--- Log opened Fri Jun 29 00:00:15 2018
--- Day changed Fri Jun 29 2018
00:00 < Aeso> radio waves propogate at c. Because of how light bounces inside the fiber, the propogation time is closer to .7c
00:00 < josh461_> i've tried ikev1 & 2, different hash (1024/2048) and encryption algorithms...(e.g. sha1/md5/sha256). so far no luck
00:00 < Aeso> plus, fiber never takes the shortest path, so it usually ends up being ~2x as the crow flys
00:00 < Aeso> flies*
00:01 < ||cw> which is great for PTP, but we're taking wifi
00:01 < josh461_> when i ping from siteA to siteB, i see the traffic pass in the live log of siteB. but the ping times out
00:01 < ||cw> which is omni and bounces and has to share spectrum
00:02 < Aeso> Of course. I just mean in terms of the 'faster than fiber' comment
00:02 < Aeso> anyways the more hosts you add to this PTMP system, the worse your tail latencies are going to get since they all have to wait their turn to pass traffic
00:02 < ||cw> the whole point is, keeping wifi under 10ms always is going to be difficult on a busy wlan network
00:03 < Aeso> also remember that the devices can't speak to each other, they talk to the AP and the AP repeats it to the other host
00:04 < Aeso> Since ethernet isn't a shared medium (anymore), the performance is _much_ more deterministic
00:04 < E1ephant> but again
00:04 < E1ephant> if your use case doesn't call for such requirements
00:04 < E1ephant> you should have just spent that money on ice cream
00:05 < Aeso> I guess?
00:05 < Aeso> If the use case doesn't call for such requirements, we wouldn't be having this conversation in the first place. It's part of the assumed premise.
00:05 < E1ephant> are you suggesting to build for something other than use-case?
00:06 < E1ephant> assuming gets you to weaste money
00:06 < E1ephant> when you could have bought more ice cream
00:06 < E1ephant> nail down your requirements and use case first
00:06 < E1ephant> if it's unclear
00:06 < E1ephant> don't just assume
00:06 < Aeso> E1ephant, assuming is a necessity for opinionated discourse, you pillock
00:07 < E1ephant> wow rude
00:07 < E1ephant> name calling is not part of building a use case
00:07 < E1ephant> or requirements
00:07 < Aeso> welp, you sure got me there
00:08 < Aeso> but please, keep providing your zero-value-add comments
00:08 < E1ephant> öh sorry I make money instead of wasting it!
00:08 < Aeso> payslips or it didn't happen
00:10 < E1ephant> actual picture of me enjoying the savings: https://i.imgur.com/7exwSay.gifv
00:10 < E1ephant> >ur jealous face in the background
00:20 < E1ephant> selling webscalr.net: $420,000USD
00:20 < E1ephant> inquire within
00:25 < S_SubZero> i'll offer you one hundred of your earth dollars
00:27 < E1ephant> how much is earth dollars in ice cream
00:27 < E1ephant> and does that translate to australian and US dollars?
00:29 < S_SubZero> webscalr.net  Estimated Value: $186
00:29 < S_SubZero> dude my domain is worth 10x that lol
00:29 < E1ephant> 4.2mil?
00:29 < E1ephant> hell yeah
00:29 < E1ephant> webscalers are all the rage
00:30 < S_SubZero> no I mean godaddy thinks yours is worth $186.
00:30 < E1ephant> oh well if they have cash I could sell to them
00:30 < E1ephant> but I don't think they're buying
00:30 < S_SubZero> way back during dot.com someone offered me $15k for my domain and I said no.  Cuz I'm (a) stupid and (b) stubborn
00:30 < E1ephant> also we're a bit apart on price
00:32 < E1ephant> RIP pets.com :(
00:32 < E1ephant> best dot.com mascot
00:34 < BenderRodriguez> E1ephant: do you have your CCNP
00:38 < E1ephant> BenderRodriguez: nope, let my ccna expire in 2006
00:39 < E1ephant> did jncie/ccie for a bit, but python is where I sink most learning time these days.
00:41 < arooni> dumb q; what if anything would this mean 69.54.58.0/16
00:41 < arooni> i think thats invalid right
00:42 < zOthix> can i use postfix to send spoofed mails ?
00:45 < npgm> fryguy: tds : RE the network namespacing with VMs, do you think I could achieve this with docker containers?
00:46 < tds> probably, docker still uses namespaces as the underlying system for its networking afaik
00:46 < E1ephant> arooni: invalid in what sense? I would say that isn't the network IP/ID of the /16
00:46 < E1ephant> that is a valid IP within the /16 though
00:47 < npgm> do you have a recommendation for a good guide, vm or docker, that might help me set this up?
00:47 < fryguy> npgm: with something like pipework maybe
00:48 < tds> npgm: what are you actually trying to do?
00:49 < npgm> so in this case, I'd have to vms/containers that use separate physical nics to unambiguosuly communicate with two networks that are identical in every respect (hosts have same ip addresses)
00:49 < npgm> *to->two
00:51 < tds> sure, most container/vm systems will allow you to do that
00:51 < tds> I more meant what are you actually accessing on each of these networks, what do you need to run inside the VMs/containers?
00:54 < npgm> I need to speak to a host with an identical IP address - its a TCP server - I would use the host containers as a proxy for this communication. they would expose a port on the host environment that would facilitate this communication.
00:57 < npgm> the proxy is actually necessary no matter what - so its an elegant solution to run it in a docker container in my opinion
00:58 < npgm> ^ tds  does that help?
00:59 < tds> ah, if you just want to map ports/IPs like that, you may have a better time doing it all with NAT instead as discussed earlier
01:00 < npgm> okay. do you have a suggestion for a basic guide that would help get me started on that?
01:00 < tds> have two separate routing tables with an on-link route on each interface, then do some kind of prefix translation with iptables, mark the translated traffic and then use ip rule to switch to the second routing table based on fwmark
01:01 < tds> I *think* that should behave nicely with linux's neighbour table, but I'm not 100% sure how that handles duplicate entries
01:03 < npgm> so full disclosure, I'll need a 3rd nic - one that has a gatway and an address on a separate subnet in order to reach the internet
01:03 < npgm> that can coexist with the configuration you're describing ?
01:04 < npgm> sorry just dropped
01:05 < mtdms> is possible to use linux 100% without needing windows or mac os?
01:05 < fryguy> mtdms: yes
01:05 < E1ephant> how is that relevant to this channel?
01:05 < tds> sounds like you're looking for ##linux or similar
01:06 < mtdms> i use ubuntu like my linux distro
01:06 < tds> npgm: if you're able to reach the internet from one of those two networks, that should work fine
01:07 < tds> I'd still be questioning *why* you need this in the first place, since it sounds like a crazy situation
01:07 < mtdms> also as a company? there are companies what uses ubuntu as their os?
01:08 < mtdms> im telling you this because i love linux, and i used windows because i needed some software, but little by little i can see also ubuntu has good software
01:08 < mtdms> i wish to use linux without windows or mac oss
01:09 < mtdms> is it possible? how about business, also for companies is possible?
01:09 < eahm> it depends dude, whatever they need
01:10 < E1ephant> yeah it's the year of the linux desktop
01:10 < E1ephant> [again]
01:10 < eahm> ahah yeah
01:10 < tds> what, on chromebooks? ;)
01:10 < tds> but yes, there are various people and companies that only use linux and not windows/mac os, it is possible
01:11 < mtdms> i think what i need to do is not looking for a os to run some software i should look for software that runs on my ubuntu
01:12 < mtdms> tds thanks
01:12 < tds> anyway, unless you have questions related to networking differences between the OSes, this sounds rather off topic
01:16 < E1ephant> yeah I am down with offtopic/ice cream chat, just there might be more relevant channels to get feedback in :)
01:58 < nojeffrey> Need some help with MST, I have the following: 3 Ubiquiti's and a Cisco 3750, in a square topology all connected via 10G: https://i.imgur.com/rDZT1D7.png
01:58 < nojeffrey> All with same instance(1), same name, and same revision(1), but I have 2 root bridges, 1 Ubiquiti, and the Cisco
02:24 < ghostboarder> test
02:24 < light> you have failed.
02:25 < Sarah_SWE> Desperately so.
02:25 < ghostboarder> kilo im testing the window mgmt of irssi
02:25 < ghostboarder> oops
02:25 < ghostboarder> anyway, you guys know why now haha
02:26  * Sarah_SWE knows the why
02:26 < Sarah_SWE> Invincible!
02:27 < ghostboarder> right Sarah_SWE :)
02:31 < nosmelc> Any thoughts on how to figure out what's causing the new Cat6 ethernet cabling in a renovated building to only get 100Mbps connections instead of 1Gbps?
02:32 < h0dgep0dge> do the interfaces at both ends support gigabit?
02:32 < nosmelc> h0dgep0dge, you mean the devices that are being plugged into it?
02:33 < h0dgep0dge> correct
02:33 < nosmelc> h0dgep0dge, yes.  I plugged in a laptop with a 1Gbps port.  The switch is an older switch, but it says it's 10/100/1000 Mbps
02:34 < h0dgep0dge> take a look at the output of ethtool, that will tell you what link modes are available on the interface, and what link modes are being advertised from the other end, and what link mode it's configured with
02:34 < h0dgep0dge> just call `ethtool eth0` or some-such
02:35 < is_null> hello everybody, i'm try to boot on pxe with a thinkpad x260, to a centos 7 tftp server, the bootp announce seems ok, but the laptop times out when trying to boot, according to wireshark they dhcp offer has working tftp (tested from tftp client on a linux box) host name (66), and file (67) any idea please ?
02:35 < is_null> i mean: TFTP........ timeout
02:36 < nosmelc> h0dgep0dge, is there a Windows version of that tool?
02:36 < h0dgep0dge> nosmek: no idea
02:37 < Sarah_SWE> nosmelc: I recently struggled with some cables at home; turned out the endpoints was different makes and one of them was just, well, bad...
02:37 < nosmelc> Sarah_SWE, different makes?
02:38 < Sarah_SWE> nosmelc: yes, sorry, I can't recall the correct wording right now but at each end of the cable you put the "connectors"
02:38 < h0dgep0dge> nosmek: maybe try laptops at both ends. connect them with a short cat6 cable, verify that works, then connect them using the cable you're trying to debug
02:38 < Sarah_SWE> And halfway through I ran out of the type I had, got another set of another make but same type: they didn't work at all. Would only get 100mbit or no connection at all.
02:38 < h0dgep0dge> yeah, could also be a faulty terminal
02:38 < nosmelc> Would it make a difference if they wired for 586a rather than 586b?
02:39 < Sarah_SWE> h0dgep0dge: terminal, yes, thanks. :D
02:39 < h0dgep0dge> a or b shouldn't make a difference, all devices these days support auto-crossover
02:39 < nosmelc> Sarah_SWE, so the keystone jack?
02:39 < h0dgep0dge> actually, here's what you should do, take your laptop to the far end of the cable you're debugging, and connect directly to the other device using a known good cable
02:41 < nosmelc> h0dgep0dge, plug directly into the patch panel, right?
02:41 < h0dgep0dge> i don't know, i don't know what your setup is
02:42 < h0dgep0dge> but yeah, probably
02:42 < Sarah_SWE> nosmelc: could be, yes. In my experience it's rarely a cable issue. More likely it's an issue with the terminals. Either that they're bad or that they're not correctly connected by whomever set it up
02:42 < nosmelc> h0dgep0dge, each run goes to a closet and into a patch panel then from the PP to the switch
02:42 < h0dgep0dge> then yes, i would start at the far patch panel
02:43 < nosmelc> Sarah_SWE, yeah I found out that they let their grandkid wire the patch panel and the keystone jacks instead of using the professionals I recommended
02:43 < mgolisch> thats probably it then :)
02:43 < h0dgep0dge> if that works, check out the wiring of the cable, check for wiring errors or wires that aren't seated properly. if that looks good, try replacing the terminals.
02:44 < Sarah_SWE> nosmelc: always good to let youngsters learn; but should be supervised obviously and also all cabling need to be tested. I'm guessing they didn't do the latter...
02:44 < nosmelc> Sarah_SWE, right.  no testing.  That's what I was there to do.  verify 1Gbps connections and test the speed
02:45 < mgolisch> :)
02:47 < nosmelc> h0dgep0dge, I'll do some more testing like you suggested.  if it's still 100Mbps, I guess they could cut off the keystone jacks and rewire them
02:48 < h0dgep0dge> well, if it's still 100mbps at the patch panel i'd connect directly to the switch
02:48 < h0dgep0dge> then if that's gigabit you should overhaul the patch panel
02:48 < nosmelc> ohh that's going to be a mess
02:49 < h0dgep0dge> well, if there's a problem with the patch panel, presumably it needs to be fixed
02:49 < mgolisch> buy cheap buy twice or so
02:49 < nosmelc> I guess they can just pull out the wires and re-use the patch panel?
02:49 < h0dgep0dge> you would expect so
02:50 < h0dgep0dge> and it's possible that it's only that one jack that's bad
02:50 < nosmelc> h0dgep0dge, no.  I've tested a few.  all 100Mbps
02:50 < nosmelc> h0dgep0dge, one seems to get 1Gbps sometimes and 100Mbps other times
02:51 < h0dgep0dge> have you connected directly to the switch?
02:51 < nosmelc> h0dgep0dge, no not yet
02:51 < Sarah_SWE> If you get a connection for 1000 "sometimes" then it's definitely bad terminals or just bad craftmanship when setting it up
02:52 < h0dgep0dge> yeah, that really does sound like dicky wiring
02:52 < Sarah_SWE> Ya
02:52 < Sarah_SWE> What you'd get if you'd hire me, probably
02:52 < nosmelc> The other connections  I tested were always 100Mbps
02:52 < Sarah_SWE> Cause I do that kind of stuff once ever 5 years at most so I have to redo it 3-4 times to get it right
02:52 < Sarah_SWE> xD
02:53 < nosmelc> They offered to let me do it, but I have no experience with that so I didn't want to mess it up
02:53 < mgolisch> i rarely do any wiring stuff, i always let our electrician do it, they know their shit and proper testing gear to actualy test all the runs, the money is well invested not having to deal with that sort of stuff
02:54 < nosmelc> Supposedly they talked to a relative who does network cabling professionally
02:54 < mgolisch> oh i see
02:54 < Sarah_SWE> Well apparently not xD
02:54 < nosmelc> I mean, he didn't actually come and do it.  he just gave advice
02:54 < Sarah_SWE> Never seen a pro mess it up in 20 years, to be honest. Or maybe they did but then they fixed it before they let us know they were done
03:34 < UFC> Hey guys whats a reliable fairly inexpensive SMB Firewall/VPN device I could buy to connect a branch office to head office?
03:43 < Sarah_SWE> UFC: Ubiquiti Unifi line of products perhaps?
