Back to Home / #linode / 2015 / 08 / Prev Day | Next Day
#linode IRC Logs for 2015-08-23

---Logopened Sun Aug 23 00:00:15 2015
00:15<tburke>I've gotten 3 in the last month. fun times. :-)
01:12-!-max-4m [] has joined #linode
01:12<max-4m>how can i add an existing linode user account in accounts and permissions?
01:13-!-mkoskar [] has joined #linode
01:15<dcraig>I don't think you can
01:18<max-4m>so if i want to be a technical contact for 10 different clients', i need 10 different accounts?
01:19<dcraig>sounds right
01:42<Peng>,, ...
02:49<tonyyarusso>Yeah, kinda dumb. At least they allow multiple users?
03:21-!-getsmart [] has joined #linode
03:48-!-sandeep [~sandeep@] has joined #linode
04:14<dcraig>the linodes are grazing peacefully now
04:20<rsdehart>better be
04:39-!-larsdesigns [] has joined #linode
05:01-!-mkoskar [] has quit [Quit: mkoskar]
05:07-!-bonob [~li@] has quit [Quit: WeeChat 1.3]
05:14-!-sandeep [~sandeep@] has quit [Quit: sandeep]
06:04-!-Sputnik7 [] has joined #linode
06:38-!-sandeep [~sandeep@] has joined #linode
07:22-!-larsdesigns [] has quit [Quit: Leaving]
07:53-!-flame786 [~XF@] has joined #linode
07:53<flame786>hello any staff or helper?
07:53-!-max-4m [] has quit [Quit: GNU/Linux*]
07:55<flame786>i want to know if i get a vps and if i need millions of ipv6 what to do?
07:55<HoopyCat>flame786: open a ticket and request a /64?
07:56<flame786>will /64 free?
07:56<HoopyCat>flame786: there's no additional cost, correct
07:58<flame786>love linode <3
08:01<flame786>hoopycat ok when i've got /64 then how would i know what are my millions of ipv6?
08:01<flame786>btw is there option of rdns of ipv6?
08:09<HoopyCat>flame786: it will show you on the Remote Access tab (and they'll probably also say in the ticket)
08:10<HoopyCat>flame786: and yep, just set it up same way you do for legacy IP addresses through the manager
08:11<flame786>rdns for ipv6 from panel?
08:11<HoopyCat>flame786: yep...
08:17<flame786>hoopycat if i want to do different rdns of each ipv6 its the same steps?
08:17<HoopyCat>flame786: yep
08:17<flame786>means /64 will give millions of ipv6
08:17<flame786>im saying can i do each rdns?
08:18<HoopyCat>flame786: may help with that
09:23-!-flame786 [~XF@] has quit [Ping timeout: 480 seconds]
09:54-!-jbower [] has quit [Quit: WeeChat 1.0]
09:56<+linbot>New news from forum: Linux Tips, Tricks, Tutorials • How To Install Centmin Mod Nginx LEMP Web Stack <>
10:49-!-Cromulent [] has joined #linode
11:08-!-therock247uk [] has joined #linode
11:21-!-sandeep [~sandeep@] has quit [Quit: sandeep]
11:22-!-getsmart [] has quit [Quit: Leaving]
12:53-!-JediMaster [] has joined #linode
13:03-!-arby [] has joined #linode
13:03-!-Cromulent [] has quit [Quit: KVIrc 4.2.0 Equilibrium]
13:23-!-googol_ [] has quit [Quit: leaving]
13:24<arby>I can obviously use Linode's DNS resolvers from my Linode. Is there auth'd access to them from off-Linode? I don't _think_ so , but just checking ...
13:27<arby>Heh. Then the followup dnscrypt question "Is Moo ...".
13:28<arby>That's cute the 1st 3- or 4-hundred times ...
13:29<akerl>I wasn't trying to be cute. I'm still trying to figure out what the heck you said
13:30<arby>It would require you to be old enough to have watched Friends ... on TV ... which was that box old folks used before iPhones
13:32<synapt>that comment alone just made you look 14 trying to act 34
13:33<synapt>meanwhile fremont is being a tiddly wink :(
13:33<akerl>A real old folk wouldn't have known what the pocket cally musicy gizmo was called :)
13:34<arby>akerl: s/iPhone/iPod/
13:36-!-marjolein [~Marjolein@2001:981:a22d:1:222:4dff:fe81:c62e] has quit [Quit: Leaving]
13:40<arby>Anyone here have any experience with / opinion re: "OpenNIC" project and the reliability, performance, security etc of their resolvers? Just discovered them myself, reading now ....
13:40<akerl>that's one of the ones that does the "alternate" TLD stuff, neh?
13:42<arby>akerl: Yes ... but not just. They do 'legacy US' domains as well. One difference is that their resolvers can be accessed via dnscrypt. Fyi,
13:42<arby>Which is how/why I found them ...
13:42<akerl>I looked into it a while back, but before I could do any real evaluation of how stable/reliable they are, I realized there wasn't much of value they were offering
13:42<arby>akerl: Was dnscrypt on your reqt's list?
