Back to Home / #linode / 2021 / 11 / Prev Day | Next Day
#linode IRC Logs for 2021-11-30

---Logopened Tue Nov 30 00:00:25 2021
01:23-!-fergtm [~fergtm@2806:2f0:51e0:d72:c9b7:a9b1:30e8:516e] has quit [Remote host closed the connection]
01:45-!-fergtm [~fergtm@2806:2f0:51e0:d72:4c1:8d70:fa9c:9d63] has joined #linode
01:45-!-fergtm is "Fernando" on #linode
01:53-!-AugustusCaesar24 [] has joined #linode
01:53-!-AugustusCaesar24 is "Augustus" on #linode
01:54-!-AugustusCaesar24 [] has quit []
02:24-!-g0t [] has joined #linode
02:24-!-g0t is "username" on #linode
02:36-!-yaroot [] has quit [Quit: The Lounge -]
02:40-!-yaroot [~yaroot@2409:12:ac0:2300:680e:dbff:fe1e:4953] has joined #linode
02:40-!-yaroot is "yaroot" on #linode
02:40-!-yaroot [~yaroot@2409:12:ac0:2300:680e:dbff:fe1e:4953] has left #linode []
04:00-!-Mopster [] has joined #linode
04:00-!-Mopster is "OFTC WebIRC Client" on #linode
05:14-!-sebastianos_ [~sebastian@] has quit [Ping timeout: 480 seconds]
05:48-!-sebastianos [~sebastian@] has joined #linode
05:48-!-sebastianos is "Sebastian B" on #ceph #postmarketos-offtopic #postmarketos #linode #fdroid #docker
06:03-!-waltman [waltman@2601:4a:701:4451:e528:a13b:2125:9a32] has quit [Quit: leaving]
06:15-!-waltman [waltman@2601:4a:701:4451:99d9:a56b:921d:3186] has joined #linode
06:15-!-waltman is "= "Walt"" on #linode
06:40-!-ss_ [~oftc-webi@2405:201:a801:1108:71a5:ba83:9d19:3cf6] has joined #linode
06:40-!-ss_ is "OFTC WebIRC Client" on #linode
06:42-!-ss_ [~oftc-webi@2405:201:a801:1108:71a5:ba83:9d19:3cf6] has quit [Remote host closed the connection]
07:38-!-g0t [] has quit [Ping timeout: 480 seconds]
07:44-!-Shentino [~shentino@] has quit [Quit: Leaving]
07:47-!-Shentino [~shentino@] has joined #linode
07:47-!-Shentino is "realname" on #kernelnewbies #mm #linode #tux3
07:47-!-Shentino [~shentino@] has quit [Read error: Connection reset by peer]
07:52-!-Shentino [~shentino@] has joined #linode
07:52-!-Shentino is "realname" on #kernelnewbies #mm #linode #tux3
07:53-!-Shentino [~shentino@] has quit []
07:56-!-Shentino [~shentino@] has joined #linode
07:56-!-Shentino is "realname" on #kernelnewbies #mm #linode #tux3
07:57-!-Shentino [~shentino@] has quit [Read error: Connection reset by peer]
07:57-!-Nishit [~oftc-webi@] has joined #linode
07:57-!-Nishit is "OFTC WebIRC Client" on #linode
07:58<Nishit>Can I pay Yearly?
07:59-!-Nishit [~oftc-webi@] has quit []
08:00-!-Shentino [~shentino@] has joined #linode
08:00-!-Shentino is "realname" on #kernelnewbies #mm #linode #tux3
08:02-!-Shentino [~shentino@] has quit [Read error: Connection reset by peer]
08:14<linbot>Another satisfied customer! NEXT!
08:42-!-Shentino [~shentino@] has joined #linode
08:42-!-Shentino is "realname" on #kernelnewbies #mm #linode #tux3
08:48<Nivex>I was one of the last holdouts on yearly :)
09:07-!-anomie [] has joined #linode
09:07-!-anomie is "Anomie" on #linode
09:07-!-g0t [] has joined #linode
09:07-!-g0t is "username" on #linode
09:23-!-linville [] has joined #linode
09:23-!-linville is "John W. Linville" on #linode
09:24<@pwoods>There were a lot of holdouts who kept doing the prepaid model.
