1117065979 Q * yarihm Quit: Leaving
1117067033 J * alex234 new@p54B3EAEF.dip.t-dialin.net
1117067180 P * alex234 
1117067203 Q * eyck Ping timeout: 480 seconds
1117067462 J * alex234 new@p54B3EAEF.dip.t-dialin.net
1117067480 P * alex234 
1117067675 J * alex234 new@p54B3EAEF.dip.t-dialin.net
1117067746 Q * alex234 Remote host closed the connection
1117067981 J * eyck eyck@81.219.64.71
1117068520 J * alex234 new@p54B3FE30.dip.t-dialin.net
1117068584 Q * eXplasm2 Quit: Verlassend
1117068751 P * alex234 
1117068928 J * alex234 new@p54B3FE30.dip.t-dialin.net
1117069005 Q * alex234 Read error: Connection reset by peer
1117070493 Q * eyck Read error: Connection reset by peer
1117070520 J * eyck eyck@81.219.64.71
1117076510 Q * rs Quit: rs
1117077331 J * rs ~rs@imhotep.rhapsodyk.net
1117078372 Q * tchan Quit: leaving
1117078589 J * tchan ~tchan@c-24-13-81-164.hsd1.il.comcast.net
1117078842 Q * rs Quit: rs
1117086029 N * Bertl_zZ Bertl
1117086037 M * Bertl morning folks!
1117087592 J * ciphernaut ~a@61.88.18.130
1117087668 M * ciphernaut sweet..... what does rc2 fix?
1117087695 M * Bertl mostly cleanups and improved error checking
1117091099 Q * ciphernaut Read error: Connection reset by peer
1117091633 M * Pazzo Morning Bertl!
1117091807 Q * lilo Remote host closed the connection
1117092235 M * Bertl morning Pazzo! off now ...
1117092240 M * Pazzo VSERVER_NGNET = y ? make oldconfig suggests N??
1117092244 M * Pazzo cu Bertl!
1117092251 M * Bertl yup, ngnet is not there ;)
1117092257 N * Bertl Bertl_oO
1117092259 M * Pazzo ???
1117092289 M * Pazzo if still here: what's the right answer then? yes or no? (if I don't want to use ngnet???)
1117092305 M * SiD3WiNDR if you don't want to use it, I guess N is the answer you want?
1117092318 J * lilo ~lilo@lilo.usercloak.oftc.net
1117092325 M * Pazzo the query is confusing:
1117092328 M * Pazzo Disable Legacy Networking Kernel API (VSERVER_NGNET) [N/y/?] (NEW)
1117092331 M * SiD3WiNDR ah
1117092333 M * SiD3WiNDR uh
1117092342 M * SiD3WiNDR well yea
1117092344 M * Pazzo btw: Hi SiD3WiNDR!
1117092344 M * SiD3WiNDR so that's N you want
1117092354 M * SiD3WiNDR and good morning to youuuuu :]
1117092386 M * Pazzo and explanation is even more confusing:
1117092398 M * Pazzo This disables the legacy networking API, which allows to configure per vserver IPs as we know it.
1117092446 M * Pazzo hmmm...
1117092454 M * Pazzo ok, now I understood
1117092543 M * Pazzo thnx SiD3WiNDR!
1117092629 M * SiD3WiNDR :)
1117092641 M * SiD3WiNDR disabling legacy = enabling ngnet :)
1117092689 M * Pazzo yep :)
1117092716 M * Pazzo double negotiation in the early morning - that was too much for me ;)
1117092858 M * SiD3WiNDR ;)
1117094534 M * BWare morning
1117094906 M * meebey hm I am starting to worry about netfilter
1117094923 M * meebey its either a linux kernel bug or vserver triggers it
1117094949 M * meebey the logging becomes corrupted, to me it looks like a bug in the memory management
1117094964 M * meebey allocating too much, too less, using wrong places, whatever
1117094993 M * meebey kern.log looks like this often:
1117094995 M * meebey May 26 01:36:07 galilei21 kernel: 6PT=023 WINW=80S=x00 U=0 