03:44 < h0dgep0dge> i've heard good things about pc engines' apu devices
03:44 < h0dgep0dge> but only if you're into nuts and bolts configuration
03:50 < UFC> what do you mean by nuts and bolts?
03:50 < UFC> they look nice and only 119$
03:50 < UFC> Most Fortigate Firewalls should support Site to Site VPN right?\
03:51 < h0dgep0dge> i know nothing about fortigate
03:51 < UFC> can most firewalls in general do site to site vpns connections?
03:52 < h0dgep0dge> couldn't say, but i can't think of a reason they wouldn't
03:52 < h0dgep0dge> but the apus are pretty bare bones, you need to put software on them yourself, but I suppose there are some pretty easy to use suites available. ipfire is reasonably easy to configure, and support vpn
03:53 < h0dgep0dge> and i believe also supports smb
03:57 < UFC> smb = small medium business
03:58 < h0dgep0dge> oooh, it's also a network file access protocol
03:58 < UFC> indeed it is
03:59 < UFC> I gotta run for now, but thank you and have a good night
04:42 < eraserpencil> My computer often drops connectivity as I travel about in campus. It's not from one building to another, it's from one room to the next room. When it drops, I get a password prompt again. Is there a way for it to automatically reconnect seamlessly?
04:43 < xamithan> Drops from what?  Password for what?
04:44 < eraserpencil> The computer experiencing problems with is an Nvidia TX2, onboard a robotic car that moves around the hallway, or should move around.
04:44 < eraserpencil> the connection drops. password to reconnect to the wifi
04:44 < xamithan> Well.  I'd click the save password button in my wifi connection manager
04:44 <+pppingme> you don't have the wifi psk stored somehow?
04:45 < eraserpencil> yea, i did that and have it automatically connect
04:45 < xamithan> Whats it connect using.  It should be pretty simple if its NetworkManager
04:45 <+pppingme> do the ap's all share the same name, or are they all different?
04:46 < eraserpencil> network manager
04:46 <+pppingme> do the ap's all share the same name, or are they all different?
04:47 < eraserpencil> ap = access point?
04:47 < eraserpencil> all the same name
04:48 < eraserpencil> my laptop running ubuntu with the same setting works fine, couldnt notice it switches access points. but my TX2 behaves differerently
04:48 <+pppingme> whats a tx2?
04:49 < eraserpencil> https://www.nvidia.com/en-us/autonomous-machines/embedded-systems-dev-kits-modules/
04:50 <+pppingme> if other computers do it just fine, and only this one breaks, I'd look for updates, or turn in a bug report
04:53 < eraserpencil> ok
04:53 < eraserpencil> thanks!
04:59 < eraserpencil> just wanted to check if there were other settings I could test out
05:37 < bray90820> Most likely the answer is no but can you connect to a .local address without a router
05:40 < fr33man_> ###internet under construction
05:42 < darkbulb> I am looking for information on Imagen Impress servers as specified in DHCP option code 10? Google is not playing ball but I am curious what OS did they run, what was the UX etc
05:42 < darkbulb> has anyone here used one
05:43 < fr33man_> ok?
05:48 < fr33man_> ###internet operative
05:51 < Gamsuners> I can't ping my Windows 10 desktop from my Samsung S8 phone, and vice versa. I've got a web server I'm running on my desktop that I want to test on my phone, but alas I can't reach the IP address. Both the desktop (ethernet) and the phone (wifi) are connected to the same network and share the same default gateway / WiFi modem
05:52 < Gamsuners> I've tried turning off Windows firewall temporarily but that didn't work.
05:52 < fryguy> is your wireless access point doing wireless isolation?
05:52 < Gamsuners> I'm not sure how to check that.
05:52 < Gamsuners> Or what that is.
05:53 < fryguy> lots of routers have a feature that when you connect to wireless, you can't see any other things in the subnet
05:55 < Gamsuners> Damn I have no idea how to disable that on my router/wifi modem
05:55 < fryguy> time to break out the instruction manual
05:55 < Gamsuners> does it go by another term/name ?
05:57 < Gamsuners> I can't even ping my phone's IP from my router / wifi modem directly
05:58 < fryguy> network stack on phone probably doesn't respond to icmp
05:59 < Gamsuners> Oh hm
05:59 < Gamsuners> "Actiontec devices NOT have Client Isolation or AP (access point) Isolation enabled on our routers (therefore no disabling is required)."
05:59 < Gamsuners> So nope, doesn't seem like that's what it is.
05:59 < h0dgep0dge> and to confirm, both devices are connected to the internet?
05:59 < Gamsuners> Yup.
06:00 < h0dgep0dge> can you ping the windows machine from the phone?
06:00 < Gamsuners> Nope.
06:00 < h0dgep0dge> can you ping the router from both the phone and the computer?
06:00 < Gamsuners> uh
06:01 < Gamsuners> I can't ping the router from my phone but I can ping it from my desktop
06:02 < h0dgep0dge> run a traceroute from the phone to the internet service of your choice (8.8.8.8 is a convenient option) to confirm the packets are going through your router
06:03 < fryguy> is your phone not connected to the network?
06:03 < Gamsuners> If I try to traceroute 8.8.8.8, it just says trace complete.
06:03 < h0dgep0dge> the phone is on the internet, but i'm wondering if it's failing-over to cell service
06:03 < Gamsuners> No output.
06:03 < h0dgep0dge> it should list the hops, it doesn't?
06:03 < Gamsuners> no
06:03 < fryguy> what does the internet have to do with this?
06:04 < Gamsuners> It has the same external IP address as my desktop.
06:04 < h0dgep0dge> making sure the phone is actually talking on the wifi network
06:04 < Gamsuners> I don't think it's using my cell data.
06:04 < fryguy> if you can't ping the router, then you likely aren't on that network
06:04 < h0dgep0dge> if it's using your wifi it should have no issue pinging the router, that's why i'm trying to rule that out
06:04 < fryguy> disable cell data to make sure
06:05 < h0dgep0dge> traceroute not working is very weird, what traceroute tool are you using?
06:05 < Gamsuners> first one I found on Google Play
06:06 < Gamsuners> sec
06:06 < Gamsuners> h0dgep0dge, this one: https://play.google.com/store/apps/details?id=com.scan.traceroute&hl=en_CA
06:06 < h0dgep0dge> i just tested that on my phone, worked fine for me
06:06 < Gamsuners> Yeah no idea..
06:07 < h0dgep0dge> you tap "Trace" and you didn't get a list of ips?
06:07 < Gamsuners> Nope.
06:07 < Gamsuners> Just says "Trace complete"
06:07 < Gamsuners> My phone has the same default gateway as my desktop.
06:07 < h0dgep0dge> try another app, maybe?
06:09 < Gamsuners> I tried this visual traceroute app. Does like 5 hops.
06:09 < h0dgep0dge> what's the first hop?
06:09 < Gamsuners> err let me try another one that shows me the actual IPs >_<
06:09 < h0dgep0dge> oh right
06:10 < Gamsuners> hm, my DNS servers are using Ipv6 addresses on my phone
06:11 < Gamsuners> except the last 2
06:11 < Gamsuners> there's four
06:11 < h0dgep0dge> four hops?
06:11 < Gamsuners> oh no I just found an app that's showing me my DNS servers my phone is using.
06:11 < Gamsuners> Still can't find a traceroute app alternative
06:12 < h0dgep0dge> the phone is being configured by dhcp, right?
06:12 < Gamsuners> might have one now
06:12 < Gamsuners> not sure how to check that
06:12 < h0dgep0dge> go into your wifi settings and tell it to forget your wifi network, then reconnect
06:13 < h0dgep0dge> that'll make sure it's configuring using dhcp and not static settings, and sometimes disconnecting and reconnecting resolves these issues anyway
06:14 < Gamsuners> huh. Odd. I forgot the network, then tried to reconnect to it. I tap on it, and nothing happens.
06:14 < Gamsuners> What in tarnation.
06:16 < Gamsuners> No idea what was happening but I held on it and connected manually again. It's using DHCP
06:16 < Gamsuners> I'm connected
06:16 < h0dgep0dge> you might want to hit wtfismyip.com
06:16 < h0dgep0dge> and check you get the same results as on your computer
06:16 < Gamsuners> Yeah I did.
06:16 < Gamsuners> They have the same external IP.
06:17 < Gamsuners> Still can't ping my desktop.
06:17 < h0dgep0dge> can you access the web server on any other device?
06:17 < h0dgep0dge> if you don't have a device handy maybe you can pull up a vm with a bridge network interface
06:18 < h0dgep0dge> bridged*
06:18 < Gamsuners> ill try my Vm
06:20 < h0dgep0dge> actually, can you get to the web server by pointing your browser on the desktop to it's lan address? not the loopback address?
06:20 < h0dgep0dge> if you haven't tried that you should
06:20 < Gamsuners> loopback address?
06:21 < Gamsuners> Also I opened up my VM, can't access the web server.
06:21 < Gamsuners> I can't ping the desktop (host) from the VM either.
06:21 < Gamsuners> But the VM is on the same default gateway.
06:21 < Gamsuners> Ugh this is so weird.
06:21 < h0dgep0dge> in the desktop's browser, make sure you can get to the web server by going to 192.168.0.X or whatever the desktop's lan ip is
06:22 < Gamsuners> Oh sec
06:22 < fryguy> Gamsuners: what is your phones IP address, and what is your desktops IP address?
06:22 < Gamsuners> h0dgep0dge, nope. I can only access it via localhost or 127.0.0.1
06:22 < h0dgep0dge> aah, the server isn't listening on your lan ip
06:22 < h0dgep0dge> really should have been the first thing i thought of
06:23 < h0dgep0dge> what web server is it?
06:23 < Gamsuners> nginx
06:23 < h0dgep0dge> do you have a conf file for that?
06:23 < h0dgep0dge> i've never used nginx, but i assume it's configured much like other web servers
06:23 < Gamsuners> so have it listen on my static local IP?
06:23 < fryguy> Gamsuners: what is it listening on now?
06:24 < Gamsuners> fryguy, listen		127.0.0.1:80
06:24 < h0dgep0dge> change it to listen *:80
06:24 < fryguy> if it's listening on localhost, how do you expect it to accept connections on not-localhost
06:24 < h0dgep0dge> fryguy, give the guy a break, this isn't really intuitive
06:24 < fryguy> h0dgep0dge: it's a real question
06:25 < Gamsuners> my desktop ip is 192.168.1.80
06:25 < Gamsuners> so I'm guessing I have it listen on that ip address?
06:25 < Gamsuners> 192.168.1.80:80 ?
06:25 < h0dgep0dge> just use *:80
06:25 < h0dgep0dge> that will automatically listen on any address the machine has
06:25 < h0dgep0dge> and is fine for the majority of purposes
06:26 < h0dgep0dge> nginx even uses that as default
06:26 < Gamsuners> Ah well now I can at least connect to the server. Just getting a 403 forbidden now.
06:27 < h0dgep0dge> is there anything sensitive in your conf file? if not, just upload it to pastebin and we can take a look
06:28 < Gamsuners> Sure
06:28 < h0dgep0dge> there'll be some access control somewhere, but, especially as someone who has never used nginx, I can't diagnose and tell you how to fix it sight unseen
06:28 < Gamsuners> Ah maybe it's better I try out the nginx channel then.
06:28 < Gamsuners> However I can at least connect to the server now from my phone!
06:28 < Gamsuners> Thank you so much
06:28 < h0dgep0dge> naahh i wanna see this through man
06:28 < Gamsuners> Sure
06:28 < Gamsuners> let me try tweaking a few things first
06:29 < h0dgep0dge> if i can't help then you might want to go talk to people who know nginx
06:31 < squ> !catgif
06:31 < squ> https://i.imgur.com/b00E3TQ.jpg
06:32 < Gamsuners> h0dgep0dge, https://pastebin.com/gCc5h8Ur
06:32 < h0dgep0dge> and that's not working?
06:32 < Gamsuners> I can still view it via localhost/127.0.0.1, but if I type in my desktop ip it gives a 403
06:32 < Gamsuners> same thing on mobile phone
06:32 < Gamsuners> I commented out deny all as well, no good.
06:33 < h0dgep0dge> i would probably comment out the last 5 lines, and add "allow all;"
06:33 < h0dgep0dge> and if that works, but you still want more restrictive security, you can work from there
06:34 < Gamsuners> Nope
06:34 < Gamsuners> didn't work
06:34 < squ> not the problem with nginx
06:34 < squ> or its config
06:35 < Gamsuners> nginx error logs show "access forbidden by rule"
06:35 < squ> lol
06:35 < squ> but you allowed all?
06:35 < Gamsuners> why am I getting 403 though?
06:35 < Gamsuners> yeah
06:35 < h0dgep0dge> concievably a problem with permissions, but on windows? dubious
06:36 < squ> Gamsuners: use the default config file
06:36 < h0dgep0dge> presumably the default was what you were using when you first asked for help, right?
06:36 < h0dgep0dge> i would up the log level, see what more diagnostic information you can get, maybe even a config file and line where the rule is
06:37 < Gamsuners> err let me get it online, because I'm not using nginx out of the box, I'm using something called WinNMP
06:37 < squ> there you go
06:37 < h0dgep0dge> i think the default file that ships with nginx isn't going to work great, because that root directive looks like there's something wacky going on
06:37 < Gamsuners> it doesn't make sense why this config isn't working though.
06:38 < Gamsuners> It works with localhost and 127.0.0.1
06:38 < Gamsuners> and I've allowed all
06:38 < squ> Gamsuners: try the nginx with default
06:38 < squ> not winmp
06:39 < alabaster> I have a question I hope it's quick. I am following a guide to unify or union two partitions into one on linux and when I do a fdisk list it shows my USB drive as SDC instead of SDB anyone know an easy solution to way after creating a USB Live drive it always shows as SDC instead of SDB?
06:39 < Gamsuners> Yeah..default nginx works.
06:40 < squ> Gamsuners: now merge default nginx with winmp
06:40 < Gamsuners> you mean just the .conf file?
06:40 < squ> yes
06:40 < squ> merge two config files
06:40 < qman__> alabaster: the disk assignments are done in detection order which is not guaranteed to be consistent, ever
06:40 < alabaster> also it shows sdb as my secondary hard drive instead
06:40 < Gamsuners> gonna make a backup too
06:40 < squ> Gamsuners: of course, backup of both
06:40 < qman__> alabaster: if you need a specific disk, use /dev/disk/by-id/ or /dev/disk/by-uuid/
06:41 < squ> Gamsuners: star with just nginx default config, then add lines from winmps config
06:41 < alabaster> qman so when I am following the guide swap /dev/sdc2 instead or follow what you just said?
06:42 < Gamsuners> yeah I'll do that. Looks like nginx default does not want to start if I just use that. I'll see what I can do by adding the WinNMP stuff
06:42 < Gamsuners> sec
06:43 < squ> Gamsuners: why it does not start with default nginx config?
