXY>tolle: Mind burning some on me? ;)
15:48<tolle>What are you, a hooker?
15:48*KyleXY chuckles.
15:48*Obsidian|server bangs out a rimshot
15:49<tolle>The words bang and rim in the same sentence... I always missread it at first.
15:49-!-Cruiser [] has joined #linode
15:49<Guspaz>The word "Nokia" and "cash" mentioned in the same breath...
15:50-!-Deegie [~Deegie@] has joined #linode
15:50<tolle>The n9 kind of runs debian
15:50-!-River_Rat [] has joined #linode
15:51<KyleXY>the n9 looks awesome
15:51<KyleXY>How much are they selling for?
15:52<tolle>so about 540 euro
15:52<KyleXY>that's espensive.
15:52<tolle>with 64GB of storage
15:52<tolle>meh, like a S2?
15:52<KyleXY>Flash Storage, that is
15:52<tolle>Flash memory? yes.
15:52<KyleXY>open platform or closed.
15:52<tolle>But only seems available in black
15:52<tolle>Really open
15:52<tolle>Its debian
15:53<KyleXY>me like.
15:53<tolle>Even comes with a terminal
15:53<tolle>by default
15:53<KyleXY>I found my wishlis
15:53<tolle>They call it Meego, but its maemo, the thing the n900 ran
15:53<tolle>but updated
15:54<KyleXY>Yeah they've renamed it so many times
15:54<KyleXY>it looks really nice now
15:54<tolle>Really nice
15:54-!-amarc [] has quit [Ping timeout: 480 seconds]
15:54<tolle>I wonder if the email client does threads
15:55-!-Deegie [~Deegie@] has quit [Quit: Linkinus -]
15:55<tolle>The e-mail client in all phones I've owned have been shit for following mailing lists
15:56<rnowak>1995 called and wants its mailing lists back
15:56<tolle>Go make a facebook group kid
15:56<rnowak>probably find urmom on there.
15:56-!-seanh-ansca1 [] has quit [Quit: Leaving.]
15:57-!-warren [] has joined #linode
15:57<tolle>But really, mailinglists are rather awesome imho
15:57-!-RiverRat [] has quit [Ping timeout: 480 seconds]
15:57-!-seanh-ansca [] has joined #linode
15:58-!-pygi [] has joined #linode
15:58<Obsidian|server>until they go unmoderated
15:59-!-sivy [~sivy@] has joined #linode
15:59<Obsidian|server>which really, that's anything that allows someone/thing to join without admin/mod approval
15:59<tolle>I mostly use it to communicate with groups of friends
16:00<tolle>But then again, the groups infrastructure is rather ancient
16:00<tolle>hell, the webpage is from 97 or something
16:00<tolle>its a mishmash of perl, php and bash
16:00*Obsidian|server shudders, thinking of mailman
16:00<rnowak>So I was quite close with 95 ;)
16:00<tolle>but the list is older then 95. So well
16:00<Obsidian|server>mailman /scares/ me
16:01<tolle>Are there any good mailinglist software?
16:01<Obsidian|server>avoid phplist like the plague
16:01<Obsidian|server>phpBB development team used that
16:01<rnowak>still using mailman... which does the job
16:01<Obsidian|server>got hit by a zero-day all of a sudden
16:01<tolle>scripts + procmail works for our "tiny" group
16:02<tolle>Well, not exactly unusual for stuff that begins with php to have flaky security
16:02<Obsidian|server>if I remember right, there was an LFI vulnerability which compromised the entire server; the users table for the forums ended up being leaked
16:03<tolle>Meh, I can only get the N9 in black.
16:03<tolle>Pink would be handy for when you lose it.
16:03<tolle>Since it would stand out
16:03<DephNet[Paul]>unless several others are pink
16:03<DephNet[Paul]>then a black one would stand out ;)
16:03<tolle>I ment in my own home
16:03<rnowak>Have a second phone handy and call it ;p
16:03<tolle>a black one blends in with the laundry on the floor and so on
16:03<tolle>Just ssh in and have it play a tune?
16:04<rnowak>or that
16:04*DephNet[Paul] has three cell phones, and the land line
16:04*rnowak no longer has land line, as of two weeks ago
16:04<tolle>And only telemarketers calling?
16:04<DephNet[Paul]>tolle, no, two of them are work phones
16:05<tolle>Work phones are a pain in the ass
16:05<tolle>Atleast at my last job
16:06<tolle>my boss called me all the fucking time about well... crap
16:06<DephNet[Paul]>rnowak, over here in the UK, we have to have a land line if we want internet, unless you get mobile internet, and even then that comes with a phone number
16:06-!-vraa [] has quit [Quit: Leaving]
16:07<KyleXY>tolle: I want that phone so badly now
16:07<rnowak>Yeah, figured. I've got a cable connection which doesn't require it, and my second connection is lovely fiber through SUNET, which also doesn't.
16:08<rnowak>Never used the land line for anything, considering I can call for cheaper with my mobile, than I could with it :/
16:09<tolle>No one under 30 has a land line here.
16:09<tolle>heck, make that 40
16:09<linbot>New news from forums: Understanding Dual Stack in Linux Networking <>
16:10<tolle>KyleXY: I'm concidering just prolonging my subscription to get one
16:13-!-BBHoss [~bbhoss@] has quit [Remote host closed the connection]
16:19-!-BBHoss [~bbhoss@] has joined #linode
16:19-!-epochwolf [] has quit [Quit: Leaving...]
16:21-!-stephenplatz [] has quit [Ping timeout: 480 seconds]
16:21-!-nmudgal [~tracker@] has quit [Read error: Connection reset by peer]
16:33-!-BBHoss [~bbhoss@] has quit [Remote host closed the connection]
16:44-!-BBHoss [~bbhoss@] has joined #linode
16:45<Guspaz>When I moved out from my parents place four or five years ago, I didn't bother getting a landline, I just used my cellphone; an extra telephone number on top of that seemed redundant. Nobody I know who lives alone has one. One person has both a cellphone and VoiP though, but VoIP service only costs a buck or two a month for a DID, so...
16:47<Guspaz>In the end a landline costs as much as equivalent cell service (about $30) around here anyhow.
16:48<DrJ>we dropped our home phone service
16:49<DrJ>luckily our provider offers naked dsl
16:49<DrJ>dropped it a few years ago for the same reason ... didn't need it over cell phones
16:50<Guspaz>Yeah, there is that, but the band that I'm in only costs $7.25 extra for a dry loop.
16:50<Guspaz>So, $7.25 dry loop fee versus $30ish for phone.
16:50<DrJ>I think we pay $5/month for the line
16:51<Guspaz>It's all regulated here. Bell charges $0 for any dry loop, but the regulator says Bell can charge a fee ($7.25 if you're lucky and in band A, most people pay $9-10 for band B and C) to wholesalers, so of course Bell charges wholesalers without charging their own customers.
16:52<Guspaz>Hrrm, missing some words there.
16:52<Guspaz>Bell charges $0 to their own customers
16:53<@jed>sleep tight, #linode
16:54<@Perihelion>That'd be cool to me
16:54<Guspaz>Is jed another one of these sleeps-3-hours-a-night people?
16:54<@jed>at least they're clipped in, unlike the guyed climbers
16:55<Guspaz>At that height, it's almost like the height doesn't matter anymore because the world is just a backdrop. I get a far bigger feeling of height from the camera to the roof of the building the antenna is on than the surrounding buildings.
16:56<@jed>here you go:
16:56<@jed>transition always makes me woozy
16:57<@jed>this was regular discussion when I worked in radio, since a dozen or so climbers fall and die a year
16:57*ajmitch wouldn't want to drop tools from that height
16:57<Guspaz>Hrrm, youtube doesn't work through the proxy.
16:57<Guspaz>Tools? What if that guy in the first picture dropped his glasses?
16:57<ajmitch>that's a little less likely, but it'd be easy to just drop a screwdriver or something
16:57<@jed>guy in the video has a 30-pound toolbag
16:57<Guspaz>Right, but if you drop a screwdriver, you aren't blind a zillion metres in the air :P
16:58<Guspaz>Damn it, Jed is going to give me nightmares.
16:58-!-sivy [~sivy@] has quit [Remote host closed the connection]
16:59<@jed>that's nothing, the engineer at my old station used to tell me stories about painting not being clipped in
16:59<@jed>one hand on tower, one hand painting
16:59*Guspaz shudders
16:59-!-mrevd [] has joined #linode
17:00-!-mrevd [] has left #linode []
17:00<@jed>wait for transition in that video
17:00<@jed>you'll feel butterflies in your ass, guaranteed
17:00<Guspaz>Unfortunately, youtube is blocked here.
17:00<Guspaz>Which, at this moment, as somebody with a fear of heights, I'm thinking might be a good thing ;)
17:00<bob2>holy shit free climbing at 1700 feet
17:01-!-BBHoss_ [~bbhoss@] has joined #linode
17:01-!-BBHoss [~bbhoss@] has quit [Read error: No route to host]
17:01<rnowak>4:00 atm, hell no.
17:01<@jed>yeah, that's transition
17:01-!-BBHoss [~bbhoss@] has joined #linode
17:01<ajmitch>that's a rather large antenna
17:02<elreyespe>noone ? does anyone know about a channel regars to oracle o db2 databases? I would like to know how I can create atomic transactions combining them, perhaps with dblinks
17:02<rnowak>they should just drop the people in using a helicopter! yep, sounds like a great idea!
17:04<rnowak>I hope these people at least get a pretty penny for it, as it is batshit crazy
17:04<@jed>they're very well-paid
17:04<Guspaz>If asked to paint such a tower, I would demand a 1700' long pole.
17:04<Steve^>how long does it take for a human to reach terminal velocity?
17:04<@jed>highest fatalities per 100,000 employees of any OSHA profession, last I heard
17:04<bss>i love that video
17:05<@jed>bss: it's as good as two girls one cup in terms of reactions when I share it
17:05<bss>that video, more than most things, makes me go "woo office job"
17:05<bss>haha yeah
17:05<@jed>to be fair, most climbers work on 2-300' cell towers and such, doesn't really matter, does it?
17:05<bss>i don't have the audio on at work, but is that the one where the guy explains they don't bother with the tether because it wastes time?
17:06<Steve^>at the very very top, he isn't even holding on whilst he does the karabina
17:06<Guspaz>Steve^: 10-14 seconds for 99% of terminal velocity for a human (random google)
17:06<@jed>fall from that height would take a minute, I'd guess
17:06<@jed>maybe less
17:06<rnowak>a minute of knowing you're fucked
17:06<@jed>"well, shit"
17:06<rnowak>longest seconds in your life :p
17:07<bob2>wouldn't it be hihg enough to parachute?
17:07<rnowak>it is way above minimal height for that
17:07<@jed>I asked aaron that and he said it'd be dangerous because of getting tangled up in the tower
17:07<@jed>base jumpers do it, though
17:07<bss>how much does a chute weigh?
17:07<Guspaz>It's not unheard of for a human to survive a fall at terminal velocity, but it's extremely rare and usually results in enormous injuries. And they usually only survive because they hit JUST right to have non-vital parts of their body crumple to absorb the brunt of it.
17:07<rnowak>less than the toolbag ;p
17:07<@jed>enough that you probably don't want to carry it up
17:07<bob2>maybe the extra weight would make it more dangerous
17:07<bss>that'd be my guess
17:08<Guspaz>I should say usually results in enormous injuries in the exceptionally rare cases where they do survive
17:08<@jed>one woman landed on a red anthill
17:08<@jed>like, it's not bad enough that you just fell to your supposed death
17:08<@jed>but you survived and now you get eaten by ants
17:08<rnowak>I've always wanted to perform a study - throwing cats out of airplanes and see if they make it without injury. If they don't, I'd be wrecked though.
17:08<bob2>what would one do once they were standing on top of the beacon, anyway?
17:08<@jed>change the bulb
17:08<bob2>aside from call urmom
17:08-!-smed [] has quit [Read error: Connection reset by peer]
17:08-!-devsforev [] has quit [Quit: Lost terminal]
17:08<@jed>that's probably why they're up there
17:08-!-smed [] has joined #linode
17:08<@jed>tower maintenance = bulb changes and painting
17:09<rnowak>painting sounds very important and worth it ;p
17:09-!-BBHoss_ [~bbhoss@] has quit [Ping timeout: 480 seconds]
17:09<bob2>dammit, why didnt the bosses spring for the long life bulbs
17:09<rnowak>I see :/
17:09<@jed>if the bulb goes out, it's a federal emergency
17:09<@jed>as the operator on duty at my old station, I was required to check the bulb horuly
17:09<@jed>there's a hotline for bulb outages so that ATC can intervene
17:10<rnowak>is there at least a backup bulb on standby up there?
17:10<@jed>that I do not know
17:10<@jed>I'd guess not
17:10<rnowak>would make sense to have one :/
17:10<@jed>sort of, a cold backup would probably have a bigger chance of failing
17:10*jed shrugs
17:11<Guspaz>Why does the FAA mandate that they have to paint it? Isn't that largely cosmetic?
17:11<linbot>New news from forums: [ Poll ] Linode vs. TOR and internet privacy in Customer Testimonials <>
17:11<@jed>safety reasons. red/white for VFR aircraft
17:11<@jed>same with the bulb
17:11<Guspaz>Ah. No paint that lasts long enough available?
17:11<@jed>well, keep in mind what towers are subjected to
17:11*Daevien looks at linbot. oh come on. let that thread die already, the horse is beaten as much as it can be
17:11<@jed>you get to the top and you're in winds aloft
17:12<Guspaz>I guess it's pretty extreme in terms of wear and tear.
17:12-!-dano [] has left #linode []
17:12<@jed>I'll show you where my old station's transmitter is
17:13<@jed>when I lived there, there were 21 towers there
17:13<@jed>I think city of phoenix built another
17:14<@jed>it's a great satellite shot because you get the angle and it messes up the perspective
17:14-!-caironoleto [~caironole@] has joined #linode
17:14<Guspaz>Mindbending angle on the satellite image
17:14-!-BBHoss_ [~bbhoss@] has joined #linode
17:14<@jed>south mountain is unique and has its own listserv, because for any of us to do work we had to negotiate with the other stations to power down
17:14-!-mathew [] has joined #linode
17:14-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
17:14<@jed>so maintenance had to be scheduled ~3 months out, and we were all aware of each others' maintenance
17:15<@jed>powering up while a climber is on top = bad, bad, bad
17:15-!-dano [] has joined #linode
17:15<dano>hi, question regarding linode configs
17:15<@jed>dano: shoot
17:15<Guspaz>Yeah, I've heard things about unfortunate people in front of high power microwave transmitters when they are powered.
17:15<dano>I want to run a server with 4G of ram, but where I don't have to share disk I/O with others - it's a DB server
17:15<Guspaz>Assuming you survive long enough to get cancer.
17:15<@jed>aaron got has arm burned all the way up to his bicep one time. RF burns are catastrophic
17:15<dano>what are my options?
17:15<rnowak>omg ban radio, causes cancer *runs around screaming*
17:16<dano>RAM isn't the issue, it's i/o that concerns me
17:16<@jed>dano: the more RAM you have, the fewer people sharing your server
17:16*amitz moves to the land of no civilization
17:16<@jed>so you can look at it that way, but we don't have 'isolated' servers at this time
17:16<rnowak>amitz: you're already there
17:16<amitz>rnowak: I know what you're gonna say! ;-)\
17:16<Guspaz>dano: The larger the linode, the bigger the IO share you'll get. If you want to absolutely positively guarantee your own share, I believe the 20GB linode is one per box? Or is there an unadvertised one above those?
