Back to Home / #linode / 2015 / 08 / Prev Day | Next Day
#linode IRC Logs for 2015-08-11

---Logopened Tue Aug 11 00:00:59 2015
00:02<rideh>and fixed. thanks everyone
00:02<praetorian>no problems, glad to help
00:04<rideh>you all have my pubkey now though :P
00:04<rideh>wait i didnt have to paste it, \o/
00:05<rideh>now to update the rest of my servers
00:05<praetorian>rideh: do you use github?
00:05<rideh>and bitbucket, gitlab, ....
00:05<rideh>soo many tools these days
00:06<praetorian>whats your github username?
00:06<rideh>on the plus side i use differnt ssh keys for all my various clients
00:06<rideh>so only this group of servers uses this key
00:06<rideh>aaroncaito i think
00:06<rideh>i dont know if i have any public projects there
00:07<praetorian>i have your public keys!
00:07<rideh>yeah thats my github key
00:07<praetorian>akerl, you need more keys.
00:07<rideh>made july 26
00:07<akerl>I think it's amusing that you use different keys for different services in case somebody were to steal your public key but you didn't keep the packages on your server up to date
00:08<akerl>seems like you may want to reprioritize
00:08<rideh>akerl you are absolutely right, nah i had to generate a bunch of keys lately
00:08<rideh>new job
00:08<rideh>i went with a diff key for each client, 1 for repos/public stuff, 1 for my old company
00:08<rideh>but hadnt updated my old company
00:09<akerl>Yes, I'm saying why
00:09<akerl>What is the benefit to using multiple private keys on a single device
00:09<rideh>hmm. because the onboarding process for clients is long enough at new job
00:09<rideh>so if one of them were to need to be replaced i'd hate to go through 3 weeks of onboarding for the rest to get in sync
00:10<akerl>I can't tell if I'm being trolled here
00:10<rideh>i wish
00:10<rideh>i've been at new job for 4 weeks and i'm only onboarded to 1/3 of our clients
00:10<rideh>some of them i have to take security testing and stuff (its sooo bad) before they will on board me
00:10<akerl>rideh: What is a situation where one private key in ~/.ssh/ on your machine is compromised, but not another?
00:11<rideh>its more a matter of client piece of mind
00:11<rideh>if one of our clients for instance wants us to renew keys every 6 months
00:11<rideh>i dont want to have to update everyone else
00:12<akerl>See, it's things like this that I'd consider to be red flags
00:12<rideh>its not so much my key being compromised as being in compliance with any stupid rules they have
00:12<rideh>which imo is bassackwards
00:12<akerl>Yea, I've found the best way to comply with stupid rules is via avoidance
00:13<rideh>one of our clients requires us use only their equipment
00:13<rideh>so they expect us to devops type stuff on a imaged machine with no admin
00:13<rideh>i dont deal with them, our guy who does flew to london so he could use his own equip
00:14<praetorian>too much Kore
00:15<praetorian>sounds a bit like too much PCI compliance/sabanes-crappy overhead.
00:15<praetorian>most people dont understand PCI
00:15<rideh>yeah we have cc processors/ banking / pharma /etc as clients
00:15<praetorian>"we want to be PCI compliant, so we cannot have credit card numbers in our system at all"
00:15<praetorian>"pci does not mean that, fucktard"
00:15<synapt>I'll never entirely understand that
00:15<synapt>the PCI compliance checklist is like
00:16<synapt>super stupid simple
00:16<akerl>praetorian: Not gonna lie, not storing credit cards seems like an A++ strategy from where I'm sitting
00:16-!-RyanKnack [] has joined #linode
00:16<akerl>And also a prime example of the avoidance strategy, effectively utilized
00:16<praetorian>akerl: yeah, but there is lots you lose in trying to counteract fraud.
00:16<rideh>praetorian depends i think
00:17<praetorian>also, if you use tokenised cards from a 3rd party, like your bank, you tie yourself into them for life.
00:17<praetorian>"lets move to system x, but oh. all those details we have of people, are null and void"
00:18<rideh>braintree offers an exit plan
00:18<rideh>but many dont
00:18<praetorian>i'm in in th US
00:18<praetorian>s/m in/m not
00:18<dwfreed>i'm not sure i want to know what braintree's exit plan is
00:18<rideh>dwfreed burn everything
00:18<praetorian>.zip file with a password via email
00:18<dwfreed>praetorian: ohgod
00:18<akerl>Password sent in followup email
00:18<praetorian>i jest.
00:18<praetorian>akerl: 2 follow up emails
00:18<dwfreed>praetorian: i know
00:19<dwfreed>password is distributed in pieces to every C*O of the company; you must combine all the pieces to make the password
00:19<praetorian>anyway, it's easy to mitigate your pci compliance, depending on factors.
00:19<akerl>dwfreed: shameers secrets, yo
00:20<dwfreed>akerl: that's what I was thinking of, couldn't remember the name
00:20<akerl>Shamir*, but yes
00:20<praetorian>by your passwords combined, i am captain planet.
00:20<akerl>praetorian: Basically
00:20<dwfreed>and having any set of less than the required number of passwords doesn't help you any more than having 1 or none
00:21<dwfreed>it's a pretty neat protocol
00:21<akerl>the threshold bit is interesting, where any k of n is sufficient to decrypt
00:21<dwfreed>and there are interesting ways to implement that, like using polynomials
00:22<+linbot>New news from forum: General Discussion • Can not Reverse DNS <>
00:23<Nightmare>darn, I hate it when you can't reverse DNS
00:32-!-ctpdump [~tcpdump@2607:5300:60:419e:5555:5555:ce5c:c64f] has quit [Remote host closed the connection]
00:35-!-Cromulent [] has quit [Quit: KVIrc 4.2.0 Equilibrium]
00:35-!-rideh [] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
00:36-!-rideh [] has joined #linode
00:36<Ikaros>I mean come on, the message is self-explanatory.
00:43-!-sandeep [~sandeep@] has joined #linode
00:44-!-^ziport^ [] has joined #linode
00:48-!-ziport [~ziport@] has quit [Ping timeout: 480 seconds]
00:50-!-Ikaros [] has quit [Remote host closed the connection]
00:52<+linbot>New news from forum: General Discussion • Can not Reverse DNS <>
00:53<retro|blah>But what does that mean???
00:55<akerl>Usually means the clutch is going bad
00:56<rideh>bah ok all keys changed passwords changed time for bed
00:57-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
00:57<rideh>o/ linode
00:58-!-rideh [] has quit [Quit: Textual IRC Client:]
00:59-!-andygraybeal [] has quit [Ping timeout: 480 seconds]
01:08-!-andygraybeal [~andy@] has joined #linode
01:12-!-Ikaros [] has joined #linode
01:13-!-EyePulp [] has quit [Remote host closed the connection]
01:14-!-EyePulp [] has joined #linode
01:19<dcraig>I find my linode is most ticklish behind the ssd
01:27<Ikaros>...I won't even ask why you said that or what the conversation I missed was about.
01:28<dcraig>are you ticklish, Ikaros?
01:28-!-Guest1441 [~lex@2001:470:b:3e3:640c:7a0a:d8ee:8de8] has quit [Remote host closed the connection]
01:29-!-lex [~lex@2001:470:b:3e3:a52e:f478:c4e1:2a6f] has joined #linode
01:30-!-lex is now known as Guest1538
01:30<Ikaros>That's an odd question to ask.
01:34<zifnab>of course he is
01:34<zifnab>everyone is
01:42-!-d4rker [~oftc-webi@] has joined #linode
01:43<d4rker>Tokyo, JP why not in Location?
01:43<arlen>because it's full
01:46<synapt>poor tokyo
01:46<d4rker>is there has other better choose for chinese people?
01:47<arlen>check the speedtests
01:47<dcraig>my friend has a tokyo linode
01:47<dcraig>I'm sure, for the right price, he'd transfer it to your account
01:48<dcraig>I wonder if any linode policy prohibits this...
01:48*Ikaros looks at dcraig
01:48<arlen>1 penny
01:48<d4rker>others are not satisfied~
01:48*dcraig looks at Ikaros' tickle zone
01:49<Ikaros>Next best option then, would be Singapore.
01:50<dcraig>most chinese people I know would be best served by the california datacenter
01:50<d4rker>maybe you're right~
01:50<Ikaros>dcraig do us all a favor and zip your lip
01:51<dcraig>didn't like me peeping you tickle zone?
01:51*Ikaros ignores dcraig
01:52-!-zivester [] has quit [Ping timeout: 480 seconds]
01:53<arlen>grumpy goose
01:54<Ikaros>d4rker: In any case try setting up in Singapore. Tokyo's just been full more often than not due to high demand. They're working on plans to perhaps expand Tokyo offerings one day, but in the meantime Singapore's probably going to be the next closest option, give it a shot.
01:54<d4rker>thank you~
02:04-!-d4rker [~oftc-webi@] has quit [Quit: Page closed]
02:15<+linbot>New news from forum: Web Servers and Web App Development • Daily my DB is crashing <>
02:22-!-vinoth [] has joined #linode
02:23<vinoth>please any one give solution for this post
02:31-!-dmarr_ [] has quit [Remote host closed the connection]
02:51-!-ideopathic [] has joined #linode
02:51-!-HeavyMetal [] has quit [Quit: BNC Services Provided by The ASoTnet IRC Network.]
02:57-!-dpm [] has joined #linode
03:09-!-ziport [~ziport@] has joined #linode
03:10-!-aspis_ [~aspis@] has joined #linode
03:11<rweir>get a sysadmin or pay for linode support
03:12<rweir>though the problem is likely max_clients in your apache config
03:15-!-^ziport^ [] has quit [Ping timeout: 480 seconds]
03:32<vinoth>Will this help if add this configuration in Apache -
03:35<+linbot>New news from forum: Web Servers and Web App Development • Daily my DB is crashing <>
03:45-!-acald3ron [~acald3ron@] has quit [Ping timeout: 480 seconds]
03:50-!-dpm [] has quit [Quit: Ex-Chat]
04:01-!-neo [~oftc-webi@] has joined #linode
04:01-!-neo [~oftc-webi@] has left #linode []
04:02-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
04:04-!-HeavyMetal [] has joined #linode
04:16-!-Pupeno [~pupeno@2001:8b0:811:4387:18e0:47af:1c54:b7f7] has joined #linode
04:19-!-dpm [] has joined #linode
04:23-!-vinoth [] has quit [Quit: Page closed]
04:26-!-aspis_ [~aspis@] has joined #linode
04:31-!-getsmart [] has joined #linode
04:39<xar>MaxClients at 1000 with 1GB of memory, yup, should work just fine
04:40-!-d1g1t [~sandeep@] has joined #linode
04:40-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
04:41-!-d1g1t [~sandeep@] has quit []
04:44-!-d1g1t [~sandeep@] has joined #linode
04:46-!-sandeep [~sandeep@] has quit [Ping timeout: 480 seconds]
04:49-!-david_ [] has joined #linode
04:50-!-david_ [] has quit []
05:17-!-dominika [] has joined #linode
05:20<dominika>could someone provide me with information how fast is the restore of the backups you are offering?