13:43<akerl>It wasn't/isn't, for reasons unrelated to not needing to resolve .fur TLDs
13:44<arby>again, OpenNIC isn't just for your personal, recreational TLDs ...
13:44<arby>or so they say
13:48<akerl>Now I'm reading somebody's article about this idea, and I'm left thinking roughly the same thing I usually do: If you want to use another server rather than google's because you're worried google logs your queries, how does anybody know that opennic doesn't
13:51<arby>Nah, not an issue about using Google. It's an issue of not routing our unencrypted DNS traffic over ATT/Comcast networks. One optioni s of course tunnel it to/thru a Linode. Works fine when you HAVE a Linode. Just exploring alternatives. dnscrypt-proxy provides access to a bunch of dnscrypt'd resolvers. OpenNIC has a bunch. Of course cisco/opendns is there too. TBH, I"ve no sense of which of the 2, for example, is "better" or "Worse".
13:52<akerl>What is the threat vector you're trying to protect against by encrypting that communication?
13:54<arby>akerl: Other than general "snoopiness"? Primarily the sense of well-being and happiness that comes from de-ATT'ing one's self.
13:55<arlen>is this because of the recent att news?
13:55<arby>more srsly, Query Traffic recording, DNS hijack & ad injection/redirection
13:56-!-synapt [] has quit [Read error: Connection reset by peer]
13:56<arby>arlen: No, it's a results of 20+ of being held hostage by AT&T, hating them at the genetic level, and trying to make their heads explode using Vulcan mind control
13:56<arby>not that I'm bitter or anything
13:56<arby>20+ years*
13:56<akerl>Is "Vulcan mind control" another Friends reference?
13:57<arby>akerl: Yes. Yes it is. Go to ComiCon and ask the question. See what happens.
13:59<arby>This ( sounds lovely, but who ARE these people ? ... Cicso/OpenDNS at least are identifiable. The devil you know, or the one you don't?
14:00<akerl>"Freedom From Government Intervention" tehehe
14:05<arby>Yeah, well THAT one ain't getting fixed anywhere anytime soon ... "Freedom from the hosers at AT&T, Comcast, general corporate scum" works for me.
14:06<arby>THough, I'm NOT really sure that's any different that 'govts'
14:06<arby>And yes, 'hosers' is another Friends reference.
14:06<akerl>I just stick to never trusting DNS
14:06<akerl>So far, that's worked well for me
14:07<arby>Ah, an airgapper!
14:08<akerl>No, I *make* DNS queries all the time, in the same way that I swipe my credit card when I get beer at the bar but I also don't trust them to protect my card number
14:10<arby>OMG! you TRUST beef reom ... a BAR?!?
14:10*arby brews his own
14:10<arby>er, from
14:10<arby>beer! lol
14:15<SelfishMan>arby: I have experienced more outages with OpenNIC than they like to admit. My advice is to stay away
14:18<SelfishMan>also, I get violent messages from various admins of that service every time I mention it sucking
14:19<arby>SelfishMan: 'outages' at a single server, or across the entire network. Looking at dnsproxy code right now ... supposed to be round-robin/fallback in here ...
14:19<arby>restelow: "violent" ... better or worse than the typical abuse in here?
14:19<SelfishMan>arby: Things stopped resolving. period. Digging in always showed that their alternate roots took down the resolvers. Bad config and all...
14:20<arby>SelfishMan: recent experience?
14:20<SelfishMan>Last attempt at using them was about a month ago
14:20<arby>hmmm ....
14:20<SelfishMan>but this experience goes back several years
14:20<arby>re-hmmm ....
14:21<SelfishMan>Is it really that hard to install unbound and dnscrypt-wrapper?
14:22<arby>No, not at all. But the issue is encrypting traffic that traverses the ISP's network. If the unbound server is REMOTE to the local LAN's server, then sure -- I can forward dnscrypt'd ...
14:23<akerl>In any case, whether you use a local unbound or a remote unbound or a remote opennic, you have the same issue where on the other side of the resolver is unencrypted DNS and you have to trust that the resolver hasn't been compromised
14:24-!-getsmart [] has joined #linode
14:24<arby>akerl: It's a matter of trust level, that's all. I start with the premise that AT&T & Comcast are pond-scum ... we work up the trust ladder from there.
14:24<akerl>Hence my earlier point about just accepting that dns is designed to not require trust
14:25<SelfishMan>so you install unbound and dnscrypt-wrapper on a remote system you control. That takes those two out of the equation
14:25<SelfishMan>Personally, I just keep a local copy of all the major TLDs zones. Makes life *much* easier
14:26<akerl>SelfishMan: In /etc/hosts?
14:26-!-JediMaster [] has quit [Ping timeout: 480 seconds]
14:26<arby>SelfishMan: Except for single-point of failure ... uptime & reliability of the remote/wrapped server. Nothing's ideal, which is why I'm looking around atm.