06:43 < h0dgep0dge> probably because it's written for a *nix platform
06:43 < Gamsuners> squ, no idea. WinNMP probably has some kind of check and it's not letting it start because I haven't merged the WinNMP settings in yet I guess
06:43 < squ> h0dgep0dge: what?
06:44 < h0dgep0dge> the default nginx confirg file will be written for a *nix platform, gamsuners is running it on windows
06:44 < squ> h0dgep0dge: you may rethink that idea
06:45 < squ> Gamsuners: it is possible you will save more time by installing php and mariadb to default nginx
06:45 < Gamsuners> ugh yeah maybe...
06:45 < Gamsuners> I love this thing though :(
06:45 < squ> it looks stupid imo
06:45 < h0dgep0dge> i still think you should up the log level and see what that says
06:46 < Gamsuners> yeah but it's better than manually stopping/starting the server via terminal/command prompt
06:46 < Gamsuners> not sure how honestly h0dgep0dge
06:46 < h0dgep0dge> Syntax:error_log file [level];
06:47 < Gamsuners> oh geez what have I done. I can't even get the server to start now
06:47 < h0dgep0dge> adding error_log log.txt debug; may work, but it seems debug only works if the binary is built for it
06:51 < Gamsuners> Ah got it!
06:51 < h0dgep0dge> what was it?
06:51 < Gamsuners> The issue was I was only allowing 127.0.0.1 on location ~ \.php$
06:51 < Gamsuners> so I not only had to allow it on the server block, but that block as well
06:51 < Gamsuners> thanks a lot you guys :)
06:52 < h0dgep0dge> where was the configuration do to that?
06:52 < Gamsuners> oh I was only showing the configuration at the top
06:52 < Gamsuners> there was some NDA stuff I couldn't paste
06:52 < h0dgep0dge> aah, yeah
06:52 < Gamsuners> all working good now though :)
06:52 < h0dgep0dge> withholding part of the config file would definitely make it tough to debug
06:52 < Gamsuners> yeah sorry about that
06:52 < Gamsuners> thanks again
06:52 < h0dgep0dge> espesially if we didn't know
06:53 < h0dgep0dge> no problem
06:56 < alabaster> am sorry I am an on and off again linux user so I am still confused
06:57 < alabaster> anyone maybe have an idea or a break down
06:58 < light> alabaster: union mounts aren't a great idea
06:59 < alabaster> why?
07:00 < alabaster> I'm trying to make my live USB go into persistence
07:01 < light> if you want a persistent usb you could just install directly to the stick
07:02 < alabaster> I don't know I'm just following many a google searches and videos.. it's tbh Kali linux to study for CCNP and some other certs
07:03 < alabaster> all come to the same way off doing it. I don't know know the method of installing it directly to the USB drive
07:03 < light> installing to a usb stick is like installing to a hdd
07:03 < alabaster> security certs that is
07:04 < alabaster> all I know of is dual boot, getting the VMDX or whatever I forgot for my VM or live
07:04 < alabaster> I really don't want to make a mistake and do something by accident and be present
07:08 < alabaster> light I'm off to bed, thanks for the help though
08:06 < jackbrown> hello there, anyone can help me to choose between these two switch ? Ubiquiti US‑24‑500W  and US‑24‑250W
08:06 < mcdnl> are you going to need more than 250W to feed your poe devices?
08:08 < jackbrown> mcdnl, so you think that I should count all the AP PoE and camera that I need to install then check if I need more of 250W ?
08:09 <+pppingme> well if your devices need more than 250 watts, they simply wont work
08:09 <+pppingme> so if thats important to you...
08:11 < jackbrown> pppingme, ok thanks, I need to make just a count then, I'm planning to install AP PoE (something like 6 or 8) and some Unifi camera (something like 4 or 6) so totally I'll have from 10 to 14 devices plus I need to install many wall RJ45 plugs
08:11 < jackbrown> pppingme, without making counts i think that tha 250W should be more than enought since I wont use all the 24 ports for PoE devices
08:12 <+pppingme> most devices can't send full wattage to all PoE ports.. so don't make that assumption
08:13 <+pppingme> for example, if you hooked up 24 15 watt devices, thats 350 watts..  obviously the 240 watt switch would fail
08:13 < jackbrown> pppingme, yes sure but as I told you I'll hook a maximum of 14 devices
08:14 < jackbrown> pppingme, I'm trying to understand how many watts are needed from the Unifi G3 camera
08:14 <+pppingme> assuming they are 15 watt devices (they probably aren't, but don't count on that), thats 210 watts..  I wouldn't run it that close..  250 watt would be too small
08:15 <+pppingme> remember, the less you load down a power supply, the cooler it runs and the longer it lasts..
08:15 < jackbrown> pppingme, G3 camera's data sheet says • 802.3af PoE or 24V Passive PoE ? how many watt ?
08:16 <+pppingme> thats not enough info to say..  all I can say for sure is it maxes out at 15.5 watts (.3af maximum)
08:16 <+pppingme> whats the price diff between the two switches?
08:17 < jackbrown> pppingme, double actually the 250W costs  250€ and the 500W around 500€, but I think that the 250W is offered to a lower price than normal (350€)
08:17 < jackbrown> pppingme, anyway seems that I need to buy the 500W
08:17 < grawity> does '?' mean some kind of monetary unit?
08:18 < jackbrown> grawity, can't you see ? it Euro
08:18 < jackbrown> grawity, can't you see ? it's Euro
08:18 < grawity> euro sign looks like this €
08:19 < jackbrown> grawity, I wrote  €  indeed
08:19 < grawity> tell your irc client to send it as proper unicode, then :(
08:20 < jackbrown> grawity, sorry using Hexchat here
08:21 <+pppingme> hexchat deals with unicode
08:21 < grawity> Hexchat had that problem fixed in 2012...
08:22 < jackbrown> grawity, using HexChat 2.10.2 on LinuxMint 18.3 Mate
08:22 < jackbrown> anyway I'm not able to check how many Watts maximum this switch can handle https://www.amazon.it/Netgear-JGS524PE-100EUS-Switch-Smart-Managed/dp/B00F3XSM6I/ref=sr_1_3?ie=UTF8&qid=1530253117&sr=8-3&keywords=switch+PoE+24
08:22 < grawity> https://i.imgur.com/TFXh4Pz.png
08:22 < jackbrown> any idea? seems pretty cheap
08:23 < grawity> I googled for that model, clicked "Datasheet" on Netgear's website, and it says 100W
08:24 < grawity> http://www.downloads.netgear.com/files/GDC/datasheet/en/ProSAFE_Web_Managed_Switches_DS.pdf the table in page 2
08:24 < grawity> http://www.downloads.netgear.com/files/GDC/JGS516PE/JGS516PE_JGS524PE_IG_3July2013.pdf has slightly more details
08:24 < jackbrown> grawity, yes I saw the same but it's impossible since it says 15w each port
08:24 <+pppingme> no, its not impossible..
08:24 < grawity> maybe that means you can't draw 15W from *all ports at once*?
08:24 <+pppingme> PoE power supplies assume not all ports are running at max watts..
08:25 < jackbrown> pppingme, so it's a shitty switch, you can plug just 6 devices
08:25 <+pppingme> for example, a typical PoE phone rarely draws more than 5 watts..
08:25 < jackbrown> pppingme, AP how many watss uses ? (ubiquiti Ap for example)
08:25 <+pppingme> so you could run 20 phones with a 100 watt power budget
08:25 <+pppingme> dual band? what features?
08:25 < grawity> which AP model
08:26 < jackbrown> yes dual band  the IW-AP-AC for example and the In Wall model too
08:26 < Spice_Boy> 9.1watts for an Aruba 225 802.11ac one doing not much more than idling
08:26 < jackbrown> €€€€ can you see Euro now ? or I have to reconnect to the Network ?
08:27 < jackbrown> Spice_Boy, it means that when it runs full speed it's much more?
08:27 < Spice_Boy> well if it's transmitting more, and processing more, then yeah it will take more power
08:28 < jackbrown> got it, definitely seems that the 500W solutions it's better for my need as I said I need to hook 6 to 8 AP and 4 to 6 camera
08:28 < jackbrown> By the way the UBNT camera how many watss they get ?
08:28 < jackbrown> I can't understand from the datasheet it just says 48V PoE or passive  etc.
08:29 < linux_probe> myself, I prefer feeding the cameras in smaller numbers
08:29 < Apachez> watss ?
08:29 < Apachez> wtf is that?
08:29 < Apachez> which ubnt camera?
08:29 <+pppingme> data sheets don't always have all tech details, they are often targed more toward sales side of things
08:29 < linux_probe> that way "one" point of power failure doesnt take out all the cameras
08:30 < jackbrown> G3 and the G3 dome i'm planning to buy
08:31 < Apachez> it says in the datasheet
08:31 < Apachez> Maximum Power Consumption
08:31 < Apachez> https://dl.ubnt.com/datasheets/unifi/UniFi_Video_G3_DS.pdf
08:33 < jackbrown> Apachez, ah sorry I didn't see that, it's very low just 4W!!!
08:34 < jackbrown> wow ten camera just need 40watts!! nothing!
08:34 <+pppingme> that seems low to me..
08:34 < jackbrown> anybody knows some nice PoE camera that can be oriented remotely ? has tild zoom I dunno how to say, UBNT seems that it hasn't those kind of cameras
08:34 < linux_probe> too low
08:34 < Spice_Boy> my raspberry pi with webcam server is currently using 3.6w
08:34 < jackbrown> pppingme, you think that it's not the real consumption ?
08:36 <+pppingme> you said the g3 camera?
08:36 < jackbrown> pppingme, yes
08:36 <+pppingme> I'm looking at spec sheet and it says 12.5 watts
08:36 <+pppingme> Maximum Power Consumption
08:36 <+pppingme> 12.5W
08:37 <+pppingme> Oh, wait, thats g3 pro..
08:37 <+pppingme> thats a big diff..
08:37 < jackbrown> pppingme, yep
08:37 < jackbrown> pppingme, seems that the IR adaptor make a big difference
08:37 < linux_probe> want light? needs power
08:39 < jackbrown> linux_probe, sure :)
08:39 < jackbrown> what do you guys think about this camera ?  https://www.amazon.co.uk/Anpviz-Security-2592x1944-Waterproof-Detection%EF%BC%8CAZ-IPZ45530/dp/B07D2D9YGR
08:39 < jackbrown> 20X optical zoom and PTZ
08:40 <+pppingme> lots of motors, means lots of power
08:41 < jackbrown> pppingme, yep, do you guys suggest to but a PTZ camera or it's better to buy a fixed one since it's more simple and it's much more difficult that things go wrong and breaks? (
08:42 <+pppingme> here's the thing with ptz cameras..  when someone moves them, THEY WON'T MOVE THEM BACK..
08:42 <+pppingme> so if you want an area covered, get a fixed camera to cover it..
08:42 <+pppingme> they are great for supplimental cameras
08:43 < jackbrown> pppingme, WON'T MOVE THEM BACK?  means that they can get stuck ?
08:43 <+pppingme> no, people are LAZY
08:44 < jackbrown> pppingme, ah ok, by they way do you have other brand than UBNT that I can check? seems that everybody is suggeting me UBNT
08:44 <+pppingme> I duno, hard to say
08:44 <+pppingme> its not an item I deal with a lot
08:45 < jackbrown> ok
08:46 < jackbrown> anyway since that the cameras ( I need as I said 4 or 6 ) are just 4Watts each, seems that the 250W should fit my needs
08:47 <+pppingme> whats the total wattage of all devices you want?
08:48 < linux_probe> all your eggs in one basket ehh
08:49 < jackbrown> pppingme, as I said I need 4 or 6 camera and 6 to 8 Ap
08:50 < jackbrown> pppingme, since the cameras will be 24Watts if I install 6, I still have 226Watt for the APs that seems more than enough
08:50 < jackbrown> pppingme, what do you think
08:50 < linux_probe> beyond all eggs in one basket
08:51 < jackbrown> ?
08:51 < jackbrown> eggs?
08:51 < linux_probe> swtich with POE dies
08:51 < linux_probe> no cameras work and no ap's
08:51 < jackbrown> linux_probe, sure
08:51 < jackbrown> linux_probe,  you mean that if the switch dies everything shut down?
08:52 < linux_probe> for the hotel stuff we generally went with individual POE injectors
08:52 < grawity> do you mean if the POE part dies
08:52 < grawity> if the entire switch dies and APs continue working, they won't have an uplink anyway, will they?
08:52 < linux_probe> or small groups on cameras spread out over the building
08:52 < linux_probe> im more ttalking the cameras
08:53 < jackbrown> linux_probe, individual ?  it mean that each devices hat it's own PoE adapter single ?
08:53 < linux_probe> cameras are for security, where's the security of they all go out at once
08:53 < grawity> do the cameras generally have internal video storage
08:53 < jackbrown> linux_probe, anyway I'm planning to install this into my Home enviroment, so I don't think it will be a big problem, seems that the UBNT switch are good quality so I don't think it will die very soon
08:53 < linux_probe> yeah jackbrown, it;s wasetfull of energy consumption overall and uses lots of outlets though
08:54 <+pppingme>  do the cameras generally have internal video storage  <<  not with a 4 watt budget..
08:54 < linux_probe> of course, int he hotels they usualy have high dollar non poe switch gear existing
08:54 < jackbrown> linux_probe, yeah but it's very complicated installing each in it's power plug more than that it's very unclean, instead of having a single switch where everythin is hooked
08:54 < grawity> pppingme: then I don't see how they'd continue working with the uplink switch dead, anyway
08:54 < linux_probe> yeah, less jumpers and poe injectors
08:55 <+pppingme> they won't..
08:55 < jackbrown> linux_probe, yes I got, but more than that in the hotel they can't afford that the whole system shud down due to the Switch PoE failure
08:55 < linux_probe> use multiple smaller poe switches
08:55 < jackbrown> linux_probe, sure multiple means that is almost impossible that he whole system dies
08:55 < jackbrown> linux_probe, but for an home installation would be very unclean and not the best solution in my opinion
08:56 < linux_probe> yeah, much less to go wrong in a standard swtich vs poe switch ;)
08:57 < jackbrown> linux_probe, you mean something like that https://prd-www-cdn.ubnt.com/media/images/product-features/poeadapters-feature-device-protection.jpg
08:57 < linux_probe> yes jackbrown, those are often supplied with the non-bulk AP's
08:57 < jackbrown> linux_probe, it would be very messy unless you don't have enough space for a big closet in your home
08:58 < jackbrown> linux_probe, yes I knew that but I think that i'll go for the PoE switch, best solution for my needs
08:58 < linux_probe> great, as long as you know the pitfalls ;)
08:58 <+pppingme> but the cam's don't have local storage, so regardless of PoE, if switch fails, there's still no capture
08:58 < linux_probe> use more than one switch >_>
08:59 < linux_probe> redundancy 101
08:59 < jackbrown> are these system you are talking about active or passive PoE ?