05:27-!-dominika [] has quit [Quit: Page closed]
05:43<encode>well i can't now, can I?
05:48-!-BORIN [] has joined #linode
05:48-!-BORIN [] has quit []
05:57-!-AnonymousCrab [~marcel@] has joined #linode
05:57-!-AnonymousCrab is "Unknown" on #linode #
06:00-!-AnonymousCrab [~marcel@] has left #linode []
06:09-!-caceyjones [] has joined #linode
06:21-!-user__ [] has quit [Ping timeout: 480 seconds]
06:39-!-Tahir [~oftc-webi@] has joined #linode
06:39<Tahir>Hi support team.
06:40<HoopyCat>who? where?
06:40<Tahir>I want to get some information about my server against
06:41<rsdehart>HoopyCat: I think we were just hired by linode
06:42*encode volunteers to be paid by linode
06:42<encode>Tahir: what information were you after?
06:42<Tahir>can you pleas tell me its detail RAM, Speed, HD and which did location..
06:42<rsdehart>we the community don't have that information
06:42<rsdehart>though it should be available from the dashboard
06:43<HoopyCat>Tahir: we are not linode support, and linode support would not tell you that anyway (unless you opened a support ticket from that account, of course)
06:43<Tahir>can you pass the support team link
06:43*Rainbow hired rsdehart, outsources her work.
06:44-!-Tahir [~oftc-webi@] has quit [Quit: Page closed]
06:44<HoopyCat>This hour of #linode is sponsored in part by Pipesurance Limited.
06:46<+linbot>New news from forum: Web Servers and Web App Development • Daily my DB is crashing <>
07:02-!-steveski [] has joined #linode
07:05-!-EyePulp [] has quit [Remote host closed the connection]
07:05-!-EyePulp [] has joined #linode
07:10-!-Buyer [] has joined #linode
07:10<Buyer>Is there any Microsoft plan?
07:10-!-dbrown_ is now known as dbrown
07:12<amelia>Burn Microsoft... That's the plan :)
07:13<rnowak>that is so original
07:13-!-dbrown [~quassel@2600:3c03::f03c:91ff:fe18:2d08] has left #linode [ - Chat comfortably. Anywhere.]
07:14-!-user__ [] has joined #linode
07:16<+linbot>New news from forum: General Discussion • Can not Reverse DNS <>
07:19<encode>Buyer: theoretically you can run windows on the new KVM linodes
07:20<encode>Buyer: check out
07:22<Peng>You probably shouldn't rely on it, though, should you?
07:22<encode>well i certainly wouldn't
07:22<Buyer>Thanks. I am checking
07:23-!-user__ [] has quit [Ping timeout: 480 seconds]
07:24<Peng>Linode is primarily Linux.
07:24<Peng>You can upload whatever OS you want, and it'll probably work, but...
07:24<encode>i wouldn't expect to get much support if you install windows and it breaks
07:25-!-xxh91 [] has joined #linode
07:28-!-EyePulp [] has quit [Remote host closed the connection]
07:28<HoopyCat>i'd not expect much support from microsoft, either. (can you even get a license for non-azurean clouds?)
07:28<HoopyCat>(answer is "probably yes, for the right price" but i just wanted to say "non-azurean")
07:33<encode>yeah licensing would be a grey area, and probably an expensive grey area
07:35<@Rainbow>Hey Peng
07:35<@Rainbow>got a question for you
07:38-!-ang [] has quit [Ping timeout: 480 seconds]
07:40<Peng>Rainbow: Oh?
07:40<@Rainbow>Whatchu got against cloudsdale :<
07:41*Rainbow is sad because of Peng
07:42<@Rainbow>dun dun dun
07:42<@Rainbow>So whatchu got against cloudsdale, peng? x3
07:43<Peng>I've been trying to figure out a way to answer that question with a pony pun.
07:43<@Rainbow>Peng likes ponies?
07:44<Peng>In hostnames? Absolutely. In real life? ...They're kind of imposing.
07:45<@Rainbow>I meant more in the cartoon horse sense x3
07:52<@Rainbow>Though I'm sure you could infer that from the hostname :p
07:55-!-jasonm [] has joined #linode
07:59<G>well that is fun, my Linode seems to be on the Microsoft RBL, but no other.... hope MS aren't using > /32 blocks and catching people in cross fire
07:59-!-fstd [] has quit [Remote host closed the connection]
07:59-!-fstd [] has joined #linode
08:00<G>Anyone else had surprise blacklistings from MS with Linode, seems to be relatively common online
08:04<Buyer>So we can make a conclusion. MS is not matching with Linode?
08:05<jasonm>It was a royal pain to fix too
08:07<Peng>Buyer: "matching"?
08:10<G>jasonm: crap, how long did it take for you guys to fix?
08:10-!-getsmart [] has quit [Quit: Leaving]
08:10<jasonm>we are talking about being blocked by M$ email servers right?
08:10<G>jasonm: yep
08:11<jasonm>yah, they suck ass
08:11<jasonm>hold a sec
08:11<G>(this isn't MS themselves, it's a university that uses their blacklist....)
08:11<jasonm>I have a feeling they are all connected?
08:11<jasonm>what does your log say specifically?
08:12<G>points to a MS delist address
08:12<jasonm>what server is rejecting it?
08:12<jasonm>well that was a lot better than what I had to do ;)
08:12<jasonm>it could be different
08:14<jasonm>yah, let me see if I can find anything
08:14<jasonm>from when I did it
08:15-!-Dedalo [] has joined #linode
08:15-!-user [] has joined #linode
08:16-!-user is now known as Guest1566
08:16<jasonm>Unfortunately I'm not sure which process got my IP de-listed
08:17-!-Sputnik7 [] has quit [Quit: -=SysReset 2.53=-]
08:17<G>The e-mail I sent in was along the lines of "the IPs are owned by Linode and generally assigned to different servers used by different people, so if it's a block bigger than a /32 I assume I'm caught unintentionally"
08:18<rnowak>"Dear G, may we recommend Azure?"
08:18<G>rnowak: to which I'll reply "have you considered buttplugs?" :P
08:19<jasonm>The last email I remember sending said something like "How much do your email admins make a year? I want quadruple and I want the current admins to give me shoulder rubs and bring me coffee while I fix shit"
08:19<jasonm>something like that
08:19<jasonm>I was kinda pissed off
08:19<jasonm>seeing that I spent an entire day trying to fix something that shouldn't have been broken in the first place
08:21<jasonm>I actually submitted delists quite a few times from quite a few different areas
08:21<jasonm>be sure to send the delist from some where like gmail or yahoo mail so you can actually receive their reply ;)
08:23-!-Guest1566 [] has quit [Ping timeout: 480 seconds]
08:24<G>jasonm: nah I got a ticket ID in reply so all good there I hope
08:24<jasonm>It took them all day to actually fix the error for me
08:24<jasonm>I guess that will depend greatly on how busy they are
08:25<rnowak>an entire day?! what has the world come to
08:25<G>a day in e-mail goul sounds pretty horrible though
08:25<jasonm>rnowak: Can you work all day for free and be happy?
08:26<jasonm>and also look bad to your customers because you can't get mail through to them, however it's not your fault?
08:27<jasonm>I work for myself and time is money. I don't have the luxury to consume a salary check no matter if I'm productive or not like many...
08:31-!-Alan [] has quit [Quit: leaving]
08:35-!-larsdesigns [] has quit [Quit: Leaving]
08:38-!-VsioZaebis [] has quit [Quit: closing IRC]
08:38-!-Alan [] has joined #linode
08:46<+linbot>New news from forum: Web Servers and Web App Development • Daily my DB is crashing <>
08:46-!-Lever [] has joined #linode
08:52-!-tusk_ [~tusk_@] has quit [Remote host closed the connection]
08:53-!-niemeyer [~niemeyer@] has joined #linode
08:55-!-Alan [] has quit [Quit: leaving]
08:55-!-Alan [] has joined #linode
08:56-!-xxh91 [] has quit [Read error: Connection reset by peer]
08:59-!-Lever [] has quit [Remote host closed the connection]
09:02-!-zivester [] has joined #linode
09:05-!-itgeek [] has joined #linode
09:06-!-itgeek [] has quit []
09:11-!-EyePulp [~EyePulp@] has joined #linode
09:13-!-^ziport^ [~ziport@] has joined #linode
09:17-!-bora [~oftc-webi@] has joined #linode
09:17<bora>i have a web site using wordpress with digitalocean with 2GB or Ram and 2 CPU
09:17<bora>but my site alway down
09:18<bora>due to CPU run almost 99 %
09:18<bora>i have visite around 500 at the same time
09:18-!-ziport [~ziport@] has quit [Ping timeout: 480 seconds]
09:18<bora>so any one can recommend wich plan is right for my current visiter
09:18-!-RumpledElf [] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
09:20<synapt>If you optimize properly a 2GB linode would probably work fine, rig up an actual efficient set up and use memcache/opcode caching stuff
09:21-!-Jordack [] has joined #linode
09:21<bora>i have plesk install
09:22<bora>so how can i optimize
09:24-!-getsmart [] has joined #linode
09:24<getsmart>j #linode
09:25<jasonm>bora: have you tried WPSuperCache?
09:25<jasonm>it's a quick way to get some better performance and super easy to setup
09:28<synapt>Super cache is indeed at minimum a generic way to improve things
09:29<jasonm>I guess memcache is kinda generic too then? ;)
09:29<synapt>Eh? Since when does SuperCache use memcached?
09:30<jasonm>I didn't say it did, what makes SuperCache generic and memcached not?
09:30-!-bora [~oftc-webi@] has quit [Ping timeout: 480 seconds]
09:30<synapt>The fact that file-based caching is generally generic compared to more performant alternatives such as memcached, and the reason memory based caching solutions like memcached, redis, etc exist
09:31<jasonm>interesting way of thinking about it ;)
09:32<synapt>Also a common way of thinking about it considering it's normally treated as the main way to do stuff if you can't/don't want to install extra stuff like memcached, since file-level caching otherwise doesn't need anything really extra
09:32<jasonm>I don't disagree memcache is the king compared to file based caching
09:32<jasonm>I just don't really get the "generic" name tag you have given it
09:32<jasonm>is all
09:33<grawity>maybe they have an odd definition of 'generic'
09:33<jasonm>seems so
09:33<rnowak>local memcached vs local filesystem, which will be cached in ram by your operating system, I'm not so sure
09:34<synapt>Sure I guess, myself and the majority of people I've worked with over the years, guess we're all just 'weird', oh well
09:34<jasonm>local memcache is questionable
09:34<jasonm>I have only used it on a remote instance
09:34<jasonm>so it has all it's resources to itself
09:35<synapt>Can work just as well depending on the loads/needs
09:35<synapt>local or remote, memcached alone can generally dramatically reduce loads on a system
09:36<rnowak>if it isn't going to be shared by multiple consumers of the same data, chances are that local filesystem caches would perform better if duplication isn't a concern
09:36<jasonm>but the question is, local, will it reduce the load of a local file based cache?