14:26<SelfishMan>akerl: Nah, I grep flat text files for the smaller zones, and search MyISAM MySQL tables for the larger zones
14:26<SelfishMan>arby: by two linodes then
14:29-!-softinio [] has joined #linode
14:29<arby>SelfishMan: Yes, there are lots of painfully obvious incremental steps. The best/ideal solution is dnscrypt'd access to a trusted set/infrastructure of public or auth'd redundant NS's. @Linode's DNS would have been perfect. <zombie mode>I trust them</zombie mode>.
14:29<arby>But since not, then ... alternatives exist. None perfect.
14:30<softinio>I have been a linode customer and loyal one for a while ... but am getting the feeling that linode is falling behind what it offers compared to digital ocean. For example DO seems to support CoreOS out of the box, when will linode have this support?
14:30<arby>falling behind? heh ...
14:31*arby waits for the zombie horde to attack
14:31<akerl>CoreOS provided by the provider kindof defeats a lot of the point, unless DO has started offering vendor image support
14:31<akerl>The requirement for a vendor layer or similar config makes it pretty non-trivial for a provider to offer a useful coreos image, especially given that infra would be fairly unique to coreos (not many other distros support that concept like coreos does)
14:36<akerl>If you're looking to deploy coreos, the "hard part" is getting that config layer to match what you want. Getting a coreos image into Linode Images is pretty trivial, and from there you can deploy it a zillion times if you're interested
14:43-!-Sputnik7 [] has quit [Ping timeout: 480 seconds]
14:44<Ttech>softinio: yes, but can you install Windows on your DO?
14:54-!-Sputnik7 [] has joined #linode
14:55-!-softinio [] has quit [Remote host closed the connection]
14:58-!-Jagst3r15 [] has joined #linode
14:59<Jagst3r15>could someone briefly explain to me how manages to use Linode and create clusters of servers like they do? I assume they just have backend scripts that tie in with the Linode API and they just provision accounts to a linode until it reaches capacity then it goes to the new one?
14:59<arlen>you'd have to ask wpengine what their setup is
15:00<Jagst3r15>true, but any vauge idea how they do that?
15:12-!-getsmart [] has quit [Quit: Leaving]
15:12-!-Jagst3r15 [] has quit [Quit: Page closed]
15:16<arby>SelfishMan: fwiw, running tests on the opennic-fvz* servers ... _all_ failing. cisco* and dnscrypt* all "OK". interesting ...
15:23-!-softinio [] has joined #linode
15:23<softinio>Ttech: I wouldn't install windows anywhere :) Got a preference for linux/unix based OSes only
15:46-!-arby [] has quit [Quit: arby]
15:55-!-Cromulent [] has joined #linode
15:59<zifnab>fuck being on call
15:59<zifnab>"The only thing that will send an alert to you this weekend is a box you dont have access to, and someone unplugged idrac. Enjoy!"
16:37-!-softinio [] has quit [Remote host closed the connection]
16:43-!-pyruvate [] has joined #linode
16:49-!-ctpdump [~tcpdump@2607:5300:60:419e:5555:5555:ce5c:c64f] has joined #linode
17:25-!-Sputnik7 [] has quit [Quit: -=SysReset 2.53=-]
17:30-!-timdev_ [~timdev@2600:3c03::f03c:91ff:fe6e:1636] has quit [Quit: WeeChat 1.1.1]
18:01-!-larsdesigns [] has joined #linode
18:05-!-uint32 [] has joined #linode
18:17-!-Cromulent [] has quit [Quit: KVIrc 4.2.0 Equilibrium]
18:18-!-RumpledElf [] has joined #linode
18:42*MajObviousman straightens RumpledElf's hair
18:43<RumpledElf>hey, you'll ruin my adjective
18:43*MajObviousman threatens RumpledElf with a perm
18:43<HoopyCat>MajObviousman is about to get perm-banned, literally
19:18-!-larsdesigns [] has quit [Quit: Leaving]
19:23<HoopyCat>current status:
19:50<+linbot>New news from forum: General Discussion • How to allocate disks is using "Gold Master" image? <>
19:51-!-pyruvate [] has quit [Remote host closed the connection]
19:58-!-pyruvate [] has joined #linode
20:31-!-pyruvate [] has quit [Ping timeout: 480 seconds]
20:33-!-pyruvate [] has joined #linode
20:41-!-pyruvate [] has quit [Ping timeout: 480 seconds]
20:43-!-pyruvate [] has joined #linode
20:58-!-Cromulent [] has joined #linode
21:16-!-pyruvate [] has quit [Remote host closed the connection]
21:16-!-pyruvate [] has joined #linode
21:17-!-pyruvate [] has quit []
22:13<+linbot>New news from forum: General Discussion • aes-ni support in kvm linode <>
22:18<+linbot>SelfishMan: Yo mommas so unpleasant she makes mwalling look like Miss Congeniality. (822:47/22) [mmruo]
22:18<SelfishMan>Blast from the past, yo
22:20-!-Cromulent [] has quit [Quit: KVIrc 4.2.0 Equilibrium]
22:20<staticsafe>that was a fantastic movie
22:58-!-therock247uk [] has quit []
---Logclosed Mon Aug 24 00:00:17 2015