09:56<jkwood>I liked the prepaid model
09:56<jess>i can pay planchkly
09:56<jess>i can pay planckly
09:57<Robdgreat>how do you divide your money that small?
09:57<jess>very small saw
09:57<Robdgreat>coming soon: femtotransactions
09:58<Robdgreat>dafark is up, jkwood
10:03-!-newbie2021 [] has joined #linode
10:03-!-newbie2021 is "OFTC WebIRC Client" on #linode
10:03<newbie2021>hello :)
10:03<newbie2021>got a question for you guys
10:03<@pwoods>newbie2021: greetings
10:03<newbie2021> sysctl -w net.ipv4.ip_forward=1 net.ipv4.ip_forward = 1
10:04<@pwoods>There are also women in here, and they probably know more than more.
10:04<newbie2021>after i set these to the nanode running ubuntu
10:04<newbie2021>if i reboot the server
10:04<newbie2021>it goes back to 0
10:04<newbie2021>anyway i can make it stay 1
10:04<newbie2021>( i am trying to use wireguard vpn )
10:05<newbie2021>and i have seen these command on some tutorial
10:06<newbie2021>@pwoods since i know almost 0.0001 of what i should to run linux commands etc ... almost everyone knows more than i do :D
10:08<@pwoods>newbie2021: I don't know that command, so I'm not 100% sure what it's used for, etc. I am curious why the command using the same looking thing, like why is net.ipv4.ip_forward=1 repeated, but the second time with the spacing?
10:09<@pwoods>Also, doing a quick Google search, I found this:
10:09-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has quit [Remote host closed the connection]
10:09<Robdgreat>Using either method above will not make the change persistent. To make sure the new setting survives a reboot, you need to edit the /etc/sysctl.conf file.
10:10<Robdgreat>also what pwoods said
10:19-!-g0t_ [] has joined #linode
10:19-!-g0t_ is "username" on #linode
10:24-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has joined #linode
10:24-!-Redentor is "realname" on #linode #debian-next #debian-mx #debian
10:26-!-g0t [] has quit [Ping timeout: 480 seconds]
10:37<newbie2021>ok so i need to modify /etc/sysctl.conf file
10:37<newbie2021>then reboot i guess
10:38<Robdgreat>shouldn't need to reboot if you run the command
10:38<Robdgreat>the command makes it take effect immediately, and the sysctl.conf mod makes it happen when you boot
10:57<newbie2021> # Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
10:57<newbie2021>it had a # in front of the command
10:58<newbie2021>now i got another question :)))))
10:58<newbie2021>i noticed that if i reboot the server
10:58<newbie2021>my router with vpn client can`t connect to it
10:58<millisa>and it could before the reboot?
10:59<Robdgreat>could it befor
10:59<Robdgreat>oh hey millisa
10:59<newbie2021>unless i do a wg set wg0 peer <client-public-key> allowed-ips <client-ip-address>/32
10:59<newbie2021>then it connects untill next server reboot
11:00<millisa>did you set the peer info in the /etc/wireguard/wg0.conf?
11:00<newbie2021>guess so ? :)
11:00<newbie2021>what should i look for in the conf file
11:00<millisa>look and see? You'll have the [interface] section with the privkey and listen port, then [peer] sections with the publickeys for your clients. each [peer] section could have an allowed_ips line?
11:01<millisa>er, AllowedIPs
11:01<newbie2021>no peer section there
11:01<@pwoods>ouse enable
11:02<newbie2021>[Interface] Address = Address = fd86:ea04:1115::1/64 SaveConfig = true PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat
11:02<newbie2021>ListenPort = 51820 PrivateKey = WEQP
11:02<millisa>you dont want to paste it. it'll have your privkey
11:02<newbie2021>yeah but ain`t paste the entire key
11:02<newbie2021>so that`s about all of it
11:03<newbie2021>so i need to add some [peer] into these
11:04<millisa>something like this -
11:05<millisa>you'd have a peer section with the client-public-key you are using in that command line, along with the allowedips you used in that same command line
11:05<newbie2021>so if i add something like that
11:06<newbie2021>when the server reboots i wont have to add that command anymore
11:06<newbie2021>its read automaticly
11:06<millisa>assuming you have the wireguard interface coming up automatically
11:06<newbie2021>i doubt it :))))
11:06<millisa>what guide are you following
11:08<newbie2021>some youtube dude
11:09<newbie2021>The Digital Life
11:09<newbie2021>it`s his channel
11:09<newbie2021>can i post link here?
