Back to Home / #linode / 2006 / 08 / Prev Day | Next Day
#linode IRC Logs for 2006-08-30

---Logopened Wed Aug 30 00:00:43 2006
00:02|-|internat [] has joined #linode
00:03|-|internat [] has quit [Remote host closed the connection]
00:05|-|internat [] has joined #linode
00:12|-|rko_ [] has quit [Ping timeout: 480 seconds]
00:18|-|okokok [] has quit [Ping timeout: 480 seconds]
00:20|-|Dreamr3 [] has joined #linode
00:26|-|Dreameer3 [] has quit [Ping timeout: 480 seconds]
00:51|-|spr [] has quit [Quit: Spoon!]
01:16|-|Spads [] has joined #linode
01:32|-|dc0e [] has quit [Server closed connection]
01:33|-|dc0e [] has joined #linode
01:37|-|konoko [~Vampire@] has joined #linode
01:45|-|mirage- [] has joined #linode
01:46|-|mirage- changed nick to subtle
01:46|-|subtle [] has quit []
02:13|-|internat [] has quit [Quit: This computer has gone to sleep]
02:36|-|kokoko [~Vampire@] has joined #linode
02:39|-|konoko [~Vampire@] has quit [Ping timeout: 480 seconds]
02:50|-|internat [] has joined #linode
03:24|-|kokoko [~Vampire@] has quit [Ping timeout: 480 seconds]
03:26|-|konoko [~Vampire@] has joined #linode
03:29|-|kokoko [~Vampire@] has joined #linode
03:36|-|konoko [~Vampire@] has quit [Read error: Operation timed out]
03:46|-|JasonF-dargo [] has quit [Ping timeout: 480 seconds]
03:56|-|JasonF-dargo [] has joined #linode
04:14|-|internat [] has quit [Quit: Leaving]
04:38|-|kokoko [~Vampire@] has quit [Ping timeout: 480 seconds]
04:40|-|kokoko [~Vampire@] has joined #linode
05:23|-|ximbiot [] has joined #linode
05:35|-|internat [] has joined #linode
05:44|-|jekil [] has joined #linode
06:24|-|rko [] has quit [Ping timeout: 480 seconds]
06:25|-|erikh [] has quit [Ping timeout: 480 seconds]
06:29|-|M-guy [] has quit [Ping timeout: 480 seconds]
07:10|-|fredy [] has joined #linode
07:11<fredy>Something wrong with host53?
07:11|-|linville [] has joined #linode
07:12<fredy>I can't ssh into my server or into the console.
07:12<fredy>Status web page says my linode is "running".
07:19<fredy>Request to reboot from web page seems to be stuck "in queue".
07:23<fredy>OK just opened ticket #21625 since this IRC room is useless.
07:23<Spads>fredy: it's still early in the US
07:24<Spads>the ticket will alert caker and mikegrb
07:24<fredy>I'm in the US. It's not *that* early.
07:24<fredy>Even my 10-year-old is up now.
07:24<Spads>is your 10yo at work yet?
07:24<fredy>Not yet. Couple of years to go.
07:25|-|erikh [] has joined #linode
07:25[~]ximbiot yawns and stretches.
07:25<Spads>That's time zones for you.
07:25<fredy>Do the linode sysops work bankers' hours?
07:25<erikh>anyone know when host53 is coming back up?
07:25<ximbiot>haven't heard anything yet.
07:25<fredy>I just opened a ticket on host53.
07:25[~]erikh too
07:25<Spads>no, but they tend to work late in the US I think
07:26<Spads>to catch the west coast
07:26<Spads>the tickets will reach them
07:26<Spads>they may be silent in here because they're working on the host, too
07:26<ximbiot>it's happened before. sometimes if you say their names you get more attention.
07:27|-|fredy [] has quit [Quit: Chatzilla 0.9.75 [Firefox]]
07:27<erikh>I must admit though, this cgi irc dealy is pretty slick.
07:27<ximbiot>but there can often be a time delay anyhow. :)
07:28<ximbiot>a ticket is probably best. :)
07:28<ximbiot>anyone know if linbot is coming back?
07:28<erikh>yeah, I mean, they have to sleep sometime. it's still no less frustrating (this is the second time host53 has had this problem this week)
07:29<ximbiot>do you know what is wrong with it?
07:32<erikh>I wish I did. lish is down as well as the vserver
07:32<erikh> still reports it as up though, which is why I'm wondering if mike/caker got a page
07:33<erikh>and it's been down long enough for my local DNS cache to expire, which is a bit troublesome.
07:36<erikh>taupehat: tell the monkeys on our irc network what's going on if you get this
07:51|-|n9urk [] has joined #linode
07:52<n9urk>hi all
07:53<n9urk>is host53 down?
07:55<erikh>you aren't the only one wondering when it'll come back up :)
07:58<n9urk>Is host 53 crapping out? Seems like it has gone down frequently over the last few weeks
08:00<Spads>npmr: thanks again for The chapter named "The static hosts database" helped me play horrible horrible games to make "hostname" and "hostname -f" return wildly different values so I could punch userdir-ldap in the nuts.
08:09|-|xinu [] has joined #linode
08:09<npmr>is this some canonical thing?
08:10<Spads>it's a debian thing
08:11<Spads>and canonical has counterparts for much of the debian infrastructure
08:11|-|internat [] has quit [Quit: This computer has gone to sleep]
08:12|-|Kurt [] has joined #linode
08:13[~]xinu can't ping host53
08:17|-|fredy [] has joined #linode
08:18<fredy>host53 status?
08:19<Spads>13:53 <n9urk> is host53 down?
08:19<Spads>13:55 <erikh> yes
08:19<Spads>13:55 <erikh> you aren't the only one wondering when it'll come back up ☻
08:19<n9urk>Is there a way to remove a job from the queue?