08:59 <+pppingme> but in reality, if they are on UPS's or otherwise have clean power, switch failures are rare..  your dvr is way more likely to fail
08:59 < linux_probe> yep ^, untill you add POWE to the mix
08:59 <+pppingme> .3af
09:01 < jackbrown> I'm pretty sure that this installation you are talking about is really more reliable, I should buy then just a normal switch and use for each PoE device it's own PoE transformer, but It will be a little messy in my opinion.
09:02 < linux_probe> if it's home and you understand the possible issues, do whatever you want :)
09:03 < jackbrown> for example is this active or passive PoE ? https://www.aliexpress.com/item/New-Ethernet-POE-Injector-DC12V-1A-12W-Wall-Plug-POE-Switch-Power-Adapter-EU-US-AU/32858338381.html?spm=2114.search0604.3.56.5ce63e96XebSGb&ws_ab_test=searchweb0_0,searchweb201602_3_10152_10151_10065_10344_10068_5722815_10342_10343_10340_5722915_10341_5722615_10696_10084_10083_10618_10304_10307_10820_10821_10302_5722715_10843_10059_306_100031_10103_524_10624_10623_106
09:03 < jackbrown> 22_5722515_10621_10620,searchweb201603_35,ppcSwitch_5&algo_expid=d2359d99-07af-4f18-8462-2871d8d3bc41-8&algo_pvid=d2359d99-07af-4f18-8462-2871d8d3bc41&priceBeautifyAB=0
09:03 < jackbrown> linux_probe, sorry  here is the link https://www.aliexpress.com/item/New-Ethernet-POE-Injector-DC12V-1A-12W-Wall-Plug-POE-Switch-Power-Adapter-EU-US-AU/32858338381.html?
09:05 < linux_probe> well, in the same sense, buying cheap-o ones can be bad also @ jackbrown
09:06 < jackbrown> linux_probe, yes I know I'm just trying to figure it out
09:06 < jackbrown> linux_probe, still I have doubt about active and passive PoE, I still don't understand the difference exactly
09:07 < linux_probe> not all are the same voltage either
09:07 < jackbrown> anyway and Ubiquiti adapter good quality doesn't cost that much either http://www.nventawires.it/ubiquiti-poe-24v-0-5-a.html
09:07 < linux_probe> note, that is a 24v model
09:08 < grawity> jackbrown: active PoE (802.3af): the device asks the switch to enable power and informs it about what voltage etc. it needs
09:08 < grawity> jackbrown: passive PoE: always on, not configurable
09:08 < jackbrown> grawity, thanks so for active PoE both the Switch and the devices need to be compatible with 802.3af
09:09 < jackbrown> grawity, I suppose that activer more than be more realiable it should have even less power consumption since the devices will consume what they need
09:10 < grawity> well, devices *always* consume only what they need...
09:10 < jackbrown> grawity, yes but I mean there will be less power loss since the Voltage wont be always the same as in the passivfe
09:10 < jackbrown> grawity, am I wrong?
09:12 < linux_probe> https://en.wikipedia.org/wiki/Power_over_Ethernet
09:31 < Apachez> pppingme: there is a pro camera which goes for 12.5W too
09:44 < linux_probe> oh dear at the global notice
09:44 < linux_probe> -christel- : [Global Notice] Overnight, we became aware of unauthorised attempts to access freenode accounts. Please have a quick read of http://freenode.net/news/security-update-rpa and we encourage you not to reuse passwords, and to take the necessary precautions in terms of resetting yours. Thank you.
09:44 < linux_probe> terribads ;))))))))))))))))))))))))))))))))))))))))))
09:45 < linux_probe> maybe they can figure out my password for me lol
09:45 < linux_probe> fuck knows I cannot recall it
10:08 < Marko__> Hi! I have a question about vpn. My mobile provider is blocking vpn so i can't connect to my company network.
10:08 < Marko__> What would be alternative configuration to connect to my company network, but not with vpn?
10:09 < Novae> Marko__, a different VPN setup?
10:10 < mgolisch> use a different provider?
10:11 < Novae> Marko__, depending what you need to access some sort of HTTPS proxy might be sufficient
10:12 < detha> please name and shame the mobile provider, so people know whom to avoid
10:13 < jvdmr> Marko__: I've got our company VPN set up to run on TCP port 80, to avoid issues like that
10:13 < Marko__> Hmm, interesting. I should try that
10:20 < dexterfoo> when using https protocol, should the HTTP "Host" header explicitly say port 443 or can it be left out?
10:22 < jvdmr> Host simply states the hostname you're connecting to
10:23 < jvdmr> port (and ip) aren't part of the HTTP protocol, those are specified in the TCP connection (lower layer)
10:24 < dexterfoo> jvdmr: hm... i guess that makes sense. but i'm reading through some code and it is writing "Host: {host}:{port}"
10:25 < mjauschwitz> dexterfoo: port specification is optional in RFC2616
10:25 < dexterfoo> and from what i remember i do believe that regular browsers also send port in the HTTP header when it's not port 80
10:25 < mjauschwitz> absent port specification means "assume default port for the requested service"
10:25 < dexterfoo> mjauschwitz: cool thanks
10:26 < mjauschwitz> https://tools.ietf.org/html/rfc7230#section-5.4
10:31 < repys> how can I format a raid disk with xfs?
10:31 < repys> sorry wrong channel
10:35 < mjauschwitz> why am I banned in ##reddit-sysadmin
10:42 < bezaban> mjauschwitz: how would we know, what did you do 51 days ago?
10:43 < Aliekezhi> hi, I don't remember how to get the mac adress of a cisco switch...
10:44 < Aliekezhi> any ideas ?
10:45 < SwedeMike> "show interfaces" should tell you that.
10:45 < mjauschwitz> bezaban: dunno, probably just being pretty
10:46 < linux_probe> 51 days ago, uhhhhh
10:46 < linux_probe> worked, slept, ate unknown food, possibly fapped or shagged on one or more of ur mamas
10:47 < linux_probe> being age 40 with a johnson that still works grandly++++
10:50 < NomenEstOmen> killall -KILL linux_probe
10:50 < linux_probe> try and try again
10:51 < NomenEstOmen> dude otherwise i will use the reset and/or power button
10:51 < linux_probe> dont make me out on tight pants =p
10:51 < NomenEstOmen> rip solid pants
10:51 < linux_probe> lold
10:51 < linux_probe> 36/30's are too tight
10:52 < linux_probe> yeah 36" waist
10:52 < linux_probe> 30 leg lenght is about perfect
10:52 < NomenEstOmen> baby size
10:52 < linux_probe> until I go to walk or sit down
10:52 < NomenEstOmen> lol
10:52 < linux_probe> baby arm size
10:52 < linux_probe> cough
10:53 < mAniAk-_-> Aliekezhi: show interface?
10:53 < linux_probe> with 36" waist and 30" leg lenght, they are tight on johnson and cause up arse riding
10:53 < Aliekezhi> mAniAk-_-, SwedeMike thx
10:53 < linux_probe> 36/32's? to long to feets
10:54 < linux_probe> walk on panats have to fold them up, better crotch clearance
10:54 < NomenEstOmen> i have 38 inch for my legs
10:54 < NomenEstOmen> looks like iam a huge boi
10:54 < linux_probe> fuck it all yup
10:54 < linux_probe> 38 CM or ICnh
10:54 < linux_probe> :))
10:54 < NomenEstOmen> inch ofc
10:54 < linux_probe> inch**
10:54 < linux_probe> long leg hoe
10:54 < NomenEstOmen> i wrote inch so i guess i mean inch
10:54 < NomenEstOmen> tall person ftw
10:54 < linux_probe> how tall are you, 6'8"
10:55 < NomenEstOmen> feets.. baeh...
10:55 < NomenEstOmen> need help. google
10:55 < NomenEstOmen> yeah something like this
10:55 < NomenEstOmen> damn u muricans with ur murcian systems
10:56 < linux_probe> i use google often, not because of lack of knowledge
10:56 < linux_probe> tis more a lack of fast memoery recasll
10:56 < NomenEstOmen> same here, linux_probe
10:56 < linux_probe> I oftenm forget the same thing/s I have done and known for 20+ years
10:56 < linux_probe> yes I am 40.x almost 41
10:56 < NomenEstOmen> filtering is bliss
10:57 < NomenEstOmen> old boi
10:57 < linux_probe> I have been computing since the 80's
10:57 < linux_probe> lold
10:57 < NomenEstOmen> so i guess u first contact with the putah world was in the ancient amiga/commodore ages
10:57 < NomenEstOmen> same
10:57 < NomenEstOmen> pc gamer since 88
10:58 < linux_probe> I didnt own nor play much bu atari ack then
10:58 < NomenEstOmen> but iam like 10 yrs younger
10:58 < linux_probe> but as a kid age 6ish I learned wiggling comntroller/wires made opponent fasl
10:58 < NomenEstOmen> space quest was a real challenge for a 3 yrs old
10:58 < NomenEstOmen> the times before we had this fency mouse HID stuff
10:58 < linux_probe> Iwe had casbke TV when MTV started
10:59 < NomenEstOmen> ohh
10:59 < linux_probe> or within 2 years irl
10:59 < linux_probe> 1983?
10:59 < NomenEstOmen> this MTV, where they played music and shit?
10:59 < NomenEstOmen> the old times
10:59 < linux_probe> yeah, lmfao, back when they played actual "Music Television"
10:59 < linux_probe> LOLOLOLOL
10:59 < NomenEstOmen> x)
10:59 < linux_probe> that is all they played
11:00 < linux_probe> ot 30 minuts a day then 23.5 hours of reality tv
11:00 < NomenEstOmen> 3 min music clips are too complicated for modern ppl
11:00 < linux_probe> then there was VH1 aka Video Hits 1
11:00 < linux_probe> which I hated a first caused they played grade 2 or lower artists, but ai stared to like them also
11:01 < NomenEstOmen> yeah we had smiliiar stuff here too
11:01 < NomenEstOmen> a channel only for "indie" stuff
11:01 < linux_probe> I am in ohio
11:01 < NomenEstOmen> but then warner music bought them...
11:01 < linux_probe> akron, ohio, usa
11:01 < NomenEstOmen> iam in europe
11:01 < NomenEstOmen> west side of (ex nazi) germoney, europe, world, planet earth
11:02 < linux_probe> well, half my family is german/close by forced nazi;s
11:02 < NomenEstOmen> nice
11:02 < linux_probe> they kiled my while grandfathers family infront of him
11:02 < NomenEstOmen> yeah happens
11:02 < linux_probe> and his choice was joi shitlers dumpism or die
11:02 < NomenEstOmen> wanna visit germoney again? u r invited (the job has to be finished)
11:03 < NomenEstOmen> we r nice persons here
11:03 < linux_probe> he mert my grandma in wwII about age 30and she was foced to be a nurse at age 12"ish
11:03 < NomenEstOmen> we love foreign ppl more than ourself
11:03 < linux_probe> how fair was all that
11:03 < NomenEstOmen> life isnt fair at all
11:04 < linux_probe> , they all came to the USA properly in the mid 50's
11:04 < NomenEstOmen> btw why did u, as murican, kill all the native americans
11:04 < NomenEstOmen> and dont forget the slavery
11:04 < NomenEstOmen> you are so evil
11:04 < linux_probe> herp herp
11:04 < NomenEstOmen> social justice is bliss
11:04 < linux_probe> other half my family is a mix of irish, brits, indians etc
11:05 < linux_probe> so IRL I am a nasty mutt
11:05 < NomenEstOmen> what
11:05 < NomenEstOmen> you have indian genes?
11:05 < linux_probe> it seems so
11:05 < NomenEstOmen> so you like bollywood movies and dancing too?
11:05 < linux_probe> not that indian
11:05 < linux_probe> native american
11:05 < NomenEstOmen> ohh those
11:05 < linux_probe> whcih came heer long before all the imposters
11:06 < NomenEstOmen> so you are kinda fat and pollute your own country?
11:06 < NomenEstOmen> at least you have nice casinos
11:06 < linux_probe> shh, perhaops I am the unhappy chief tha controls weather now
11:06 < linux_probe> casions = sellouts
11:06 < NomenEstOmen> iam german. we could talk about some serious business maybe
11:06 < NomenEstOmen> its about revenge :P
11:06 < linux_probe> may they get bowed down
11:07 < NomenEstOmen> i like casinos
11:07 < NomenEstOmen> especially because of poker and the easy money
11:07 < NomenEstOmen> opps
11:07 < NomenEstOmen> poke her*
11:07 < linux_probe> serious business, like me being ready to run my foot up aldi's ass
11:07 < NomenEstOmen> aldi?
11:07 < NomenEstOmen> aldi is godlike
11:08 < linux_probe> as thery majorly improve thei stores and build new
11:08 < linux_probe> if zi get cranky, it all will become junk
11:08 < linux_probe> and or get flooded/washed awya it seems
11:08 < NomenEstOmen> thats our fate i guess
11:08 < linux_probe> all i have to do is travel tot that area :)))))
11:08 < NomenEstOmen> time to see the postapocalyptic worlds like in blade runner and bla
11:08 < NomenEstOmen> traveling?
11:08 < linux_probe> travel to that area LOLd
11:08 < NomenEstOmen> thats like
11:09 < NomenEstOmen> leaving the basement
11:09 < linux_probe> every time aI have to leave the house to work, I ge rain poured omn me
11:09 < NomenEstOmen> acid rain?
11:09 < linux_probe> have to load or unload tools from garge/house to vehicle?
11:10 < NomenEstOmen> looks like we need more pollution
11:10 < linux_probe> dry for a week+ have to work like a slave and bust ass?
11:10 < linux_probe> it rains on me hard
11:10 < NomenEstOmen> ahh noice
11:10 < NomenEstOmen> yeah modern slavery is also a bliss
11:10 < linux_probe> USA = slavery
11:10 < NomenEstOmen> same for europe
11:10 < NomenEstOmen> except we dont have to work for our money
11:10 < linux_probe> you dont want slavery? try africa or others
11:10 < NomenEstOmen> social system invaded by endless third worlders <3
11:11 < NomenEstOmen> you are only a slave, when others make choices for you
11:11 < NomenEstOmen> so make your own
11:11 < NomenEstOmen> DO IT
11:11 < NomenEstOmen> btw. could u borrow me a few nukes?