09:36<jasonm>of course it will reduce the load of a base wordpress site that hits the DB every request
09:36<jasonm>but if that is being handled by some caching plugin, how much will memcached reduce it from there?
09:37<synapt>rnowak: How would general file system (ie disk reads) ever perform better than RAM? Even with an SSD the potential speed is very different
09:37<rnowak>synapt: good thing that operating systems have filesystem caches
09:37<jasonm>if it gets accessed it's in caches
09:37<jasonm>Linux does an amazing job at buffering and caching filesystems
09:37<synapt>jasonm: General point to using something like memcached would to -not- use the local file cache as well, mainly with DB oriented stuff (which is where most of the loads usually come from)
09:38<synapt>By local file cache I'm talking about the shit that things like WP Super Cache do
09:38<jasonm>synapt: you have a wordpress site with wp super cache, you remove it, and use memcache instead
09:38<synapt>ie; "saves" a copy of the total page as a static .html file and re-serves that up 'cached'
09:38<rnowak>synapt: yes
09:38<jasonm>how much of a difference would it make?
09:38<rnowak>and then the operating system notices that the file's pages are being accessed a lot, and it shoves them in the filesystem cache
09:38<rnowak>you won't be hitting the underlying storage device all the time
09:39<jasonm>not for heavily accessed material
09:39<synapt>rnowak: I'd rather stuff it into memory from the start, than wait for the filesystem to feel a file has been "Accessed a lot" first
09:39<jasonm>which is usually only a small portion of a site
09:39<jasonm>synapt: it's rather quick for it to feel it's accessed a lot ;)
09:39<rnowak>synapt: you've got no clue what you're talking about, it is clear, but that's par for the course with you, I've noticed
09:40<synapt>rnowak: Right, sure, okay, because clearly the filesystem will put stuff into memory far faster than literally putting it in from the very start
09:40<synapt>clearly it puts stuff into the filesystem so fast it jumps back in time to do it
09:40<synapt>You're right, memcached has nothing on that
09:40<jasonm>Why can't we all get along?
09:41<jasonm>There are Windows users to bicker with
09:41<synapt>Mainly because of the elitist twatballs who jump to the "herpderp you don't know what you're talking about" when people disagree with them
09:41<jasonm>I can agree with that a bit ;)
09:42<synapt>I'm sure you can, yet doesn't change the fact you're trying to state a filesystem is going to system cache a file faster than you literally, on the first request, caching it yourself
09:42<jasonm>I'm actually trying to see if someone has done a benchmark between the two
09:42<jasonm>synapt: well
09:42<rnowak>it is a bit absurd to talk about the performance penalty of letting the OS-level filesystem cache getting warmed up when we're talking about the performance of a single system application-level fs cache or memcached cache
09:42<jasonm>Linux caches from the get-go on writes
09:42<jasonm>which means reads
09:42<jasonm>as well
09:43<synapt>rnowak: I don't believe at ny point I literally used the word "Penalty", all I said is I would rather cache it myself and save time and effort, especially if I have plenty of RAM to work with
09:43<jasonm>so if it's hit hardly at all it will always be in cache from the get-go
09:43<rnowak>postgresql relies in practice completely on the OS level FS cache for its data pages, and it doesn't take much to get it hot
09:43<synapt>and from that you managed to go full-dick as usual
09:43<synapt>And that's nice I guess
09:44<synapt>if we pretend every single person is using pgsql (especially in a Wordpress conversation which is, natively, mysql only)
09:44<synapt>cause that logic totally works
09:44<rnowak>synapt: with memcached, you also have another cogwheel in the system that needs TLC
09:44<rnowak>synapt: no, the point with that remark being that it is good enough for complex RDBMSs, which makes it probably good enough for your blag
09:45<synapt>Well if he has 500 concurrent hits tanking a 2GB VPS, I'm going to guess that no, his MySQL (which I imagine by default is rolling innodb for wordpress) isn't good enough in the process
09:46<synapt>I mean even if he went with mariadb + XtraDB, which is a bit more efficient, he'd still likely want some level of caching at the wordpress level, whether SuperCache, WP-FFPC or WP-Redis
09:46<rnowak>sure, "it" there being the OS-level FS page cache
09:47<synapt>(Assuming WP-FFPC is still the main memcached plugin for WP)
09:50<rnowak>if you can afford to use sendfile ( ) on your dumped-to-filesystem cached things, performance would be close to as good as it can get on a single system... but there are plenty of times where you wouldn't be able to use it
09:51-!-bbankes [] has quit [Ping timeout: 480 seconds]
09:52-!-spiki [] has joined #linode
09:56-!-The-spiki [] has quit [Ping timeout: 480 seconds]
09:57-!-zoid_ [~zz@] has joined #linode
10:01-!-user [] has joined #linode
10:02-!-user is now known as Guest1583
10:04<dzho>rnowak: long time no see!
10:05-!-bbankes [] has joined #linode
10:05<rnowak>dzho: hello
10:07<dzho>a discussion of technical performance questions, how droll. When will we return to the usual chatter about when our pending accounts, which we've attempted to create with possibly dodgy payments methods, will be activated?
10:08-!-zivester [] has quit [Ping timeout: 480 seconds]
10:08<rnowak>does linode support paypal?
10:08<rnowak>dzho: I hope that helps
10:09-!-Guest1583 [] has quit [Ping timeout: 480 seconds]
10:11<dzho>it'll tide me over
10:12<avenj>I will trade you eighteen goats for one linode
10:12<avenj>admin pls approve?
10:12<dzho>avenj: have you checked your email?
10:12<dzho>rnowak: (am I doing it right?)
10:12<avenj>actually someone wrote a poem about this once
10:12-!-VsioZaebis [] has joined #linode
10:12<rnowak>only if the email contained instructions on how to upload a photo of his passport
10:12<avenj>quotefile <kronzy> please active the account <Gilded> Roses are red / Violets are blue / Linode admin?? / Please active the account
10:13<rnowak>but, 18 goats? that should be worth quite a bit
10:13<avenj>it was so beautiful I cried a little
10:15-!-lucas_ [] has joined #linode
10:15<lucas_>I'd like to use your vps, but probably I will need it only for 1 month (maybe again in next year). What should I do? Pay a monthly signature and cancel it in end of month? will I have to pay taxes for cancelling?
10:16<Peng>Yes. Start now, cancel whenever.
10:16<lucas_>no taxes?
10:16<Peng>Linode doesn't penalize you for deleting a VPS.
10:17<lucas_>ok, thank you
10:17-!-Bucket [] has joined #linode
10:17<Peng>lucas_: You don't have to cancel your account, by the way. Just delete your VPS or VPSes.
10:17<Bucket>good morning everyone
10:17<jasonm>yes, leave your account active
10:17<jasonm>just don't have any servers in it and you won't be billed
10:18-!-Bucket is now known as Guest1587
10:18-!-Guest1587 is now known as BucketMS
10:18<lucas_>i'd like to use a vps for proxy tunnelling a game...good connection, right?
10:18<BucketMS>I'm curious what the cpu specs are for the linodes
10:18-!-Lever [] has joined #linode
10:18-!-caceyjones [] has quit [Quit: Lost terminal]
10:19<BucketMS>like, per core
10:19<Peng>BucketMS: They currently use Xeon E5-2680 v2 and v3 CPUs
10:19<Peng>BucketMS: A core is... a core.
10:19<Peng>lucas_: Yes, but you *are* quite far away...
10:20<BucketMS>ok and if i am looking at running a minecraft server only on a linode, which package would be recommended?
10:20-!-luca [] has quit [Quit: Lost terminal]
10:20<@Rainbow>BucketMS, depends on how big your world is.
10:20<lucas_>yes i'm far away...thats why I need to use a proxy :/
10:20<@Rainbow>Linode 1Gb can easily handle a small to midsize world
10:21<BucketMS>Rainbow: well it would be just starting out, and growing from there
10:21<@Rainbow>but if you plan on having ALL the things, consider upgrading when needed to a larger size
10:21<Peng>Depending on how much it grows, you might need to upgrade.
10:21<BucketMS>all the things, such as?
10:21*Rainbow shrugs
10:21<@Rainbow>I dunno. All I ever do when I MC is blastmine, or try and make the nether vaguely habitable. Or trains. I like trains.
10:22<BucketMS>lol. well, i'm thinking i'd want to do some mods, but keep it semi-vanilla.
10:22<BucketMS>grief protection, survival, not sure what else
10:23<BucketMS>maybe plots
10:23<lucas_>in what state "US East" servers are located?
10:23<BucketMS>lucas_: looks like Newark, NJ
10:24<lucas_>ok, thanks
10:24<@Rainbow>BucketMS, yeah, a 1GB should be fine to start
10:24<BucketMS>okay, thanks Rainbow. :D
10:24-!-BucketMS [] has quit [Quit: Page closed]
10:26-!-lucas_ [] has quit [Quit: Page closed]
10:26<Peng>How does signing up under metered billing work? Do you get charged a few bucks?
10:27-!-GnikLlort [] has joined #linode
10:31-!-hfb [] has quit [Quit: Leaving]
10:37-!-vl [] has joined #linode
10:39-!-acald3ron [~acald3ron@] has joined #linode
10:41<vl>Is anybody from support here?
10:42<@ccravens>Hi, vl. This is the community channel. Sometimes there are support people here, but not always.
10:43<@ccravens>If you have a support issue, I recommend you open a ticket... support will get with you as quickly as they can.
10:44<vl>Thank you!
10:44-!-vl [] has quit [Quit: Leaving]
10:47-!-adrian [] has joined #linode
10:52-!-rpm [] has joined #linode
10:57-!-seanh-corona [~Adium@2601:646:8101:3df0:3636:3bff:fec9:710e] has joined #linode
11:02-!-user__ [] has joined #linode
11:02-!-therock247uk [] has joined #linode
11:04-!-aspis_ [~aspis@] has joined #linode
11:04-!-v0lksman_ [] has quit [Ping timeout: 480 seconds]
11:05-!-seanh-corona [~Adium@2601:646:8101:3df0:3636:3bff:fec9:710e] has quit [Quit: Leaving.]