08:20<npmr>let it finish
08:21<n9urk>imagine that
08:21<npmr>or get an admin to remove it
08:21<Spads>allowing users to remove selected items from the queue would be a security risk
08:21<Spads>consider the multiple stages of amigration, etc
08:27|-|internat [] has joined #linode
08:38|-|linbot [] has joined #linode
08:39<fredy>host53 is finally back online.
08:43<Spads>linbot: lol
08:44|-|erikh_ [] has joined #linode
08:44<erikh_>die CGI::IRC client, die!
08:46|-|erikh [] has quit [Quit: CGI:IRC (Ping timeout)]
08:50|-|fredy [] has quit [Quit: Chatzilla 0.9.75 [Firefox]]
09:02|-|erikh_ changed nick to erikh
09:03<npmr>does anyone in the entire world send legitimate email from the .biz tld?
09:07<n9urk>other MLM?
09:08|-|Kurt changed nick to Kurt|Hard
09:11<@mikegrb>mmm cake
09:30<erikh>it's 2>&1, silly.
09:31[~]taupehat goes back to bed
09:32<taupehat>wait - you mean backgrounding the output isn't going to help it get logged?
09:32<erikh>that's what nohup is for
09:33<taupehat>backgrounding the fact that it's outputting to a file somewhere named "1"
09:33<erikh>ooh, that reminds me
09:33<erikh>I wanted to hack on opmonkey this weke.
09:37<ximbiot>that's like a wiki, only a bit weaker.
09:45|-|Kurt|Hard [] has quit [Quit: Gang rape: democracy in action]
09:47|-|kokoko [~Vampire@] has quit [Ping timeout: 480 seconds]
10:02|-|phlaegel [] has quit [Ping timeout: 480 seconds]
10:06|-|rko_ [] has joined #linode
10:55|-|Kurt [] has joined #linode
10:56|-|konoko [] has joined #linode
11:40|-|kokoko [~Vampire@] has joined #linode
11:46|-|okokok [] has joined #linode
11:47|-|konoko [] has quit [Ping timeout: 480 seconds]
11:54|-|kokoko [~Vampire@] has quit [Ping timeout: 480 seconds]
12:03|-|spr [] has joined #linode
12:13|-|afv-13 [] has joined #linode
12:21|-|wg4389 [] has joined #linode
12:21|-|Dreameer3 [] has joined #linode
12:21|-|wg4389 changed nick to blake
12:26|-|Dreamr3 [] has quit [Ping timeout: 480 seconds]
12:34|-|Battousai [] has quit [Quit: Leaving]
12:41|-|Ciaran [] has quit [Quit: Leaving]
12:59|-|Battousai [] has joined #linode
13:13|-|spendy_jon [] has joined #linode
13:13|-|xinu [] has quit [Quit: CGI:IRC (Session timeout)]
13:17|-|spendy_jon [] has left #linode []
13:17|-|spendy_jon [] has joined #linode
13:17|-|spendy_jon [] has quit []
13:19|-|phlaegel [] has joined #linode
14:37|-|linville [] has quit [Ping timeout: 480 seconds]
14:39|-|blake [] has quit []
14:48|-|Netsplit <->, quits: jcm, anderiv, ximbiot, cout, Spads
14:48|-|cmurphy [] has joined #linode
14:48|-|Netsplit over, joins: ximbiot
14:48|-|Netsplit over, joins: Spads
14:48|-|Netsplit over, joins: anderiv
14:48|-|Netsplit over, joins: jcm
14:48|-|Netsplit over, joins: cout
14:49|-|mode/#linode [+nt] by ChanServ
14:49<cmurphy>Hello, is there someone here that I can talk to about billing and such?
14:49<brocktice>Sure, what's your credit card number?
14:50|-|cmurphy [] has quit []
14:51<anderiv>hehe - nice work :-)
14:51<brocktice>I would have been happy to discuss billing and such.
15:05|-|linville [] has joined #linode
15:07|-|ndap [] has joined #linode
15:17|-|Kurt [] has quit [Ping timeout: 480 seconds]
15:29|-|jcm_home [] has joined #linode
15:29|-|jimcooncat [] has joined #linode
15:29[~]jcm_home is getting high IO latency at the moment.
15:30|-|jekil [] has quit [Ping timeout: 480 seconds]
15:30<jcm_home>verging on the rediculous.
15:31<jcm_home>Lots of processes getting stuck in IO. Linode host 23.
15:31<jcm_home>Getting better now, but someone's VM is going nuts (not me)
15:32<rko_>do this:
15:32<rko_>cat /proc/io_status
15:32<jcm_home>I already did.
15:32<jcm_home>I know it's not me.
15:32<rko_>and paste results here?
15:33<jcm_home>io_count=5939840 io_rate=7 io_tokens=399983 token_refill=512 token_max=400000
15:33<jcm_home>I've read caker's patches, indicating so long as I have sufficient io_tokens, I should be fine.
15:34<jcm_home>It's *not me*
15:34<rko_>what does say as the system load for your host?
15:34<jcm_home>Ah, I didn't know I could query that. Checking...
15:34<rko_>you know the page when you login
15:34<rko_>it's on right column bottom
15:35|-|rko_ changed nick to rko
15:35<jcm_home>looking up login...
15:36<jcm_home>It's saying medium.
15:36<jcm_home>ah, graphs.
15:37<jcm_home>Like I said, I don't think it's CPU. I *do* think the host is in a swapping frenzy or otherwise having IO issues.
15:37<rko>open a ticker :-)
15:39<jcm_home>does seem much better now. weird.
15:40<rko>someone ran out of tokens :-)
15:48|-|Kurt [] has joined #linode
15:52<jcm_home>hmmm. I guess.