17:16<@jed>that said, our disk IO is consistently the winner in benchmarks
17:17<Guspaz>jed: That's not necessarily because Linode's IO is super fantastic, so much as not one other company on the market isn't horrendously bad :P
17:18<heidi>way to stay positive
17:18<Guspaz>Linodes have good enterprise-class IO performance, and everybody else has would-be-funny-if-it-weren't-so-sad class performance.
17:19<Guspaz>I try. I've become jaded over the years when it comes to hosting. Which is why Linode is such a breath of fresh air.
17:20-!-caironoleto [~caironole@] has quit [Quit: Visits ;)]
17:21<linbot>New news from forums: How an I change the parameterip_pkt_list_tot of iptables? in General Discussion <>
17:22<elreyespe>is it hard to get someone attention. just with a simple question?
17:23<ajmitch>oracle/db2 questions are not simple
17:23<Guspaz>You got the attention, it's probable that nobody knows the answer.
17:23<bob2>ask your DBA
17:23<elreyespe>I am the DBA
17:24<dano>jed: yeah, but I'm suffering from tragedy of the commons probs at the moment
17:24<bob2>then you may need a better strategy than asking off-topic-ish questions on irc
17:24<Guspaz>dano: You're on a 4GB linode and the IO performance isn't cutting it?
17:24<elreyespe>kidding, we don't have a DBA for wierd reasons
17:24<dano>2GB at the moment
17:25<dano>i/o is highly variable, hdparm tests range from 18 MB/sec to 86 MB/sec (I like 86MB/sec)
17:25<Guspaz>Really the only thing you can try is a larger linode, or if the performance is less than you'd expect from a 4GB, you can request to be moved to a different server to see if it resolves the issue. Note that servers are heterogeneous (only one type of linode per host), so resizing means a new host.
17:25<rnowak>If you're even considering oracle, you likely have serious needs, or you're over dimensioning
17:25<@jed>oracle is like having a diva in your house, too
17:25<@jed>it does what it wants
17:26<dano>no, not oracle for us
17:26<rnowak>(was to elreyespe)
17:26<Guspaz>But most databases wouldn't be I/O bound, since RAM is going to cache stuff both at the DB level and the disk level... Are you sure throwing more RAM at the problem wouldn't help?
17:26<@jed>most databases are indeed I/O bound
17:26<Guspaz>Even with both read and write caching?
17:26<rnowak>You can't cache it all
17:26-!-gadams [] has joined #linode
17:26<rnowak>If you can... lucky you.
17:27<elreyespe>well, what we really want , is to create dblinks to oracle from db2 or viceversal.
17:27<Guspaz>It's what I did when I ran an exceptionally popular site on an exceptionally weak server. Cached the whole damned database in RAM.
17:27<rnowak>Not that very weak server, compared to your needs, then
17:27<Guspaz>But it was a small database, I'll admit.
17:27<dano>yes, ram helps, but not completely
17:28<rnowak>Several GB/s read/write, compared to a few tens of MB/s, yeah, it will make a difference.
17:29<Guspaz>In terms of linode IO performance, as I said, trying a different host or trying a bigger linode (to get a bigger share) are about all you can do, and resizing to a bigger size puts you on a different host, so, two birds with one stone there.
17:29<dano>so I don't mind moving up to a 4G machine, but if the i/o has similar variance to a 2g instance, that's not a good use of funds
17:30<Guspaz>Everything is pro-rated, so it doesn't cost that much to test that out
17:30-!-userme [] has quit [Quit: userme]
17:30-!-seanh-ansca [] has quit [Ping timeout: 480 seconds]
17:30-!-Cruiser [] has quit [Read error: Connection reset by peer]
17:30<Guspaz>I think it'd be $2.67 to test the upgrade for a day account for the difference in pricing?
17:30<gadams>Should I submit my code with or without compiling to be graded on? (Feeling ballsy)
17:30<dano>I was hoping for a graph with linode sizes v. i/o variability :-)
17:31-!-bradoaks [] has quit [Quit: leaving]
17:31<gadams>make one.
17:31<dano>two dollars! oh man, I'd have to skip a latte! ;-)
17:31<Guspaz>Well, if such a graph existed, it'd be unlabeled on the Y axis, with a fine print of "average" :P
17:32<rnowak>Oh gosh, what will you drink now sitting with your ipad, no frappuccino for you
17:32<Daevien>dano: if you are doing a lot of io, anyone else on the server with you will get less io. it's impossible to give you accurate numbers
17:33<Daevien>you might do a backup at 3:03am and thats the prime time for user X and he's pissed at you. or vice versa. to many variables
17:33<dano>Daevien: Oh, believe me, I get it, not complaining, just having a discussion
17:33-!-seanh-ansca [] has joined #linode
17:33<Daevien>going to bigger linodes means less other vps on the host, so therefore, better chance of having the io you want
17:33<Guspaz>It's always possible to get a dedicated server in the same datacenter as your linode, and since incoming bandwidth is free at linode, the billed bandwidth usage would be decently low assuming mostly SELECTs.
17:34<Guspaz>Although that dedicated server would lack any of a linode's many advantages ;)
17:35<Daevien>Guspaz: including annoying jed about it
17:35<amitz>and the right to be in the same channel with me.
17:35*jed crush annoyance
17:36<Guspaz>Jed needs to invent an infinite-io-zero-cost storage medium.
17:36<Daevien>jed: weren't yo ugoing to go sleep? :p
17:36<Daevien>amitz: that would be a positive wouldnt it? :p
17:37-!-andrew [~andrew@] has joined #linode
17:38<amitz>Daevien: yes indeed, nobody wants to be in the same room with me, they all want to send me to my cage. :'(
17:38-!-Cruiser [] has joined #linode
17:38<SleePy>Sleep is for the dead.
17:38<Guspaz>The sexy kind of cage, or the jail kind of cage?
17:39<amitz>Guspaz: the one where they cattleprod me for fun :'( *cough*Daevien*cough*
17:40-!-jrwz [] has quit [Remote host closed the connection]
17:40<rnowak>we also throw premium grade bat guano at him
17:41<Daevien>amitz: take a bath once in a while and maybe then we won't? :p
17:41<Guspaz>Nothing but the best
17:41<Daevien>the stench of ENTERPRISE is upon thee
17:41<Guspaz>It got better toward the end...
17:42<linbot>New news from forums: Choosing cms to work with nginx in Performance and Tuning <>
17:42-!-tunabananas [] has joined #linode
17:43<dano>so if I add another virtual volume to a machine, is it really from a separate physical drive?
17:43<Guspaz>No, it's from the same RAID-10 array.
17:43-!-BBHoss_ [~bbhoss@] has quit [Read error: Connection reset by peer]
17:43<Guspaz>Storage on linodes is generally, as far as we customers know, four 15K RPM SAS drives in a RAID-10 array.
17:43-!-BBHoss [~bbhoss@] has joined #linode
17:44<Guspaz>My understanding is that linode disk images are LVM volumes on that array.
17:44<dano>can a linode person generally confirm that understanding?
17:45<Daevien>they don't confirm specifics
17:45<@jed>can. won't, sorry
17:45<DephNet[Paul]>dano, no, its not from a different drive
17:45<Daevien>however, a new volume will not be on different disks. that much is known just from the technology
17:45<Guspaz>dano: You can at least be assured that Jed would probably at least say "It's nothing like that" if our claims were that far off.
17:46<@jed>actually, no :)
17:46<Guspaz>So if I went around telling everybody that all Linode storage was a giant stack of paper to which chipmunks with electrodes embedded in their limbs were wired up to servers and forced to read/write the paper, you'd not correct me? ;)
17:47<rnowak>They actually use punchcards for data storage.
17:47<Guspaz>Do the squirrels load the punchcards?
17:47<rnowak>No, they have heckman for that.
17:47<Daevien>Guspaz: no, they punch then
17:47-!-alforddm [] has joined #linode
17:47<Daevien>stan_theman is the squirrel wrangler
17:48-!-cygnei [~cygnus@] has quit [Quit: Leaving]
17:48<rnowak>and mikegrb_ touches them in weird places
17:48<dano>yeah, so I have to spend my latte money for the day to test things out... will do. Just got 9.3 MB/sec i/o time, yuck
17:48<dano>on 2G instance
17:49<dano>anyway, onward
17:49<amitz>Tea: you have an unfortunate choice of nickname, that is all ;-)
17:49<Daevien>you spend more on a latte than the linode will cost for a day prob :p
17:52<Guspaz>Now if only Linode pro-rated by the hour, it could cost less than the sugar packet.
17:52<dano>sure but the latte tastses great, linodes are kind of earthy and metallic
17:52<Guspaz>But the linodes are less filling.
17:52<rnowak>You better not be having that latte at starbucks and claiming it tastes great ;p
17:52<alforddm>any drupal gurus on atm that would allow me to pick their brains for a min?
17:52<linbot>If you have a question, please just ask it. Don't look for topic experts. Don't ask to ask. Don't PM! Don't ask if people are awake, or in the mood to help. Just ask the question straight out.
17:52<linbot>If you have a question, please just ask it. Don't look for topic experts. Don't ask to ask. Don't PM! Don't ask if people are awake, or in the mood to help. Just ask the question straight out.
17:53-!-vynsynt [] has quit [Quit: Leaving.]
17:53<boba>!supa1337 [ask]
17:53<linbot>][f j00 |-|/-\\/3 /-\ q|_|3$+;o|\|, p13/-\$3 j|_|$+ /-\$|< ;+. |)o|\|'+ 1oo|< fo|2 +op;< 3><p3|2+z. |)o|\|'+ /-\$|< +o /-\$|<. |)o|\|'+ P/\/\! |)o|\|'+ /-\$|< ;f p3op13 /-\|23 /-\\/\//-\|<3, o|2 ;|\| +|-|3 /\/\oo<| +o |-|31p. J|_|$+ /-\$|< +|-|3 q|_|3$+;o|\| $+|2/-\;g|-|+ o|_|+.
17:54<alforddm>I have a drupal 6 installation that currently has an embeded gallery2 install. I would like to upgrade to drupal 7 and media_gallery but need advice on where to start
17:54<boba>I apologize.
17:54-!-bbeausej [] has quit [Quit: Leaving.]
17:55<Guspaz>That's actually fairly readable, surprisingly.
17:55<ajmitch>not to me
17:55<rnowak>nor me, takes effort - I guess we're not leet
17:55<@jed>linbot: alias add ask echo If you have a question, feel free to just ask it -- someone's always willing to help.
17:55<linbot>jed: The operation succeeded.
17:57<rnowak>less assholey \o/
17:58<Guspaz>Might have been useful to have a note about, if you don't get a response, it's possible nobody present knows the answer.
17:59<Guspaz>Since people seem to think if they don't get a response, we're intentionally ignoring them.
17:59<@jed>linbot: alias add ask echo If you have a question, feel free to just ask it -- someone's always willing to help. If you don't get a response right away, be patient!
17:59<linbot>jed: The operation succeeded.
17:59-!-smed [] has quit [Read error: Connection reset by peer]
17:59<@Perihelion>linbot: <3
17:59<rnowak>+ mention urmom if it is really important, everybody has it on hilight
17:59-!-smed [] has joined #linode
18:00<linbot>Guspaz: urmom is so fat, even her jokes cant fly. (837:7/1) [mourm]
18:00-!-Kyhwana [] has joined #linode
18:01<alforddm>I'm currently looking at migrate to see if I can't figure something out
18:02<Guspaz>alforddm: The linode forums might be a better venue to ask; if nobody here knows the answer, your question scrolls up in the history, forgotten. If you post on the forums, there's a longer exposure time for somebody who knows the answer to spot it.
18:02-!-bradoaks [] has joined #linode
18:03-!-bradoaks [] has quit []
18:04<alforddm>I'm just being impatient and was hoping something could point me in the right direction =)
18:04-!-HedgeMage [] has joined #linode
18:04<Guspaz>It seems none of the subset of us currently paying attention have any experience with Drupal :)
18:05<rnowak>I don't know it, and a quick googling didn't return anything to make me pretend to be able to know it, sorry ;)
18:05<alforddm>lol ya google wasn't much use I tried that first
18:06<rnowak>shuffle around the words towards the end a bit, brain malfunction
18:07-!-mdudley [] has joined #linode
18:07<alforddm>well since noone knows anything about a gallery port how about the redirect question I posted on the forums?
18:08-!-Deckert [] has joined #linode
18:08<Daevien>drupal has a forum, it would prob be the best place to look/ask i'd guess
18:08<HedgeMage>did someone say Drupal?
18:08<akerl>Nobody said drupal
18:08-!-bradoaks [] has joined #linode
18:08<alforddm>I have posted before didn't get much of a response It probably has something to do with the fact that I'm a complete noob lol
18:09-!-jcn [] has joined #linode
18:09<linbot>Deckert: Host not found.
18:09<Deckert>so I was not mistaken then
18:09<akerl>Deckert: You broke the internet!
18:09-!-elreyespe [~elreyespe@] has quit [Quit: Saliendo]
18:09*Deckert nods
18:09<Deckert>and all I wanted was the new kernel
18:09<Daevien>HedgeMage: drupal sucks? hehej/k. you spoke up so maybe you have an idea on how to help alforddm
18:10*Deckert looks despondent
18:10<amitz>HedgeMage: someone wanted to ask the upgrading to drupal 7 if an embedeed gallery 2 install exists.
18:10<akerl>Deckert: works
18:10<rnowak>you no can has kernel, we're all out of em, sorry
18:10<amitz>there is no kernel of truth in that.
18:10<HedgeMage>amitz: Ahh... not to my knowledge. The Gallery 2 + Drupal combo is maintained by a smaller team than it used to be, as it's not that popular any more.
18:11-!-abaddon [] has quit [Quit: I am born to conquer, so you die.]
18:11<rnowak>temporary, will become a mirror after is restored to full operation
18:11<alforddm>I was actually interested in porting the gallery install into media_gallery in drupal 7
18:12<mdudley>Rebooted into Finnix rescue mode, then SSHed into Lish... but I can't exit the ssh session? 'logout' doesn't do anything...
18:12-!-BBHoss [~bbhoss@] has quit [Remote host closed the connection]
18:12<alforddm>I pretty good at teaching myself stuff I just need to know where to start
18:12<HedgeMage>alforddm: Ahh... that should (I think) be do-able with the regular migrate module -- it takes arbitrary data and maps it to Drupal content types according to your instructions
18:13<Daevien>mdudley: try exit?
18:13<mdudley>Daevien: it prints "logout" and does nothing
18:13<alforddm>Ok I've already grabbed the migrate module and am taking a look at it. Would it be better to try to import to drupal 6 and then upgrade or is drupal 7 the way to go from the start?
18:14<Daevien>mdudley: dunno, never had that issue the couple of times i've used lish
18:14<mdudley>What does Ctrl-CAD do?