11:09<millisa>which OS are yo using
11:10<millisa>This section show getting it to start on boot
11:10<millisa>(it also talks about adding the peer configs just a little below that section)
11:10<newbie2021>i will look and try to understand :D
11:11<newbie2021>i am really new to linux ... like days new
11:12<newbie2021>so i added these to the wg0.conf
11:12<newbie2021>#Beryl-wireguard-web-interface [Peer] PublicKey = QBmdG******* AllowedIPs =
11:12<millisa>something like that, yeah
11:12<newbie2021>think it should be ok now
11:12<newbie2021>i will look for that auto start on reboot
11:13<newbie2021>then reboot server and try to connect to it
11:13<millisa>if you do a wg-quick down wg0 and then a wg-quick up wg0 - you should see your peer in a wg show
11:13<millisa>er tjrpw
11:13<millisa>(cat on keys) - use 'sudo' in front of the commands if you aren't root.
11:13<newbie2021> peer: WmHJ199xT***** endpoint: *****:60018 allowed ips: latest handshake: 2 hours, 7 minutes, 4 seconds ago
11:14<newbie2021>these is what i get now when i type wg
11:14<newbie2021>and a few other stuff :)
11:14<newbie2021>i`m loging in to server with root
11:14<newbie2021>donno how not to :))))))))))
11:14<millisa>assuming you've done the systemctl enable wg-quick@wg0 - it hopefully would bring the interface up on reboot
11:16<newbie2021>root@localhost:~# systemctl enable wg-quick@wg0 Created symlink /etc/systemd/system/ → /lib/systemd/system/wg-quick@.service.
11:16<newbie2021>now it`s time for reboot ? :D
11:16<millisa>seems like it
11:16<millisa>do a 'wg show' when its back up to see if it has the peer
11:19<newbie2021>root@localhost:~# wg show root@localhost:~#
11:19<newbie2021>nothing :)
11:21<millisa>and if you do a 'wg-quick up wg0' ? does 'wg show' show the peer then?
11:21<newbie2021>root@localhost:~# wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 Key is not the correct length or format:
11:21<newbie2021>hmm guess i f up :D
11:22<millisa>mis-pasted a priv or public key
11:23<newbie2021>i erased a character by mistake
11:23<newbie2021>at the privatekey
11:23<millisa>do you remember what it was to put it back?
11:23<newbie2021>and = at the end of the key
11:24<newbie2021>*an = at the end of the key
11:24<millisa>and when you put it back, and up the interface, does wg show give something meaningful?
11:24<newbie2021>it`s showing an peer
11:24<millisa>ok, then try your reboot and see if it autostarts
11:24<newbie2021>so ... i should try to reconect the router
11:24<newbie2021>yeah ... that first
11:25<newbie2021>it auto started
11:26<newbie2021>now need to kinda do the same to the router to make it auto reconnect :D
11:29<newbie2021>my router wont connect to it ....
11:30<millisa>did it before?
11:30<newbie2021>untill first reboot it was connected
11:30<newbie2021>like 10 mins ago
11:31<millisa>are the keys all correct? Is ufw running? If it is does it have the port open?
11:33<newbie2021>ufw ?
11:33<millisa>firewall. ufw status would tell you
11:35<millisa>is the ListenPort in the interface section the port you are connecting to in the client config?
11:36<newbie2021> listening port: 51820
11:36<newbie2021>these is on server
11:36<millisa>that's the default, make sure you are using that same port on the client side
11:37<newbie2021>it`s writen on the client at the endpoint host after the server ip address
11:37<millisa>the public key in the server's peer section should match the public key that is generated from the privatekey on the client.
11:37<millisa>that's probably correct
11:38<newbie2021>on the server unde peer i entered only the privatekey that i got from the client
11:38<newbie2021>[Peer] PublicKey = QBmd
11:38<newbie2021>and then the allowedips
11:39<millisa>on the server, the peer section should have the public key of the client
11:39<newbie2021>oooo i am f up
11:39<millisa>likewise, the client should have the server's public key in its peer section
11:39<millisa>each one should know the others public key in its peer section. each should have its own private key in its interface section.