15:53|-|jcm_home [] has quit [Quit: leaving]
16:08<linbot>New news from forums: Ip address required? in Email/SMTP Related Forum <>
16:24|-|sonorous [] has quit [Quit: leaving]
16:27|-|Zymurgy [] has quit [Read error: Connection reset by peer]
16:27|-|Zymurgy [] has joined #linode
16:39|-|n9urk [] has quit [Quit: Ex-Chat]
16:40|-|linville [] has quit [Quit: Leaving]
16:48|-|FireSlash [~FireSlash@] has joined #linode
17:08|-|afv-13 [] has quit [Quit: leaving]
17:12|-|afv-13 [] has joined #linode
17:17|-|afv-13 [] has quit []
17:19|-|afv-13 [] has joined #linode
17:20|-|afv-13 [] has quit []
17:21|-|afv-13 [] has joined #linode
17:21|-|afv-13 [] has quit []
17:22|-|jekil [] has joined #linode
17:23|-|afv-13 [] has joined #linode
17:24|-|afv-13 [] has quit []
17:35|-|Spads [] has quit [Read error: Operation timed out]
17:36<fo0bar>afv-13: having fun?
17:48|-|ndap [] has left #linode []
17:51<FireSlash>Hmm... pure-ftpd is crashing with no error/log.... yaaay
17:52|-|spr [] has quit [Quit: "Ah, the bounce has gone from his bungie"]
17:54<internat>does it have a debug option?
17:55<FireSlash>I don't know
17:56<FireSlash>Didn't fix it
17:56<FireSlash>(There goes my hawt uptime)
17:56<FireSlash>li-253:~# pure-ftpd
17:56<FireSlash>Unable to start a standalone server: Address already in use
17:57<FireSlash>li-253:~# netstat -ap | grep "ftp"
17:57<FireSlash>tcp 0 0 *:ftp *:* LISTEN 958/inetd
17:58<FireSlash>From inetd.conf: ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper
17:58<FireSlash>(no other entries for ftp)
17:59<FireSlash>So, I'd assume that inetd process is really pureftpd.
17:59<FireSlash>Resolving host name
17:59<FireSlash> Connecting to ( -> IP: PORT: 21
17:59<FireSlash> No connection could be made because the target machine actively refused it.
18:01<warewolf>is there a particular reason you're using pureftpd?
18:01<warewolf>vsftpd and proftpd are commin alternatives that support tcpwrappers, and do not require inetd.
18:02<warewolf>is there a particular reason you're using inetd?
18:02<FireSlash>I'm just used to pureftpd. I've used it for a long time, its fairly simple and is secure. I use what I trust.
18:02|-|sonorous [] has joined #linode
18:03<FireSlash>inetd for the same reasons. Some other intarweb services use it as well
18:03<warewolf>pureftpd appears to support running standalone; and it may have tcpwrappers support built into it.
18:03<warewolf>I would suggest not using inetd.
18:05<warewolf>and no, that inetd process is inetd, not pureftpd.
18:05<FireSlash>Well, the process is there then.
18:05<FireSlash>But its refusing connections
18:06<warewolf>from your cut'n paste, it appears to be bound to all interfaces
18:06<warewolf>on the box, what happens if you 'telnet localhost 21' ?
18:06<FireSlash>Hmm. Connects.
18:06<FireSlash>I already doublechecked firehol's config
18:06<FireSlash>And restarted it
18:07<warewolf>then it's your firewall
18:07<warewolf>examine 'iptables -nxvL --line-numbers | grep 21'
18:08<warewolf>in general, I find firewall scripts like smoothwall/firehol troublesome. I prefer to write my firewall rules from scratch. It's a learning experience, and you don't end up allowing things you shouldn't.
18:11<warewolf>what the crap
18:11<warewolf>did you use --line-numbers?
18:12<warewolf>indulge me, 'iptables --nxvL | wc -l' and paste the number in here?
18:12<warewolf>I'm guessing it's sometihng over 40.
18:12<FireSlash>449 :>
18:12<warewolf>maybe even in the hundreds
18:12<warewolf>holy shit
18:12<warewolf>dude, that is absurd
18:13<warewolf># iptables -nxvL| wc -l 73
18:13<warewolf>that pasted wrong
18:13<warewolf>my firewall (which is probally just as secure) is 73 lines long
18:14<warewolf>there are a couple problems with your firewall
18:14<warewolf>1) it doesn't use the RELATED ctstate matching
18:14<FireSlash>Maybe I should trim my firehol config a bit. Or run less services
18:14<FireSlash>Or both
18:14<warewolf>2) it trys to make up for it by doing the "right" thing (for a perfect world) by only allowing certian source ports to reach certian destination ports.
18:15<warewolf>want to know what I would suggest you do?
18:15<FireSlash>I'm not writing my own iptables rules. Don't even suggest it
18:15<FireSlash>That would take days for this config
18:15<warewolf>can you explain your current problem?
18:16<warewolf>learn iptables.
18:16<warewolf>the rules you nopasted show that they saw zero traffic
18:16<warewolf>which means that something is dropping the traffic before you reach those rules.
18:16<FireSlash>Its probably not firehol's fault
18:16<FireSlash>Because iptables ignores connections
18:16<FireSlash>this is refusing them
18:17<warewolf>you're not entirely correct, but you're walking down the correct path.
18:17<FireSlash>Its a different behavior
18:17<warewolf>iptables can make ports that are open appear to be closed (eg, connection refused)
18:17<warewolf>I've done it before :)
18:18<warewolf>seriously, run iptables -nxvL > firewall.txt, read it, read the iptables man page, and see how horked up it is.