18:14<akerl>mdudley: Should pop you out of lish
18:14-!-Jesta [] has joined #linode
18:14<akerl>Once to get out of the node, again to get out of lish
18:14<mdudley>OK that got me out of there... I will read up on Lish, I didn't really know what that was
18:15<Daevien>lish is basically like hooking up a keyboard & mouse to physical system
18:15<Daevien>er & monitor
18:15<rnowak>Daevien uses a mouse in his terminals
18:15<mdudley>thanks all
18:15<Daevien>it's only useful if you've screwed up networking or need to use finnix, etc. don't use it for everyday stuff
18:16<rnowak>I use a mouse in vim. Come at me.
18:16<Daevien>eww vim.
18:16<akerl>I trained a mouse to type for me.
18:16<Daevien>akerl: how is amitz doing anyway?
18:16<akerl>I control him using a butterfly's wings
18:16-!-mdudley [] has left #linode []
18:17-!-dano [] has left #linode []
18:18-!-devcomp [] has joined #linode
18:18-!-AviMarcus [] has quit [Quit: Ex-Chat]
18:18<Daevien>man, sabayon + this laptop + usb3 connected drive copying stuff = deathly slow but not using all that much ram or cpu. strange
18:19<Daevien>maybe it's trying to stop the data copy cause i knows it's being nuked in favor of archlinux when it's done :p
18:19<akerl>Daevien: Let me know how that goes. I've never done arch on something with a gui.
18:19<akerl>So far, I've been running crunchbang on the laptop
18:19<tolle>Works just fine usually
18:19<Jesta>I've been pounding my head into my desk for the last 7 hours trying to determine why my old linode is out performing my new linode. Anyone have experience with apache2/mod_php vs nginx/php-fpm? Everything I've read states nginx/php-fpm should outperform apache2/mod_php.
18:20<akerl>Jesta: A) how are they configured B) How are you testing?
18:20-!-warren [] has quit [Quit: Leaving]
18:20<Daevien>works good on other laptop, i've run arch before on desktop/laptop but it ate my X during one upgrade. i'm runnign archbang, which is arch + openbox, basically a variation of crunchbang that some on their forums came up with
18:20<Steve^>alforddm, my approach to upgrading Drupal was to rewrite in Django. Something i'll never regret
18:21<Steve^>But I must run before you can reply, bye!
18:21<Daevien>Jesta: do you have two linodes or jsut changed apache to nginx on your one?
18:21-!-Steve^ [] has quit [Quit: Leaving]
18:22<tolle>arch is nice for testing new stuff and so on. Arch + dwm was the name of my game a while back.
18:22<Jesta>akerl: They are both running the same application (our website), both running local copies of MongoDB, one's using nginx/php-fpm and ones using apache2/mod_php. I can share the phpinfo() as well if that helps.
18:22<Jesta>Daevien: two linodes. apache2/mod_php is a linode768 and the nginx/php-fpm is a linode1024
18:22<akerl>I bet that the limiting factor is DB
18:22-!-elkingrey [] has joined #linode
18:22<Daevien>akerl: i use crunchbang fairly often, i just got annoyed with having to fight with broadcom drivers & some programs i wanted newer versions of. arch has 3.0 kernel now which works without fussing with broadcom stuff & newer versions of course
18:23<akerl>Jesta: How are you testing "fasterness"?
18:23<Jesta>akerl: doubtful... they are both using their own independent DBs. Our 768 linode is our "live" site, with a load on it, and it outperforms our new 1024 which doesn't even have a load
18:23<Jesta>akerl: 2 pages, identical queries, through a browser.
18:23<elkingrey>Hello, I just received this message in my email. Now, I know what DDoS attacks are but I don't fully understand what is being said in this email. The only thing that comes to mind right now is that one of the people that I have allowed to use my VPN is currently engaging in a DDoS attack. Can somebody help me?
18:24<Daevien>Jesta: ok, one other factor depending on what the slowdown is, maybe your 2nd host has an I/O hog on it and 1st doesn't. the other thing is you had more time i assume with apache to tweak it, i'd check into that as well just to make sure there isn't something you've missed that gives nginx no chance. generally nginx is lighter & faster under a lto of circumstances, but not necessarily every one
18:24-!-smed [] has quit [Read error: Connection reset by peer]
18:24<akerl>elkingrey: Check auth.log for successful connections which are not you. Though logs can't be trusted, if there's a rogue success there, it's bad
18:24<bob2>yes it says someone on your machine was being an ass
18:25-!-smed [] has joined #linode
18:25<elkingrey>Okay, give me a minute.
18:25<Jesta>Daevien: That's probably possible, though I think that's beyond my control? Stinks when you purchase a new linode and it's slower than the first... lol
18:26<akerl>Jesta: I still bet that database is the limiting factor
18:26<Daevien>Jesta: also, if thats your testing method, just a browser and your own self, it's not really a viable test. somethign could be cached on old one on your browser, maybe you forgot to run memcache/apc/whatever on the new one,etc? lot of variable still
18:26<Jesta>akerl: how could the DB be the factor? There's 0 requests against the new server's DB, while the old server has people, actively using it, and it's faster.
18:26<akerl>elkingrey: Basically, you want to compare (the server as it should be) with (the server as it is now). Auth attempts, running processes, modified configs, etc,
18:26<Daevien>i don't know mongo, if akerl does i'd suggest you look into the db as well, maybe there' ssomething in there thats diff or shoudl be diff with the more ram / different setup
18:27<akerl>Jesta: Are both databases configured the same.
18:27<Jesta>akerl: they are clones
18:27<elkingrey>akerl: That's a little over my head. I'm going to need some walking through on this one.
18:27<elkingrey>akerl: Can you guide me to the location of the auth.log?
18:27-!-vraa [] has joined #linode
18:27<akerl> /var/log/auth.log
18:27<akerl>elkingrey: back up your data, rebuild your node, don't give people access.
18:28-!-tolle [] has quit [Quit: leaving]
18:28<linbot>New news from forums: Fast bitwise AND buffers in C in General Discussion <>
18:28-!-tolle [] has joined #linode
18:28<Daevien>elkingrey: yeah if you think you have been comprimised, akerl is correct. i don't give anyone access to my machines gnerally that i can't reach out and smack alongside the head if they do something wrong/stupid
18:28<Jesta>Daevien & akerl - I'm 99% positive it's not the database, unless the database is being affected by an I/O hog on this new linode cluster.
18:29<Daevien>Jesta: if you put in a ticket, staff may be able to check on io usage on the machine, i'm not sure what all info they will give you due to privacy but maybe a yes io is high or no it's fine
18:29<Jesta>Though, to prove it, perhaps I should duplicate our live environment on this new linode...
18:29<akerl>Jesta: My bet is that both databases have similar response times, and that nginx is configured less efficiently than apache. The database is inflating all the times, and the inefficient configs is pushing nginx into last place
18:29<elkingrey>A VPN is considered giving access to your machines?
18:29<akerl>Pastebin your nginx config?
18:29<akerl>elkingrey: Yes
18:30-!-thingles [~thingles@] has quit [Quit: Bye!]
18:30<elkingrey>On a side note, something else is interesting that is going on, Akisment is failing me right now and I am getting bombarded with spam comments.
18:30<Daevien>Jesta: i second akerl's thoughts, nginx being newer to you prob isn't as optimized and is the most likely cause. depending on how you installed nginx, there coudl be a lto of modules, stuff liek gzip could be off on it, php-fpm might not be tuned as well, etc
18:31<akerl>elkingrey: Which is something cool to fix once you rebuild your box
18:31<Daevien>elkingrey: they can show up on the internet as your ip, means you are responsible for what they do
18:31<elkingrey>Is there a way to turn things off really quickly with my VPN so that things will go back to normal?
18:31<akerl>elkingrey: Only if it's just traffic routed through your VPN, and not actually being compromised
18:31<akerl>Kill the VPN
18:31<Daevien>elkingrey: shutdown the vpn program... if thats yoru cause it will help. if you have been comprimised though, it won't.
18:32<elkingrey>There should be a command to shut down the VPN, can someone give it to me?
18:32<akerl>Out of curiousity, have you been randomly giving VPN access to people in pubs
18:32<elkingrey>No, just friends.
18:32<akerl>elkingrey: There's have a dozen ways to kill it. OpenVPN?
18:32<rnowak>only half a dozen? Nuking the datacenter from orbit would stop it as well imho.
18:33<akerl>s/ways/ways which are within your means/
18:33<Daevien>elkingrey: get better friends if it's through the vpn and they are doing it on purpose btw :p
18:33<Jesta>akerl & Daevien - Thanks, sparked a few more ideas for testing... I'll see what I can do and see if I can't find someone who knows more about php-fpm optimizations.
18:34<rnowak>tracing down what's actually slow should be your first step
18:34<Daevien>Jesta: there are soem guides on the linjode library on nginx, not sure if they go into detail on tuning, otherwise has a wiki
18:34<elkingrey>I'm on the Linode library right now trying to figure out how to turn off the VPN. I have to go really soon and don't have time to fix things, so I would like to just turn off VPN and get back to it later.
18:34<akerl>rnowak: Bah. Way more fun to just start changing stuff
18:34<rnowak>akerl: true
18:34<akerl>elkingrey: Openvpn?
18:34<Jesta>Daevien: Yep, I've read and implemented all the linode/nginx information from those two sites already. I've been at it for a while ;)
18:34<Daevien>Jesta: check stuff like iotop, put things into debug modes so you get more logs, etc
18:35-!-niftylettuce [] has quit [Remote host closed the connection]
18:35<akerl> /etc/init.d/openvpn stop
18:35-!-ngranek [~bigjocker@] has quit [Quit: ngranek]
18:36<elkingrey>I'm on OpenVPN right now and don't see any hints to turn off the VPN
18:36<elkingrey>thanks you!
18:36-!-Eriks [~Eriks@] has quit [Remote host closed the connection]
18:36<Daevien>elkingrey: we cant' read minds, thats why akerl asked multiple times what you were running
18:36-!-fcoury [] has quit [Remote host closed the connection]
18:36-!-LK- [] has quit [Remote host closed the connection]
18:37-!-niftylettuce [] has joined #linode
18:37<@jed>elkingrey: did you just get a ticket from us?
18:37<elkingrey>the openvpn stop command gave me an error
18:37<@jed>what do you have installeD?
18:37<linbot>We're only kidding, who needs error logs? Guessing what happened is much more fun.
18:37<@jed>linbot: alias delete logs
18:37-!-niftylettuce [] has quit [Remote host closed the connection]
18:37<@jed>linbot: alias remove logs
18:37<linbot>jed: The operation succeeded.
18:37-!-jamescollins [] has joined #linode
18:38<@jed>elkingrey: that's it?
18:38<Kyhwana>elkingrey: whats your linodes IP?
18:38<elkingrey>okay, never mind. I got the stop command to work.!
18:38<@jed>elkingrey: at any rate, regarding the ticket you just got from us, there's a good chance you're compromised
18:39<@jed>to respect your privacy I won't detail further, but let us know what's going on in your ticket
18:39<elkingrey>I will now respond to the ticket and tell them that I stopped the VPN. If I am compromised then we will find out if the problem persists.
18:39<@jed>I need you to be proactive, not wait-and-see
18:39<elkingrey>Dang, I was just about to leave, too.
18:39<akerl>elkingrey: Shut down the server
18:39<Kyhwana>elkingrey: did you give your friends any login access to your linode? Have you kept all the servers on it updated? Do you have strong passwords, etcetc
18:40<elkingrey>I only gave people access to the VPN.
18:41<Daevien>elkingrey: but someone coudl have gotten into your server if you didnt' secure it
18:41<Daevien>if you cant' stay, your best bet is to shutdown the node to be honest
18:41-!-jcn [] has quit [Ping timeout: 480 seconds]
18:41<Daevien>you really need to do a full audit of your machine and find out what is going on
18:43<Daevien>if you run websites that customers visit, you could be infecting them with something if your server has been exploited, you've alrady set off linode alarms about actions comign from your linode. they will be forced to do something if it continues elkingrey
18:43<elkingrey>Okay, system is shut down.
18:44<elkingrey>Okay, plans for night just got ruined.
18:44<bob2>you can just power it off
18:44<elkingrey>I have no idea what to do now.
18:44<Kyhwana>yep, either one of your friends is not so friendly or did something done or your linode got hacked some other way
18:44<akerl>Basically, you are going to want to boot into finnix, back up your data, rebuild your node + security, put the data back
18:45-!-MikeH [] has joined #linode
18:45<@Perihelion>It rubs the Finnix on its node.
18:45<elkingrey>akerl: That sounds great, except you're talking over my head. =(
18:45<Daevien>welcome to the life of a system admin. expect computers to break when you have plans, they wait for that chance :p
18:45<Kyhwana>running your own linode box isn't easy
18:45<akerl>elkingrey: First, boot into finnix
18:45<akerl>(There's a library article for that)
18:46<rnowak>!f rescue mode
18:46<linbot>rnowak: Results not found. Im pretty sure straterra ate them
18:46<rnowak>straterra: fu
18:46<elkingrey>Let me tell you what I'm running. I don't have anybody else who runs a site on my server. Just me. I keep everything on lockdown as much as humanly possible, to the best of my ability. I do, however, allow several people to use my VPN.
18:46-!-walterheck [] has quit [Quit: Computer has gone to sleep]
18:46<akerl>elkingrey: Those two statements are mutually exclusive
18:47<akerl>!library finnix
18:47<linbot>akerl: 1. Use Finnix Rescue Mode for System Investigation and Repair - | 2. Copying a Disk to a Separate Linode Account - | 3. Running a Custom Linux Distro on a Linode VPS -
18:47<elkingrey>I had no idea that allowing others to use a VPN was a risk. And I don't understand why.
18:47<bob2>because they can do random things under the cover your linode's network connectivity
18:47-!-Jesta [] has quit [Quit: Leaving...]
18:48<Daevien>elkingrey: on the itnernet, your linode has an ip. a vpn will allow them to pretend to be your linode on the internet. so anything peopel do through a vpn is traced to you and you are responsible
18:48<elkingrey>bob2: You mean do randomly bad things to ME, or others?
18:48<Daevien>elkingrey: both
18:48<bob2>to the interwebz
18:48*akerl bets that the server itself is compromised
18:48-!-walterheck [] has joined #linode
18:48<elkingrey>I fail to understand how using my VPN gives them access to my Linode any more than somebody else.
18:49<Guspaz>It lets people route malicious traffic through your linode.
18:49<Kyhwana>your VPN basically lets them bypass any firewalling you have up
18:49<bob2>elkingrey, it doesn't per se, but it likely lets them subvert any firewall or ip restrictions you have
18:49<Guspaz>ANd if misconfigured, it lets them get a beeline to your linode past the firewalls, as Kyhwana mentioned.
18:49<bob2>elkingrey, I don't think anyone has asserted it was compromised, just suggested it is possible and requires either shutdown or immediate investigation
18:50<vraa>i thought the method of thinking was always assume you are compromoise
18:50<elkingrey>Okay, well let me tell you, of the people I gave access to my VPN, I don't believe any of them have the knowledge to do anything hacker like.
18:50<Daevien>elkingrey: if you let someone use your car, you are partially responsible if they run over akerl with it. if they aren't identified but your license plate gets written down, police will assuem you ran akerl over
18:50<Guspaz>Example: I had a misconfigured Squid proxy running on my linode. Spammers used it to get to my mail server from localhost, bypassing all the mail server's restrictions, letting them send out spam.