11:11 < linux_probe> , there you have wide spread starvation, deadly STD's and majority DEATH
11:11 < linux_probe> coff
11:11 < NomenEstOmen> i guess you can by them @ wal mart in the US
11:11 < NomenEstOmen> buy*
11:11 < linux_probe> and they overpopulate like mad
11:12 < NomenEstOmen> yeah
11:12 < linux_probe> same for all of the world
11:12 < NomenEstOmen> the harsh times will come
11:12 < NomenEstOmen> so enjoy ur days meanwhile
11:12 < linux_probe> anythign but letting life run itls course = helping over-population
11:12 < linux_probe> sad ut true
11:12 < NomenEstOmen> thats why i rly need some nuke
11:12 < NomenEstOmen> or at least nuke paris and berlin
11:12 < linux_probe> I see it and know it, and I should have died as a newborns
11:13 < NomenEstOmen> nah
11:13 < NomenEstOmen> enjoy ur time
11:13 < NomenEstOmen> buy useless stuff @ amazon
11:13 < linux_probe> no no, @ NomenEstOmen
11:13 < linux_probe> see, if you say thatm, you do not understand trueky
11:13 < NomenEstOmen> i saw the truth
11:14 < linux_probe> nawp
11:14 < NomenEstOmen> and i also know my way. inshallahrofl
11:14 < linux_probe> re-naewp
11:14 < NomenEstOmen> no need
11:14 < NomenEstOmen> just gimme a few nukes and everythin will be fine
11:15 < NomenEstOmen> damn you
11:15 < NomenEstOmen> i will go to putin
11:15  * NomenEstOmen made a ragequit to russia
11:36 < mgolisch> if i have vlan subinterfaces on a bond ,how would i need to configure that for different mtus?
11:56 < regdude> what kind of device? Some devices are capable of setting hardware MTU and MTU for routing
11:59 < jackbrown> hey guys what do you think about this ? https://www.subito.it/informatica/switch-cisco-sg200-50p-50-porte-gigabit-poe-smart-torino-246583594.htm
12:03 < Emperorpenguin> jackbrown: depends
12:04 < Emperorpenguin> what do you need it for
12:04 < jackbrown> Emperorpenguin, home enviroment set up Aps and camera   (around 16-17 unit) Indeed I was thinking in buying the 24 ports version
12:04 < jackbrown> Emperorpenguin, I don't understand the maximum wattage of the unit
12:05 < Emperorpenguin> so you want it to do poe?
12:05 < Emperorpenguin>  PoE support on 24 ports with 180W power budget
12:05 < Emperorpenguin> from https://www.cisco.com/c/en/us/products/collateral/switches/small-business-200-series-smart-switches/data_sheet_c78-634369.html
12:06 < jackbrown> Emperorpenguin, I see a little bit too low
12:06 < Emperorpenguin> so either half-poe (7W) on 24 ports
12:06 < Emperorpenguin> or full poe (15W) on 12 ports
12:08 < jackbrown> Emperorpenguin, it could be fine since I need just 7AP and 5 camera it should fit exactly, but maybe is better buyinf something bigger to be safe
12:08 < jackbrown> Emperorpenguin, by the way I don't know if buying a brand new Unifi unit or a used Cisco that I cand find for good prices and Cisco I suppose is a warranty in terms of performance and quality aswell as UBNT
12:17 < jackbrown> anybody uses Cisco here ?
12:18 < Phil-Work> reluctantly
12:18 < Phil-Work> under duress
12:19 < jackbrown> Phil-Work, sorry?
12:19 < jackbrown> Phil-Work, you don't like Cisco products?
12:19 < Phil-Work> not at all
12:20 < Phil-Work> though I'll admit I've never tried NX-OS, only IOS
12:20 < jackbrown> Phil-Work, any suggestion to set up an home system with AP and Cameras beyond UBNT that eveybody seems to suggest me ?
12:21 < Phil-Work> depends on budget
12:21 < Phil-Work> the Ubiquity stuff is nice
12:21 < Phil-Work> I've got an old(ish) Juniper switch at home
12:21 < Phil-Work> but I survived fine for many years on a Netgear POE switch
12:21 < jackbrown> Phil-Work, budget around Ubiquity prices
12:26 < Adluc> i like to to put mikrotiks everywhere, because why not EoIP IPTV VLAN over PPTP while you OpenVPN
12:26 < Emperorpenguin> Adluc: brofist
12:44 < Adluc> other than that, ubnt have quite good ac dishes
13:27 < squ> how to download a .jpg from website repeatedly with intervals :)
13:30 < squ> >> HTTP/2 allows the server to "push" content, that is, to respond with data for more queries than the client requested. This allows the server to supply data it knows a web browser will need to render a web page, without waiting for the browser to examine the first response, and without the overhead of an additional request cycle.[14]
13:33 <+xand> curl
13:36 <+catphish_> the same way you normally download it, but you keep doing it
13:40 < squ> catphish_: its from webcam, I need to download it 12 times per second, and merge into video. If download timings are not precise, resulting video will be too fast or too slow
13:41 <+catphish_> there's really nothing you can do about that, all you can do it make the resuest at the same interval (ideally using keepalive) and hope for the best
13:41 < squ> I was thinking about this http2 thing, open one connection and fetch periodically an image somehow
13:41 <+catphish_> this is not a sane way to record video
13:41 <+catphish_> you can do that with http/1.1 too
13:42 <+catphish_> just be sure to send the requests at the same interval and it should be fine
13:42 <+catphish_> hopefully the jitter (which is inevitable with this terrible setup) won't be noticeable
13:42 < squ> also I'm thinking about running it from google cloud
13:43 < squ> to access the cloud from multiple computers, to not overload server
13:43 < squ> not sure how expensive it could be
13:44 <+catphish_> basically: connection = new TCPConnection(myServer); onTimer(1/12) {connection.send(request)}; onResponse{merge_into_video}
13:44 <+catphish_> there's no good way to do this, but the above is the least worst
13:44 < squ> in the example it keeps alive 1 connection?
13:44 <+catphish_> yes
13:45 <+catphish_> and you send requests down that connection at regular invervals, you ignore how long it takes to respond
13:45 < squ> I wonder if http2 could send it without request()
13:45 <+catphish_> just to clarity, there are much better cameras that will just send a video stream
13:46 <+catphish_> i'm assuming you have some terrible device that requires you to request individual jpegs
13:46 < squ> no, better cameras are not an option :)
13:46 < squ> that's right catphish_
13:46 <+catphish_> so that's what you have to do
13:46 < squ> some chinese crap
13:47 <+catphish_> there's no way it's going to send you jpegs on demand over some kind of reverse http/2.0 setup
13:47 <+catphish_> i don't mean on demand
13:47 <+catphish_> i mean regularly
13:47 <+catphish_> why would it
13:47 <+catphish_> how would it know how often to send them, if they were gonna implement that they'd just use an mjpeg stream
13:48 < squ> so I will make a script to request() with intervals within 1 connection
13:49 < squ> what do you think about cloud catphish_
13:49 < squ> google has an option to run node scripts
13:50 <+catphish_> "what do you think about cloud" :|
13:51 < skyroveRR> It is filled with water.
15:02 < g11g> high +
15:07 < no_usr> hello all, i want to ask a question please, i am using linux inside windows as WSL in windows 10 you know... and another windows xp inside virtualbox... i can ping WinXP from Win10 host but can't ping it from linux. nmap sayz can't open device eth0... so how to do this???
15:07 < no_usr> sorry i failed to find specific channel for this q...
15:39 < g11g> ,.........................--------------------------============================
17:08 < noregret> anybody used arpalert before? I don't quite understand the white/black lists
17:15 < BenderRodriguez> nope
17:21 < zenix_2k2> so i was reading a TCP/IP book and there was a part like "the ISOC guides the future of the internet by overseeing Internet standards, public policy,..." but my question is what is "standard" in this situation ?
17:21 < zenix_2k2> like the ones in TCP/IP suite ?
17:33 < detha> Standard as in https://xkcd.com/927/
17:38 <+catphish_> zenix_2k2: an internet standard is a documented protocol that they decide should become a standard
17:38 <+catphish_> although i know then as IETF, not ISOC
17:40 < zenix_2k2> well my book says that IETF is responsible for keeping the Internet up
17:40 <+catphish_> there's a list of IETF standards here: https://www.rfc-editor.org/standards
17:40 <+catphish_> "keeping the internet up" :|
17:40 < zenix_2k2> well you read it if you want, "TCP/IP for dummies"
17:40 <+catphish_> everyone is responsible for keeping their own network up
17:40 < zenix_2k2> page 11
17:41 <+catphish_> i wish the IETF were responsible for keeping my network up, i could take a break :)
17:42 < zenix_2k2> yea actually that part was also weird... :|
17:42 < zenix_2k2> HHmnmm
17:42 <+catphish_> lol
17:42 < zenix_2k2> but earily it did say "you, everyone and no one owns the internet"
17:43 <+catphish_> that's marginally more true, though messy
17:43 < zenix_2k2> but base on what a protocol can become standard ?
17:44 < zenix_2k2> does they publish it somewhere ?
17:44 < zenix_2k2> do*
17:44 <+catphish_> you write a protocol, you send it to the IETF, if it's good it becomes an RFC, people start using it, eventually they decide to make it a standard
17:44 <+catphish_> most protocols never get past the RFC stage, not really sure why
17:45 <+catphish_> the IETF publish both (RFCs and standards)
17:45 <+catphish_> they're often called "Draft Standards"
17:46 < zenix_2k2> HHHmmm... oh so i can write my own then
17:46 <+catphish_> oh, there's 3 levels, proposed standard, draft standard, internet statdard
17:46 <+catphish_> sure you can
17:46 <+catphish_> most things just remain "Proposed Standards" forever
17:47 < tds> you can go and write something crazy like IPv10 if you want to
17:47 < zenix_2k2> sweettt... :P
17:47 <+catphish_> you can write anything you like
17:47 <+catphish_> see https://tools.ietf.org/html/rfc1149
17:47 <+catphish_> they only accept one stupid one per year :)
17:47 < tds> oh, I was thinking of the actual IPv10 rfc, which is also crazy ;)
17:48 <+catphish_> that's not in the list
17:48 < tds> ah wait, that's a draft, I'm getting the process mixed up
17:48 <+catphish_> the process is submission -> proposal -> draft -> standard
17:49 <+catphish_> IPv10, has no number or anything: https://www.ietf.org/mail-archive/web/ietf/current/msg99869.html
17:49 < zenix_2k2> and they didn't say anything about how can a protocol be standard ?
17:49 <+catphish_> zenix_2k2: i think i just very thoroughly explained that
17:50 < zenix_2k2> well you said "make a protocl, send it, and wait if the IETF thinks it is good or not to be a standard one"
17:50 <+catphish_> that's it
17:50 < zenix_2k2> Hm, that is short
17:51 <+catphish_> unofficially, you also implement it and use it, and hope people like it and use it
17:51 <+catphish_> if people are using it, then it's more likely to be accepted by the IETF i guess
17:51 <+catphish_> remember that the internet is purely based on people agreeing to use the same protocols
17:52 < zenix_2k2> so about protocols in the TCP/IP suite, has it changed significantly since 2009 ?
17:52 < zenix_2k2> cause my book is published in 2009
17:52 <+catphish_> no
17:52 < zenix_2k2> oh thank god
17:53 < tds> the other thing to keep in mind is that people can/do stack protocols in all sorts of odd ways inside their own networks, so even though you're sending ipv4 packets/ethernet frames/whatever at them you have no idea what's going on at the layers below that in their network
17:53 < tds> (well, until it starts misbehaving :)
17:57 < goldstar> I've got a super weird issue between an IPsec tunnel between a linux box (strongswan) and a zyxel USG40. Basically, tunnel is up, both phases completed successfully, VTI is up. However, when I ping from the linux box to the zyxel, the packet gets to the zyxel, and it replies to it but but the packet never reaches the linux box. Checking the VTI status on the zyxel shows that both RX and TX are incrementing with each ping. Any though
17:57 < goldstar> ts on possible issues ?
18:09 < buu> A little random
18:09 < buu> But anyone have any ideas how to get an old chelsio n320e over 8gbps on a debian box?
18:09 < buu> or like 7.25 =[
18:09 < Aeso> buu, what kind of limitation are you running up against? If you vary the packet size, can you still achieve those data rates? Are you using a single stream or testing with multiple streams as well?
18:09 < buu> Testing with iperf3
18:09 < buu> I've tuned some of the sysctl wmem stuff
18:09 < buu> The iperf3 -s can get 9+gbps from a different box so it's fine
18:09 < buu> my mtu is set to 9k
18:09 < buu> Two streams doesn't help
18:10 < linux_probe> oh noes, the tubes, she's a busting up scotty!!!!!!
18:10 < linux_probe> buu~ dont cross the streams!
18:10 <+catphish_> AMSIX is broken :(
18:11 < linux_probe> so's ur mums
18:11 < detha> catphish_: why did you break AMSIX ?
18:12 <+catphish_> why not
18:13 < Aeso> buu, are you sure the PCIe card is correctly negotiating x8 and not x4?
18:13 < buu> I wish I had source that compiled on something newer than 2.6
18:13 < buu> =[
18:13 < buu> Aeso: uh
18:13 < buu> nope
18:13 <+xand> crustyyyyyyyyyyyy
18:13 < Aeso> Yeah, the real answer here is to buy a 10G NIC from this decade. :P
18:14 < buu> Aeso: THOSE COST MONEY
18:15 < buu> Also how do I check
18:15 < buu>                 LnkSta: Speed 2.5GT/s, Width x4, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
18:16 < Aeso> buu, well there's your first problem
18:16 < Aeso> PCIe 1.0x4 is only 1GBps (ish)
18:16 < Aeso> those are x8 cards
18:17 < buu> Aeso: Pretty sure this isn't 1.0
18:17 < buu> how do I even tell
18:17 < buu> wtf
18:18 < Aeso> buu, the product sheet for that card says otherwise
18:18 < Aeso> (well, it says 1.1, but it's the same as 1.0 in terms of datarates)
18:18 < buu> Where did you even find a product sheet?
18:19 < buu> oh
18:19 < buu> I said n320
18:19 < buu>         Subsystem: Chelsio Communications Inc T320 10GbE Dual Port Adapter
18:19 < buu> Which chelsio has purged from the internet
18:20 < linux_probe> lol
18:21 <+catphish_> use intel :)
18:21 < Aeso> buu, 2.5GT/s is 1.0 speeds
18:22 < Aeso> 1.0x4 is 1GB/s, or 8Gbps
18:22 < Aeso> Hence your bottleneck.