18:18<FireSlash>Well, firehol is not configured to do this. nor can it, without a long string of configuration that I didn't bother to set up (since its silly)
18:18<warewolf>if you tell me what sort of services you run I'll write you a template iptables config
18:18<warewolf>just to give you a head start
18:19<FireSlash>I'll pass. I don't use anyone's config. If I don't understand every line, I don't use it. :P
18:19<warewolf>then. read. the. iptables. man. page.
18:19<warewolf>educate yourself.
18:20<internat>u know thats kinda contradictory
18:20<internat>u dont understand everyline of the config that firehole has generated for you either..
18:20<FireSlash>In the interest of science
18:20<FireSlash>I stopped firehol
18:20<FireSlash>NO FIREWALL, OH NOES
18:20<FireSlash>I verified it still accepted traffic
18:20<internat>i dont run a firewall on my node..
18:20<FireSlash>Then I tried ftping in
18:21<FireSlash>Same result
18:21<FireSlash>So, its not firehol. GG.
18:21<warewolf>fireslash- we verified that the loopback interface works
18:21<warewolf>fireslash- try telneting to port 21 on whatever the IP address is of your eth0
18:21<warewolf>or whatever IP you FTP to from the outside, but do this from the linode itself.
18:22<warewolf>fireslash- with a 'stopped firehol' can you nopaste 'iptables -nxvL'?
18:22<warewolf>it should be similar to this:
18:22<warewolf>Chain INPUT (policy ACCEPT 6144 packets, 1950885 bytes)
18:23<warewolf>Chain INPUT (policy ACCEPT 6144 packets, 1950885 by pkts bytes target prot opt in out source destination
18:23<warewolf>Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
18:23<warewolf> pkts bytes target prot opt in out source destination
18:23<warewolf>Chain OUTPUT (policy ACCEPT 9668 packets, 983452 bytes)
18:23<warewolf>if it's not, you have a problem.
18:23<warewolf> pkts bytes target prot opt in out source destination
18:23|-|jekil [] has quit [Ping timeout: 480 seconds]
18:24<internat>err the packets arent even making it to iptables
18:25<FireSlash>Hadn't had any traffic then. firehol restarted iptablews
18:25<internat>how are u connected via lish?
18:25<FireSlash>magic. (Lish)
18:25<internat>that would explain that
18:26<internat>tell me, can u ping out from ur linode?
18:26<FireSlash>With the firewall on or off, eveyr service works fine
18:26<FireSlash>Except ftp
18:28<FireSlash>Also, for good measure, I tried stopping inetd and starting firehol as a standalone server... same results.
18:29<internat>can u configure ur ftp server to run as a daemon rather then through inetd?
18:29<FireSlash>I just did.
18:31<internat>did that fix anything?
18:34<internat>thats some wacky problems your having
18:35<warewolf>fireslash- can you connect to port 21 with pureftpd running standalone?
18:36<FireSlash>220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
18:36<warewolf>ok good
18:36<warewolf>now 'telnet 21' do you get the same?
18:36<warewolf>on the linode itself again
18:37<FireSlash>Thats a no.
18:37<warewolf>is your interface up?
18:37<warewolf>eg, eth0 ?
18:37<warewolf>are you using the correct IP address?
18:37<FireSlash>Well, if it isn't, I sure don't know how I'm getting my website :)
18:38<erikh>netstat -al | grep 21
18:38<erikh>run that
18:38<warewolf>do you have multiple IP addresses on your linode?
18:38<warewolf>run the netstat
18:38<warewolf>netstat -lanp | grep 21 may even be better
18:39<erikh>if you see a line that says *:21 .... LISTEN
18:39<warewolf>erikh: he had that before, bound to all interfaces
18:39<erikh>then you shouldn't be having trouble with ftp
18:39<FireSlash>Hmm, thats cute.
18:39<FireSlash> <-- Hawt
18:39<erikh>oh, you're using iptables?
18:40<warewolf>no, he's using firehol.
18:40<warewolf>he prefers not to know the ins-and-outs of iptables.
18:40<warewolf>erikh: my thoughts exactly.
18:40<erikh>iptables is a POS, but you should learn it if you're goign to build a firewall on linux.
18:40<FireSlash>Eh. It works.
18:40<warewolf>no, it doesn't.
18:40<FireSlash>We've concluded its not the issue anyway
18:40<erikh>FireSlash: actually, apparently it isn't.
18:41<erikh>your server is operating fine
18:41<erikh>your filter is definitely in the way.
18:41<erikh>or you have a tcp wrappers issue.
18:41<warewolf>tcpwrappers won't block like that
18:41<FireSlash>Right now I have no firewall effectively.
18:41<FireSlash>I brought it down for testing
18:41<warewolf>tcpwrappers accepts the connection, and immeditaely terminates it if hosts.allow/deny say no
18:41<FireSlash>So, its not firehol; iptables is running in "OMG HAX ME" mode :P
18:42<warewolf>tcpwrappers cannot cause 'connection refused'.
18:42<erikh>ah yeah, no drop method
18:42<erikh>err, reject
18:42[~]erikh tired
18:43<warewolf>FireSlash: 1) learn iptables. 2) make pureftpd run standalone. 3) learn tcpdump. 4) use tcpdump over lish to see if the traffic is even *reaching* your linode. 5) check your ifconfig. 6) go to step #1.
18:44<warewolf>when I've been asking you to connect to your linode's ip address I hope you have been, and have not been using a domain name instead.
18:44<erikh>FireSlash: I got in just fine
18:44<erikh>check your process list.
18:44<FireSlash>warewolf, I'm not that dumb :X
18:44|-|jcm_home [] has joined #linode
18:45<jcm_home>argh. Someone is hammering that box again.
18:45<warewolf>erikh: as did I.
18:45<jcm_home>Takes about 30 seconds to type something.