18:50<Kyhwana>elkingrey: if you're giving them VPN access to download linux-isos, a managed-pre-setup box make be better ;)
18:50<elkingrey>Before I go rebuilding things, how can I go about diagnosing the problem?
18:51<Guspaz>The solution in my case was simple, since I didn't actually need squid, and nothing was compromised; I nuked squid.
18:51<akerl>Boot into finnix, look at logs
18:51<rnowak>eww, microwaved squid.
18:51<elkingrey>Okay, let me figure out how to boot into finnix.
18:52<akerl>squid is on akerl's "Tasty, but only if you don't think about it" list
18:52<Daevien>rnowak: i wouldn't think eating squid of any kind would be all that good to be honest
18:52<Guspaz>Deep fried squid can be pretty tasty.
18:52<rnowak>calamares is as far as I've stretched to try, and not a fan
18:53<Daevien>then again, i suppose i did eat stuff i wouldn't have thought i would when i was in dallas and hanging around chinese and eating true chinese food :p
18:53<Guspaz>One of the local bubble tea shops sells it, and my friend gets it all the time.
18:53<rnowak>yum, centipedes
18:54<Daevien>they did get a great kick of the canadian kid eating their spicy stuff and doing ok while the chinese kid that had eaten almost entirely american fast food for 2 years couldn't handle it :p
18:56<Guspaz>I seem to be insensitive to this one particular chinese spice that they use frequently around here, so despite the fact that I can't handle spicy food, my friends all thing I'm immune to all spice.
18:56<Guspaz>*think I'm
18:56<elkingrey>akerl: Okay, I am logged into Finnix.
18:57<akerl>elkingrey: Check your logs for any suspicious activity. As I've said, if the node is compromised, logs can't be trusted. So while presence of bad things is bad, lack of bad things isn't necessarily good
18:58<elkingrey>akerl: Okay, one min.
19:03<elkingrey>akerl: I am trying to check /var/log/auth.log and it is giving me a blank.
19:03-!-JediMaster [] has quit [Ping timeout: 480 seconds]
19:03<Daevien>not a good sign
19:04<elkingrey>When I checked it while the linode was still up, there were some logs but I didn't get a copy of any of them because so many other things were happening.
19:04<elkingrey>But now in Finnix there seems to be nothing.
19:04-!-copperx [] has joined #linode
19:05<elkingrey>I have no idea what to do now.
19:05<rnowak>Have you mounted your disk(s)?
19:06<akerl>Why do I feel like you aren't checking the actual node
19:06<akerl>You need to mount the node's disk and check the /var/log in that disk
19:06<elkingrey>I have no idea what you're talking about.
19:06<rnowak>Did you even read the link that you were provided?
19:07<elkingrey>I stopped reading at the perform tasks chapter.
19:07<elkingrey>Figured that wasn't necessary in my case.
19:07*Daevien facepalms and starts the popcorn
19:07<elkingrey>Okay, let me finish,
19:08<elkingrey>I don't know what the name of my device is.
19:08-!-Deckert [] has quit [Quit: That's all folks!]
19:09<elkingrey>Anybody ?
19:10<rnowak>You set which disks to put where, before you hit the Reboot into Rescue Mode button
19:12<elkingrey>I'm not sure if I want the Finnix media, or the ubuntu disk image, or the swap image.
19:12<elkingrey>I didn't change anything before I hit reboot.
19:13-!-River-Rat [] has joined #linode
19:13<rnowak>You will have to look at that page in the linode manager again to figure out where your main disk is. You don't want swap, or the finnix one.
19:13-!-sivy [~sivy@] has joined #linode
19:14<elkingrey>Okay, thanks,
19:15-!-hfb [] has quit [Quit: Leaving]
19:15-!-Snikt [] has joined #linode
19:15<linbot>New news from forums: Postfix SMTP not accepting authentication in Email/SMTP Related Forum <>
19:16-!-Cromulent [] has joined #linode
19:16-!-Snikt [] has quit []
19:16-!-fcoury [] has joined #linode
19:16<rnowak>elkingrey: did you find out where your main disk image is?
19:17<elkingrey>Still no dice.
19:17<rnowak>Yes. So you mounted it. Now, your old / while the machine was running, is now /media/xvda
19:17<rnowak>so you'll be looking in /media/xvda/var/log
19:17-!-fisted_ [] has quit [Ping timeout: 480 seconds]
19:18<elkingrey>let me check.
19:18-!-snikt [] has joined #linode
19:18<snikt>hi all
19:18<linbot>If you have a question, feel free to just ask it -- someone's always willing to help. If you don't get a response right away, be patient!
19:18<akerl>Kyhwana: No need to pounce :p
19:19<rnowak>nothing wrong with people saying hi, imho.
19:19<rnowak>hi !
19:19<alforddm>here is a noob question since we are on the subject but what would you look for in the logs?
19:19-!-River_Rat [] has quit [Ping timeout: 480 seconds]
19:19<akerl>alforddm: Successes?
19:19<Kyhwana>akerl: my avatar is a cat.
19:19<snikt>I am having an issue with major traffic flooding from an address and I can't seem to figure out how its comming in. i have shutdown all services
19:19<alforddm>ok so success log in from any unknown IP?
19:19<akerl>snikt: Traffic going in, or coming out?
19:19<Kyhwana>snikt: blame elkingrey ;)
19:19<Kyhwana>oh wait, he shut his node down
19:19<@jed>snikt: may I violate your privacy and tell you what we figured out?
19:19<rnowak>snikt: how are you assessing that there's a lot of traffic flooding?
19:19<snikt>it was incoming and outgoing now its all incoming
19:20<akerl>rnowak: I bet he read about it in a ticket
19:20<snikt>my graphs on the linode dashboard, and i have been running iftop and seeing it that way but when i netstat there is nothing there
19:20<@jed>snikt: if I tell you the real issue, the community will be able to help you figure it out, and it'll help another customer here too
19:20-!-fisted [] has joined #linode
19:20<@jed>but I can only do so with your permission
19:20<elkingrey>These are the last few pages of the auth.log
19:20<KyleXY>jed: that bad?
19:21<@jed>just privacy policy, nothing bad
19:21<KyleXY>OK, was going to say, heh
19:21<@jed>I'm not allowed to divulge information about him without his permission, as an employee
19:21*ajmitch would expect that permission would have to be sought for any details
19:21<Kyhwana>elkingrey: you login as root using a public key pair?
19:21<elkingrey>Yes, I believe so.
19:21<@jed>snikt: for what it's worth, I am an employee
19:21<Kyhwana>you believe you do or you actually do?
19:22<elkingrey>You mean in general? Yes.
19:22<snikt>yes you can jed
19:22<@jed>snikt: you were used in a DNS amplification attack. an attacker spoofed his source IP to be that of the actual target, hit your open DNS resolver, and attacked the actual target via your bandwidth
19:22<Kyhwana>elkingrey: do you only allow public key auth for root? do you have a strong root password if not?
19:22<@jed>your resolver allowing questions to be answered from anywhere is the problem, here
19:23<ajmitch>jed: ouch, those amplification attacks can be a pain
19:23<KyleXY>jed: what happened to it not being bad .-.
19:23<snikt>hmm ok.
19:23<@jed>snikt: dnsmasq?
19:23<@jed>misconfigured dnsmasq
19:23*ajmitch remembers the days when smurf attacks were popular
19:23<elkingrey>I have public key auth for root with strong password. Otherwise I have a SFTP jailed user(me) for playing with just the website.
19:23<snikt>thought i had that locked.
19:23<@jed>elkingrey: do you run dnsmasq?
19:23<rnowak>ajmitch: heh :)
19:24<elkingrey>jed: I believe so. I set that up while building my VPN, i think.
19:24<ajmitch>rnowak: in a little country like NZ, I don't think it took much to saturate links :)
19:24<@jed>everything I just said to snikt might help you
19:24<@jed>misconfigured dnsmasq = problem
19:24<snikt>yeah jed i did the same using dnsmasq for my vpn
19:24*jed dons sherlock holmes hat
19:24-!-niftylettuce [] has joined #linode
19:25<akerl>elkingrey: On another note, do you use a passphrase with your ssh key?
19:25<KyleXY>jed: I suggest someone mentions how to secure it in the damn openvpn article :p
19:25<elkingrey>Also, I got the ticket at 18:18 so anything before that was not me.
19:25<elkingrey>akerl: Yes.
19:25<@jed>KyleXY: already being looked into
19:25<@jed>at any rate, I suspect that's what these two folks need help with
19:25<akerl>elkingrey: What do you mean, wasn't you?
19:25<alforddm>well its been fun being a sponge but I have to go later
19:25<elkingrey>Well, if there were any root logins before 18:18, it wasn't me.
19:26-!-alforddm [] has quit [Quit: The early bird may get the worm, but the second mouse gets the cheese]
19:26<akerl>You mean in the auth.log?
19:26<rnowak>I have no idea about properly configuring dnsmasq, so, slacking ->
19:26<ajmitch>there was only the one root login via ssh there
19:26<elkingrey>akerl: Yes.
19:26<akerl>And were there successful connections where there shouldn't be?
19:27<Obsidian|server>jed: I take it dnsmasq is often used for VPNs, but not much else outside that?
19:27<@jed>I use it for other purposes
19:27*Obsidian|server makes note to avoid blindly setting up dnsmasq
19:27<bob2>Obsidian|server, used by libvirt and handy for home networks too
19:28<Obsidian|server>I see
19:28<snikt>ok with dnsmasq turned off for now im still getting a steady stream of traffic (about 28kb/sec) from that site
19:28<akerl>snikt: That's inbound traffic, right?
19:28<akerl>Is that traffic that's hitting your node, or traffic that your node is responding to?
19:29<akerl>Because they're likely to keep sending traffic, until they realize it's not working.
19:29<snikt>i think its just hitting my node. nothing is responding
19:29<Obsidian|server>Did you set up all packets to drop, then?
19:29<snikt>hmm no actually i think it is response traffic
19:31-!-Cromulent [] has quit [Remote host closed the connection]
19:31<elkingrey>So, now that I've shown everybody my logs, does anybody see anything bad?
19:32<rnowak>Would binding dnsmasq to solve the issue, or would it also defeat the purpose of having it at all?
19:32<Obsidian|server>akerl: wouldn't the attacker have had to probe his system first without using the spoofed IP, btw?
19:32<akerl>I suppose. But that's what tor is for
19:32<rnowak>I take it, it is used for the VPN clients, from the VPN connection?
19:32<Obsidian|server>or is this going completely over my head - this deep into the OSI model is not something i'm experienced
19:33<akerl>elkingrey: When did you show us your logs?
19:33<Obsidian|server>ah, right, tor
19:33-!-message144 [] has joined #linode
19:33<elkingrey>akerl: a few minutes ago.
19:33<akerl>Ah, I see
19:34-!-LK- [] has joined #linode
19:34<Obsidian|server>by the way, do any of you know of a way to continuously batch-import (think a cronjob) the current tor exit nodes into a firewall like IPtables?
19:34<akerl>Obsidian|server: Why?
19:34<bob2>you need to be ratelimiting the world anyway
19:35<Obsidian|server>I'd like to wall off tor entirely. I get zero beneficial traffic from it.
19:35<bob2>since ime compromised windows machines are more of an issue than tor exit nodes
19:35<elkingrey>akerl: Anything? If not, what next?
19:35<akerl>elkingrey: I still vote for rebuild the node, but admittedly I'm a fan of the overzealous approach
19:35<Obsidian|server>plus if anyone's accessing a hosted site from tor on my box, they've got something to hide
19:36<akerl>Obsidian|server: That's very full of fail
19:36<rnowak>overflow of fail
19:36<elkingrey>akerl: What does that entail? Restoring my most recently backed up version, or starting from scratch?
19:36<akerl>elkingrey: I love scratch.
19:36<akerl>It makes good pies and servers.
19:36<elkingrey>That's not going to happen.
19:36<@Perihelion>I love pie.
19:37<SleePy>Obsidian|server, If you worry that much, they publish a list of exit nodes, just get that list, use some regex magic to get the ups, stop iptables, update the saved file and start up iptables again
19:37<mikegrb_>mmm cake
19:37<rnowak>Cake > Pie, sry
19:37-!-darkex [] has joined #linode
19:37<Obsidian|server>akerl: well, every time I've seen a tor IP used for registering on a site on my box, it's either a troll, a spammer, or an alt
19:37<akerl>cobbler > all
19:37<Guspaz>If you wish to make a Linode from scratch, you must first invent the universe.
19:37<rnowak>STOP! iptables time!
19:37<Obsidian|server>SleePy: best update interval, in your opinion?
19:37<@Perihelion>CANT BLOCK THIS
19:38<Obsidian|server>Perihelion: FFFFFFFFFFFFFFF
19:38<SleePy>Don't know? Just saying what would work to solve the problem.
19:38-!-sivy [~sivy@] has quit [Remote host closed the connection]
19:38<@Perihelion>Are you FRUSTRATED, comrade?
19:38<elkingrey>akerl: any other ideas to get back online?
19:38-!-sivy [~sivy@] has joined #linode
19:38<akerl>elkingrey: Have you considered rebuilding the node?
19:38<Obsidian|server>SleePy: I like getting input from others before I decide. I'm considering 12 hours, but not sure yet.
19:39<elkingrey>You mean the one from backup?
19:39<akerl>From scratch?
19:39<elkingrey>akerl: That seems way too brutal of an option, to me.
19:39<rnowak>The world is brutal. Life sucks.
19:39<elkingrey>I'm dreading having my site down as long as it's already been.
19:40<Obsidian|server>elkingrey: you'd be best off going a ways back. You don't know how far back your system's been compromised for sure, do you?
19:40<akerl>elkingrey: From your time in this channel, you paint the picture of someone who wants the rewards of running a server without doing the work
19:40<Obsidian|server>you could just throw up a "site down for maintenance page" until you're done
19:40<elkingrey>Obsidian|server: I haven't even found any proof that my site has been compromised.
19:40<rnowak>Don't forget to put an animated gif, and "this site is under (re-)construction!"
19:40<akerl>Part of having a stable, secure server is putting in the work to know how it works and how its protected
19:40<@heckman>elkingrey: I think the first step would be to configure dnsmasq to not listen on a public IP address.
19:41<Obsidian|server>You've got a successful root login event recorded and you don't think it was you. It should be considered compromised until proven otherwise.
19:41<rnowak>it was probably cron ;p
19:41<Obsidian|server>I see cron entries in here, yes.
19:41<Guspaz>Hmm, Seagate now has a 4TB drive on the market. Progress marches onward.
19:41<Obsidian|server>I see nothing else beyond 18:18-ish
19:41<elkingrey>I don't know if it was successful or not. I just see where it reads "Session opened for root."
19:42<@heckman>Paste the entire line
19:42<Obsidian|server>elkingrey: read earlier in the line. It says cron by it.
19:42<@heckman>Pastebin, rather...
19:42<Obsidian|server>heckman: he's got it here
19:42<elkingrey>What is cron?
19:42<akerl>man cron?
19:43<elkingrey>I mean, it is one of my own crons, or somebody elses. Is it good or bad?
19:43<Obsidian|server>it looks like every 20 minutes
19:43<rnowak>I've got chronic migraine, that's pretty bad
19:43-!-fisted [] has quit [Ping timeout: 480 seconds]
19:44<elkingrey>So, if those crons aren't bad, then we don't see any proof of root logins that weren't by me, right?