11:42<newbie2021>yup ... i`m an idiot
11:42<newbie2021>on the server side i enter under peer the privatekey of the client instead of publickey
11:42<Robdgreat>nah, things aren't always intuitive until after they've been explained
11:42<newbie2021>now router connected
11:43<newbie2021> latest handshake: 1 minute, 2 seconds ago transfer: 340 B received, 172 B sent
11:43<newbie2021>now to figure a way i can make the router auto connect :D
11:44<newbie2021>can`t find anything about that on the web interface and thru luci / ssh i cant find the wireguard config file :)
11:44<newbie2021>i have a beryl mt1300 router
11:45<newbie2021>it doesnt have the /etc/wireguard/ folder
11:48<millisa>haven't heard of that router. a quick search doesn't yield much about automatic connecting a client
11:48<newbie2021>find wg0 doesnt come up with anything :D
11:48<newbie2021>it`s a small router from gl.inet
11:49<newbie2021>that should be able to connect to multiple vpn server at once
11:49<newbie2021>that is another thing i must try to do ...
11:49<newbie2021>search google for beryl mt1300 ( donno if i am allowed to past links here )
11:50<millisa>i did and didnt find much on making it connect automatically
12:06<dwfreed>the interface should connect automatically if it knows where to find its peer
12:07<dwfreed>but there may be an option in luci for it
12:07<dwfreed>(or well, gl.inet's modified luci)
12:08<dwfreed>I normally just replace gl.inet's firmware with stock openwrt, so I'm really not familiar with their UI
12:28-!-Strykar [] has quit [Quit: /quit]
12:31-!-Strykar [] has joined #linode
12:31-!-Strykar is "vector" on #tor-relays #tor #pipewire #linode #bitlbee
13:22-!-tricaricom [~oftc-webi@] has joined #linode
13:22-!-tricaricom is "OFTC WebIRC Client" on #linode
13:24<tricaricom>can anyone answer a linode infrastructure question?
13:26<Peng>Maybe. What is it?
13:27<tricaricom>is there some kind of service that allow API routing to the closest linode for low-latency?
13:28<Peng>Like a geoDNS service?
13:28<tricaricom> if i'm a user in Germany, the API will route to the frankfurt linode
13:29<tricaricom>if i'm in USA, the same API will route to Dallas
13:29-!-spawacz [] has quit [Quit: WeeChat 2.8]
13:30-!-spawacz [] has joined #linode
13:30-!-spawacz is "tgq" on #llvm #linode #tor #debian-llvm #debian-qemu #debian
13:30<Peng>There isn't something operated by Linode. You could run your own DNS servers (on Linode or not) and do something, or use a third-party DNS service, or use a third-party CDN with similar features.
13:31<tricaricom>what is a good 3rd party geoDNS service?
13:34<@jtoscani>I don't speak from experience but cloudflare is often mentioned in conjunction with geoDNS
13:35-!-tricaricom [~oftc-webi@] has quit [Remote host closed the connection]
13:37<newbie2021>sorry been afk , thank you Millisa
13:41<@jtoscani>I appreciate good manners
14:13-!-trasanda [] has joined #linode
14:13-!-trasanda is "OFTC WebIRC Client" on #linode
14:13-!-trasanda [] has quit []
14:21<react>Why did no one mention Anycast addressing / routing? You disappoint #linode.
14:22<@mcintosh>slightly curious how often latency really is the/a bottleneck for people looking to do that sort of thing
14:23<@mcintosh>woke: using anycast to route customers traffic geographically
14:23<@mcintosh>bespoke: running everything on one nanode in newark
14:24<Peng>react: Well, Linode doesn't offer it. :D
14:24<react>If by woke, you mean amazing ;)
14:24<react>Peng: sure, but third-party recommendations were being recommended
14:24<@mcintosh>think that was a troll comment XD
14:25<file>mcintosh: in particular for an API it seems a bit ... odd
14:26<Peng>react: Sure, but I wasn't recommending third-party alternatives to Linode's main service.
14:35-!-linville [] has quit [Quit: Leaving]
14:41<Nivex>Given that Linode NSes are fronted by CloudFlare, I'm kinda surprised Linode doesn't have some kind of GeoDNS agreement to go along with it.