18:45<FireSlash>Process list looks clean. I've stopped everything thats unusual and not system critical... so I've got: ulogd, cron, apache/apache2, bash, pure-ftpd, and, uh, ps :)
18:46<erikh>FireSlash: humor me, what does iptables -L say?
18:46<jcm_home>caker: ping
18:46<warewolf>erikh: check your scroll back.
18:46<erikh>warewolf: sorry, will do
18:46<warewolf>erikh: we've been over this :) PEBKAC.
18:47<FireSlash>Its not the firewall. Its not pure-ftpd
18:47<FireSlash>What does that leave?
18:47<internat>pebkac? :P
18:47<warewolf>honestly? You. And the external host you're testing from.
18:47<jcm_home>Is there anyone from linode here who can kill the person abusing host23 tonight?
18:48<FireSlash>warewolf, Except I can't connect via the ip from lish
18:48<internat>do u mind telling us ur ip?
18:48<warewolf>he already did
18:48<warewolf>and erikh and I connected just fine
18:48<internat>my bad
18:48<FireSlash> <-- You can connect to this?
18:48<warewolf>yes. on port 21.
18:48<warewolf>just fine.
18:48<warewolf>Connected to
18:48<warewolf>Escape character is '^]'.
18:48<warewolf>220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
18:48<warewolf>220-You are user number 2 of 50 allowed.
18:49<internat>broken:/home/nf# ftp
18:49<internat>Connected to
18:49<internat>220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
18:49<Battousai>black magic!
18:49<internat>pebkac indeed
18:49<FireSlash>Actually, that'd be a problem with my system
18:49<Battousai>someone wanted to add that as a gentoo bugzilla resolution
18:49<FireSlash>Starting with the fact that I'm on windows currently because I broke kwin and am downloading rpms to fixx0r it :/
18:50<FireSlash>C:\WINDOWS\system32>telnet 21
18:50<FireSlash>Connecting To not open connection to the host, on port 21: C
18:50<FireSlash>onnect failed
18:50[~]jcm_home thinks UML really wants a decent IO scheduler. io_status patch hacks don't prevent peak spikes.
18:50<warewolf>19:47 < warewolf> honestly? You. And the external host you're testing from.
18:50<Battousai>must be some kinda crazy outbound firewall
18:50<FireSlash>Battousai, Windows firewall?
18:50<FireSlash>Oh, wait
18:51<FireSlash>WINDOWS firewall
18:51<internat>jcm_home, from memory xen has a better way of dealing with io scheduling
18:51<internat>so io_status wont be a huge thing
18:51<jcm_home>Yes. It does. Are they planning an upgrade soon?
18:51<jcm_home>I know there's WiP.
18:52<Battousai>it's still in public beta
18:52<Battousai>"when it's ready" probably
18:52[~]jcm_home does lots of Xen testing at work. I'm very pleased with it.
18:52<internat>awsome. i cant wait for xen, ive hurd promising things
18:52<jcm_home>I run a bunch of colo servers I'm about to Xenify. I just have accounts with linode/bytemark to have something I don't have to manage :-)
18:53<FireSlash>Battousai, Will all hosts be converted to Xen, or will it be an additional charge?
18:53|-|Kurt [] has quit [Ping timeout: 480 seconds]
18:53<jcm_home>It's a bit of a PITA when some idiot hogs the IO on the host I'm running on.
18:53<Battousai>bit by bit, it'll be a complete migration
18:53<Battousai>not all instantly though
18:53<internat>from what we are told they are going to phaze out UML entirely
18:54<jcm_home>UML is dead. It's a pain in the arse to manage. Been there.
18:54<FireSlash>I want Xen FreeBSD, but I don't think its gonna happen :(
18:54<internat>cant you run freebsd in xen?
18:54<jcm_home>There's are Xenified BSDs out there. I think there's a FreeBSD port.
18:54<erikh>I want Xen FreeBSD too. :)
18:54<Battousai>i want xen wfw 3.11
18:55<jcm_home>Are linode running paravirt or upgrading hardware too?
18:56[~]jcm_home is about to just give up on getting anything done tonight.
18:58<FireSlash>Well.... I'mma go fix kwin now... thanks for helping. Its probably time for XP's annual format anyway :P
18:58|-|FireSlash [~FireSlash@] has quit [Quit: Leaving]
18:59<jcm_home>$ time curl
18:59<jcm_home>real 0m58.123s
18:59<jcm_home>user 0m0.020s
18:59<jcm_home>sys 0m0.008s
19:00<jcm_home>It's taking *1 minute* to retreive a single page of text from the apache2 on my VM. Clearly someone is eating IO on host23. Is there nobody from linode here?
19:02<internat>have u loged a ticket
19:03<jcm_home>Yes, I have logged a ticket.
19:03<internat>they get paged when a ticket is logged AFAIK
19:03<internat>so in theory someone will be here shortly
19:04<jcm_home>It's simple enough. Someone is doing something stupid on host23. Either it's serving warez or it's slashdotted, or whatever. But it's just overwhelmed.
19:04<internat>there probably swap thrashing.
19:05<jcm_home>Indeed. That's what I suggested as the likely cause.
19:05<jcm_home>However, that shouldn't happen if they're not overcommitting VM.
19:06<jcm_home>If it really is swapping madly, someone needs to read some documentation.
19:06<jcm_home>specifically about /proc/sys/vm/overcommit_* tunables.
19:07[~]jcm_home hates being the powerless user :-) I'd have fixed it by now...
19:08<erikh>dunno. normally when I'm on their end of the equation, sleep is very important to me.
19:09<jcm_home>Overall, I'm happy with linode service. Bytemark doesn't seem to have these load issues, but they also don't have such a polished service in other respects.
19:10<jcm_home>The goal is to remove dependency on machines I have at home on DSL, since I'm about to leave the country permanently.