19:44<darkex>i'm buying a linode sometime soon, but doing traceroutes to shows that it's hosted in's d/c, which to me doesn't sound at all reliable
19:44<rnowak>unless they were edited out
19:44<darkex>anyone wish to speculate/comment?
19:44<rnowak>which if they had root access, is fully possible
19:44<Obsidian|server>this is true
19:45<Obsidian|server>you could just set your script to remove traces of it running IN auth.log
19:45<Obsidian|server>so that it cleans up after itself and previous runs
19:45-!-BBHoss [~bbhoss@] has joined #linode
19:45<Obsidian|server>so, check your crontab for root, first
19:45<SleePy>I wouldn't do that :P
19:45<Obsidian|server>SleePy: don't open it up and see what's scheduled? why not?
19:46<elkingrey>I just have a hard time with the idea of rebuilding my entire server from scratch. I don't have the time for that. There has to be an easier way to diagnose and fix the problem and get back online.
19:46<SleePy>I wouldn't have the script remove its own traces
19:46*heckman told you how to fix it
19:46<rnowak>rebuilding is your only option to be sure you're not compromised, although taking the hint that dnsmasq may have been your problem would also be wise
19:46-!-fisted [] has joined #linode
19:46<Daevien>darkex: fremont has had soem rough patches, any internet connected server can have a multitude of issues. if you need to be up 24/7 you need ot have multiple servers in multiple physical locations
19:46-!-sivy [~sivy@] has quit [Ping timeout: 480 seconds]
19:47<akerl>darkex: Do you want/need 100% uptime?
19:47<elkingrey>Okay, so if dnsmasq is the problem, would fixing that be good enough, or would I still be advised to rebuild?
19:47<akerl>Ah, didn't read Daevien's whole line, he beat me to it
19:47<@heckman>I would say configure dnsmasq to not bind to public interfaces and you should be fine.
19:47<Obsidian|server>SleePy: gotcha.
19:47<darkex>not particularly, it just seems annoying when you're running an irc server dumping users every so often
19:47<akerl>darkex: HE is apparently super promising to fix things this time
19:47<rnowak>it isn't *that* unstable, darkex
19:48<elkingrey>heckman: Thank you! I needed some optimism. Can you link me to how to do that?
19:48<Daevien>elkingrey: fix dnsmasq. but you still NEED to check over your system and make sure it's your only problem. reading up on proper linux admin stuff would be very good as well. you need to learn how to properly maintain a system or you will have problems and possibly cause them for other people
19:48<@heckman>So if you set dnsmasq to listen on and, assuming your follow our Linode library article,
19:48<@heckman>I mean...Google is a powerful tool.
19:48<darkex>"super promising"? i'm skeptical
19:48<rnowak>what is google?
19:48<Obsidian|server>elkingrey: make sure you've got something setup for detecting brute force attacks via ssh as well
19:48<Daevien>darkex: the issue is that you can't run to the nearest staples/bestbuy/whatever to buy DC level of power related things, etc
19:48<akerl>Obsidian|server: If you fear brute force, you're doing it wrong
19:49<Obsidian|server>akerl: Fear? No. Be aware of? Yes.
19:49<rnowak>akerl: I bet you'd be in fear if I started ramming your door by pure brute force
19:49<@heckman>You could also open /etc/dnsmasq.conf in your text editor and read the in-configuration documentation.
19:49<@heckman>elkingrey: hint: the important options are 'listen-address' and 'bind-interfaces'
19:49<akerl>rnowak: That's fear of you, not fear of your force :>
19:49<darkex>Daevien: but i'm from .au, so anything else in america pretty much blows ping out
19:49<Daevien>darkex: so they had multiple power related but apparently different issues they are trying to fix, it takes time. you can put your node elsewhere for node and move it to fremont later if you really need it there. but any other dc in the world can have power/flood/hurricane/earthquake/etc happen to it. nothign is 100%
19:49<darkex>i understand linode has absolutely no control over power issues or stuff like that
19:50<akerl>Obsidian|server: I'm also aware of tides, but my node doesn't detect them
19:50<darkex>i'm relatively skeptical that CA has more downtime than others, which isn't what i want
19:50<darkex>obviously there's 4 other d/c's to pick from, but CA is just better geo-wise
19:50<Daevien>darkex: anything can have downtime. last year, dallas had a couple bad streaks for a bit when fremont was working fine
19:50<Obsidian|server>as far as weather goes, texas is going to be your best bet most of the time
19:51<akerl>2 factor auth, strong key or password, brute force is worth nothing
19:51<Obsidian|server>CA's got the quakes, NJ's got the storms
19:51<rnowak>they have had issues, they are doing what they can to make sure those particular issues don't happen again
19:51<@Perihelion>I'll break their legs.
19:51<@Perihelion>All 12 of them.
19:51<rnowak>replace them with cactuses (!)
19:51<Obsidian|server>akerl: three factor auth. Smoke signals for authentication as well. :D
19:51<@Perihelion>This cheese has gone bad. Sadness fills me.
19:52<rnowak>Perihelion: you can sell it back for more to frenchies, win win
19:52<Daevien>server on the internet = crapshoot that random backhoes / idiots with a shovel / power surge / hurricane / etc won't affect you. only way you can try to stay up 24/7 is multiple servers in multiple physical locations
19:52-!-sivy [~sivy@] has joined #linode
19:52<darkex>but i don't have a few hundred a month to blow on multiple servers
19:52<Obsidian|server>Daevien: what country was it that had some random old woman sever the internet line for the entire country?
19:53<Daevien>otherwise, you pick what works best and go with it. if you need the low times of fremont, then you prepare for any potential downtime, same as you would any other location. ie: backups, backup plans for access, etc
19:53<rnowak>so you have to settle for less than high guarantee of 24/7, there's no two ways around it
19:53<Obsidian|server>I can't remember. Think it was Asia/Russia area
19:53<Kyhwana>I think it was eastern europe somewhere
19:53<darkex>Obsidian|server: armenia
19:53<akerl>darkex: $40 a month gets you a server in fremont and one in newark. High availability across the US
19:53<Daevien>Obsidian|server: dunno. i've been on the internet low enough that i remember in the early 90s a backhoe wiping out a good chunk of the internet backbone :p
19:53-!-BBHoss_ [~bbhoss@] has joined #linode
19:54<Obsidian|server>darkex: ah, yep that was it
19:54-!-BBHoss [~bbhoss@] has quit [Read error: Connection reset by peer]
19:54<Obsidian|server>darkex: splitting between two datacenters means better availability for the IRC network anyways. Bit of a win-win, if you get people connected to the right box
19:55<Daevien>darkex: how about we try this a different way. what are you planning on running on a linode?
19:55<Daevien>you mentioned irc, anything else?
19:55<darkex>probably some test stuff
19:55<darkex>which won't break the box
19:55<Daevien>as Obsidian|server mentioned, if you have any number of users, you prob want multiple irc servers
19:55<darkex>but i'm not starting one from scratch
19:55<Obsidian|server>involving, what. Compiled code? Java? Web apps?
19:55<Daevien>if it's you & your 5 buddies, eh, not so much
19:56<darkex>go figure :/
19:57<Kyhwana>hmm, I wonder how you would load balance an IRC client
19:57<Obsidian|server>not at all?
19:57<Kyhwana>Well, so you don't have Obsidian|server1 and Obsidian|server2 on the same channel ;)
19:57<darkex>which is exactly the reason my original question is going nowhere
19:57<Guspaz>Hmm, Apple makes a server version of the Mac Mini now that has significantly bumped specs, interesting.
19:57<Daevien>Kyhwana: lot of diff ways. not easy though overall, more knowledge needed than people think at first. oftc employs a bunch of diff methods for example
19:58<@Perihelion>I do it the lazy way
19:58<darkex>Perihelion: ROXnet?
19:58<Kyhwana>I guess you could have two clients, one pings the other and if it dies then you join the channels with that 2nd client
19:58<akerl>Sending your friend a letter saying which node to connect to?
19:58<Daevien>Guspaz: eh, why not get a linux box instead?
19:59<Obsidian|server>akerl: letters are so old school. use BEAMS OF SOUND bounced OFF OF THE ATMOSPHERE!
19:59-!-alexgordon [] has joined #linode
19:59<@Perihelion>akerl: If by letter you mean A as in record, then kinda. There are numerous records for irc.*, everyone resolves it to something, it kinda balances out \o/
19:59<Kyhwana>oh, I meant client, not server ;)
19:59<Guspaz>Daevien: Well, I have a tower OpenSolaris (eventually FreeBSD) server, but it's neat. A server with that kind of power (quad core i7, 8GB of RAM, dual 750GB 7200RPM HDDs in RAID) in such a tiny package.
19:59<Daevien>akerl: dns round robin, load balancers that route traffic to a good server and avoids down ones, etc
19:59<Guspaz>I can see why it'd make an attractive server, although the $999 starting pricetag is steep.
20:00<Daevien>Guspaz: you can build some pretty small linux servers as well
20:01<Guspaz>Daevien: Sure, and in fact I've got an Alix 2C3 (AMD Geode 500MHz with 512MB of RAM, x86) that's smaller than a mac mini, I think, and I've got an OMAP 4430 dev board that, if put in a chassis, would make an interesting server (I've got Ubuntu on it already). But none of these are even one tenth the performance of a quad core i7
20:02<Guspaz>I'm not sure if you could build a Linux server with comparable hardware that would hit the same form factor as the mac mini, if only because it'd have to be a fairly integrated unit (as the mac mini is) using mostly laptop parts.
20:02<Daevien>Guspaz: get a small formfactor motherboard and one of the home theater cases for instance
20:02<Guspaz>And I'm not sure if anybody actually does make such hardware (although it's certainly possible)
20:03<elkingrey>heckman: I don't seem to have the /etc/dnsmaq.conf file. Could it be somewhere else?
20:03-!-abaddon [] has joined #linode
20:03<Guspaz>Daevien: Sure, that'd be small, but it'd be multiple times more volume.
20:04<Daevien>Guspaz: you could put more drives in it and still not be all that much bigger
20:04<Daevien>i have an 11" i3 laptop running proxmox heh. thats my smallest server
20:04<Guspaz>Are you sure? The smallest quad-core sandy bridge intel motherboard is going to be larger than a mac mini even just bare.
20:05<Guspaz>Any motherboard small enough would probably be using an Atom anyhow.
20:05<Kyhwana>or the AMD E350?
20:05<lastnode>what is the recommended log stats tool
20:05<lastnode>munin? logwatch?
20:05<Guspaz>Kyhwana: Sure, but a quad-core i7 is going to be an order of magnitude faster than an Atom or E350.
20:05-!-sivy [~sivy@] has quit [Remote host closed the connection]
20:05<lastnode>simple is good
20:06<Daevien>this system is crashing around me, can't bring up browser right now.. was a blog i remember from a while back with a 2nd gen i5, 8gb of ram, etc in a case bigger than a mac mini true but with like 8tb of space or something and pretty cheap
20:06<Kyhwana>true, and use more power/put off more heat
20:06-!-sivy [~sivy@] has joined #linode
20:06-!-copperx [] has quit [Quit: Leaving.]
20:06<Daevien>and it was still easily portable, guy wanted it for a portable esxi server
20:07<Guspaz>Sure, but the mac mini is designed more like a laptop than a desktop, so it has a planned out cooling system; putting a random mini ITX mobo in an SFF case with a heatsink/fan slapped on the CPU isn't going to come close to the cooling efficiency of a custom engineered cooling solution.
20:07<Daevien>Guspaz: try chekcign out tigerdirect, i think they have a decent small form factor section
20:07<Guspaz>Daevien: The CPU heatsink/fan on a mini itx mobo is going to be taller than the entire mac mini alone :P
20:08-!-sivy [~sivy@] has quit [Read error: No route to host]
20:08<Daevien>and a mac mini runs mac software & isn't upgradable like a small linux server would be. i'm just saying i prefer the more custom option that prob will cost me less and be a little bigger, true
20:08<Daevien>if you dont agree, thats fine ;)
20:08-!-sivy [~sivy@] has joined #linode
20:09<Daevien>i'm sure someone out there makes a custom mac mini-ish server that runs linux/windows
20:09<Guspaz>Nothing stopping you from putting Windows or Linux on a mac mini server :P
20:10<vraa>i bought the mac mini server so i could have built in time machine
20:10-!-DephNet[Paul] [] has quit [Remote host closed the connection]
20:10<lastnode>silly vraa. time machines arent realy.
20:10<Daevien>Guspaz: if you are going to do that though, why pay the mac premium?
20:10<Guspaz>The upgradability of PCs can be somewhat overrated. I'd love to upgrade my home file server (which is a full desktop with a supermicro mobo), but I'd have to replace the mobo, CPU, RAM...
20:10<Guspaz>Daevien: For the hardware, if you were going to do that.
20:11-!-abaddon [] has quit [Ping timeout: 480 seconds]
20:11*rnowak <3 his rack enclosure in the closet
20:14<elkingrey>I am pretty sure I installed dnsmasq when I set up my vpn, but I am unable to find my /etc/dnsmaq.conf file. Any explanations?
20:14<Daevien>try spelling it right?
20:14<Daevien>thats twice you've forgotten the s here
20:15-!-daemonic [] has joined #linode
20:15<elkingrey>It's not there.
20:15<Daevien>are you still in finnix?
20:15<Daevien>then you won't find it at /etc/dnsmasq.conf
20:15<Guspaz>Daevien: That's about double the volume of a mac mini, mounts the same number of HDDs as the mac mini (two), although it looks like you can get a sandy bridge mini itx mobo to go in it.
20:15<elkingrey>How am I suppose to configure it then?
20:16<elkingrey>Oh yeah, one sec.
20:16*Daevien sighs. elkingrey remember the /dev/xd bit you were told before for accessing files?
20:17<Guspaz>Ballpark guesstimate shows the DIY solution would come out to maybe 70% the cost of a comparable mac mini, so there are some savings to be had.
20:17<Daevien>Guspaz: zino i think it is makes some small form factor stuff
20:17<Kyhwana>ah, so when I asked earlier what other servers you were running, you had forgotten you were running dnsmasq, elkingrey?
20:17<rnowak>time investment, no macosx - those things cost as well
20:18<Daevien>my browser keeps blowing up, i'm in the process of salvaging this system so browsing is rought right now :p
20:19<Guspaz>rnowak: You mean the time investment of building your own SFF box rather than just buying a mac mini? True, building my file server (which is a beast of a thing) was not fun.
20:19<Daevien>Guspaz: has some stuff
20:19<rnowak>Guspaz: yes, and ordering all parts, etc. Even if it takes you two hours of your leissure time, it is still time invested in it :)
20:19<rnowak>Researching what you want usually takes quite a while ;p
20:20<Obsidian|server>elkingrey: aren't you supposed to mount it? :/
20:20<elkingrey>Kyhwana: I didn't forget, I simply didn't know.
20:20<elkingrey>I thought I already mounted it?!?!
20:20<rnowak>Obsidian|server: he did mount it, and it goes to /media, you probably mean chrooting in, but that's not required for this purpose
20:20<Daevien>elkingrey: not the actual device. you mounted it somewhere. i was trying to get you thinking, not give you step by step. if you have to think about stuff, you'll learn more than just how to repeat commands
20:20-!-techhelper1 [] has quit [Read error: Connection reset by peer]
20:20<Obsidian|server>rnowak: then wouldn't be be using the mount point?