14:43<Peng>I don't think Cloudflare does geo DNS on its own. Their CDN stuff can do it but not necessarily easily or for free.
14:45<warewolf>you're thinking akamai
14:45<Nivex>but I'm pretty close to bespoke. I'm on a single 2GB node in Newark.
14:45<warewolf>they're the kings of geo distributed stuffs
14:46<Peng>Probably most "enterprise" DNS companies can do it. But they're usually not cheap.
14:47<Nivex>You could probably DIY with PowerDNS, but that's at least a few Linodes to run on.
14:48-!-upekkha [~Advanced@2a01:4f8:1c0c:49df::1] has quit [Quit: upekkha]
14:48-!-upekkha [~Advanced@2a01:4f8:1c0c:49df::1] has joined #linode
14:48-!-upekkha is "real name" on #bufferbloat #oftc #freedombox #debian #debian-gnupg #tor #freedombox-dev #fdroid #linode
14:53<Peng>And getting a top-notch geoIP database costs money and requires setup.
15:04<Nivex>You mean not all of my visitors are coming from a farm in the middle of Kansas? :)
15:05-!-recsyslabs [~oftc-webi@2601:ca:8280:240:d8f1:34c1:2328:1b28] has joined #linode
15:05-!-recsyslabs is "OFTC WebIRC Client" on #linode
15:05<Peng>Send them straight to your Dallas Linode! I hope their ISP doesn't route all traffic through Chicago or something.
15:06<Nivex>I'm in North Carolina, so it's a pretty even split on whether I get sent through Ashburn or Atlanta.
15:07<Nivex>RTP needs a damn IX. We've got Cisco and IBM here for crying out loud. I shouldn't need to traverse three states to send a packet to my neighbor on a different ISP.
15:08<recsyslabs>Anyone else have problems with kubernetes 1.22? Either upgrading or creating a new 1.22 cluster breaks volumes - they fail to attach in 1.22 - the example on works on 1.21 but fails in 1.22
15:08<Peng>I'm in Florida but my ISP likes scenic routing.
15:09<Peng>(To be fair, it's not as bad as it used to be.)
15:10<recsyslabs>and because of that.. is there a way to downgrade a 1.22 kubernetes cluster back down to 1.21?
15:20-!-Mopster [] has quit [Quit: Page closed]
16:52<@mcintosh>recsyslabs: not possible to downgrade a cluster unfortunately - i reported the described behavior to the team though, and i believe someone is going to look at reproducing ASAP to see if/what the issue is
17:00<recsyslabs>thanks! i could reproduce it reliably creating a brand new v1.22 and v1.21 cluster and just applying those example usage yamls from the github repo
17:10-!-newbie2021 [] has quit [Quit: Page closed]
17:21<@_brian>recsyslabs: i'm sending you a pm to ask for a piece of info
17:25<@mcintosh>full disclosure, we disabled version 1.22 already out of caution
17:58-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has quit [Remote host closed the connection]
18:01-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has joined #linode
18:01-!-Redentor is "realname" on #linode #debian-next #debian-mx #debian
18:06-!-g0t_ [] has quit [Ping timeout: 480 seconds]
18:16-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has quit [Remote host closed the connection]
18:38-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has joined #linode
18:38-!-Redentor is "realname" on #linode #debian-next #debian-mx #debian
19:00-!-anomie [] has quit [Quit: Leaving]
19:05<recsyslabs>great! the kubernetes v1.22 volume not attaching was fixed. If anyone else has the same issue, the quick fix is to edit and modify the "csi-attacher" image to "" in "csi-linode-controller" StatefulSet definition. Thanks all!
20:15-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has quit [Remote host closed the connection]
20:17-!-luxus [~oftc-webi@] has joined #linode
20:17-!-luxus is "OFTC WebIRC Client" on #linode
20:19-!-Redentor [~armando@2806:1000:8004:bf3d:8fd6:73fa:d2a3:7108] has joined #linode
20:19-!-Redentor is "realname" on #linode #debian-next #debian-mx #debian
20:19-!-luxus [~oftc-webi@] has quit []
21:00-!-elky [] has quit [Remote host closed the connection]
21:00-!-elky [] has joined #linode
21:00-!-elky is "elky (" on #linode #oftc
---Logclosed Wed Dec 01 00:00:26 2021