19:10<internat>yeah.. i didnt like hosting at home since my isp blocks port 80 and 25
19:11<jcm_home>I don't host at home. However, I have direct SMTP mail delivery at home and I needed to fix that.
19:11<internat>fair enuff
19:12<jcm_home>I need to guarantee mail availability, so everything has to be duplicated. Hence, I have a bunch of VMs that mail is synchronized on.
19:12<jcm_home>Mail is delivered in the US and the UK, then through cross-mounted NFS-over-VPN magic and some scripting, I keep a consistent maildir shared.
19:12<internat>yeah i have to work out how to do redundancy for web/mail.. having a backupmx is well and good but if server1 goes down, i still cant access that mail
19:13<jcm_home>Once I can get custom kernel modules built for my VM, I'll have a distributed filesystem, but this hack works for now.
19:14<jcm_home>I used to have a hack that just copied mail. Now I preserve meta data too so I don't need to worry about whether I have read/replied to mail.
19:14<jcm_home>There's a mini-writeup of this mail setup at
19:16<jcm_home>ok. Now I have an interactive shell again but it's taking a long time to fork new processes, that's still better though.
19:18<jcm_home>What's interesting is that I seem to have 40K hits to my blog this week. Weird.
19:19<internat>lol awsome
19:19<internat>uve been slashdotted!
19:19<internat>its ur node thats taking everyone down!
19:19<jcm_home>Heh. That's not on a UML box - I'm not that mean :-)
19:20<jcm_home>I run a couple of colo boxen in London. We're 1 hop away from LINX on insane bandwidth. But I don't like to rely on being able to keep that up constantly so I have VMs for mail :-)
19:21<jcm_home>We're spending about $200/month between a few of us.
19:21<jcm_home>Debating about dropping one box and getting a Xen host from
19:23<internat>wtf is VAT?
19:24<jcm_home>Value Added Tax. A state tax on goods and sales.
19:24<jcm_home>sales tax, effectively.
19:24<internat>oh nasty
19:24<jcm_home>Quite a popular term in the UK/parts of Europe.
19:24<jcm_home>17.5% too...
19:24<internat>i like the ammount of hdd space they give you, but i dont quite like the price :P
19:25<internat>and the fact that you have to email them for all ur config
19:25<jcm_home>UK prices are nasty. We're 39 times smaller than the US and have to have insane TAT transatlantic traffic.
19:25<jcm_home>* 38 times smaller actually
19:26<jcm_home>I'm looking forward to moving to the US, mostly because my cost of living will fall.
19:26<jcm_home>(and for other more valid reasons too)
19:27<jcm_home>Oh, you're in Oz. Ignore me, your bandwidth is insanely expensive too.
19:27<internat>u should see how much it is to even ATTEMPT to host here
19:27<jcm_home>IIRC, they have a lot of metered DSL in Au.
19:28<jcm_home>I will eventually make it to LinuxConf...
19:29<jcm_home>You're actually near Brisbane or just using that IRC server?
19:30<internat>i live about 20mins from brisbane
19:30<jcm_home>The company I work for have some hosting in .au, but I think they run that themselves :-)
19:30<jcm_home>(in Brisbane)
19:30<internat>well half metered dsl
19:30<jcm_home>Oh, it's metered in one direction?
19:30<internat>u get full speed for like a specified ammount of data, then u get capped to some rediculas rate like 64kbs
19:30<jcm_home>or for certain protocols?
19:31<internat>and yes, most are only metered in download
19:31<jcm_home>They're doing that here for AOLpeople who just don't know any better (or need to, frankly).
19:31<internat>but there is a lot of use of pipe thoughtout australia
19:31<internat>if your lucky enough to be on an isp that is connected to pipe that is
19:32<jcm_home>I'm looking at Speakeasy in the States. Seems like the least worst evil for Boston DSL. I need static IPs, a subnet and reasonably clueful service.
19:32<internat>ah ok
19:32<internat>*cringes* i need to do my tax soon
19:33<jcm_home>Here, I get choice. Friends run companies like Blackcat and I can get DSL from them and physically know where in what rack the connection terminates. In the States, it does seem much harder to get clueful locally run DSL.
19:33<jcm_home>*cringes* I need to do my bi-lateral US/UK tax treaty arrangements soon.
19:33<warewolf>20:30 < internat> i live about 20mins from brisbane
19:33<warewolf>I parsed that as bristlebane
19:33<warewolf>which is almost a WoW reference
19:34[~]jcm_home is going to find out if I need to pay my student loan once I move. It's a state provided loan that comes out of your UK wages automatically at source, but I'm only obligated to pay if I earn money in the UK...
19:35<internat>yeah we have that in australia
19:35<jcm_home>I so need to get a creative tax person to look at this for me :-)
19:35<internat>if i leave australia i dont have to pay it back, but as soon as i come back i have to start paying again
19:35<jcm_home>*exactly* the same.
19:35<jcm_home>It's inflation linked at the base rate, so it's not high interest.
19:36<jcm_home>Since I've never actually claimed any state benefits, went to a private school, and all that jazz. I don't feel guilt :-)
19:39<jcm_home>Brisbane sounds like a fun place to vacation. I've seen some cool videos from guys in the office.
19:39<jcm_home>internat: is there an internet exchange locally where you can colo?
19:40<internat>well not that i know of
19:40<jcm_home>hmmm...there must be some somewhere :-)
19:41<internat>probably one of telstras dc's but the cost of that would be huge
19:42<internat>yeah telstra have one but they wont tell you the price online
19:44<jcm_home>It *amazes* me that nobody's yet blown up one of the major peering centers. I mean, most of these places don't inspect the contents of colo boxen.