20:21<rnowak>which is in /media/<device name>, which he was using before
20:22<elkingrey>Okay, I've manged to view my dnsmasq.conf file. Now I need to figure out how to prevent it from listening on a public ip address. Don't know how to do that though.
20:23<Daevien>scroll up, think it was heckman that told you what to look for
20:23-!-juanjohopper [] has joined #linode
20:23<juanjohopper>hello guys!!
20:23<Daevien><@heckman> You could also open /etc/dnsmasq.conf in your text editor and read the in-configuration documentation.
20:23<Daevien><@heckman> elkingrey: hint: the important options are 'listen-address' and 'bind-interfaces'
20:23<rnowak>I mean come on elkingrey, people are trying to help you, at least pay some attention.
20:23<linbot>If you have a question, feel free to just ask it -- someone's always willing to help. If you don't get a response right away, be patient!
20:24<juanjohopper>wen you get a new ip in linode we need to create a virtual hos?
20:24<Obsidian|server>Virtual host, for what? A webserver like Apache?
20:24<Kyhwana>juanjohopper: guessing what you're asking here and i'm going to say no.
20:24<Daevien>juanjohopper: if you want to host a website on that new ip, you need to add dns records and then vhost config for apache, yes. same basic thing we did before with you
20:25<juanjohopper>hey whats up <Daevien>
20:25<Kyhwana>oh, I assumed he'd already setup a virtual host for it previously and was going to point the domains A record to that new IP
20:25<Daevien>hi juanjohopper
20:26<juanjohopper>i alreay due all the stuff about the A entries
20:26<juanjohopper>but not work
20:26-!-darkex [] has quit []
20:26<lastnode>logwatch is killing my cpu. is this because it isthe first run?
20:26<Daevien>lastnode: prob
20:26<juanjohopper>i ask linode suport and tell mme this
20:26<elkingrey>So, if I had to take a guess, I would say uncomment the last line and add the 127 address after it?
20:26<Daevien>juanjohopper: ok what does it do?
20:27<juanjohopper>The issues you're experiencing is likely because you've pointed your domain to your new IP address instead of your original one, and you haven't configured a virtual host for your domain on its new IP. Ordinarily this can be done by amending your Apache web server configuration, however as you configuring your sites through cPanel the process of creating the virtual host would be different.
20:27<Obsidian|server>elkingrey: look for bind-interfaces as well, according to what heckman said
20:28<elkingrey>I know, but first comes first. Was I on the right track with the first part?
20:28<Obsidian|server>It would appear so
20:28<elkingrey>Just add the 127 address, or also the address?
20:28<Daevien>oh, i forgot you were using cpanel. you need to add the dns record to the linode dns for the domain and possibly something like as well
20:29<Obsidian|server>elkingrey: heckman had said the 10. as well, so I'd listen to him
20:29<elkingrey>okay, are the two separated by a comma?
20:29<Daevien>elkingrey: you need the 10 ip as well or it won't answer to get give ip to anyone using the vpn
20:29<rnowak>elkingrey: they are
20:29<snikt>elkin you are running a vpn right?
20:30<juanjohopper>this one is for ssl certificated domain!
20:30<Kyhwana>ffff cpanel
20:30<Obsidian|server>Kyhwana: only four f's?
20:30<snikt>i just bound dnsmasq to tun0 and that fixed the flooder
20:30<rnowak>and beyond!
20:30<Daevien>juanjohopper: the ssl part is (mostly) a seperate issue. you need to have the dns setup properly for the domain & subdomain before it can get to the proper port for ssl
20:31<Obsidian|server>Perihelion: as if on cue!
20:31<Nivex>Perihelion: <3
20:31<Obsidian|server>Perihelion: full applause. Well timed. I'd give you a chocolate cookie if I had one.
20:31<juanjohopper>ok bro
20:31<Daevien>Obsidian|server: her cactus army warns here when she should type here
20:31<@Perihelion>Nivex: <3
20:31<Kyhwana>That reminds me, I still need to get a CACERT cert, except I can't do it tonight, since i'll be drunk
20:31<Obsidian|server>Kyhwana: should install freebsd.
20:32<@Perihelion>What's your poison?
20:32<Kyhwana>Obsidian|server: lies! netbsd!
20:33<Obsidian|server>Kyhwana: remember, 6 drink minimum before you being the download.
20:33-!-bixgomez [] has joined #linode
20:33-!-juanjohopper [] has quit [Quit: CGI:IRC]
20:33<@heckman>ymmv with the addresses.
20:33<Kyhwana>hmm, well, will probably have at least 3 pints
20:33<@heckman>depends on your config.
20:33<elkingrey>okay, well I uncommended out the listen address and added the two IP addresses and I also uncommented out the bind-address. Now what do I do?
20:34<Daevien>Kyhwana: putting netbsd on your toaster?
20:34<Kyhwana>my talkie toaster
20:34<Obsidian|server>I would love to see that happen
20:34<Obsidian|server>just once
20:34<@heckman>How did you add it?
20:34-!-avit [] has quit [Quit: avit]
20:34<Daevien>Obsidian|server: what netbsd on toasteR? was done years ago
20:34<@heckman>And then restart the dnsmasq service.
20:35<Obsidian|server>Daevien: no, netbsd on a toaster. That toasts...bread. NOT TOAST. BREAD.
20:35<Obsidian|server>...oh my god
20:35<Obsidian|server>that is fantastic
20:36-!-seanh-ansca [] has quit [Ping timeout: 480 seconds]
20:36<rnowak>remove that space after the comma, it might not like it
20:36<rnowak>(all examples at least don't have any space, anywhere)
20:37-!-kenichi [] has quit [Remote host closed the connection]
20:37<elkingrey>All else looks good?
20:38-!-WormFood [~wormfood@] has quit [Ping timeout: 480 seconds]
20:38<elkingrey>How do I restart the dnsmasq service?
20:38<rnowak>You will have to reboot your linode out of finnix, and into normal operation
20:39<elkingrey>what about /etc/init.d/openvpn restart?
20:39<rnowak>Go ahead and try it
20:39*Daevien laughs
20:39<Kyhwana>elkingrey: all your services shoudl start when you boot back into your linode
20:40<elkingrey>Never mind. Okay, next problem is there anything else to do before booting into normal mode?
20:40<elkingrey>Checking to see if things were compromised for real, or just a VPN problem?
20:40-!-sadurag99 [] has joined #linode
20:41-!-niner [] has joined #linode
20:42<rnowak>As said before, we can't know for certain you weren't compromised, but you've done what was hinted that caused your issues. If you feel that's good enough for you, boot up and see. I'd personally start from scratch.
20:42<elkingrey>Because, what I got was a support ticket telling me my Linode was engaged in a DDoS attack, but at the same time my Akismet plugin for Wordpress stopped working and I was getting flooded with spam comments. Anybody know what that might have been about?
20:44<elkingrey>also, how do I logout of Finnix?
20:47-!-alexgordon [] has quit [Quit: Linkinus -]
20:48<elkingrey>My server is still running Ubuntu 10.10. How dangerous is that?
20:49<Guspaz>Ubuntu 10.10 will be supported until April 2012.
20:50<elkingrey>Okay, cool.
20:50-!-bixgomez [] has quit [Remote host closed the connection]
20:50<Guspaz>As long as you upgrade to a later version before then you're fine. Although if you were on 10.04 LTS, you'd be fine until April 2015.
20:51<boba>the next lts comes out in apr 2012 or thereabouts, right?
20:51<Guspaz>LTS are supported for 5 years, and come out every 2 years
20:52<elkingrey>AFter I rebooted I noticed this message.
20:52<sirpengi>anybody know what CUDA_CLIIP means? Seeing it in a bunch of web traffic headers
20:56<Kyhwana>sirpengi: CUDA is nvidia's GPGPU stuff
20:56-!-smed [] has quit [Read error: Connection reset by peer]
20:56<Kyhwana>elkingrey: er christ, you're running apache, ntpd, saslauthd.. probably others as well.
20:57-!-smed [] has joined #linode
20:57<sirpengi>Kyhwana: well, what business does that have to do with HTTP request headers?
20:57<Kyhwana>you really should know whats running on your box
20:57<Kyhwana>sirpengi: hmm, maybe HTML5/WebGL/etc?
20:58<rnowak>sirpengi: never seen that before, it doesn't have anything to do with nvidia's CUDA afaict
20:58<sirpengi>I doubt it, the value for that field ends up being some random IP
20:58<sirpengi>so yeah, I don't think it's anything GPU related
20:58<sirpengi>the only helpful result google gives is some russian dude that has the same question, but nobody had an answer for him either
20:59<Guspaz>When I wanted to run an OpenVPN server, I installed OpenVPN Access Server, which took care of the config for me without requiring a lot of that extra software, and very nearly zero effort to set up. Only allows two concurrent connections for free, but that's plenty for my personal use.
20:59<Guspaz>And since it firewalls itself properly by default, I don't have to worry about making a mistake in that regard.
21:01-!-elkingrey [] has quit [Ping timeout: 480 seconds]
21:06<Karrde>great thread:
21:07<Kyhwana>is your kernel destroy?
21:08-!-elkingrey [] has joined #linode
21:09<zivester>i have a Ubuntu 10.04 Linode... whens the next time I should think of updating the OS? will an update from 10.04 to 12.04 work well, or should I be updating every 6 months?
21:10<bob2>upgrade to the next LTS
21:10<Kyhwana>zivester: you should be installing updates until it's no longer supported for updates, then upgrade
21:10<Guspaz>You can upgrade directly from 10.04 to 12.04 pretty easily, since LTS-to-LTS upgrades are supported.
21:10<Guspaz>10.04 is supported until 2015, so there's no rush.
21:10<Guspaz>You can wait for 12.04, or 14.04 if you'd like.
21:10<Obsidian|server>unless you *want* something that's in 12.04 and not 10.04.
21:10<Obsidian|server>but that's up to you then
21:11<zivester>oh crap.. i lied.. I think I have 10.10... don't ask me why I did that.. but thats what i started with
21:11<Obsidian|server>`uname -a` will tell you
21:11<zivester>ya i do, 10.10
21:12<Guspaz>If you have 10.10 you need to upgrade to something newer before April 2012, so you have 6-7 months of supported updates left.
21:12<Guspaz>And your only upgrade option is 11.04
21:12<Obsidian|server>I'd recommend getting yourself upgraded then, so that you've got straight upgrades until you hit the LTS
21:13<Guspaz>Of course once you get to 11.04, you can go to 11.10, and then 12.04. Only once you hit the LTS release can you upgrade directly between LTS releases in the future.
21:13<Obsidian|server>10.10 -> 11.04, then when 11.10 is out, upgrade to that, and then when 12.0-- CURSE YOU Guspaz!
21:13*Obsidian|server shakefist
21:13<Guspaz>LTS can upgrade to the next sequential release, or the next LTS release. Regular releases can only upgrade to the next sequential release.
21:13<Guspaz>That table lets you know what is supported until when
21:14<zivester>ah yes.. i just didn't know about the upgrade paths allowed... ok time to upgrade this then... sigh
21:14<elkingrey>Okay, it looks like things have been resolved with Linode. Apparently I was not the only victim. Can somebody help me fix my dnsmasq problem, though?
21:15<elkingrey>This is the issue I am still having with my dnsmasq
21:15<Guspaz>zivester: Well, you do have a few months left, so there's no immediate need to upgrade.
21:15<Guspaz>You're supported until April 2012.
21:16<zivester>I have no need to update anything.. but if I must update through every version, I might as well do it now, then in a coupe months.. then finally for the next LTS
21:17<@caker>elkingrey: why are you having it listen on
21:17<zivester>does anything special need to happen from the linode managers standpoint? I know there is this whole kernel admin I don't really understand
21:17<@caker>maybe I'm late to the game.
21:17<elkingrey>I asked if I should and somebody said yes. Should I get rid of that one?
21:18<Guspaz>caker: It's for his OpenVPN server.
21:18<elkingrey>Guspaz: What are your thoughts on this FAIL?
21:18<Guspaz>10.8.x.x was the default subnet for older versions of OpenVPN, I believe. I think it uses 5.x.x.x now.
21:18<@caker>ok, then it doesn't appear that interface is up when dnsmasq starts
21:19<Guspaz>elkingrey: I'm no expert on this stuff, which is why I use the package from OpenVPN that does 100% of the setup for you (but it's semi-commercial, free for only 2 concurrent VPN logins)
21:19<@caker>5.x.x.x is assigned to RIPE, looks like
21:20*zivester finds linode library document
21:20<Guspaz>Yep, I don't know why OpenVPN-as changed to 5.x.x.x
21:20<Guspaz>It used to be unallocated, such as when Hamachi (a VPN) was using it, but nowadays it is.
21:21<elkingrey>Does anybody have any advice how to check the integrity of my VPN? I mean, it is working right now. But I'm just curious about this dnsmasq business.
21:24-!-sivy [~sivy@] has quit [Remote host closed the connection]
21:27-!-advion [] has joined #linode
21:27<@heckman>elkingrey: curious about what?
21:28-!-techhelper1 [] has joined #linode
21:28-!-cygnus [] has quit [Ping timeout: 480 seconds]
21:28<elkingrey>heckman: Well, I got this FAIL error when rebooting my Linode
21:28<@caker>dnsmasq is trying to bind to an address that isn't up on your Linode at the time it starts
21:29<elkingrey>caker: What does that mean?
21:29<@caker>it means it won't be able to start
21:29<elkingrey>caker: What won't?
21:30-!-niner [] has quit [Quit: Leaving]
21:30<@caker>because isn't up on your Linode when dnsmasq starts ....
21:30<Solver>who's on first?
21:30<elkingrey>Well, how do I remedy this? Or is it not a problem because it's only when Linode starts?
21:30-!-ngranek [~bigjocker@] has joined #linode
21:30-!-advion [] has quit []
21:32<Musfuut>Is the linode manager randomly denying prevledges to anyone else?
21:32<Musfuut>I went to log in and did but had no access. I logged out changed the password, and now it works
21:33<@caker>Musfuut: maybe a bogus redirect from an old/different session?
21:33<Musfuut>ah that is possible I did have it open already from yesterday
21:33<Musfuut>thanks caker, I had a bit of a panic there :)
21:33<elkingrey>heckman: Do you know what I need to do?
21:34-!-zeade [] has quit [Quit: Leaving.]
21:36<elkingrey>caker: I'm still not sure what I need to do.
21:38<andrew>hi guys any ecommerce suggestions? i *think* magento is all right but some people advice against using it
21:38<bob2>can you outsource it?
21:39<Musfuut>caker: btw I apologize, I know you must cringe whenever someone asks if something benign is broken, cheers mate!
21:39<andrew>bob2 what do you mean?
21:41-!-byronb [] has joined #linode
21:41<bob2>andrew, can you not host it yourself and instead get someone else to do it?
21:42<andrew>no i want to learn doing it
21:43<bob2>you want to learn with other people's credit card details and some dodgy php shopping cart app?