11:10-!-cps [] has joined #linode
11:10-!-user__ [] has quit [Ping timeout: 480 seconds]
11:13-!-cps [] has quit []
11:14-!-cps [] has joined #linode
11:14-!-GnikLlort [] has quit [Quit: Leaving]
11:17<+linbot>New news from forum: Web Servers and Web App Development • Problem with Transaction rate not increasing on Server size upgrade <>
11:18-!-hfb [] has joined #linode
11:33-!-delta45 [] has joined #linode
11:36-!-scorche|sh [] has joined #linode
11:37<+linbot>New news from forum: General Discussion • Can not Reverse DNS <>
11:47-!-zoid_ [~zz@] has quit [Remote host closed the connection]
11:48-!-zoid_ [~zz@] has joined #linode
11:51-!-ChrisHumphreys [] has quit [Ping timeout: 480 seconds]
11:53-!-fergtm [] has quit [Ping timeout: 480 seconds]
11:56-!-Pupeno [~pupeno@2001:8b0:811:4387:18e0:47af:1c54:b7f7] has quit [Quit: Leaving...]
11:56-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
11:59-!-zoid_ [~zz@] has quit [Remote host closed the connection]
12:00-!-zoid_ [~zz@] has joined #linode
12:06-!-fergtm [] has joined #linode
12:07-!-ideopathic [] has quit [Quit: ideopathic]
12:17-!-jasonm [] has quit [Ping timeout: 480 seconds]
12:18-!-jasonm [] has joined #linode
12:25-!-anew [] has joined #linode
12:32-!-user___ [] has joined #linode
12:34-!-acald3ron [~acald3ron@] has quit [Remote host closed the connection]
12:40-!-delta45 [] has quit [Quit: Page closed]
12:41-!-user___ [] has quit [Ping timeout: 480 seconds]
12:41-!-VsioZaebis [] has quit [Quit: closing IRC]
12:41-!-InstantAPI [] has joined #linode
12:52-!-niemeyer [~niemeyer@] has quit [Ping timeout: 480 seconds]
12:52-!-unnamed [] has joined #linode
12:53-!-unnamed [] has quit []
12:55-!-dpm [] has quit [Ping timeout: 480 seconds]
12:57<+linbot>New news from forum: Email/SMTP Related Forum • Unable to use mail command on CentOS 7 <>
12:59-!-seanh-corona [~Adium@] has joined #linode
12:59-!-ideopathic [] has joined #linode
13:00-!-Xuefer [~taCo@] has joined #linode
13:03-!-fstd_ [] has joined #linode
13:04-!-Xuefer_gnPxo [~taCo@] has joined #linode
13:04-!-Xuefer is now known as Guest1594
13:04-!-Xuefer_gnPxo is now known as Xuefer
13:04<Xuefer> it seems China is making some action on cross-country network traffic recently
13:05-!-user [] has joined #linode
13:05-!-user is now known as Guest1595
13:06-!-RoosterJuice [~Gavan@] has joined #linode
13:11-!-fstd [] has quit [Ping timeout: 480 seconds]
13:11-!-fstd_ is now known as fstd
13:11-!-Guest1594 [~taCo@] has quit [Ping timeout: 480 seconds]
13:13-!-Lever [] has quit [Ping timeout: 480 seconds]
13:14-!-niemeyer [~niemeyer@] has joined #linode
13:20-!-Mohit [~oftc-webi@] has joined #linode
13:21-!-Mohit [~oftc-webi@] has quit []
13:21-!-d1g1t [~sandeep@] has quit [Quit: d1g1t]
13:24-!-selsta_ [] has joined #linode
13:27-!-selsta [] has quit [Ping timeout: 480 seconds]
13:28-!-jsager [~jsager@2600:3c03::f03c:91ff:fe56:c758] has quit [Quit: WeeChat 1.1.1]
13:30-!-rpm [] has quit [Quit: Page closed]
13:30-!-jsager__ [~quassel@2600:3c03::f03c:91ff:fe56:c758] has quit [Remote host closed the connection]
13:32-!-jsager [] has joined #linode
13:34-!-Buyer [] has quit [Ping timeout: 480 seconds]
13:38-!-bbankes [] has quit [Ping timeout: 480 seconds]
13:40-!-Xuefer [~taCo@] has quit [Quit: hAvE yOu mOOEd tOdAY]
13:46-!-HurinThalion [] has joined #linode
13:52-!-^ziport^ [~ziport@] has quit [Ping timeout: 480 seconds]
13:55-!-blaflamme [] has quit [Quit: Textual IRC Client:]
13:57-!-blaflamme [] has joined #linode
14:00-!-aspis_ [~aspis@] has joined #linode
14:00<grawity>must say that's a nice IP address
14:02<synapt>I want but AT&T still owns it :(
14:02<synapt>damned hoarders
14:10-!-jsager1 [~jsager@2600:3c03::f03c:91ff:fe56:c758] has joined #linode
14:14-!-BlindSight [] has quit [Read error: Connection reset by peer]
14:15-!-BlindSight [] has joined #linode
14:15-!-toastedpenguin1 [] has quit [Read error: Connection reset by peer]
14:15-!-toastedpenguin [] has joined #linode
14:16-!-Typo [] has quit [Remote host closed the connection]
14:16-!-Typo [] has joined #linode
14:17<SNy>grawity: would also work. Had access attempts lately from 1.234.45.something.
14:18-!-power_piglet [~quassel@2601:1c0:c101:c81:cd3d:8b16:5249:5430] has quit [Quit: No Ping reply in 180 seconds.]
14:18-!-nisstyre [] has quit [Remote host closed the connection]
14:19-!-power_piglet [~quassel@2601:1c0:c101:c81:21b1:123b:ff2c:5eb7] has joined #linode
14:19<jsager1>b 1
14:19-!-Jordack [] has quit [Read error: Connection reset by peer]
14:19-!-Jordack [] has joined #linode
14:19<Peng>SNy: Hmm. It's a South Korea broadband company. Up for a move? :D
14:19-!-Jordack1 [] has joined #linode
14:20-!-Jordack [] has quit []
14:20-!-Jordack1 [] has quit []
14:20-!-wblew [~pepsi@] has quit [Ping timeout: 480 seconds]
14:20<SNy>Dunno. If you got a job in Seoul for me, maybe? :P
14:22-!-selsta_ [] has quit [Remote host closed the connection]
14:22-!-jsager1 [~jsager@2600:3c03::f03c:91ff:fe56:c758] has quit [Quit: WeeChat 1.1.1]
14:26<Peng>I dunno. What do you think of a career in the US Army? I might know someone.
14:28-!-niemeyer [~niemeyer@] has quit [Ping timeout: 480 seconds]
14:30<dr_jkl>why is fremont having so many issues lately
14:30<dr_jkl>did HE forget to feed the hampster?
14:32<Peng>maybe it's run on water wheels and almonds
14:32-!-arooni-mobile [~arooni-mo@2602:306:ccf7:7450:41b9:960e:7547:e48a] has quit [Remote host closed the connection]
14:33<dr_jkl>Every time I open a ticket about it I get some noncomittal bullshit about how had an outage or I'm not giving them a traceroute blessed by cthulhu or something
14:34-!-seanh-corona1 [~Adium@2601:647:4d03:58f0:8d52:f75d:c007:daec] has joined #linode
14:34-!-seanh-corona [~Adium@] has quit [Read error: Connection reset by peer]
14:36-!-The-spiki [] has joined #linode
14:37-!-jsager is now known as Guest1609
14:39-!-user [] has joined #linode
14:39-!-Guest1595 [] has quit [Ping timeout: 480 seconds]
14:39-!-user is now known as Guest1610
14:40-!-spiki [] has quit [Ping timeout: 480 seconds]
14:45-!-sandy [] has joined #linode
14:46<sandy>i want backup of my file
14:49-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
14:49-!-spiki [] has joined #linode
14:55-!-NomadJim__ [] has joined #linode
14:55-!-NomadJim_ [] has quit [Read error: Connection reset by peer]
14:55-!-Ttech [] has quit [Quit: Este é o fim.]
14:55<Ryon>sandy: okay so downoad your file(s)
14:57-!-The-spiki [] has quit [Ping timeout: 480 seconds]
15:00-!-bbankes [] has joined #linode
15:00-!-seanh-corona1 [~Adium@2601:647:4d03:58f0:8d52:f75d:c007:daec] has quit [Read error: Connection reset by peer]
15:00-!-seanh-corona [~Adium@2601:647:4d03:58f0:8d52:f75d:c007:daec] has joined #linode
15:00-!-user__ [] has joined #linode
15:01-!-Ttech [] has joined #linode
15:02-!-cjbischoff [] has quit [Ping timeout: 480 seconds]
15:03-!-greggypoo [] has joined #linode
15:03-!-greggypoo [] has quit []
15:03-!-cjbischoff [] has joined #linode
15:03-!-greggypoo [] has joined #linode
15:05-!-Guest1610 [] has quit [Ping timeout: 480 seconds]
15:06-!-dankles [~dankles@2600:3c02::f03c:91ff:fedb:deed] has quit [Quit: brb]
15:07-!-niemeyer [~niemeyer@] has joined #linode
15:12-!-InstantAPI [] has quit [Ping timeout: 480 seconds]
15:12-!-bbankes_ [] has joined #linode
15:13-!-user___ [] has joined #linode
15:16-!-Levers [] has joined #linode
15:17-!-acald3ron [~acald3ron@] has joined #linode
15:18-!-user__ [] has quit [Ping timeout: 480 seconds]
15:18-!-bbankes [] has quit [Ping timeout: 480 seconds]
15:21-!-joshteam [] has joined #linode
15:24-!-v0lksman [] has joined #linode
15:27<HurinThalion>hey, anyone here use aufs?
15:27-!-getsmart [] has quit [Quit: Leaving]
15:27-!-sandy [] has quit [Quit: Page closed]
15:30-!-greggypoo [] has quit [Quit: i guess it was my isp]
15:32<swajr>so the blog post announced full HVM soon. Is that ready yet? I.E. can we run Windows guests yet?
15:34<Peng>People run Windows. Not that they should. >:|
15:34<swajr>meh, forget that noise
15:35<swajr>is the process for installation still "build VM in virtualbox, upload disk image?"
15:35<swajr>or is there some sort of VNC that can be connected to
15:38-!-larsdesigns [] has joined #linode
15:46<@Rainbow>swajr, We now offer KVM, not HVM.
15:46<@Rainbow>Our Xen hosts are still PV-only
15:48<trippeh>so, HVM. ;)
15:49<swajr>" However, we also now support fully virtualized guests – which means you can run alternative operating systems like FreeBSD, BSD, Plan 9, or even Windows – using emulated hardware (PIIX IDE and e1000)." <-- to me that says KVM with full HVM instead of needing paravirt.
15:49<Nivex>quick, spin up a desqview VM!
15:50<swajr>I was just curious if there was some sort of graphical console, or if I'm going to have to build the VM hard disk myself locally, and then dd it into place via finnix/ssh pipe.
15:50<Nivex>afaik there's no graphical console _yet_
15:50<praetorian>the latter.