18:23 < buu> Aeso: That would explain so much
18:23 < buu> then why the fuck is it listed as a 10gbps
18:23 < Aeso> buu, the card is physically x8, but the port you've plugged it into is probably x4
18:23 < ||cw> because it's got a 10Gbps ethernet mac
18:24 < Aeso> or at least isn't providing the additional lanes for the card
18:24 < grawity> because that's still more useful than 1Gbps, I suppose
18:24 < ||cw> it's like plugging a usb3 1Gbps nic into a USB2 port
18:24 < grawity> the same as USB2-only 1Gbps NICs
18:24 < ||cw> still works fine, just not at full speed
18:25 < buu> I was about to call chelsio but they saw me coming and didn't list a phone number on their website =[
18:25 < Aeso> buu, the product is EOL anyways, they would have laughed at you and hung up the phone
18:25 < buu> THEY MIGHT NOT
18:26 < ||cw> you don't get phone support unless it's brand new and still in warranty, and even then phone support is rare
18:27 < ||cw> you can always email and hope there isn't a black hole
18:27 < buu> I did
18:27 < buu> p.s. vizio has great phone support
18:27 < buu> Unrelated but I felt like they deserve a mention
18:28 < ||cw> I once found a nice black hole at logitech.  note the dates https://i.imgur.com/UIq5Vs0.png
18:28 < buu> haha
18:28 < buu> Some intern found it
18:29 < buu> https://www.asus.com/us/Motherboards/X99DELUXE/specifications/
18:30 < buu> So it has 40 lanes
18:30 < buu> So how is it plugged into a x4 slot?
18:30 < Aeso> buu, you sure you have a 40-lane CPU in that mobo?
18:31 < buu> yes
18:31 < buu> 5960x
18:32 < goldstar> has anyone encountered ISPs that block IPsec traffic ?
18:33 < buu> Aeso: I wonder if there's something weird with sata ports
18:33 < buu> stealing lanes
18:33 < Aeso> Could be,.
18:33 <+pppingme> goldstar only isp's that do cgn, so I'm sure its not intentional, just a side effect
18:33 < grawity> goldstar: besides the ones which do it as government-level censorship?
18:34 < ||cw> buu: the cpu only has so much bandwidth, so maybe
18:34 < grawity> haven't heard of any screwing with IPsec specifically
18:34 < buu> https://www.asus.com/us/Motherboards/X99DELUXE/specifications/
18:34 < buu> er
18:34 < buu> pdfs are honestly satan's format
18:35 < linux_probe> Putrid Dick Farts
18:36 < ||cw> buu: so, do you have a 40 lane cou or a 28 lane one?  how many lanes are you using?
18:37 < ||cw> and do note the footnotes
18:37 < buu> ||cw: 40
18:37 < buu> And how many lanes is probably most of them
18:37 < hypercore> is there an easy way of caching docker applications?
18:38 < hypercore> (i.e. i want to make several docker apps i run on my server load faster)
18:38 < buu> hypercore: don't delete them?
18:38 < hypercore> buu: don't delete what?
18:38 < ||cw> buu: do you have it in the x4 slot or one of the x16 slots?
18:38 < hypercore> sorry, i meant caching the served pages
18:38 < hypercore> not the containers
18:39 < hypercore> i.e. so that the web pages of the applications load quicker
18:39 < ||cw> hypercore: that's nothing to do with the server or containers, but in the web app programming
18:39 < buu> ||cw: I'm not really sure, it just says slot 2
18:40 < buu> ||cw: Does it matter? 4x should be 2GB/s right?
18:40 < goldstar> pppingme, grawity: okay, cool. I am just befuddled with a case whereby the ipsec tunnel is up and child_sa established, server can ping client. Client can and does reply but it doesnt reach the server (tcpdump on the server doesnt show anything from client)
18:40 < ||cw> buu: not if the card is a 1.0
18:40 < ||cw> is it in the short slot or a long slot? lol
18:40 < Aeso> ^
18:40 < buu> ||cw: I don't have the thing in front of me =[
18:41 < grawity> goldstar: over NAT or no?
18:41 < grawity> goldstar: raw ESP or inside UDP encap?
18:41 < goldstar> grawity: encap
18:41 < buu> ||cw: If it was in a long slot the pcie-v1 could connect more wires and get faster speed?
18:41 < ||cw> buu: what OS?
18:41 < buu> deb
18:42 < ||cw> buu: try dmidecode or lshw and see if you can work out what slot it's in
18:42 < goldstar> grawity: the client FW is behind an ISP fw if that helps
18:42 < ||cw> if it's an 8 lane card in the long slots, it should sync up at 8x
18:42 <+pppingme> goldstar if you're sending icmp from one side, and the other side receives it and replies to it (even if the first side doesn't see the reply), then you don't have an ipsec issue
18:42 < goldstar> the client FW has a RFC1916 IP addr
18:42 < grawity> "behind an ISP fw" well start by calling your ISP then?
18:43 < goldstar> grawity: its one of those home router things
18:43 < buu> ||cw: it said slot 2
18:43 < goldstar> pppingme: thanks, am just exploring possibilities
18:43 < grawity> goldstar: yes but it's still the ISP's responsibility
18:43 < ||cw> buu: and what are slot 2's capabilities?
18:43 <+pppingme> is one side behind cgn?
18:43 < goldstar> pppingme: I don't know at this stage
18:44 < buu> ||cw: http://paste.debian.net/plain/1031322
18:44 < grawity> if encap uses port 4500 as both source and dest, it could be that the ISP routerfirewall's NAT table is getting confused
18:44 < ||cw> buu: you have this card?  https://forums.servethehome.com/index.php?threads/chelsio-t320-dual-sfp-2-transceivers-32.16408/
18:44 < buu> ||cw: I have no idea, is that something the os can tell me?
18:44 < buu> ||cw: Yep
18:44 < goldstar> grawity: hmm, interesting
18:45 < ||cw> I'm pretty sure that's an x4 card
18:45 < ||cw> hm, maybe not
18:46 < ||cw> ok, it's x8.  perspective is hard
18:46 < buu> PCI Express 1.1 x8, x4, x2, x1
18:46 < buu> yeah
18:46 < wtflux> hey guys im planning on creating a medium-ish lab for networking training and i want to use VyOS to connect groups of isolated "offices" that said, i dont want to have to make each office connect to each other, i would like to have a "central office" that connects each of the 4 offices to each other
18:46 < wtflux> is this the right idea?
18:47 < buu> ||cw: but lspci said it only negotiated 2x?
18:47 < wtflux> else i'd end up having A:B, A:C, A:D, B:C, B:D, C:D
18:47 < grawity> wtflux: sure, sounds cheaper
18:47 < buu> Wait no, 4x
18:47 < wtflux> grawity: do you know if vyos the free networking operating system can help me do this?
18:48 < buu> 4x is 1GB/s = 7gbps
18:48 < ||cw> yeah,  LnkCap: Port #0, Speed 2.5GT/s, Width x8.  but for some reason it's negotiating down to x4
18:48 < buu> So I need the thing to do 8x
18:48 < buu> ||cw: I assume something is stealing lanes
18:48 < grawity> wtflux: literally any router can do this
18:49 < wtflux> Yes but i dont want to just let hyper-v's built in switches/routers do the work i want to learn how to do this and hopefully set up VLAN's and all that in the interim further training myself
18:49 < buu> the pcie x16_5 shares bandwidth m.2 x4
18:49 < wtflux> ideally i'd like to setup VLAN's so they all can communicate, then setup VPN's between select private computers in each site
18:49 < wtflux> all in a lab environment so i can train myself
18:50 < buu> ||cw: Correct me if I'm wrong but it wouldn't actually fit in the pcie 2.0 x4 slot right?
18:50 < hypercore> can i use terraform for kubernetes?
18:50 < ||cw> buu: the brute force is to try another slot.  yeah, it won't fit in x4 unless it's an open back slot
18:51 < buu> yeah
18:52 < buu> ||cw: This manual is confusing me
18:53 < buu> ||cw: Are you looking at page 1-13?
18:53 < ||cw> no
18:54 < buu> =[
19:02 < buu> HMMMMMMMM
19:02 < subvhome> I have a firewall appliance with a site to site VPN connection. Instead of a site to site.. i would like one site to be able to access one end point. Which type of VPN setup should i use for this L2PT
19:02 < subvhome> ?
19:04 < buu> ||cw: There's no way the OS is involved in negotiating link speed right?
19:06 <+pppingme> buu the OS can pass parameters to the driver, that force a nic into a particular mode..
19:07 <+pppingme> say you want 100mb/s instead of gig for example
19:07 <+pppingme> but in 99.999999% of cases, you're best to leave defaults and let it auto-negotiate
19:07 < buu> pppingme: I mean pcie port speed
19:07 <+pppingme> subvhome leave the vpn alone and setup an access list or firewall rules
19:08 <+pppingme> pci-express is a bus, not a port
19:08 < subvhome> thanks for the direction... i will look into it
19:08 < grawity> I thought pci was a bus and pci-express isn't anymore
19:08 < grawity> much like ethernet
19:09 <+pppingme> pci-express is the dominant bus for add-in cards at the moment
19:10 < buu> Now come up with a useful distinction between bus and port in this context
19:10 < grawity> oh, the difference is that it's not a *shared* bus
19:10 < grawity> but still very much like ethernet then
19:13 <+pppingme> what are you really asking? whats the deeper question here that you're trying to solve the wrong way?
19:14 < qman__> You can install an x8 card in an x4 slot as long as the slot is physically clear at the back to allow it to fit
19:14 < qman__> It will operate with less lanes, of course
19:15 <+pppingme> not all cards, but many...
19:15 < qman__> I don't know of any that won't, the standard is made to work that way
19:16 < buu> pppingme: I want my goddamn 10gbps card to go 10gbps
19:16 < qman__> Bandwidth will be reduced, but you can install an x16 card in an x1 slot
19:16 < Aeso> most card manufacturers are abstracting the PCIe bus specifics to a controller anyways, and the vast majority of controllers support an arbitrary number of lanes
19:16 < qman__> This is what cryptocurrency miners do
19:16 <+pppingme> buu if its not doing it on its own, then you either have a cabling issue, a switch issue, or some other external factor
19:17 < Aeso> buu, I hate to be that guy but when you buy shit you get shit
19:17 <+pppingme> to clarify...  do you mean the nic doesn't negotiate 10gb/s, or it does, but can't actually push that fast?
19:17 < ||cw> my guess it's a conflict on the mainboard.  an x8 card in an x16 slot negotiating to x4 is just weird
19:18 < qman__> Many boards have x16 alots that are only wired x4
19:18 < ||cw> pppingme: no, the PCIe is negotiation x4 in an x16 slot
19:18 < qman__> Cheap ones, in particular
19:18  * linux_probe double ||'s cw
19:18 <+pppingme> I've seen slots that physically appear to be x16, but in reality are not..  many times
19:18 < ||cw> qman__: and also that some lanes are shared, which is what I bet is happening
19:19 <+pppingme> you have to look at MB markings or find a tech manual on the MB to verify
19:19 < ||cw> pppingme: board specs and dmidecode say it's x8
19:19 < qman__> Pull the card out and look at how many pins it actually has in the slot
19:19 < ||cw> buu: post that pastbin of the dmidecode again
19:19 <+pppingme> maybe the card isn't lining up quite right..
19:19 < qman__> If they only go a quarter of the way across, it's an x4 slot
19:31 < linext> it is possible to double the LAN speed if each computer gets two gigabit cards?
19:32 < grawity> sort of but not entirely
19:32 < buu> ||cw: http://paste.debian.net/plain/1031322
19:33 < grawity> linext: it's possible to set up a bond/aggregation/something like that, if both the computer's OS *and* the switch support it (LACP basically)
19:33 < ||cw> linext: only for applications that support some sort of NIC balancing
19:33 < ||cw> grawity: even then, one TCP stream is limited to one linux speed
19:34 < ||cw> linux/link/
19:34 < grawity> with LACP, yes
19:35 < grawity> with some other kinds, I *think* you can get full 2 Gbps at least in one direction
19:35 < grawity> but I didn't dig deep
19:35 < mnemon> also the switch needs to have fast enough backplane to handle it.
19:35 < E1ephant> spray and pray
19:35 < E1ephant> mnemon: if you're buying a blocking switch in 2018 ur doin it wrong
19:36 < E1ephant> what in the last five years is blocking?
19:36 < E1ephant> honest question
19:36 < skyroveRR> E1ephant: you still heartbeating on dn42?
19:36 < E1ephant> hehe barely, I should decomm my network :/
19:36 < grawity> mnemon: don't modern switches always do?
19:37 < skyroveRR> E1ephant: hmm...
19:37 < skyroveRR> wbu grawity ?
19:37 < buu> I think I solved it!
19:37 < buu> Also, btw, chelsio already emailed me back, A+++
19:38 < mnemon> grawity: haven't really looked into the limits of current switches so dunno.
19:38 < grawity> I mean, I open the spec sheet of a 24-port switch and it shows "switching capacity: 48 Gbps"
19:41 < mnemon> also, not very clear if it's about proper switches or the 15€ home ones, probably can find blocking ones in those still? ;P
19:42 < grawity> do the latter even support LACP
19:43 < buu> ||cw: The x5 slot I have it plugged into shares lanes with the m.2 slot
19:45 < buu> Stupid gimped ass intel cards
19:47 < Aeso> buu, I figured that might be the case
19:47 < skyroveRR> intel is better than realtek, so I've heard.
19:48 < buu> Aeso: Yep
19:48 <+pppingme> ha ha, slight.y..
19:48 < buu> I actually meant to say 'intel cpu' in this case
19:48 < buu> 40 lanes
19:48 < buu> what is this, 2008
19:49 < ||cw> you're using a desktop mainboard....
19:49 < Aeso> ^ this
20:15 < buu>                 LnkSta: Speed 2.5GT/s, Width x8, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
20:17 < Wixy> Hey, there was a command to check number of connections to a server, what was it? I don't remember
20:17 < Wixy> I'm trying to check if an application is reconnecting over and over or if it keeps the connection opened
20:18 < admiralspark> Mak
20:18 < admiralspark> this room is quiet for a nationwide outage
20:19 < gugit> hi
20:19 < E1ephant> Wixy: netstat?
20:19 < gugit> websockets... is that really just TCP long polling (since the webbrowser can't listen for incoming connections) ??
20:19 < Wixy> kind of netstat -tn
20:19 < Maarten> admiralspark, well, if they can't CONNECT to this room..... that MIGHT be a reason why ;)
20:19 < webstrand> admiralspark: so that's why everythings so slow!
20:20 < Wixy> but something that would constantly update the information
20:20 < Wixy> so I can see it in realtime while the application runs
20:20 < grawity> gugit: it's an outgoing TCP connection
20:20 < buu> ||cw: [  4]   0.00-10.00  sec  11.6 GBytes  9.96 Gbits/sec    0             sender
20:20 < grawity> gugit: I wouldn't call it "long polling" because it's not request/response-based
20:20 < buu> [  4]   0.00-10.00  sec  11.5 GBytes  9.89 Gbits/sec                  receiver
20:20 < grawity> gugit: like you don't call IRC "long polling"
20:20 < Wixy> E1ephant, ^
20:20 < gugit> grawity: isn't that exactly why it's long-polling? client just reads forever until there's something
20:21 < buu> Wixy: isn't there an iostat or something
20:21 < grawity> gugit: no
20:21 < Wixy> that 1 in your nick is annoying, I wasn't getting why El+tab didn't complete your nick lol
20:21 < gugit> grawity: what's long polling then?