21:43-!-maushu [] has quit [Ping timeout: 480 seconds]
21:44<ajmitch>bob2: you make it sound so trustworthy
21:44<rnowak>0000-0000-0000-0001 have my money, thnx
21:44<MTecknology>Emilie de Ravin ..... smoking hot :)
21:45<elkingrey>I'm still trying to figure out how to fix the dnsmasq problem I have, and I notice that when I connect to my VPN I get this error message:
21:45<Solver>MTecknology: hahaha
21:45-!-seanh-ansca [] has joined #linode
21:46<MTecknology>Solver: she's like a ghost pepper
21:46-!-avit [] has joined #linode
21:47-!-mib_l7uy7a [] has joined #linode
21:47-!-avit [] has quit []
21:47-!-mib_l7uy7a [] has left #linode []
21:48<MTecknology>anyway... g'night all
21:49-!-kaul__ [] has quit [Ping timeout: 480 seconds]
21:52-!-avit [] has joined #linode
21:52<andrew>Veyton or OXID
21:52-!-avit [] has quit []
21:55<elkingrey>I cannot for the life of my figure out how to fix the dnsmasq problem. Caker told me that the IP addres isn't up on my linode when dnsmasq starts, but I don't know how to remedy this. Also, I'm still not fully sure why I had to add that IP address to my listen-addresses anyways.
21:55-!-BBHoss_ [~bbhoss@] has quit [Read error: Connection reset by peer]
21:56-!-BBHoss [~bbhoss@] has joined #linode
21:56-!-array [danny@2600:3c01::f03c:91ff:fe96:db42] has quit [Remote host closed the connection]
21:56<Kyhwana>you have to add that IP so your clients on your VPN can access it
21:56-!-array [danny@2600:3c01::f03c:91ff:fe96:db42] has joined #linode
21:56-!-chesty [~chesty@2600:3c01::2:a001] has quit [Remote host closed the connection]
21:56-!-chesty [] has joined #linode
21:56-!-array [danny@2600:3c01::f03c:91ff:fe96:db42] has left #linode []
21:56-!-array [danny@2600:3c01::f03c:91ff:fe96:db42] has joined #linode
21:56-!-mode/#linode [+o array] by ChanServ
21:56<Kyhwana>and start dnsmasq after networking comes up
21:57<elkingrey>Kyhwana, how do I do that?
22:01<elkingrey>Kyhwana: When you say add that IP, isn't that what I already did when I added it to the line with the
22:01<Kyhwana> is localhost
22:01-!-wkl [~wkl@] has joined #linode
22:01-!-atman [] has joined #linode
22:01<elkingrey>Kyhwana: Yeah...
22:01<Kyhwana>I don't know what distro you're using, so your script files will be difference, but you need to move dnsmasq to start up after the networking stuff
22:01<Kyhwana>anyway, back to work
22:01-!-[narcan] [~narcan]] has joined #linode
22:02<[narcan]>what is it with linodes getting hacked
22:02<elkingrey>So, it isn't just me!?!?
22:02-!-Guspaz [] has quit [Quit: ajax IRC Client]
22:02<[narcan]>setup a brand new linode, 10.04, set the root password and left it for 2 days
22:02<Kyhwana>[narcan]: admins who don't know any better/fail at securing stuff/run cpanels
22:03<atman>hey guys, quick question. if i buy linode most basic package Linode 512, can i broadcast radio, and to how many listeners roughly?
22:03<atman>in 128kbps quality
22:03<[narcan]>come back and it's root kitted
22:03<Kyhwana>atman: there's a 50mbit upstream limit applied by default on each node
22:03<[narcan]>Kyhwana: Well what is it with linodes default iso's being so insecure
22:03<Kyhwana>[narcan]: did you patch it?
22:03<Kyhwana>apt-get update ; apt-get upgrade, etc?
22:03<@caker>atman: by default, outbound on Linodes is limited to 50Mbit/sec -- however you can get that raised with a support ticket and a simple reason why you need it
22:04<@caker>(50 megabits) / (128 kilobits) = 400
22:05<@caker>(50 (megabits / sec)) * 1 month = 15.6744947 terabytes .. which is quite a bit over the 200 GB it comes with, mind you :)
22:05<elkingrey>caker: Kyhwana says I need to move dnsmasq to start up after the networking stuff. DO you know how to do this, or at least point me in the right direction? I'm running Ubuntu 10.10
22:05<@caker>elkingrey: ya - man update-rc.d
22:06<elkingrey>Are you telling me to run the command " - man update-rc.d" ?
22:07<dcraig>without the -
22:07<@caker>read the man page on the 22:05 <@caker> elkingrey: ya - man update-rc.d
22:07<@caker>read the man page on the update-rc.d command
22:08<dcraig>what about upstart?
22:09<@caker>good point. nfi
22:10<elkingrey>caker: That only leaves me with more questions...
22:10-!-sivy [~sivy@] has joined #linode
22:10<atman>wow, caker, so its not worth for radio i guess?
22:11<@caker>atman: depends on what you're selling, I guess?
22:11-!-copperx [] has joined #linode
22:12-!-abaddon [] has joined #linode
22:13<atman>caker, nothing just broadcasting radio through shoutcast
22:13<atman>to web and mobile
22:13<atman>in stereo
22:14<atman>so for 200gb i can have like 14 listeners?
22:14<Kyhwana>atman: if they're streaming 24/7, yeah?
22:18<elkingrey>after I modify my /etc/dnsmasq.conf file what command do I need to restart it?
22:19-!-joar_ [] has quit [Quit: Lost terminal]
22:20-!-Kyhwana_ [~luizg@2001:e20:2000:3001::2] has joined #linode
22:25-!-Knight [] has joined #linode
22:26<boba>elkingrey: man update-rc.d doesn't say how to restart a service...?
22:27<elkingrey>No, I figured out how to restart it.
22:28-!-Kyhwana_ [~luizg@2001:e20:2000:3001::2] has quit [Quit: leaving]
22:28<elkingrey>I decided to reset my dnsmasq.conf file back to its original to see if I could get rid of the following error: ERROR: Linux route add command failed: external program exited with error status: 7 which I could not. Now I'm trying to figure out how to get rid of this error.
22:29<Kyhwana>uh, so now you'll be flooding the other guys linode again?
22:29<elkingrey>I never fully fixed it before.
22:29<elkingrey>I never could figure out how to fix it completely.
22:30<elkingrey>And then I got ignored.
22:31<elkingrey>Understandably so. I look like a chump on this channel. And perhaps I am. But at least I'm trying. I have learned a lot since I first set up Linode.
22:31<@caker>elkingrey: you're doing just fine
22:32<elkingrey>I've learned a ton from A: Following the linode Library(which only gets you so far) and B: Asking questions here. But asking questions here only gets one so far before others get annoyed.
22:33<elkingrey>Google is great, if you know what you're looking for. For example, I never would have diagnosed the problem as being my dns masq in 100 years. How would I?
22:34<Kyhwana>I would've fired up tcpdump or something "zomg what are all these dns packets" etc
22:35<elkingrey>When someone in my shoes reads that statement, I think to myself "What is tcpdump? And dns packets? That sounds shocking, too bad I don't know how I would ever get shocked.
22:36<Kyhwana>why did you get a linode?
22:36<Daevien>elkingrey: there's this nifty thing called google. has LOTS of information and lets you search for stuff and tells you things!
22:36<elkingrey>I mean, where did you look to find a bunch of dns packets? And why>
22:37<elkingrey>Google is great if you know what you're looking for.
22:37<Daevien>elkingrey: or if you punch in stuff relevant to what you've bene told like: hey your server is part of a ddos spewing udp packets. punch in ddos udp packet
22:38<elkingrey>I was never told anything about udp packets.
22:38<Daevien>um, is yours right?
22:39<elkingrey>And besides, when you're under attack you don't necessarily have time to lolly gag on google.
22:39<Daevien>my biggest observation on you elkingrey: you rush through things and want it to take 5 seconds. thats a bad trait to have when you are working on servers. you need to stop, breath, think about stuff, read things then take steps
22:39<elkingrey>Yes, but that sounded like something that was done on their end.
22:40<Daevien>yeah, they resicticted them. they didn't stop them from trying to be used. so you need to look at that and go hmm, why is my system sending so many udp packets as part of a ddos like linode staff jsut told me? i should go look to see what is doing that
22:41<elkingrey>Well, take for example this: I search "ERROR: Linux route add command failed: external program exited with error status: 7" and you know what I got? NOTHING USEFUL.
22:41<sadurag99>I'm wanting to install php on my linode 512. It's serving static webpages using nginx. The tutorial outlines how to do it with php-fastcgi, what about php-fpm?
22:42<Daevien>elkingrey: first result in google for me of copying your exact quote is a thread on ubuntu forums abotu openvpn marked solved, which means there should be someone there with the same problem that has gotten it fixed
22:42<@caker>sadurag99: static web pages don't need php .. ?
22:43<sadurag99>caker: I'm making a form on it, need php to submit it
22:44-!-epochwolf [] has joined #linode
22:45<elkingrey>Not helpful.
22:46<Daevien>elkingrey: what isn't, that page or my comment?
22:46<elkingrey>That page.
22:47<Daevien>looks to be the same problem from teh extremely limited info you gave me. appears to be an iptables problem and post 7 says try something, post 8 says it worked
22:48<Daevien>my point is this: i fyou want to run a machine on the internet, you need ot put effort into researchign things and read over things carefully. or else you WILL have your system exploited, it's only a matter of when
22:49<Kyhwana>what happened with that [narcan] dudes box?
22:49<elkingrey>I do a lot of reading as well. But it doesn't mean it always helps.
22:51<Daevien>Kyhwana: scrolling back last thing i saw was him saying he left it for 2 days and didn't run updates or do anything. hopefully he just nuked the box
22:51<[narcan]>Kyhwana: i just reimaged it
22:52<Daevien>[narcan]: good plan :)
22:52<Kyhwana>[narcan]: yeah, install the security updates this time
22:52<Kyhwana>although I don't think it'll have anything running on it by default
22:52<Kyhwana>so your password must have been teh sux0rz if that was the case
22:53<elkingrey>What I don't understand is how I have a new error when connecting to my VPN even though I reverted my dnsmasq.conf file back to previous setup.
22:53<[narcan]>Kyhwana: maybe, though it was 12 characters long with numbers, lower / upper and punctuation
22:54<[narcan]>Kyhwana: the only thing running was the ssh server, so I'd just guess the stock image is exploitable via this
22:54<Daevien>elkingrey: chances are you didn't reboot for a while and made some change in the meantime that broke the vpn. or someone else has access to your system and made a change. or, your vps has been exploited and someone made the change.
22:55<Daevien>wasn't there an openssh update not all that long ago?
22:55-!-mathew [] has quit [Quit: Leaving]
22:55<Daevien>could be that narcan
22:55<elkingrey>I don't think so.
22:56<[narcan]>still, kinda be nice if linode had an image with weekly / monthly updates applied , so you get some breathing room before you go in and set the thing up
22:56<Daevien>elkingrey: ok well i fyou are so sure then, it must have been teh magic fairies that broken your vpn. go blame them
22:56<Kyhwana>afaik there hasn't been a remote root exploit in openssh for ages
22:56<Daevien>[narcan]: well, best way would be not to boot the image if you aren't going to use it i guess
22:56-!-will [] has joined #linode
22:57<[narcan]>gotta boot it at some point
22:57-!-ngranek [~bigjocker@] has quit [Quit: ngranek]
22:58<[narcan]>i'm saying you dont want to be in the position if you boot, look away for 10 minutes and come back to find a bunch of root kits installed
22:58<[narcan]>sure this was over a period of two days, but who knows how quick some of these guys are
22:58<elkingrey>I'm not sure. It's just that A: I've rebooted recently, B: Nobody else has access to my system(that I know of) and C: While it's possible that someone exploited my VPS I think it is also unlikely because I keep it on lockdown as much as I possibly can and this recent DoS attack hit many people, the exploit being the dnsmasq, which I don't believe compromised by VPS
22:59<Kyhwana>[narcan]: I don't know how then, you'd have to ask the staff or submit a ticket, but a default ubuntu server install should be secure
22:59-!-synapt [] has quit [Ping timeout: 480 seconds]
22:59<[narcan]>Kyhwana: that's my gripe, the 'default' install isnt secure
22:59<[narcan]>i had a good password, literally all i did was create and boot
22:59<ajmitch>[narcan]: what were these rootkits that were installed & how did you find them?
22:59<pharaun>what default?
23:00<@ericoc>[narcan]: did you deploy with a stackscript?
23:00-!-sadurag99 [] has quit [Ping timeout: 480 seconds]
23:00<[narcan]>pharaun: ubuntu 10.04 LTS
23:01<Daevien>elkingrey: the honest, probably will make you made comment of mine (only my thought, i have no affiliation with linode staff besides as a customer) is this: since you have trouble mounting drives, editing config or even reading our directions: i imagine you have security holes. the sooner you can learn to fully research issues, the sooner you will work on correcting those issues and be far more secure
23:01<[narcan]>ajmitch: there was a bunch of shit in /usr/lib/.b
23:02<[narcan]>ajmitch: root cron was running 'cutitas' , in the dir there was also psybnc , didnt look too much further past that
23:02<[narcan]>what tipped me off is i got a cpu warning from linode
23:02<elkingrey>Daevien: That's why I'm here. =)
23:03<elkingrey>Today was the first time I've ever logged in through Finnix. Now you might slap your head at that. But now I know how to.
23:03<[narcan]>@ericoc: no, i literally just selected 10.04 provided a password and hit built
23:03<@caker>[narcan]: sorry, late to the game -- what's the backstory? You deployed, booted, and then what happened?
23:03<Daevien>elkingrey: right, which is a good first step. the next step in my opinion is to like i said before, slow down, take a breath and calmly research and read everything that is pointed out to you and that you can find while researching your problem. i find you ski through tryign to get stuff done instantly and miss important bits
23:04<elkingrey>I know many people built their server with Linode only after having built many of their own before. But this is the very first server I've ever built.
23:04<pharaun>^ a thousand time over
23:04<pharaun>elkingrey: no
23:04<pharaun>elkingrey: there's ton of newbs here too :p but the important thing to take away from everything, READ up on docs, etc and learn how your tools work
23:04<[narcan]>@caker: yep, so just selected a Ubuntu 10.04 LTS image, stock, provided password and hit build. Then left it for a couple days until we got a CPU warning
23:05<Daevien>elkingrey: right and everyone needs to start somewhere. i'm just trying to suggest your next step should be to realize being a system admin is a lot of work and needs to be done methodically, not haphazardly ;)
23:05<elkingrey>Daevien: I'm trying my best, I promise you.
23:05-!-karstensrage [] has joined #linode
23:05<[narcan]>so i went and checked out the logs and found cron running some stuff in /usr/lib/.b , and checked last to see someone other than me had been on the machine
23:06<[narcan]>@caker: dont have a whole lot more detail than that now, as I've rebuilt the image
23:06<@caker>[narcan]: you never logged into it? never installed anything?
23:06<Daevien>elkingrey: the linode library ( has a ton of useful stuff in there. and this channel is a good resource too. but think of it this way: when us regulars spend all day in here and answer the same question 50 times, we get cranky. we may not mean to, but it is YOUR system, the vast majority of us arenot linode staff so don't get paid to be here. when someone doesn't read the basics or seem to be trying all that hard, jsut
23:06<ajmitch>no indication of how they got in, like logging in with a password in auth.log?