19:44<internat>*kicks his desktop hard*
19:44<internat>ssssh they dont know that
19:44<jcm_home>That's basically it. It's basically security by lack of the bad guys knowing how it really is.
19:45<jcm_home>If I ran a center, I'd go nuts with security :-)
19:45<jcm_home>Nobody would get anything done :-)
19:48<jcm_home>reading mail is so painful on this box, it's funny.
19:49<jcm_home>that VM box. I'm using it for IMAP at the moment.
19:49<internat>did u write ur own kernel modules that u want to use to sync the file systems?
19:49<jcm_home>I was thinking about setting it up to do SMTP auth too tonight but it's so slow that it takes about 5 minutes to restart exim.
19:51<jcm_home>Nope. I want to use Lustre.
19:53<jcm_home>I plan to build a global filesystem with nodes in Europe and North America that can host my mail and personal data.
19:54<jcm_home>But it'll need to wait until I can get the right software on every node.
19:55<jcm_home>I shouldn't have to worry about sshing into machines, I should just be able to mount a filesystem from my laptop and draw on geo-diverse redundancy of data.
19:55<jcm_home>Basically because I can, there's no valid reason.
19:58<jcm_home>I was looking at writing a distributed filesystem as part of my final year University project, but there wasn't time :-)
20:00<internat>that would be kinda kewl
20:00<jcm_home>I started work on yet another microkernel, but didn't get too far.
20:01<jcm_home>I could boot and semi-run tasks. Not even a shell :-)
20:03<jcm_home>My interest is in process-level forward error recovery. i.e. not failover, but instant migration and resumption on another node.
20:03<jcm_home>If I did a PhD, that would be the area of interest.
20:03<internat>that sounds challanging
20:03<jcm_home>HA/failover shit is too 20th century. And actually, some of the Xen researchers are looking at this stuff.
20:04<internat>it would definatly be benificial for en
20:04<jcm_home>I want to be able to start some crappy 80s electropop playing on this box, pull the power and have it instantly resume on another box.
20:05<jcm_home>clearly, that's all that matters.
20:05<internat>im assuming that would mean that all prehandling etc would have to be started on the other systems?
20:05<jcm_home>That A-Ha's Superior Techno Remix doesn't stop playing.
20:05<internat>ie they would have to have copies of the datasets etc
20:05<jcm_home>That's easy, you just have a clustered filesystem!
20:06<jcm_home>Only people I know who can do this stuff today are Wall St. types.
20:06<jcm_home>And clearly we need to bring 80s electropop to the masses.
20:07<internat>oh ofcourse
20:07<internat>oh it shitsme that i cant access microsoft db's on my mac.. GRRR
20:08[~]jcm_home uses those to pull out M$hite databases.
20:08<jcm_home>I loved those leaked M$ training videos they did. Funny.
20:08<internat>yeah but then i have to stick it into something else
20:08<jcm_home>( still has them)
20:09<internat>yeah i dont want to do that, i just wanna read whats in the db :P
20:09<jcm_home>If they're not filled with lots of stored queries (can Accesshite even do those?) and other nutticisms.
20:09<jcm_home>mdbtools just gives you flat text files.
20:10<internat>hmms i think im going to have to go downstairs and do a physical cable copy grr
20:10[~]jcm_home cheats by living on the ground floor.
20:11<jcm_home>'s a bit better now. Only takes 2 minutes to copy a file from my VM. Better than carrier pigeon.
20:12<internat>only just
20:12<jcm_home>Oh, I'm pretty sure it'd take a while to get from Fremont to London.
20:12<internat>nah,, new super pigeons
20:12<jcm_home>I don't know the maximum range of carrier pigeons. They might need to do in-air refueling.
20:13[~]jcm_home pictures an automated seed dispenser...
20:13<internat>patents that idea
20:13<jcm_home>With a boom to distribute the seeds. You get a bigger bird to deploy the boom and deliver the seed feed mid-Atlantic.
20:13<jcm_home>"Inspired by actual events"
20:14<jcm_home>Oh, I lied, copy not finished yet. It's copying about 4K at a rate of around 10bytes/second.
20:15<jcm_home>like I said, something is up with host23.
20:15<jcm_home>I wish they had a better way to notify them :-)
20:16<jcm_home>(a hammer might help fix this situation)
20:17<jcm_home>when carefully applied to the right location...
20:17|-|internat [] has quit [Read error: Operation timed out]
20:19<jcm_home>well, indeed.
20:19<jcm_home>s/\/location\/person\/s\/location\/person\/g/ # tautology.
20:20[~]jcm_home does a quick backup in case VM go boom in the night.
20:20|-|internat [] has joined #linode
20:20<internat>hmms that didnt work too well
20:21<jcm_home>don't unplug it then :-)
20:21<internat>where were we.. tcp over pigeon?
20:21[~]jcm_home is actually doing something more amusing for April 1.
20:21<jcm_home>I've got a plan for IP over Pizza. Look out for it.
20:21<jcm_home>Transatlantic. Though I could be tempted to do Trans-pacific too.
20:22<internat>slashdot it for april 1
20:22<jcm_home>The idea is that each party call up a pizza company in the other's location and order the pizza. The datagrams are encoded toppings. I'm going to work on a Linux implementation for next April.
20:22<jcm_home>That's the plan.
20:22<internat>oh nastty
20:23<jcm_home>I get to make a side point about steganography (that always gets /. nutjobs going...) and information hiding.
20:23<jcm_home>I met Malda a while back, he was exactly as I expected, shall we say :-)
20:23<internat>oh ok
20:24<jcm_home>"Hey dudz! I'm so l33t! Look! I can write perl! Now let me tell you what you're going to do..."
20:25<jcm_home>He didn't say that, but that's the /. mentality.
20:25<jcm_home>Hemos is clueful, so are one or two others.