15:51<praetorian>i hate to refer to eugene, but
15:52<swajr>oo that gives you virtio too
15:52<swajr>which has to be better than e1000
15:52<swajr>I hadn't thought about that one
15:55<trippeh>last I heard grahpical console is in the works/planned
15:55<trippeh>I think I heard ;)
15:56<swajr>yeah that blog post referred to it
15:56<swajr>GISH? :)
15:57-!-steveski [] has quit [Remote host closed the connection]
15:57<@Rainbow>trippeh, HVM would refer to the Xen-specific technology. swajr We do not currently offer a graphical Lish console. Lish outputs from the serial console.
15:58<@Rainbow>Graphical access is currently under development, as mentioned on our blog.
15:58<@Rainbow>praetorian, no more Lin :p
15:58<@Rainbow>Just Rainbow now. :D
15:58<praetorian>more Lin required
15:58<@Rainbow>The Lin stood for Linode. x3
15:59<praetorian>yeah, but it gives you that asian side
15:59<@Rainbow>Not like Lin was part of my name or anything
15:59<@Rainbow>But I'm not asian o.0
15:59*Rainbow confused
15:59<amelia>RainbowLin: now with more stereotypical ramen.
15:59*praetorian hands Rainbow a cookie
15:59<Peng>That would've been terrible if some Chinese person came in and asked for help and saw Peng and RainbowLin.
16:00*Rainbow nahmfs cookie <3
16:00<Nivex>heh. my best friend sent a small machine to live on my network to sync his off-site backups to. hostname: twilightsparkle
16:01<amelia>Nice :P
16:01<amelia>How small? :D
16:01<Nivex>one of those WD Live drives with the built-in network
16:01<swajr>I'm surrounded by bronies
16:01<Nivex>we managed to get root on it. Turns out it's a PowerPC running Debian + WD secret sauce
16:02<@ccravens>Cartoon ponies ftw!
16:02<@Rainbow>swajr, We are the Herd. You WILL be assimilated. Resistance is Futile.
16:02<swajr>should totally install OSX Leopard on it
16:02<swajr>rock that powerpc
16:03-!-user___ [] has quit [Ping timeout: 480 seconds]
16:05<praetorian>rock the kazbah
16:06<Nivex>Lock the Taskbar:
16:08-!-HurinThalion [] has quit [Ping timeout: 480 seconds]
16:13-!-Cromulent [] has joined #linode
16:13<@Rainbow>dun dun duuuun~!
16:17-!-dankles [~dankles@2600:3c02::f03c:91ff:fedb:deed] has joined #linode
16:18-!-aspis_ [~aspis@] has joined #linode
16:24<Eugene>praetorian / swajr - my understanding is that GISH is coming. Whenever that gets around to being released I'll probably do a Community Guide on installation
16:25<Eugene>It's worth noting that you can do the Full Virt mode now(as of that Gist, it didn't exist! It was a first-day thing), which simplifies the process a lot
16:25<Eugene>The I/O difference isn't worth it IMO
16:29<swajr>one day I'll install proxmox again
16:30<swajr>and just run all my shit at home.
16:30<swajr>but Linode allows me to be lazy
16:30<swajr>or "enables" me to be lazy is probably a more appropriate term :P
16:33-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
16:34<Eugene>I have a Fileserver / KVM host in the living room, and Gigabit here. I like to keep stuff In The Butt, though'
16:35<joshteam>Best way to open up MySQL to remote connections?
16:35<akerl>joshteam: If you need to hit it from somewhere else, use an SSH tunnel
16:35<joshteam>It’s a dev environment
16:35<Eugene>You say that like it matters any
16:36<akerl>joshteam: Awesome. SSH works great there
16:37<joshteam>:-p I get it I get it okay, I’ll use SSH
16:39<Eugene>Now you're talking
16:42-!-jasonm [] has quit [Quit: Leaving]
17:03-!-Dedalo [] has quit [Ping timeout: 480 seconds]
17:04-!-Dedalo [] has joined #linode
17:10-!-kaare__ [~kaare@] has quit [Ping timeout: 480 seconds]
17:30-!-Maz [] has joined #linode
17:31-!-Maz [] has quit []
17:36-!-ctpdump [~tcpdump@2607:5300:60:419e:5555:5555:ce5c:c64f] has joined #linode
17:37-!-piney__ [] has joined #linode
17:41-!-piney [] has quit [Ping timeout: 480 seconds]
17:42-!-zoid_ [~zz@] has quit [Quit: Konversation terminated!]
17:43-!-bbankes_ [] has quit [Ping timeout: 480 seconds]
17:46-!-acald3ron [~acald3ron@] has quit [Ping timeout: 480 seconds]
17:47-!-user [] has joined #linode
17:48-!-user is now known as Guest1640
17:58-!-Angryman [] has joined #linode
17:58<Angryman>Staff Members are here?
17:59<Peng>This is the community. Sometimes staff are here, but if you definitely need them, file a support ticket/send an email/call the phone.
17:59<Peng>Why do you ask?
18:00<Angryman>iLL have a spammer ip adress
18:00<Angryman>from linode
18:00<Angryman>that spams my site
18:02<sp_>iptables / fail2ban ?
18:02<Peng>Reporting it is good too though!
18:04-!-Exaeta [~rnicholl@2601:c2:8404:30d0:f824:4d2b:18ce:9849] has joined #linode
18:04<@rfeliciano>Our guys will get that email and make sure to take action when and where necessary.
18:04<Exaeta>Is down for just me or everyone else too?
18:04<Angryman>I dont have a vps or a server only webspace
18:04<Exaeta>I keep trying to log in and it doesn't work...
18:04<Angryman>so i cant ipban them or anything
18:04<Angryman>can I just post the ip here ?
18:05<SNy>Angryman: Assuming your hoster is using Apache, you could block them via .htaccess, if that is available.
18:08-!-niemeyer [~niemeyer@] has quit [Ping timeout: 480 seconds]
18:08<+linbot>New news from forum: Linux Tips, Tricks, Tutorials • Running Ubuntu Snappy Core on Linode (and Raspberry Pi 2) <>
18:11-!-kello [] has joined #linode
18:12<kello>Hi - question about Linode accounts. Do they include email? If so, what is the outbound relaying limit per day or month?
18:12-!-Angryman [] has quit [Quit: Page closed]
18:12<Peng>I try not to let my anger define me.
18:12<Peng>kello: It's a VPS. You can install email software on it if you want to, or not.
18:12<Eugene>There is no API for sending email, including SMTP. You can run a email server on your Linode, which is just a small rented server.
18:12<Peng>kello: You're allowed to send zero spam email, and as much non-spam email as dictated by the laws of physics.
18:12<Eugene>There's no blocks on outbound TCP:25
18:13<kello>ok, I kinda thought that but wasn't sure. Thanks!
18:13-!-ruby [] has joined #linode
18:13-!-kello [] has quit []
18:13<ruby>just right now my linode manager dropped and I cannot connect to it????
18:13-!-MJCS [] has joined #linode
18:13<Eugene>I can tell you that the Linode IP blocks(like anywhere that rents IPs) are occasionally blacklisted by the Spamhaus mafia. If you want reliable guaranteed delivery you should use a service like Mailinator
18:14-!-xxh9 [] has quit [Quit: Leaving.]
18:14-!-VsioZaebis [] has joined #linode
18:14<tonyyarusso>I'd be concerned if I was spinning up a server temporarily and hoping to use it for mail right away, but I've never had a problem with getting blocked with a long-lived one. (yet)
18:14<Eugene>No, mailinator is wrong.
18:14<Eugene>What's the one that lets you send mail
18:14<Peng>ruby: "your linode manager"?
18:15<tonyyarusso>Eugene: Mailgun
18:15-!-fede-vf [] has joined #linode
18:15<Eugene>Sendgrid is the one I was looking for in my brain
18:16<ruby>ya - i see that they have put up the *major outage* status on the linode manager .... sheesh
18:17-!-Netsplit <-> quits: fede-vf, ruby
18:17<Peng>heh, I don't think I've ever seen a Major Outage before
18:17<Peng>Exaeta: It's not just you, then!
18:18<Peng>MajObviousman has a competitor now that the status page is reporting a Major Outage
18:26<+linbot>New news from status: Linode Manager <>
18:29-!-anew [] has quit [Quit: Leaving]
18:32-!-Sputnik7 [] has joined #linode
18:32-!-niemeyer [~niemeyer@] has joined #linode
18:33-!-EyePulp [~EyePulp@] has quit [Remote host closed the connection]
18:38-!-aspis_ [~aspis@] has joined #linode
18:39-!-RumpledElf [] has joined #linode
18:40-!-larsdesigns [] has quit [Quit: Leaving]
18:42-!-technoid_ [] has quit [Ping timeout: 480 seconds]
18:49-!-technoid_ [] has joined #linode
18:51-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
18:55-!-jleal [] has joined #linode
18:55-!-mode/#linode [+o jleal] by ChanServ
19:02-!-reveldevel [] has joined #linode
19:06-!-_al [] has joined #linode
19:07-!-reveldevel [] has quit []
19:13-!-_al [] has quit [Quit: Leaving]
19:23-!-_al [] has joined #linode
19:27-!-_al [] has quit []
19:28-!-antix [] has quit [Max SendQ exceeded]
19:30-!-Netsplit <-> quits: Peterman
19:30-!-Netsplit <-> quits: luckst0r, phyber, Tol1, karstensrage, @johnmusbach, mteufel, dannyAAM, Steve^, internat, therock247uk, (+67 more, use /NETSPLIT to show all of them)
19:30-!-Netsplit <-> quits: tomaw, Solver, rnowak, yano, tmberg, gbti
19:30<MJCS>I was about to comment about the packet loss
19:31-!-avongauss [] has quit [Max SendQ exceeded]
19:33<Eugene> is best bin
19:34-!-ChasedSpade [] has quit [Quit: No reason specified.]