20:21 < Maarten> so far, on the west coast with at&t, I don't seem to be affected by any outages.... but who knows, I hear netflix data centers are affected too and SOME (not all) of their links are down
20:21 < grawity> gugit: the term "long polling" only makes sense for things like HTTP, which don't have any push-like stuff
20:21 < gugit> ok, so websocket is an outgoing connection, and the browser reads, waits for a websocket frame indefinitely?
20:22 <+catphish> weird wifi question, if i'm already using channels 1 and 6, and my neighbours are using channel 11, and i want another AP, should i put it in 11, or 13? seems that the latter would interfere less with the distant device?
20:22 < grawity> gugit: HTTP is strictly request/response, and *normally* HTTP requests get instant responses, so "long polling" means you make a request and sit forever waiting for a response
20:22 < E1ephant> Wixy: cool story?
20:22 <+pppingme> catphish how heavily do they use ch11?
20:22 < ||cw> Wixy: iftop can, I think, if you press the right buttons
20:22 < gugit> grawity: i meant "TCP long polling", as in read until something comes along
20:22 < gugit> whatever it's called, that's what it's doing  right?
20:22 <+catphish> pppingme: just one home router
20:23 < ||cw> also, use a font that make 1 and l clearly different
20:23 < grawity> gugit: idk, when it's about protocols which *aren't* formed so strictly, then it doesn't make much sense to distinguish it as "long" polling
20:23 <+pppingme> I'd put your AP thats furthest from them on 11, and the other two on 1 and 6..
20:23 < Maarten> ^
20:23 < grawity> gugit: the term becomes kinda redundant
20:23 < Maarten> I was going to type something similar
20:23 < buu> iftop is cool
20:23 < gugit> grawity: yes, but that's what it does? just issues a read and waits forever?
20:23 <+catphish> pppingme: that makes sense, actually i have one really far away, i'll move that to 11, and put the new one on 6
20:23 < Maarten> I'm on 1 and 11 on my 2 AP's, my neighbor is on 6 :D
20:24 < grawity> gugit: that's what it does, but that's not what 'long polling' means anyway
20:24 < gugit> "long read" then :=
20:24 < gugit> and since firewalls drops tcp connection without real traffic sometimes... does websockets reconnect automatically or is there higher-lever keepalive messages going on?
20:24 < grawity> sending a request which would normally be instant, and *then* issuing a read and waiting forever
20:26 < ||cw> gugit: the distinction is that with long polling and HTTP's design the server intentionally and actively holds the connection, and when the browser finally gets a response, it has to make a new connection.  also if the browser wants to send something, it has to close that open connection and make new one.  a websocket connection just stays open and is 2 way communication all the time.
20:26 < gugit> makes sense
20:26 < gugit> and I have to do reconnection myself?
20:26 < ||cw> long polling i only called such because it's over http
20:26 < grawity> yes
20:26 < gugit> alright
20:26 < grawity> I think there might be keepalives, let me google
20:27 <+catphish> pppingme: per my original question, wouldn't channel 13 (even though it overlaps slightly) not interfere with 11 less than using 11?
20:27 < ||cw> keepalives are a bit lower level
20:27  * gugit finds ReconnectingWebSocket library ahaha
20:29 <+pppingme> not exactly..  two AP's on the same channel, especially if the competing one is used lightly, have a better chance of not having collissions, by going off channel, you negate this
20:30 < ||cw> even with http keepalives, the you still have to keep making new GET requests
20:30 < grawity> I meant websocket keepalives
20:31 < grawity> are keepalive frames a thing?
20:31 < grawity> I think they're a thing in http/2
20:32 < gugit> https://tools.ietf.org/html/rfc6455#section-5.5.2
20:33 < gugit> dunno if browsers actually use that?
20:33 < grawity> let's see https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API/Writing_WebSocket_servers#Pings_and_Pongs_The_Heartbeat_of_WebSockets
20:33 < grawity> looks like it's the server that's supposed to send them mostly
20:34 < gugit> alright, thanks guys, appreciate the input
20:46 < quesker> I connect to 3 vpns.  I run bind as a caching root and also to serve up a made up domain on my private lan.  for the vpns I forward zones.  the problem is when a vpn is down the resolver has to time out before giving up (because I have some forwarded zones in my search path)
20:46 < grawity> have a local reject route for the vpn's subnet
20:46 < grawity> or e.g. for the whole 10./8, 192.168./16, etc.
20:47 < quesker> a reject route?  what is that
20:49 < quesker> blackhole?
20:49 < grawity> no
20:49 < grawity> blackhole would give you literally the same result as now
20:49 <+catphish> pppingme: you mean the APs will deliberately avoid collisions on their own channel?
20:53 < quesker> ok I think I see how to do it with route.  but not with iproute2
20:53 < grawity> ip route add <foo/bar> unreachable
20:53 < grawity> or was it ip route add unreachable <foo/bar>
20:54 < quesker> so I need something polling to see if the vpn is up and if not then add the reject, then take it out when vpn is back up?
20:54 < grawity> no
20:54 < grawity> you don't need to poll to see if the vpn is up, because the vpn software can usually *tell you* when the vpn is up
20:54 <+pppingme> catphish they will listen and will be able to time transmissions better
20:54 < grawity> you don't need to delete and readd the routes because you can make the vpn routes higher priority
20:55 <+catphish> pppingme: makes sense
20:55 < grawity> assuming they're not *already* higher-priority
20:55 < quesker> hm ok I will look at the vpnc-script (I think that is what it is called).  for openconnect
20:55 < grawity> you don't need to delete and readd the routes because you can make the vpn routes higher priority
20:56 < quesker> ok
20:59 < quesker> heh, need to upgrade my iproute2.  4.2.0 doesn't have any of this stuff
21:01 < ice9> i'm running home server behind adsl router, i enabled NAT for port 80 however it doesn't work on this specific port, other ports work fine, what should i do?
21:02 < Phil-Work> ice9, speak to your ISP - they probably block it
21:02 < linux_probe> use a different port lol
21:02 < ice9> linux_probe, I want it for public use to must use the standard port
21:03 < c|oneman> you cant do much if your ISP blocks it up, except use some lame redirect service
21:03 < linux_probe> cry to the isp, whom will likely reply business/commercial accoiunt plox
21:03 < Aeso> ^ this is most probable
21:03 < c|oneman> https://www.noip.com/support/knowledgebase/my-isp-blocks-port-80-what-can-i-do/
21:03 < Aeso> your best bet is a reverse proxy hosted on a VPS
21:03 < quesker> I changed to business comcast so I could run port 25
21:05 < ice9> can the domain registerar redirect ports?
21:05 < Aeso> ice9, no
21:05 <+catphish> i present my overpopulated 2.4GHz spectrum: https://i.imgur.com/Kofbshh.png
21:05 < wtflux> hi guys i just setup a VM in a baremetal server 2012 r2 x64 install w/ VyOS amd64 ISO and the vm wont boot to ISO, did i download the wrong version or something?
21:06 < Aeso> catphish, time to leave the 2.4GHz space
21:06 < wtflux> it says livecd/install iso for physical and virtual devices... dunno
21:06 < linux_probe> time to use some magnetrons
21:06 < linux_probe> cook their ap's :))
21:06 < _31N108E> ice9: Port 443 and HTTPS are another workaround.
21:07 < linux_probe> likely blocked also ^^
21:07 < _31N108E> But worth trying.
21:08 < Thuryn> some registrars actually do support this sort of this, though it's obviously via a Web service they provide, not strictly via DNS.
21:09 < Thuryn> (the fact that some registrars offer redirection like this makes that part confusing for some people.  they think that "registrar does it" == "did it with DNS".)
21:10 < wtflux> Hey guys VyOS didnt want to boot on a "Gen 2" Hyper-V VM, only Gen-1 why might that be?
21:11 < superbia> good evening
21:13 < superbia> where could I learn about upgrading my home network (switches, wifi-access points, adding some servers, 1 or 10GB) between my house, barn and garage
21:15 <+pppingme> whats the distance between house and barn? house and garage? barn and garage?
21:16 < BenderRodriguez> superbia: throw ubiquiti at everything
21:17 < superbia> everything is under 100 meters radius
21:17 < superbia> why am i asking this is in the future i might want to add some ip cameras, and i like to use unix and i'd benifit to have like file sharing, offline git server, music server etc...
21:19 < superbia> also currntly i only have internet in around 70% of the house
21:22 < ||cw> what kind of speeds are you wanting in the barn?
21:23 < ||cw> there are some affordable wifi bridges, or just put directionals on commodity routers with openwrt
21:23 < superbia> the thing is i don't mind making a propper infrastructure that would include drilling and digging, and i'd only keep wifi for cellphones and tablets
21:23 < ||cw> but if you want to get near gigE you'll need a pricey kit, or bury fiber
21:24 < superbia> i was also thinking to put like a 'closet' in each building that would have a switch, where one day i could plug ip cameras
21:25 < ||cw> I just put up a mimosa b5lite to a new building at work, it's about 100m, it claims I have 520Mbits
21:25 < ||cw> and that's on the cheaper end of bridge kits.  I need vlans and 20 clients though
21:26 < Aeso> yeah, for a home user a handful of PTP wireless links is going to be your cheapest bet that isn't hideously hacky
21:26 < ||cw> fiber would have cost more
21:26 < ||cw> not even including labor
21:27 < superbia> yes i also forgot i would like to have POE switches
21:29 < ||cw> which then gets into # ports and again, performance.
21:29 < ||cw> netgear stuff is OK and cheap, performance can be weak when you push it (multiple 1G streams)
21:30 < BenderRodriguez> pppingme: did you cut the fiber?
21:30 < BenderRodriguez> pls patch it ty.
21:30 < E1ephant> back-hoe bots roll-out
21:31 < ||cw> superbia: if you can dig a ditch between the buildings, I'd lay fiber and use uifi APs to cover the range.
21:31 < superbia> glass fiber ?
21:31 < ||cw> switches are whatever unless you're trying to do storage clustering or server room cores
21:32 < superbia> and also, do i need to worry about how i lay the cables in case of earthquakes
21:33 < ||cw> I have no idea.  i'd assume not?
21:33 < E1ephant> uhhh
21:35 < Aeso> superbia, if you're serious about fiber, you should have a contractor come out, walk the site and give you a quote
21:35 < Aeso> even if you don't use the quote, it'll give you an idea of how they'd accomplish the work
21:36 < superbia> that is why i asked where i could find some more info, or if anyone has documented such thing
21:36 < superbia> i think what i want is more 'business backbone' type thing
21:38 < E1ephant> just get your business backbone wallet ready
21:38 < E1ephant> and you're good to go
21:38 < E1ephant> alternatively just buy pre-terminated from fs, and string it up.
21:38 < Aeso> ^ this, actually
21:38 < E1ephant> or bury 6 to 12 inches if you have a trench/ditch witch
21:38 <+pppingme> superbia one other question, does each of the three buildings get its power separately (each have its own meter), or do the two aux buildings feed off the main building?
21:39 <+pppingme> BenderRodriguez you know I did!
21:39 < superbia> actually i have no idea the wiring is uber old, but there is power everywhere
21:39 <+pppingme> you don't know if there is one meter, or three meters?
21:39 < superbia> single
21:39 < superbia> everything is 3-phase
21:40 <+pppingme> ok, so the two aux buildings feed off the main building?
21:40 <+pppingme> 3-phrase in residential?
21:40 < E1ephant> hot
21:40 <+pppingme> you said house, detached garage, and some kind of barn?
21:41 < superbia> yup
21:41 <+pppingme> unless you're running lots and lots of super heavy equipment, I'm doubting you actually have 3-phase, why do you think that?
21:42 < linux_probe> if they're not in usa very possible =p
21:42 <+pppingme> yeah, valid assumption..
21:42 <+pppingme> superbia what country you in?
21:42 < superbia> eu
21:43  * linux_probe bows
21:43 <+pppingme> I duno standard in eu, thought it was all 50hz, single phase 220??
21:43 < superbia> 230v 50hz
21:43 < mgolisch> everyone has that for the stove/oven
21:43 < mgolisch> no?
21:44 <+pppingme> mgolisch varies by country
21:44 <+pppingme> most people run some kind of gas..
21:44 < superbia> ok basically power is there, what did you want to know next?
21:45 <+pppingme> superbia what I'm getting to, is if you are 100% sure everything is fed only through the main house (or whicever building, but *one* feed from power company), and its all grounded properly, you can get by with running copper between buildings instead of fiber
21:45 < mgolisch> yeah gas is bad, insurance and stuff
21:45 < mgolisch> :(
21:45 <+pppingme> however, if they are fed separately, you have to run fiber
21:45 <+pppingme> mgolisch I'm all gas on everything that can be, and my insurance is no higher
21:46 < Aeso> copper between buildings? but why?
21:47 < Thuryn> because fiber is expensive
21:47 <+pppingme> Aeso for an individual, cheaper than fiber, but have to be careful..
21:47 <+pppingme> there are code and safety issues, which is why I'm asking the questions..
21:47 < superbia> ok, just because building a network would involve digging and drilling, why not have fiber instead so that in few dozen years my isp offers fiber, wouldn't it be more elegant to have it all fiber?
21:48 < Aeso> If you're going to go through the trouble of trenching cable, you might as well trench some fiber. The cost difference is not worth considering, imo.
21:48 < Thuryn> optics are more expensive than not having optics.
21:48 < Thuryn> the necessity of trenching is an assumption.
21:48 <+pppingme> superbia generally, fiber locally offers no advantage..  just because ISP is fiber doesn't mean you gain from having your stuff fiber..
21:48 < quesker> grawity:  thanks, got the unreachable/metric stuff working.   it is just what I needed
21:49 <+pppingme> however, what you need to do, is lay conduit, that way, you can pull the copper out later and pull in fiber if you want to upgrade, no re-digging or anything, literally just pulling a string
21:49 < Aeso> Thuryn, eh, barely. You can buy 10G-LR transceivers for like $35 USD. 1000BASE-X for <$10
21:50 <+pppingme> but the switch they go in....
21:50 < Thuryn> Aeso, those aren't necessarily compatible with the equipment...
21:50 < Thuryn> assuming that the equipment even has SFP/SFP+ ports
21:51 < Aeso> you can get gigabit switches with SFP cages for like $50
21:51 < ||cw> superbia: 3 phase means 3 hots, 230v 50hz is still single phase.  I wouldn't do cooper unless the full wire run is less than 250m.
21:51 < Thuryn> i'm thinking of a series of farmhouses, where the cables among them are strung across poles.  there's power to one end of the building, but that's about it.
21:52 < ||cw> and even then, idk.
21:52 < Thuryn> Aeso, for less than $50, I can get a gigabit switch with more ports, but they'll all be copper
21:53 < ||cw> PoE was also on the wishlist
21:53 < Aeso> Just get a ES-24-250W if you're looking for a POE switch with an SFP cage.