20:25<jcm_home>but that's about it
20:25<internat>yah for remote desktop
20:25<internat>turning my mac into a pc!
20:26<jcm_home>I thought that's what Macbooks were for.
20:26<jcm_home>It's not a PC. They just had to put Mac in the title to remind you, though.
20:26|-|maher [] has joined #linode
20:26[~]jcm_home bought a new Powerbook right before the switch to Intel.
20:27<maher>OT: is anyone else on cox in the midwest us? i'm getting 8% packet loss - is this normal?
20:27<jcm_home>I've now got 2 PBs and probably 2-3 years to find an alternative.
20:28<maher>oops - wrong window...
20:29<internat>i have a 12" powerbook
20:29<jcm_home>Indeed. I do too.
20:29<internat>1.5ghz, 1.25gig ram
20:29<jcm_home>That's the one.
20:29<internat>i like it.. tho its a little small to code on
20:29<jcm_home>Less RAM though.
20:29<jcm_home>I've got a 15" 667 too.
20:29<internat>yeah i upgraded mine, i was having issues with some graphic work
20:30<jcm_home>I wasn't going to buy the 12" due to the Nvidia graphics chipset, but then ATI stopped being interesting with their u-turn on Linux support.
20:30<jcm_home>This is the first time I've ever bought an Nvidia graphics chipset.
20:30<internat>yeah my desktop runs ubuntu and im having issues with it, which i think come down to the video drivers.. i THINK
20:31<internat>it just locks up when i start playing video..
20:31<internat>of any kind. so im not sure
20:31<internat>it plays the first bit then stops
20:31<jcm_home>locks up? machine dead?
20:31<jcm_home>Probably a bug in what's called the XV extension to
20:32<jcm_home>I think next time, I'll end up buying an Intel laptop solely because they're being the most supportive of Linux right now. Which is annoying, because I've never bought an Intel processor before either.
20:32<jcm_home>everything here is AMD.
20:33<jcm_home>or PowerPC.
20:33<jcm_home>or SPARC :-)
20:33<jcm_home>except for some of the more interesting embedded stuff.
20:34<maher>jcm: ARM rules
20:34<jcm_home>Yeah. I've got a bunch of ARM/Xscale stuff, some mot, some...
20:35<maher>jcm: maybe your next laptop will be ARM :)
20:35<internat>im an amd fan myself
20:35<internat>i dont know whats causing it, but its shitting me to tears
20:35<jcm_home>Largest box I have is a POWER, weirdest are my FPGAs, smallest is probably the STAMP.
20:36<jcm_home>maher: I have a SPARCbook I. An alternative is to buy a newer one before they stop making them.
20:36<jcm_home>Oh, the smallest Linux box is probably the iPod :-)
20:37<maher>jcm_home: nokia make these mini arm mobile web browsers - maybe they'll be more useful in 3 years time...
20:38<jcm_home>I've got a 770. Borrowed it from Ari, the project leader :-)
20:38<maher>jcm_home: they look cute but i dont really have a use for one...
20:38<jcm_home>When I get some time, I'll hack a vlc together for it.
20:39<jcm_home>I've watched live TV on it via realplay mid-Atlantic on Lufthansa planes before.
20:39<jcm_home>I'm thinking about using it to stream MythTV encoded live TV...
20:40[~]jcm_home is working on a system at the moment that'll let me watch BBC News after I relocate. Very important. I am not going to have only Fox/CNN as my news sources.
20:40<jcm_home>I'd probably go even more crazy if that were the case.
20:41<jcm_home>The BBC are planning to do live streaming of News 24 soon, geoIP locked to the UK. That's hardly an issue - easier than running a remote mythtv box.
20:47<internat>i wanna set my ubuntu box up as a media streamer
20:47<internat>so anyone in the house can watch anything that is on it
20:47<internat>either livetv, movies, or mp3s
20:48<jcm_home>I'm hoping that the Internet will eventually lead to democratization of content - there's no reason I shouldn't be able to watch Australian TV, except for money grubbing corporations with their inability to work out sane global licensing of content.
20:50<jcm_home>Anyway, the main thing is living in the US and having access to decent media - of which most of the mainstream doesn't count :-)
20:51<jcm_home>I mean, we get Fox News here. I watch it when I want to feel angry.
20:52<internat>oooh the tv seasons start agian soon!
20:52<internat>hmms i need to go buy me a new kb and some stuff
20:52<jcm_home>"Fair and balanced". Thank goodness for TDS and the Colbert Report - shame that in the US they have to be on a Comedy network...
21:04<internat>oh god
21:05<taupehat>no, really, stupid script, I AM laughing out loud
21:09|-|maher [] has quit [Quit: Client exiting]
21:14<internat>hmms actually it might be a kaffeine problem
21:14<internat>the locking up that is
21:21|-|jcm_home [] has quit [Quit: Lost terminal]
21:31<@mikegrb>oh, host17, not 23
21:32<@mikegrb>helps when people mention the right host
21:32<@mikegrb>seems the only person that would be throttled on that host is him
21:33<internat>err ws that jcm?
21:35<fo0bar>mikegrb: LPM should list if and why you're throttled, to avoid things like that
21:35<@mikegrb>he's being throttled by the available io on the host, not by the limiter
21:38<internat>sorry, when you say the available io, not the limiter, does that mean that he is simply trying to do too much for the host to be able to process, or too much for his share?
21:47|-|jcm [] has quit [Read error: Connection reset by peer]
22:41|-|iamback [] has joined #linode
22:41|-|JavaWoman [] has quit [Read error: Connection reset by peer]
22:59|-|VS_ChanLog [] has left #linode [Rotating Logs]
22:59|-|VS_ChanLog [] has joined #linode
---Logclosed Thu Aug 31 00:00:27 2006