19:35<MJCS>I'll try to remember that for next time
19:36-!-antix [] has joined #linode
19:36-!-call_me_al [] has joined #linode
19:36-!-jleal [] has joined #linode
19:36-!-Levers [] has joined #linode
19:36-!-therock247uk [] has joined #linode
19:36-!-adrian [] has joined #linode
19:36-!-Alan [] has joined #linode
19:36-!-Guest509 [] has joined #linode
19:36-!-ChauffeR [] has joined #linode
19:36-!-Dataforce [] has joined #linode
19:36-!-rnowak [] has joined #linode
19:36-!-gbti [] has joined #linode
19:36-!-Solver [~robert@] has joined #linode
19:36-!-amitz [~amitz@2400:8901::f03c:91ff:fe93:6752] has joined #linode
19:36-!-tomaw [] has joined #linode
19:36-!-halothe23 [] has joined #linode
19:36-!-micro [] has joined #linode
19:36-!-jarryd [] has joined #linode
19:36-!-FloodServ [] has joined #linode
19:36-!-juice [~juice@] has joined #linode
19:36-!-dannyAAM [] has joined #linode
19:36-!-johnmusbach [~johnmusba@2600:3c03::f03c:91ff:fe50:ca63] has joined #linode
19:36-!-TwoWholeWorms [] has joined #linode
19:36-!-Saiban [] has joined #linode
19:36-!-pharaun [] has joined #linode
19:36-!-MaZ- [] has joined #linode
19:36-!-fenghong [~fengmhong@2600:3c02::f03c:91ff:fe89:8c2f] has joined #linode
19:36-!-ServerMode/#linode [+oovo jleal johnmusbach johnmusbach fenghong] by
19:36-!-nyuszika7h [] has joined #linode
19:36-!-grawity [] has joined #linode
19:36-!-JamesTK [] has joined #linode
19:36-!-Tea [~Tea@2a01:7e00::f03c:91ff:feae:385f] has joined #linode
19:36-!-Hobbyboy [] has joined #linode
19:36-!-kcaj [] has joined #linode
19:36-!-Fusl [] has joined #linode
19:36-!-Moult [] has joined #linode
19:36-!-SNy [] has joined #linode
19:36-!-Myon [] has joined #linode
19:36-!-Steve^ [~Steve^] has joined #linode
19:36-!-xand [] has joined #linode
19:36-!-voxelcarrot [~d@2a01:7e00::f03c:91ff:fe84:a7ac] has joined #linode
19:36-!-Frools_ [] has joined #linode
19:36-!-Zimsky [] has joined #linode
19:36-!-trippeh [] has joined #linode
19:36-!-Sirenia [~sirenia@] has joined #linode
19:36-!-gbyers [] has joined #linode
19:36-!-rweir [] has joined #linode
19:36-!-HoopyCat [] has joined #linode
19:36-!-ServerMode/#linode [+v fenghong] by
19:36-!-ZeiP [] has joined #linode
19:36-!-jbower [] has joined #linode
19:36-!-kwmonroe [] has joined #linode
19:36-!-phyber [phyber@2a01:7e00::f03c:91ff:fe93:a318] has joined #linode
19:36-!-Tol1 [] has joined #linode
19:36-!-tanja84dk [] has joined #linode
19:36-!-Voss [] has joined #linode
19:36-!-brianok [] has joined #linode
19:36-!-MajObviousman [] has joined #linode
19:36-!-GLaDOSDan [] has joined #linode
19:36-!-mdc [] has joined #linode
19:36-!-MrGeneral [~MrGeneral@2a00:d880:5:16a::ced2] has joined #linode
19:36-!-Neal [] has joined #linode
19:36-!-Kane` [~Kane@] has joined #linode
19:36-!-Daedolon [] has joined #linode
19:36-!-vans [] has joined #linode
19:36-!-googol_ [] has joined #linode
19:36-!-luckst0r [] has joined #linode
19:36-!-kbtr [] has joined #linode
19:36-!-plod [] has joined #linode
19:36-!-kidneb [] has joined #linode
19:36-!-TheVoid [~thevoid@2001:41d0:e:24f::1] has joined #linode
19:36-!-tmberg [] has joined #linode
19:36-!-Vlad [] has joined #linode
19:36-!-Ford_Prefect [~arun@2a01:7e00::f03c:91ff:fe96:2c] has joined #linode
19:36-!-jackley [] has joined #linode
19:36-!-yano [] has joined #linode
19:36-!-mteufel [] has joined #linode
19:36-!-internat [] has joined #linode
19:36-!-eagle [] has joined #linode
19:36-!-Vegar [~vegar@2a01:7e01::f03c:91ff:fe93:918a] has joined #linode
19:36-!-karstensrage [] has joined #linode
19:36-!-kenyon [] has joined #linode
19:36-!-jas4711 [~jas4711@] has joined #linode
19:36-!-hawk [] has joined #linode
19:36-!-Kowalczyk [~Kowalczyk@2a01:7e00::f03c:91ff:fe70:50f9] has joined #linode
19:36-!-Peterman [] has joined #linode
19:36-!-ServerMode/#linode [+ovo jbower jbower jackley] by
19:36-!-kash [] has joined #linode
19:36-!-call_me_al [] has quit []
19:36-!-antix [] has quit [Max SendQ exceeded]
19:36-!-mode/#linode [+v Rainbow] by ChanServ
19:36-!-mode/#linode [+v rarlan] by ChanServ
19:36-!-mode/#linode [+o mkorsak] by ChanServ
19:36-!-mode/#linode [+v mmustac] by ChanServ
19:36-!-mode/#linode [+o cnicholais] by ChanServ
19:36-!-mode/#linode [+v amassry] by ChanServ
19:36-!-mode/#linode [+o vpaloc] by ChanServ
19:36-!-mode/#linode [+v rfeliciano] by ChanServ
19:36-!-mode/#linode [+o jspinosi] by ChanServ
19:36-!-mode/#linode [+o caker] by ChanServ
19:36-!-mode/#linode [+o jstewart] by ChanServ
19:36-!-mode/#linode [+o mkropinack] by ChanServ
19:36-!-mode/#linode [+v dobrien] by ChanServ
19:36-!-mode/#linode [+v restelow] by ChanServ
19:36-!-_al [] has joined #linode
19:36-!-db3l [~chatzilla@2001:470:1f07:12a:2081:a020:bb3d:d3a5] has joined #linode
19:36-!-antix [~rewt@2600:3c00::f03c:91ff:fedb:6b34] has joined #linode
19:36-!-avongauss [] has joined #linode
19:36-!-ChasedSpade [] has joined #linode
19:36-!-call_me_al is "(unknown)" on (unknown)
19:36-!-mode/#linode [+v ddevault] by ChanServ
19:36-!-avongauss [] has quit [Max SendQ exceeded]
19:37-!-avongauss [] has joined #linode
19:40-!-db3l [~chatzilla@2001:470:1f07:12a:2081:a020:bb3d:d3a5] has quit [Quit: ChatZilla [Firefox 39.0.3/20150806192353]]
19:44-!-ViciousPariah [] has joined #linode
19:50-!-Rainbow [] has quit [Remote host closed the connection]
19:50-!-plod [] has quit [Ping timeout: 480 seconds]
19:53-!-plod [] has joined #linode
19:55-!-joshteam [] has quit [Quit: joshteam]
19:56-!-_al [] has quit [Quit: Leaving]
19:59<+linbot>New news from forum: General Discussion • Can not Reverse DNS <>
19:59-!-fstd [] has quit [Remote host closed the connection]
19:59-!-fstd [] has joined #linode
20:00-!-Levers [] has quit [Remote host closed the connection]
20:02-!-joshteam [] has joined #linode
20:05-!-acald3ron [~acald3ron@] has joined #linode
20:06-!-rainbow [] has joined #linode
20:07-!-rainbow [] has left #linode []
20:07-!-rainbow [] has joined #linode
20:07-!-mode/#linode [+o rainbow] by ChanServ
20:07-!-rainbow is now known as Rainbow
20:07-!-joshteam [] has quit [Quit: joshteam]
20:15<Exaeta>How do I add CERT records to my linode DNS?
20:17<akerl>You do not
20:17<Peng>unless you use it as a slave
20:17<Peng>and run a (hidden) master
20:17<Exaeta>how does that work?
20:18<Peng>If you run your own master, and Linode slaves, it supports any (supported by the software) record type.
20:18<akerl>You run a DNS server somewhere and configure it to serve whatever records you want, and if you want to use Linode's nameservers to serve the zone you add a slave zone in the Linode DNS Manager and set up your master to notify them
20:18<akerl>Peng: I hadn't looked at the record type list for a while, since when did folks start applying the gTLD strategy to DNS as well
20:19<akerl>Moar record types is moar better
20:19<Peng>TXT should be enough for everyone!
20:19<akerl>(nevermind that they're all useless due to the inherent issues with DNS not being a secure transport and all that)
20:20<Eugene>Something something DNSSUCK
20:22<Peng>akerl: and due to DNS having a zillion terrible implementations
20:23<Exaeta>does DNSSEC actually work yet?
20:24<Eugene>It works fine, but few registrars support the necessary glue records, and the actual implementation of secure keys(including doing regular rollover).... doesn't ever happen.
20:25<Eugene>For some context, I get drunk and implement stupid RFCs for laughs.... and even *I* haven't gotten DNSSEC going.
20:25<Peng>DNSSEC, with 1200-bit RSA crypto straight from 1995!
20:25<Peng>(To be fair, 1200-bit RSA actually is secure.)
20:26<staticsafe>DNSSEC is quite easy with BIND's automagic signing and maintaining of signatures
20:26<Peng>Yeah, like IPv6, it only took the software 15 years to be usable.
20:26<staticsafe>almost all of my zones, including PTR zones are signed
20:27<Peng>Finally, easy-to-deploy 20-year-old technology!
20:27<Eugene>Great, now post how to do that ;-)
20:27<Eugene>Or submit a PR to !
20:27<staticsafe>I could write a Linode library article for it
20:28<Eugene>You totally could
20:28<akerl>staticsafe: My concern w/ dnssec isn't that it's hard, it's that it's shitty
20:28<staticsafe>how is it shitty?
20:28<Peng>My concern is both!
20:29<staticsafe>akerl: I can do the blog thing too -
20:30<staticsafe>either way, I implemented it because it lets me use things like SSHFP records
20:30<Peng>I thought SSHFP was a good idea until I realized I don't actually trust DNSSEC
20:30<Eugene>You can still publish SSHFPs without DNSSEC.... just trusting them is silly
20:31<Eugene>(in fact, I do! Because I'm silly)
20:31<Peng>Eugene: I don't know why people even do that.
20:31<akerl>" I am willing to bet the author never actually checks his SSH fingerprints "
20:31<akerl>For some reason, I have this weird feeling that tptacek actually does in fact check his fingerprints
20:32<Peng>tptacek probably does biometric three factor auth against SSH servers. In his head!
20:32<akerl>I can't tell if this article is just a rant without content or is a satirical post designed to be linked by people who didn't read its contents
20:33<akerl>~"TLS failed because it costs money, so comparing DNSSEC to TLS and asserting that TLS has superior properties for assessing trust is bunk"
20:34<Peng>TLS failed?
20:34<Peng>and here I thought I was using TLS right now
20:34<akerl>Peng: No no, port 80 is still used, and thus TLS clearly failed
20:37-!-Ikaros [] has quit [Read error: Connection reset by peer]
20:38<synapt>"Never mind that we still need to run SSL 2.x for WinXP compatibility"
20:38<synapt>uh wat
20:38<akerl>I'm trying not to be too offended at the implication that I linked to tptacek's blog post without reading or considering its contents, but in case it's in dispute: I linked it because it saved me the time of basically summarizing the key points in there, which I find to be valid. Chiefly that I don't desire to lump yet more eggs into the basket of some centrally-controlled CAs. It's a mistake we
20:38<akerl>made with TLS that's slowly being remediated with key pinning and the like, but DNSSEC throws away the hard-earned knowledge that centralized trust in government orgs is bad
20:39<staticsafe>yeah I linked that in a tongue as cheek manner, also it was in my browser history
20:39-!-Ikaros [] has joined #linode
20:41<staticsafe>the chain of trust for any particular signed domain is fairly large as opposed to say a EV TLS certificate for a domain
20:44<akerl>True, but no amount of length makes me want verisign at the far end
20:44<trippeh>DNSSEC stops cache poisoning. thats pretty valuable.