21:54 < superbia> got any links of the 'good' equipment vendors you just specified?
21:54 < Thuryn> 3 phase does NOT mean 3 hots.  3 phase means all three phases on the same conductor (rare outside of large commercial installations)
21:55 < new2ip> Anyone know if nortel switches are picky about using brand name sfp modules or if generic ones will work?
21:55 < Aeso> describing things in terms of 'hots' doesn't really make sense when it comes to 3PH power
21:55 <+pppingme> Thuryn um, NO..
21:55 < Thuryn> new2ip, yes, they will, generally
21:56 < Thuryn> pppingme, um... YES.
21:56 <+pppingme> Thuryn it might mean they share a neutral, but you will always have three hots..
21:56 < Aeso> yeah, that's super wrong about being on the same conductor
21:56 < Thuryn> pppingme, no.  you may have three phases in your panel, but that's not the same as "using 3-phase power"
21:56 < Aeso> depends on 3PH delta or 3PH wye whether there's a neutral reference
21:56 < Thuryn> Aeso, okay.  i'll just tell my journeyman electrican sitting here that he's wrong and some people on the internet are right.
21:57 <+pppingme> Thuryn I'm a licensed commercial electrician, and I do DC installs all the time, and all of IBM's big boy stuff requires 3-phase, so yes, I'm HEAVILY EXPERIENCED in dealing with it
21:57 <+pppingme> as well as all the cooling equipment
21:58 < Aeso> 3PH wiring is described as 3PH4C or 3PH5C, which have 4 or 5 conductors respectively (depending again on delta or wye)
21:59 <+pppingme> no matter what variation of 3ph you do, there will always be 3 hots, how phasing works between them and how neutral works varies a bit, but always 3 hots..
21:59 < Thuryn> i'm getting out of the middle.  my guy says that there's a difference between "using all three phases" and "using 3-phase power".  i'm NOT an elctrician so i'm getting out of the middle.  he can log into IRC and argue with you if he likes.
22:00 < ||cw> in wye is a neutral still a conductor?
22:00 < linext> when whois is done, does it pull an IRC server or an IP address?
22:01 < Aeso> ||cw, it's a conductor, sure, but it's typically used as a 'return'.
22:01 < Aeso> in 208V 3PH, each line to neutral is 120V, and line to line is 208V
22:01 <+pppingme> ||cw yes, and you can derive 208 (or whatever voltage is) between phases, and 120 between phase and neutral
22:01 < ||cw> even though it optional and a "reference", which is basically that ground is
22:02 < Aeso> well ground is the return line when shit goes wrong
22:02 < Aeso> line to ground = blown breaker
22:02 < Aeso> (hopefully)
22:03 < superbia> and what capacity would copper have
22:03 <+pppingme> I had a 1.4 ohm load not pop a breaker the other day..  fried the wiring on device and it acted as its own fuse
22:04 < linux_probe> lol
22:04 <+pppingme> as a safety we are pulling new wire to device, and obvously replacing breaker
22:04  * linux_probe recalls federal pacific breakers
22:04 <+pppingme> nope, and I fight aggressively to dump FP panels whenever I come across them
22:04 < linux_probe> cut into live romex and you need new cykes
22:04 < linux_probe> dykes**
22:05 < ||cw> superbia: depends on grade.  technically cat6a can get 10G up to 100m
22:05 < linux_probe> or lineman pliers lol
22:07 < ||cw> from a quick google, cat6a is more $$ than single mode fiber, but fiber needs expensive tools to terminate (and cat6 is a pain to terminate)
22:08 < Apachez> use singlemode and call it a day
22:08 < Apachez> you can get the troubleshooting gear from fs.com
22:08 < Apachez> usually no need to terminate yourself
22:08 < Apachez> buy preterminated
22:09 < Apachez> and nowadays there is also preterminated patchpanels through MPO/MTP connectors
22:09 < Apachez> in the rear
22:09 < superbia> checking the fs.com website
22:09 < Apachez> so where you previously spliced each pair on its own
22:09 < ||cw> just means you have to run a larger conduit
22:09 < Apachez> and later used bandcable to splice like 8 pairs at a time
22:09 < Apachez> you now just click clik clik and have connected a 48 pair LC 1RU singlemode patchpanel :)
22:10 < Apachez> might be some additional click there :)
22:10 < Apachez> sorry 8 clicks in total for a 48 pair LC 1RU patchpanel with MTP/MPO connectors in the rear
22:11 < superbia> thanks for the website, it has nice categories of products and eu service
22:11 < superbia> is it safe to purchase from ?
22:11 < Apachez> yup
22:12 < superbia> i have one more question
22:12 < superbia> this optical equipment requires certain humidity/temperature, right?
22:13 < Apachez> generally speaking not really
22:14 < Apachez> but yeah if you are like at sea with salt cristals forming and shit like that there are "military" (aka rugged) connectors to use
22:14 < atsu> With fs.com make sure you buy extra. They sometimes make mistakes, especially on their more build to order stuff
22:14 < Apachez> never happend to me
22:14 < atsu> We will pull 3 bad patch cables in a row out of a box
22:14 < atsu> sometimes
22:15 < Apachez> cat?
22:15 < atsu> but we still buy their stuff
22:15 < atsu> Fiber
22:15 < Apachez> happens to me too often with cat cables lately
22:15 < Apachez> not from fs.com but still
22:16 < Apachez> one vendor was like 0.5mm misaligned
22:16 < Apachez> so it worked if you pulled the cable upwards (so the connectors goes downwards within the socket)
22:18 < superbia> there are sometimes 20C temperature oscilations at day/night, but expencive equipment would be placed indoors inside this https://www.fs.com/products/70973.html , Does this make sense?
22:19 < The_Shadows> comcast broken?
22:19 <+pppingme> that won't protect from temperature swings, its full of holes, on purpose (if it wasn't, the stuff inside would overheat)
22:20 <+pppingme> The_Shadows yep
22:20 <+pppingme> along with L3
22:21 < superbia> ok, thank you for your time and for the fs.com website
22:22 < superbia> i don't know any of the terminology and shortcuts for 'optics' but i think it looks straight forward and intuitive enough il be able to figure what everything does
22:22 < superbia> going to wash and to bed, night
22:25 < Apachez> depends on how fast those swings goes
22:25 < Apachez> cold to hot is often less of a problem (as long as you are below the threshold for operating temp)
22:25 < Apachez> hot to cold if fast enough can make humidity to form droplets
22:26 < Apachez> and then things goes south
23:07 < ice9> how to make port forwarding for port 80 since it's used for the router's web interface?
23:08 < Thuryn> can you make the router only listen on HTTPS (which you should do anyway)?
23:08 < spaces> Apachez :)
23:08 < Thuryn> also, disable exaternal management of the router.
23:09 < ||cw> especially the later, since there's plenty of known exploits on router web interfaces
23:09 < ice9> external management is disabled already and i cannot change the interface port, but i still can't access the NATed device
23:09 < ||cw> i've never had an issue forwarding 80 when the router's external is disabled.  technically even if it is enabled, the forward should override
23:10 < ||cw> you'll need to test it from the outside though, many routers won't forward a port for a device already inside the network
23:10 < Thuryn> i've rarely seen a router where you couldn't disable port 80 management.  they usually let you make it HTTPS-only.
23:11 < ||cw> an html validation site can be useful for that
23:11 < ice9> what is the uPnP in the router?
23:12 < ||cw> ice9: allows a service to ask the router to setup a port forward for it automagically
23:12 < ||cw> handy for a home lan when you control your devices, but turn it off if you don't 100% trust all your devices
23:12 < unknown__> how do I create a VPN server using windows server 2003
23:13 < ||cw> unknown__: did you plug that into google?  if you can at all, i'm sure it's well documented.  also, ##windows-server.
23:13 < unknown__> yeah I plugged that into google
23:13 < qman__> don't use windows server 2003
23:14 < ||cw> that too
23:14 < qman__> It's been unsupported for years
23:14 < unknown__> windows-server is +i
23:14 < ||cw> ##windows-server or #windows-server ?
23:15 < unknown__> both
23:15 < ||cw> you proabbly need to be authed to nickserv
23:15 < unknown__> oh it says im banned despite never having been in that channel ever
23:15 < qman__> At a bare minimum you should not be using any version older than 2008 R2
23:15 < unknown__> right
23:15 < Thuryn> the NIC "unknown" is quite likely to be on a ban list.
23:15 < unknown__> so anyhow..
23:16 < qman__> And you really ought to not.use that, either
23:16 < ||cw> anyhow, the google results seem right to me
23:16 < Thuryn> lulz
23:16 < unimpressed> nope still cant join
23:17 < ||cw> probably someone from your ISP being an ass then
23:17 < unimpressed> I think its probably a faggot operator
23:17 < ||cw> doens't matter.  the whole first page of google's "windows 2003 vpn server" seems spot on.
23:17 < Thuryn> i'm able to join
23:17 < unimpressed> doing what the fuck he wants
23:18 < unimpressed> ill check
23:18 < ||cw> if that doens't get you there, and get your 2003 server exploited within a day, then maybe a VPN isn't in the cards for you
23:19 < qman__> A day? I'd be surprised if it lasted an hour
23:19 < unimpressed> its a VM
23:20 < qman__> And that matters because...?
23:20 < Thuryn> it might not be exposed to the outside world.
23:20 < unimpressed> because my bollocks are really low and I can use them to demolish peoples front doors
23:21 < Thuryn> internal VPNs are sometimes a thing
23:21 < ||cw> aaand that's why you're banned.
23:21 < unimpressed> virtualbox has something called shapshots
23:21 < ||cw> snapshots don't help when your lan is compromised
23:21 < qman__> That all has nothing to do with the fact that 2003 is old, unsupported, amd insecure
23:22 < unimpressed> but works
23:22 < Maarten> I still have 1 single 2003 server in the USA.... and about 7 in APAC (few in India, few in China). That 1 in USA is a bane in my existence and I can't decon it till 2020 :(
23:22 < qman__> And if you expose it to the internet it's getting hacked
23:22 < ||cw> and based on XP so i's generally terrible to get anything done in
23:22 < unimpressed> right but its in a VM
23:22 < unimpressed> XP is the best OS
23:22 < Maarten> in 2002 maybe, not in 2018
23:22 < unimpressed> cause it works. not cause its secure
23:22 < qman__> VMs aren't magic
23:22 < ||cw> I have one 2003r2, but it's not allowed on the internet
23:22 < unimpressed> it has NAT
23:22 < qman__> Shit gets hacked either way
23:23 < qman__> NAT won't help you
23:23 < unimpressed> either way, windows is stil gonna get hacked even if its windows 150
23:23 < ||cw> actually, wait, I don't, decommisioned it about 6 months ago.  I'm thinking 2008r2.  also not allowed on the internet
23:23 < ||cw> and also terrible
23:24 < unimpressed> IM GONNA DESTROY FREENODE MOTHERFUCKERS!
23:24  * ||cw yawns
23:24 < Maarten> unimpressed, impressive.
23:24 < unimpressed> cause its a fucking piece of shit
23:24 < unimpressed> its like being raped
23:24 < unimpressed> fucking crap hole
23:24 < ||cw> freenode's probably fend off a dozen attacks at this very moment
23:25 < unimpressed> pfft
23:25 < Maarten> ban in 3.....2......1...... ;
23:25 < unimpressed> ANUS
23:25 < unimpressed> FINGER BLAST
23:25 < unimpressed> 321 semicolon ?
23:26  * ||cw pings pppingme 
23:26 < unimpressed> ill do it for you
23:26 < Maarten> there's more coming behind the ; but I will wait till the ops wake up :P
23:26 < unimpressed> pppingme
23:26 < unimpressed> pppingme
23:26 < unimpressed> pppingme
23:26 < unimpressed> pppingme
23:26 < Maarten> catphish
23:27 < Maarten> garbage ---> taken out. Thanks catphish :P
23:32 < linext> when i run whois on an IRC user, will it always return the address of the IRC server?  for myself it returns my WAN hostname
23:34 <+catphish> linext: it returns all sorts of info including the end user's hostname and the server they're connected to
23:34 < ||cw> linext: also depends on if they have a cloak
23:35 <+catphish> * [linext] (~linext___@pool-173-70-46-120.nwrknj.fios.verizon.net): realname
23:35 <+catphish> * [linext] ##networking ##electronics
23:35 <+catphish> * [linext] hitchcock.freenode.net :Sofia, BG, EU
23:35 <+catphish> yeah if a user has a cloak that will be displayed in place of their hostname
23:36 <+catphish> like mine:
23:36 <+catphish> * [catphish] (~J@unaffiliated/catphish): J
23:36 <+catphish> * [catphish] ##electronics +##networking
23:36 < linext> is freenode providing the info, or is it coming directly?
23:36 <+catphish> freenode
23:36 < linext> to cloak, do you need to send freenode a command, or find some way to hide your details?
23:37 < ||cw> https://freenode.net/kb/answer/cloaks
23:38 < linext> why would the IRC server want to provide whois for all users?
23:39 < TandyUK2> linext: set usermode +x, and because thats how IRC works
23:39 < TandyUK2> freenode didnt decide how the protocol works
23:39 < linext> i guess it's not a big problem now since most users run NAT
23:40 < linext> seems like a potential security concern
23:40 < TandyUK> set +x then
23:40 < TandyUK> thats what its for
23:42 < linext> is the command /set +x?
23:42 < scientes> can I have two routes to the internet
23:42 < lupine> yes
23:42 < lupine> see: multihoming
23:42 < scientes> and have one program that listens on one interface use one route (a VPN)
23:42 < linext> my client says No such variable
23:42 < TandyUK> /mode <yournickname> +x
23:42 < lupine> also yes. see: policy-based routing
23:42 < linext> ok, did it work?
23:43 < TandyUK> youre already i na channel, and also no
23:43 < TandyUK> you need to usermode +x _berfore_ you join any channel or it offers no benefit
23:43 < HoloIRCUser1> How do we create a QoS policy so that the bandwidth is evenly shared among all users connecting to a huawei switch?
23:43 < linext> ok, i'll ask the hexchat room
23:44 < TandyUK> you need to be registered too afaik
23:44 < TandyUK> you can get nickserv to set it for you on login, and to login automatically on connect (before any /join)
23:44 < linext> i have autologin set up
23:46 <+catphish> linext: the internet predates a time when people felt a need to be anonymous online
23:53 < scientes> ip route add equalize default \
23:53 < scientes> >    nexthop via 10.1.10.1 dev enp10s0 \
23:53 < scientes> >    nexthop via 10.1.10.1 dev wlp4s0
23:53 < scientes> Error: any valid prefix is expected rather than "equalize".
23:53 < scientes> i think this is out of date: http://www.policyrouting.org/PolicyRoutingBook/ONLINE/CH05.web.html#5.1
23:57 < auser_> DEATH TO FREENODE NIGGERS
--- Log closed Sat Jun 30 00:00:19 2018