23:06<[narcan]>actually, it was like 6 days
23:06<[narcan]>root pts/0 Wed Sep 7 18:05 - 18:11 (00:06)
23:06<[narcan]>root pts/0 Wed Sep 7 14:38 - 14:39 (00:00)
23:06<[narcan]>reboot system boot 3.0.0-linode35 Thu Sep 1 00:11 - 21:55 (6+21:43)
23:07<[narcan]>setup sep 1, then 6 days later that guy logged in
23:07<elkingrey>Daevien: I've already read the Linode Library, at least everything pertaining to Ubuntu 10.10.
23:07<elkingrey>I systematically went through it.
23:07-!-will [] has quit [Remote host closed the connection]
23:07<@caker>[narcan]: last -a
23:08<Daevien>caker: he nuked it now
23:08<[narcan]>yeah sorry, as i said it's been rebuilt now
23:08<elkingrey>Some of it was over my head. For me, I learn best while doing. It's hard for me to comprehend something if I am not doing it.
23:08-!-cygnus [] has joined #linode
23:08<Kyhwana>[narcan]: install it again and leave it? ;)
23:08-!-copperx [] has quit [Quit: Leaving.]
23:08<Kyhwana>or im sure one of the staff could spin one up and see what happens if they're so inclined, heh
23:09-!-ngranek [~bigjocker@] has joined #linode
23:09<Daevien>elkingrey: you may want to look into another linode as a testing system. or install virtualbox or something else and run a vm on your system. play around with stuff, break it. redeploy and start over and try not to break it the same way. it's how a lot of us in here learned
23:09<[narcan]>Kyhwana: yeah well i am going to leave this one for another week or so and see what happens
23:09<[narcan]>Kyhwana: though this time updates have been applied
23:09<[narcan]>Kyhwana: i dont want to go through all the hassle of setup to find i need to do it again ... *grr*
23:09<Daevien>or caker can just make a dummy system and give it to some of the regulars to try and exploit *evil grin*
23:09<@caker>[narcan]: using that pass anywhere else? ...
23:10-!-z3ro3x [z3ro3x@2001:0:4a3f:74dc:cbf:f226:9c47:adfa] has joined #linode
23:10<rnowak>was the password hunter2?
23:10*ajmitch can't really think of how it could happen unless the password was logged & used to access it
23:10<pharaun>i highly recommend virtualbox/vmware
23:10<Kyhwana>rnowak: lol
23:10<[narcan]>@caker: it was just a random gen one
23:10<ajmitch>rnowak: how'd you guess my password?!?
23:10<@caker>my first thought is this is probably something we would have heard about by now -- but you never know
23:10<Daevien>ajmitch: urmom told him
23:10<rnowak>ajmitch: I didn't, it should be star'd out
23:10-!-JSharp [] has quit [Quit: Leaving]
23:10<elkingrey>Daevien: That may be a good idea. In the meantime, I'd like to get my VPN running smoothly again.
23:10<ajmitch>rnowak: oh right, so only I can see it?
23:11<Daevien>elkingrey: from the error and that thread, it looks to be relating to your iptables config perhaps
23:11<elkingrey>I mean, it appears to be running smoothly. But there is an error that is disconcerting
23:12<elkingrey>Ideally, I would like to have my dnsmasq.conf file in order as well, but again, I got an ominous error despite a seemingly smooth running VPN
23:12<Daevien>elkingrey: are you still running it on the old (bad) dnsmasq config?
23:13<elkingrey>Yes, I returned it to that state to see if it would get rid of the error, which it did not. I suppose I can return it to what was suggested, now. But the errors remain.,
23:14<Daevien>you NEED to return it to the new config or else you are just going to be used again for DDoS and have linode staff send you another, probably less polite, ticket
23:15-!-zeade [] has joined #linode
23:15<Kyhwana>or stop running dnsmasq
23:15<@caker>.. on a public interface
23:15<Daevien>Kyhwana: he seems to want to kepe the vpn going so he needs it or something like it
23:16*ajmitch was impressed that the staff just limited UDP packets & didn't null route the box outright
23:16<@caker>this has been an on-going struggle for us for the past few days... someone is being naughty
23:17<Kyhwana>or if you can't figure out how to stop running it on a public interface, stop running it.
23:17<Daevien>Kyhwana: he has the config (or shoudl anyway, he got help on it) to limit it to 127 & his 10 ips only. he got an error and went back to bad config though, so he needs to get back to the good config
23:17<rnowak>or put a troll in front of it
23:17<rnowak>or a iptables rule, if no trolls are available
23:18<rnowak>(* swamp ogres work even better)
23:18<Daevien>oh swamp ogre. go guard the dnsmasq then rnowak
23:20<elkingrey>Okay, so I set up my dnsmasq.conf file the way I was told to set it up and I restarted dnsmasq. It seemed to accept it well. However, when I rebooted my linode the first time I noticed this error: But when I do it now, the only error I notice is when I connect to my VPN, the error I showed you earlier.
23:21-!-atman [] has quit [Quit: CGI:IRC (Ping timeout)]
23:22<elkingrey>It could be that the two errors are unrelated. In fact, it was kind of a fluke that I got the first error, I just noticed it during reboot. Would I get it again? I don't know.
23:22<Daevien>login to the lindoe and do ifconfig & pastebin the output, shoudl probably be a section called br0 i think is what the guides setup
23:22<Daevien>i believe the default ip a lot of guides end up with for that is for some reason, so you will need to change the dnsmasq config to whatever that ip is
23:23<elkingrey>Or did you want me to ifconfig that from client while connected to VPN?
23:23<Daevien>hmm, k. looks liek dnsmasq is starting before openvpn, jsut realized that. so when dnsmasq runs, there is no
23:24<Daevien>if you restart dnsmasq now it should work as openvpn has the ip bound now
23:24<elkingrey>I already did restart dnsmasq
23:25<pharaun>stupid gimp, go die in a fire
23:25<pharaun>its not compiling for me *sigh*
23:25<Daevien>pharaun: y u so mean? :(
23:25<pharaun>Daevien: haha sorry, nah its the gimp app :p
23:25<Daevien>(god even typing that i felt like i regressed a few iq points)
23:25<pharaun>i just realised the double meaning after i said that :p
23:26<Daevien>elkingrey: and the vpn seems to work now?
23:26<pharaun>heckman: nah gimp is just a broken pos :p
23:26<elkingrey>Daevien: Yes, that's the odd thing, it seems to work fine. I just get that one ominous error.
23:26<pharaun>what error
23:27<Daevien>pharaun: iptables add failed it looks like
23:27<elkingrey>SIOCADDRT: File exists
23:27<elkingrey>Wed Sep 7 23:17:09 2011 ERROR: Linux route add command failed: external program exited with error status: 7
23:29<Daevien>caker: server porn!
23:29<@heckman>elkingrey: Did you make sure that you iptables rules were set when rebooted?
23:29<elkingrey>heckman: No. I don't know how or why to do that.
23:30<@heckman>pastebin: iptables -nvL ; iptables -t nat -nvL
23:30<pharaun>Daevien: deception, no pr0n was found
23:31<@heckman>MOAR COARS
23:31<Daevien>pharaun: 80 core, 4tb server = not server porn? hand in your geek credentials now, you don't deserve them
23:32<pharaun>Daevien: nah, its just blah blah blah blah blah to me
23:32<@heckman>Well, there went my theory
23:32<pharaun>i want to see actual server hardware
23:33<Daevien>pharaun: ah sorry. forgot :p
23:33<pharaun>Daevien: :D
23:35<pharaun>Daevien: aw, 80 cores, i was hoping for 80 cpu :p
23:35<elkingrey>So, am I back to square one? Is my current setup still a threat to Linode?
23:36<Daevien>pharaun: eh well. 80 cores & 4tb of ram is still pretty good.
23:36<pharaun>Daevien: i'm sure rnowak will want a such machine very badly
23:36<pharaun>Daevien: hella yes
23:36<rnowak>no, pointless, stupid toys. Who would wan... give :(
23:36<Daevien>elkingrey: if you went to the config that fixed dnsmasq liek we said, that may have fixed your problem. unless it wasn't due to your vpn/dnsmasq
23:36-!-HedgeMage [] has quit [Ping timeout: 480 seconds]
23:38-!-devcomp [] has quit [Quit: devcomp]
23:38<elkingrey>Daevien: Do you think that the current error I am experiencing is related to the dnsmasq? Also, is there a way to examine the integrity of my VPN?
23:38<Daevien>from whats been said, it sounds like it may be. you may want to put in a ticket to linode to jsut formally say what you've done since when they send out notices like that, they aren't kidding that if it's left, your node will have thigns done by them to fix the issue, which wont be what you want
23:39<Daevien>elkingrey: no, it's probably something you didn't notice before. it looks liek an iptables error in the openvpn config is my guess, probably something in how it starts up the tun0 interface to work with the vpn
23:39<rnowak>"Self healing resiliency delivers up to a 200% boost in reliability"
23:39*rnowak chuckle
23:42<elkingrey>Daevien: So, you think then that my dnsmasq is set up correctly? Because there was speculation that it could be loading after the linode or something rather.
23:42<Daevien>elkingrey: k, so they have been kept up with the situation. you may not want to post all your stuff with linode staff though just as a fyi. sometimes sensitive info is there and that pastebin can be found by anyone
23:43<elkingrey>I know, in this case I was pretty sure that nothing sensitive was contained.
23:43<Daevien>ericoc said what i noticed after i started lookign closer, thatn dnsmasq is starting before openvpn, so it's tryign ot bind to an ip that doesn't exist yet on your system until openvpn starts
23:44<elkingrey>Daevien: That is something I would like to remedy but don't know how to go about it, or even where to look.
23:44-!-tunabananas [] has quit [Quit: Leaving.]
23:44<Daevien>so you will want to change the startup order to have dnsmasq start after openvpn. exactly how depends on your distro of linux, search google for like " distro version change startup services order" shoudl do it
23:44-!-darkex [darkex@2001:470:1f05:161d:feed:f00d:2:face] has joined #linode
23:44<elkingrey>k, thanks!
23:44<Daevien>the other error is most likely unrelated to dnsmasq, it's somethign with how openvpn is starting up the vpn interface i believe
23:45<elkingrey>okay thanks!
23:45<Daevien>my openvpn knowledge isn't all that great, otehrs in here have used it more than me and may be able to sort that out, so if you can't find naythign on it, try checking back another day when other peopel are active perhaps
23:45<Daevien>o/ ericoc
23:46-!-JoshMargulis [] has quit [Quit: JoshMargulis]
23:46<Daevien>if the vpn is workign now, it's (probably) not a major problem with the route error
23:46<darkex>does anyone have a newark ipv6 address i could possibly have to do a few traceroutes and stuff
23:46<Daevien> works for ipv4, may for ipv6 as well
23:47<darkex>nah it's just ipv4
23:47<Daevien>hrm, yeah just checked that myself
23:47<boba>2600:3c03::2 is one of the resolvers over there
23:47<darkex>ah ok that works
23:47-!-JoshMargulis [] has joined #linode
23:48<Daevien>ericoc: there's a suggestion for you - add ipv6 to newark1, dallas1, etc :)
23:48<ajmitch>220ms to newark, wonderful
23:48<darkex> 11 247 ms 247 ms 247 ms [2600:3c03::2]
23:48<darkex>oh, nz
23:48<rnowak>220ms isn't too bad from what could as well have been mars
23:48<darkex>says a lot, ajmitch
23:49<Kyhwana>mars would be a lot longer ping time..
23:49<StevenK>255ms for me
23:49<ajmitch>darkex: yeah, I'm testing from home, and I get 230ms with ipv4
23:49<Daevien>rnowak: the original nz popular fled to mars, better place to live
23:49<Daevien>er popular = population
23:50<rnowak>They need to propagate their random flash mob maori warrior combat dances
23:50<rnowak>mars is a good first stop
23:51<darkex>interesting, 2600:3c0x::/32
23:51-!-devcomp [] has joined #linode
23:51<darkex>i have no idea how to fill the x with cidr, but whatever
23:51<Daevien>61ms avg ipv6 ping to resolver1.newark, not bad considering i'm using connecting from nova scotia to HE's toronto tunnel to newark :p
23:52<darkex>nothing's as bad as sydney/lax routing
23:52<Daevien>darkex: malaysia to dallas/atlanta. i have voip servers running over that path. ugh.
23:52<rnowak>hmm, 100ms to newark from malmö, sweden - a bit on the higher end right now
23:52-!-smed [] has quit [Read error: Connection reset by peer]
23:52<Daevien>er had
23:52<darkex>most of my eu traffic goes through america - goes via hong kong/amsterdam
23:52-!-smed [] has joined #linode
23:53<darkex> = slow
23:53<bob2>darkex, nz/lax is worse, since it is via sydney
23:54<darkex>not sure if that's accurate or not
23:54<ajmitch>bob2: about as bad as reaching (in australia) via lax?
23:55<Kyhwana> ahh, thats it
23:56<bob2>hm I can't tell if that site gets to fremont via .au or not
23:57<ajmitch>bob2: it'd be worrying if you were reaching a site in australia via the US
23:57<ajmitch>but it wouldn't surprise me at all
23:57<darkex>169ms to
23:57<elkingrey>Daevien: Can you do me a favor? Can you explain to me in layman's terms what it is and why I altered the listen-address and binding-address in the dnsmasq? It makes it so much more difficult to do things when I don't understand what I'm doing.
23:57<darkex>how about over in NZ?
23:58-!-JSharp [] has joined #linode
23:58<ajmitch>darkex: about the same
23:58<darkex>then how is traffic routed via australia to the us?
23:58<darkex>would've thought it was just routed straight to america
23:58<Musfuut>Is it appropriate to send a thank you to support via the ticket system after something has been resolved or do they prefer their ticket system not being cluttered up
23:59-!-VS_ChanLog [] has left #linode [Rotating Logs]
23:59<darkex>there's testimonials on the forums, Musfuut
23:59-!-VS_ChanLog [] has joined #linode
23:59<darkex>you might want to consider posting there
23:59<linbot>bob2: Point (0.34910242, 0.24423911) lies within the unit circle. Hits: 108196 of 137362 (π ≈ 3.150682139165126 - 0.009089485575333). http://π
23:59<rnowak>They are humans after all, we do appreciate a thanks once in a while
23:59<Daevien>elkingrey: you told it to only listen on certain ips. is the loopback ip, basically, an ip that only that machine can use to talk to itself. the ip is one that openvpn uses to talk to clients on teh vpn. your old setup let anyone know any o fyour ips use dnsmasq, which someone was exploiting
23:59<bob2>Musfuut, i do for big things, as long as it is snappy (so it doesn't bother them on a ticket that's been quiet for hours)
23:59<bob2>darkex, i don't think it is in that case
23:59<Kyhwana>elkingrey: think of dnsmasq as an old fashioned answering machine and each IP is a different phone socket. You plug the answering machine into the phone socket that has the IP ("phone numbers") you want it to answer on.
23:59<ajmitch>darkex: I don't know how the various carriers do their routing, I just know that in some cases it's screwy
23:59<bob2>suspect i'm just wrong
23:59<Kyhwana>There's also a master socket that is a party line for all the other phone numbers
23:59<Daevien>Musfuut: i usually post a thanks, everything is working, you can close this now on tickets
---Logclosed Thu Sep 08 00:00:03 2011