20:45<staticsafe> example - ICANN -> CIRA -> my name servers
20:45<staticsafe> StartCom
20:45<staticsafe>*shrug* pick your poison
20:45<akerl>I'm much more a fan of strategies where the trust root elsewhere, which are feasible and involve declaring and trusting your root via alternate means, but as proposed the trust chain leading to the TLD level is... eh
20:46<akerl>s/elsewhere/lives elsewhere/
20:46<Peng>use every strategy at once :D
20:47<akerl>In much the same way that my favorite kind of TLS CA is the kind that lives in my pocket
20:47<akerl>Which is probably what the folks in NSA HQ say, too
20:48-!-hfb [] has quit [Quit: Leaving]
20:51<trippeh> another pro-dnssec post
20:51<trippeh>didnt read it all yet. going to bed.
20:52<akerl>trippeh: I'm familiar, it glosses over some bits, of primary concern to me that it basically says "we already give lots of eggs to centralized authorities for domain registration, why not give them the rest of our eggs"
20:53<Peng>didn't they write a blog post a month earlier about how terrible ICANN was
20:53<akerl>It's a slippery egg slope
20:54<akerl>Really, the easydns post would be better titled "why we think the .bit TLD is the best thing ever"
20:54<akerl>because most of their points are ~"Yea, this is kinda shitty for regular TLDs, but if you throw verisign and friends in a dumpster and replace them with a blockchain and a cute hat, it all looks prettier"
20:55<akerl>Which is ~valid, blockchain-lulz aside, in that if you move root-trust to an entity that isn't shitty, root trust isn't as shitty
20:56<Peng>"if you move root-trust to an entity that isn't shitty, root trust isn't as shitty"
20:56<Peng>i.e. if only you solve trust, you solve trust!
20:56<Peng>Step 1 to implementing trust: find someone trustworthy
20:56<Peng>Step 2: ???
20:56<akerl>.bit isn't the worst solution to trust that I've seen, but it's not flawless
20:57<akerl>I still prefer the kind of trust where the CA whose private key only I know is the source from whence all my trust flows
20:57<akerl>and I take that private key and encase it in concrete and drop it on Donald Trump
21:00-!-aspis_ [~aspis@] has joined #linode
21:00<trippeh>I'm a bit negative on DANE and trusting dnssec ultimately. But as a fix for cache poisoning and such it is good stuff.
21:02<trippeh>DANE is way better than nothing for SMTP though, which is OE without it.
21:06-!-Guest1538 [~lex@2001:470:b:3e3:a52e:f478:c4e1:2a6f] has quit [Remote host closed the connection]
21:07-!-lex [~lex@2001:470:b:3e3:60a1:2eec:8417:405e] has joined #linode
21:07-!-lex is now known as Guest1668
21:11-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
21:13<trippeh>lol my hardware retailer is answering my emails at 3am o_O
21:14-!-Dedalo [] has quit [Remote host closed the connection]
21:14-!-bbankes [] has joined #linode
21:20<Cromulent>I always meant to enable DNSSEC on my domains but never got around to it
21:21<Cromulent>I even moved some of my domains to Gandi for that very reason since Namecheap don't support the glue records
21:22-!-seanh-corona [~Adium@2601:647:4d03:58f0:8d52:f75d:c007:daec] has quit [Quit: Leaving.]
21:23-!-niemeyer [~niemeyer@] has joined #linode
21:28-!-computerquip [] has joined #linode
21:48-!-kaare__ [~kaare@] has joined #linode
22:04-!-niemeyer [~niemeyer@] has quit [Ping timeout: 480 seconds]
22:08-!-arooni-mobile [~arooni-mo@2602:306:ccf7:7450:e42e:1a29:9152:e461] has joined #linode
22:22-!-ideopathic [] has quit [Quit: ideopathic]
22:22<ctpdump>how can one use SSHFP without dnssec? a quick search doesn't reveal anything useful
22:22<Peng>Well, not actually usefully.
22:23<Peng>That's why Eugene said it was silly. :P
22:23<Peng>There's some use, actually: you can Google the fingerprint
22:23-!-therock247uk [] has quit []
22:23-!-frumpo [~ay@2602:304:ce35:c640:72f1:a1ff:fea3:71fc] has joined #linode
22:23<ctpdump>assuming I take the risk of cache poisoning and mitm - there is still no way to use SSHFP without dnssec, right?
22:24<frumpo>Hello. I am looking for IPv6 assistance on a Ubuntu 14.04 linode.
22:24<Peng>You mean, can you make OpenSSH automatically use it without DNSSEC?
22:25<frumpo>Ubuntu 14.04 on Linode does not automatically configure. I have to manually add the IPv6 route. Then 30 days later, IPv6 stops working.
22:26<ctpdump>I mean to make openssh trust whatever it gets from the unsigned zone
22:26<Peng>Going by the man page, I think it can prompt you for or at least display unsigned SSHFP.
22:26<ctpdump>frumpo: when you say it stops, what exactly happens in "ip -6 addr; ip -6 route" ?
22:27<ctpdump>which can be a bummer when using rsync with private key
22:27<frumpo>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
22:27<frumpo> inet6 ::1/128 scope host
22:27<frumpo> valid_lft forever preferred_lft forever
22:27<frumpo>3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
22:27<frumpo> inet6 fe80::f03c:91ff:fe50:789c/64 scope link
22:27<frumpo> valid_lft forever preferred_lft forever
22:27<+linbot>Please paste longer snippets over at and not in the channel
22:27<frumpo>fe80::/64 dev eth0 proto kernel metric 256
22:27<frumpo>default via fe80::1 dev eth0 metric 1024
22:28<frumpo>Sorry ... shall I post at
22:28<ctpdump>paste the at the contents of /etc/network/interfaces
22:28<Peng>frumpo: You pasted six lines the ifrst time and two lines the second time?
22:29<frumpo>I don't quite understand IPv6 yet, but I believe SLAAC is not working properly. It almost seems like there is a lease that last 30 days or so on my ipv6 address.
22:29<frumpo>Yes, 6 lines then 2 lines.
22:29<Peng>Yeah, the SLAAC timeout thingamabob is exactly 30 days.
22:30<Peng>At which point (or probably before that) it should automatically redo its thing and not stop working.
22:30<frumpo>Well, when I reboot my Linode, I always have to manually add a route:
22:30<Peng>So you're saying SLAAC never works at all.
22:30<frumpo>sudo ip -6 route add default via fe80::1 dev eth0
22:30<frumpo>Yes, that is correct.
22:31<Peng>Well, that's bad.
22:31<Peng>Pastebin `sysctl -a | egrep 'accept_ra|autoconf|forwarding|use_tempaddr'`
22:31<Peng>And, as said above, /etc/network/interfaces
22:32<frumpo>I have another linode running 12.04 and it works fine. I think I have narrowed it down to the sysctl settings, but according to the Linode documentation, the standard configurations should automatically set up SLAAC. I am using a standard configuration.
22:32<Peng>and `ip6tables-save`
22:32<frumpo>Sure. One minute.
22:34<ctpdump>add s static entry for ipv6 there
22:34<ctpdump>iface eth0 inet6 static
22:34<ctpdump>address $ipv6/64
22:34<ctpdump>gateway fe80::1
22:35<frumpo>Ok, let me add to interfaces
22:35<Peng>ctpdump: That's something of a workaround. You shouldn't *have* to use a static config.
22:35<Peng>14.04 wfm
22:35<ajmitch>forwarding is enabled, and autoconf disabled there
22:35<frumpo>yes ... and I cannot get persistent changes to the sysctl ...
22:36-!-Tea [~Tea@2a01:7e00::f03c:91ff:feae:385f] has left #linode [Leaving]
22:36<ajmitch>iirc you can have accept_ra=2 for it to still work with forwarding enabled
22:36<ctpdump>for a server I'm not too worried with using static configs on the contrary
22:37<Peng>ajmitch: Privacy addresses don't work on Linode.
22:37<ctpdump>and they aren't particularly useful for a server either
22:37<Peng>(Unless you have a /64, but even then I'm not sure how to configure them. :P )
22:37<ajmitch>Peng: right, but this has nothing to do with privacy addresses (use_tempaddr)
22:37<Peng>d'oh, sorry
22:38<frumpo>Will the static entries work at this point? Do I need to do a network restart?
22:38<Peng>I thought "IPv6" and "sysctl" and "=2" and missed "accept_ra"
22:38*ajmitch has forwarding enabled because of the routed /56 to use for a VPN
22:38<Peng>frumpo: Edits to /etc/network/interfaces don't automagically apply.
22:38<Peng>frumpo: You'd have to restart (or reload?) networking, or apply them by hand.
22:39<Peng>(as you've been doing before)
22:39<frumpo>Correct, are you ready for me to try restarting networking?
22:39<ajmitch>what could possibly go wrong?
22:39<Peng>You should configure your IP too, eh?
22:40<Peng>did that sound rude? didn't mean to
22:40<frumpo>No, not rude at all.
22:40<frumpo>Well, I haven't got a block of ipv6 addresses ...
22:40<Peng>frumpo: Why do you have forwarding on? Do you need it?
22:40<frumpo>Again, I am struggling with ipv6
22:40<Peng>frumpo: You still have *one* IPv6 address.
22:41<Peng>frumpo: My comments about privacy addresses and /64s were irrelevant and wrong 'cause I misread your config.
22:41<frumpo>No. I do not need forwarding. I have tried to persistently change that setting via the sysctl.conf but they do not pick up on reboot.
22:44<frumpo>Ok ... sudo /etc/init.d/networking stop && sudo /etc/init.d/networking start did not bring back ipv6
22:44<Peng>frumpo: Does ip -6 r show the route now?
22:45<Peng>You're still dead in the water without your IP configged.
22:45<frumpo>fe80::/64 dev eth0 proto kernel metric 256
22:45<frumpo>default via fe80::1 dev eth0 metric 1024
22:45<Peng>your system is possessed
22:45<Peng>kill it with fire
22:45<frumpo>If I reboot, and then manually add the route it works. After 30 days, I am stuck again.
22:46<frumpo>Peng: Oh no!!
22:47-!-arooni-mobile [~arooni-mo@2602:306:ccf7:7450:e42e:1a29:9152:e461] has quit [Remote host closed the connection]
22:47-!-NomadJim__ [] has quit [Read error: Connection reset by peer]
22:48-!-NomadJim__ [] has joined #linode
22:48<frumpo>So, do I have bigger issues?
22:48<frumpo>Linode support time?
22:48<Peng>Well, as I said, it obviously ought to work by default.
22:49<Peng>is this something about dhcpcd?
22:50<Peng>Is forwarding enabled somewhere in /etc/sysctl.d?
22:50<frumpo>This was a brand new server, stock latest kernel, stock configuration.
22:50<frumpo>Let me look
22:50<Peng>You did nothing to it? At all?
22:50<Peng>Last time I deployed a few months ago it 100% worked.
22:51<Peng>If you have typed zero things into the console ever, definitely file a ticket.
22:52<frumpo>Here is the only setting I have related to forwarding, and it is in the sysctl.conf ... however, it DOES NOT get picked up on reboot and sysctl still has it as 1.
22:52<Peng>frumpo: What about sysctl.d?
22:53<Peng>And what about /etc/dhcpcd.conf? I doubt it but I'm low on ideas.
22:53<frumpo>No "forwarding" entry at all in sysctl.d
22:54<Peng>wait, no, never mind
22:54<Peng>I'm too tired for this.
22:54<Peng>And I am out of ideas. Sorry. :(
22:55<frumpo>No worries. thanks for trying. It has frustrated me too for sometime.
22:55<ctpdump>to restart networking do (From a console) ifdown eth0; ifup eth0
22:55<frumpo>Do you know why Ubuntu is not picking up sysctl.conf??
22:55<frumpo>Ok ...
22:56<ctpdump>that should bring the inet6 you defined in /etc/network/interfaces
22:56<ctpdump>if it doesn't, Peng is right, your system may be posessed
22:57<frumpo>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
22:57<frumpo> inet6 ::1/128 scope host
22:57<frumpo> valid_lft forever preferred_lft forever
22:57<frumpo>3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
22:57<frumpo> inet6 fe80::f03c:91ff:fe50:789c/64 scope link
22:57<frumpo> valid_lft forever preferred_lft forever
22:57<frumpo>ifdown and ifup didn't seem to do it
22:58<ctpdump>let's double check the contents of /etc/network/interfaces
22:58<ctpdump>put it into a pastebin of some sort
22:59<Peng>frumpo: How about ip -6 r?
22:59<Peng>frumpo: You don't have the IP statically configured in interfaces, do you?
23:00<Peng>wait, does the new interfaces contain the global route either?
23:00<frumpo>I do have it configured per previous instruction.
23:00<frumpo>Here is ip -6 r
23:00<frumpo>fe80::/64 dev eth0 proto kernel metric 256
23:00<frumpo>default via fe80::1 dev eth0 metric 1024
23:01<frumpo>I do have some ip6tables rules ... configured with arno-iptables-firewall
23:01<frumpo>But, if I set up static networking it shouldn't matter, correct?
23:01<frumpo>Peng: Explain the global route entry in the interfaces file.
23:02<Peng>what data center are you in?
23:02<frumpo>iface eth0 inet6 static
23:02<frumpo> address $ipv6/64
23:02<frumpo> gateway fe80::1
23:02<frumpo>That is the ipv6 section of interfaces file.
23:02<frumpo>I have another linode in Dallas and it works perfectly.
23:03<frumpo>Older version of Ubuntu.
23:03<Peng>same config (aside from the IP)?
23:03<ajmitch>you do have your actual address in there, not literally $ipv6 ?
23:03<frumpo>The sysctl is different ... forwarding, etc. is disabled.
23:04<frumpo>I do not. Sorry ... how do I get my actual ipv6 address?
23:04<ajmitch>linode manager, remote access tab
23:04<frumpo>I have never requested a block of addresses. I assumed it was handed out automatically
23:04<Peng>but it's 2600:3c00::f03c:91ff:fe50:789c
23:05<ajmitch>same as the link-local after the ::, just didn't know the dallas prefix
23:05<Peng>You also need a route for 2600:3c02::/64 somewhere.
23:06<frumpo>Yes, I added the :789c ...
23:07<frumpo>3c02 ... what route is that for?
23:07<frumpo>Is this the "default" route?
23:08<Peng>sorry, I can't spell, 2600:3c00::/64
23:08<Peng>and yes
23:09<frumpo>sudo ip -6 route add default via fe80::1 dev eth0
23:09<ajmitch>having the address in interfaces with the /64 should add the route to 2600:3c00::/64, shouldn't it?
23:09<frumpo>This is what I have been doing after a rreboot
23:09<Peng>ajmitch: dunno
23:10<ajmitch>this is still less convoluted than my home setup :)
23:10<Peng>I use a dynamic config and don't have the docs open
23:11-!-Yaazkal [yaazkal@] has joined #linode
23:11<frumpo>Sorry folks ... I really appreciate your help. I feel like I am close, but am missing one little (critical) step.
23:12<ajmitch>possibly, pastebin your /etc/network/interfaces again
23:12-!-ideopathic [] has joined #linode
23:12<ajmitch>to show what you've got in there now
23:15-!-aspis_ [~aspis@] has joined #linode
23:17<frumpo>Ok ok ...
23:17<ajmitch>something's working now?
23:18<frumpo>I think it is related to arno iptables firewall
23:18<ajmitch>is it dropping ICMPv6?
23:18<frumpo>I flushed the ipv6 table, and ifdown and ifup and it worked
23:18<frumpo>I think so.
23:18<Peng>shoot me
23:18<frumpo>I think it is related to ICMPv6. But, does that matter even if I have it statically set up in interfaces?
23:18<ajmitch>that could do bad things indeed, since there's no ARP
23:18<Peng>but where's the frigging forwarding come from
23:19<frumpo>I don't know about the forwarding.
23:19<ajmitch>Peng: for all we know it could be from the same firewall or some other naughty service enabling forwarding
23:19<frumpo>If it is now statically set up, will it drop out in 30 days?
23:19<ajmitch>frumpo: ICMPv6 is needed for all sort of things including duplicate address detection, I was just testing in a local VM here
23:20<frumpo>Ok, ok. I need some major tweaking on the ip6tables.
23:20<ajmitch>if it's statically configured it should just keep working, complain to us in 30 days if it doesn't? :)
23:20-!-bbankes [] has quit [Ping timeout: 480 seconds]
23:20-!-larsdesigns [] has joined #linode
23:20<frumpo>Hey, I really appreciate your help!
23:21<ajmitch>no problem
23:21<frumpo>Agree on the forwarding and sysctl. I may disable the ip6tables firewall, reset back to inet6 auto, reboot and see what happens ... see if it works. But,
23:21<frumpo>But, I am using the same firewall on the other linode in Dallas.
23:22<frumpo>Ahhh ...
23:22<frumpo>Older version of the firewall ... doesn't have major v6 support.
23:22<frumpo>So, therefore, no icmpv6 filtering.
23:23<frumpo>Dang ... sorry for the trouble. But, my IPv6 is working ... so I do really appreciate that.
23:24<ajmitch>glad it's somewhat solved now
23:24<frumpo>ajmitch: Thank you!
23:24<ajmitch>thank Peng
23:24<frumpo>Peng: Thank you~
23:25<frumpo>Peng: Hopefully I didn't just waste 45 minutes of your life that you can never get back. :)
23:25<dcraig>he can never get it back
23:26<frumpo>I know. I feel bad about that.
23:27<frumpo>Well, I just re-enabled the IPv6 firewall rules, and my IPv6 still works. So, apparently it is just the initial set up of the IPv6 interface that still needs ICMPv6 to get it configured.
23:27<frumpo>Is Peng drinking or crying?
23:27<ajmitch>you'll still run into problems if it's filtering all ICMPv6
23:27<dcraig>dawg is crinking
23:27-!-aspis_ [~aspis@] has quit [Ping timeout: 480 seconds]
23:27<Peng>and more
23:28<dcraig>ICMP yeah you know me
23:28<frumpo>Yes, I need to further investigate my ip6tables rules and the unintended effects of filtering
23:29<Peng>How much do you know about IPv6? In IPv4, you can block ICMP and only cause occasional obscure mysterious failures. In IPv6, ARP was basically merged into ICMPv6 and it's absolutely vital.
23:30<purrdeta>besides that, blocking ICMP is silly.
23:30<frumpo>Understood. My first disclaimer tonight was that I am weak in IPv6. Consider this my first lesson.
23:30<ctpdump>if you really want you can block icmp-echo-request and allow the rest of the *vital* icmp sets
23:31<frumpo>Ok, I will re-evaluate my filtering rules. This has been eye-opening.
23:31<frumpo>I appreciate the feedback.
23:32<dcraig>you gotta check yourself before you wreck yourself
23:32<frumpo>Any final words or parting shots before I exit?
23:33<dcraig>there but for the grace of God go you
23:35<frumpo>Ok, Peng, ajmitch, and others ... I really appreciate your help and time.
23:36<frumpo>ctpdump: Thank you, as well.
23:37<ctpdump>no trouble at all - I wasn't particularily helpful as I was concentrating on other things as well but at least you got it sorted
23:40-!-selsta [] has joined #linode
23:40-!-computerquip [] has quit [Remote host closed the connection]
23:40<frumpo>Good night (at least where I am at)!
23:41-!-frumpo [~ay@2602:304:ce35:c640:72f1:a1ff:fea3:71fc] has left #linode []
23:41<Peng>I have no idea what happened
23:41<Peng>I want to be asleep
23:45-!-Ikaros [] has quit [Quit: Be right back]
23:51-!-Ikaros [] has joined #linode
23:51<dcraig>Ikaros is letting out the a/c
23:52*Ikaros flips Hulu the middle finger
23:52<dcraig>such aggression
23:53<Ikaros>Yeah because they don't like me using my VPN on my Linode.
23:54<Ikaros>So I had to go back and disable the connection then reconnect to IRC.
23:54<Ikaros>There, Hulu, goddamn happy now? Oh of course you are. :/
23:54<Cromulent>yeah hulu tightened up a lot on VPN connections
23:55<Cromulent>I'm surprised the BBC hasn't done the same
23:55<Ikaros>What the hell's wrong with using a VPN to conduct my business
23:55<dcraig>do you have a business need to watch hulu?
23:55<Ikaros>Especially one in the US
23:55<Cromulent>Ikaros: because people used to watch hulu from different countries by using a VPN in the USA
23:55*Ikaros sighs
23:56<Ikaros>Ruin it for me, you naughty people in foreign countries...
23:56*Cromulent remains silent on whether he was one of them :P
23:56<ajmitch>yup, that's what we're here for
23:57*tonyyarusso has thus far resisted signing up for Hulu / Amazon Prime / Netflix / whatever
23:57<Ikaros>I guess no biggie honestly though...the idea behind me setting that up was for instances where I was on my phone connected to a public wifi point
23:57<Ikaros>And not really for constant use on my own PC
23:58<Cromulent>I find netflix and spotify essential :)
23:58<dcraig>tonyyarusso, this reminds me of the "how do you know someone doesn't watch tv?" joke
23:58-!-Yaazkal [yaazkal@] has quit []
23:59<tonyyarusso>I may have actually not heard this one yet.
23:59<dcraig>how do you know someone doesn't watch tv?
23:59<dcraig>they tell you.
---Logclosed Wed Aug 12 00:00:00 2015