1117095004 M * meebey May 26 00:16:14 galilei21 kernel: MAC= SRC=216.51.213.172 DST=84.142.252.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=13982 DF PROTO=TCP SPT=3823 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0 
1117095019 M * meebey May 25 23:02:01 galilei21 kernel: firewall DROP: IN=ppp0 OUT= <4>firewall REJECT: IN= OUT=eth0 SRC=169.254.0.27 DST=169.254.0.3 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=57293 DPT=25 WINDOW=5840 RES=0x00 CWR ECE SYN URGP=0 
1117095024 M * meebey completly broken
1117095035 M * meebey the <4> looks like the log level to me
1117095132 M * meebey that happens abot 10 times per day
1117095162 M * meebey a full log entry, non corrupted should look like this:
1117095165 M * meebey firewall DROP: IN=eth0 OUT=eth2 SRC=62.246.177.162 DST=62.80.20.141 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=11190 DF PROTO=TCP SPT=2119 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0 
1117095554 J * prae ~prae@ezoffice.mandriva.com
1117098847 J * eXplasm explasm@p549FF7D4.dip.t-dialin.net
1117098938 N * Doener_zZz Doener
1117098944 M * Doener morning!
1117098983 M * Pazzo moin Doener!
1117099106 M * Doener hey Pazzo, 'sup?
1117099164 M * Pazzo sun is shining and I don't like to work today :-)
1117099258 M * Pazzo have to do a little mailserver/webmailer installation somewhere - I'll leave now as everything is better than hanging around in my office today ;-) cya!
1117099266 N * Pazzo PazZzzzooo
1117099267 M * Doener cya! have fun!
1117100124 J * rs ~rs@194.98.28.10
1117100335 N * Doener Doener|gone
1117101086 J * cryo ~say@212.86.243.154
1117102989 Q * as Ping timeout: 480 seconds
1117104027 Q * rs Quit: rs
1117104473 Q * locksy Quit: Terminated with extreme prejudice - dircproxy 1.0.5
1117104508 J * locksy ~locksy@mrtg.sisgroup.com.au
1117105562 J * as as@openbug.org
1117105602 N * PazZzzzooo Pazzo
1117106364 M * Vudumen hmm. how can i completely disable the legacy networking code in util-vserver? currently it doesn't start my vservers because chbind: vc_set_ipv4root(): Function not implemented
1117106394 M * Vudumen and it's okay since i use ngnet. but it doesn't start and vnet cannot initialize the interface required for this vserver
1117106747 Q * albeiro Ping timeout: 480 seconds
1117106824 M * daniel_hozac Vudumen: check the IRC logs for yesterday around 21:40 UTC.
1117106867 M * Vudumen daniel_hozac: thanks
1117107706 M * TheSeer daniel_hozac: apt works ;>
1117107712 M * TheSeer trying it on my server now.. 
1117107727 M * TheSeer dare you if it doesn't come back after i reboot hehe
1117107736 M * daniel_hozac haha
1117107764 M * daniel_hozac well, it passes testme.sh and i haven't noticed any problems with it.
1117107781 M * TheSeer ;)
1117107797 M * TheSeer we'll see.. i still have my manually build kernel on that box
1117107799 M * TheSeer so..
1117107803 M * daniel_hozac have only been running it for 15:34 though ;)
1117107806 J * rs ~rs@staff.lycos.fr
1117107843 M * TheSeer well.. any breaks when upgrading from 1.9.5  to 2.0.0-rc2?
1117107854 M * TheSeer like anything that i need to reconfigure?
1117107883 M * daniel_hozac i don't think so. i didn't have to reconfigure anything, and i upgraded from 1.9.4.
1117107931 M * TheSeer k..
1117107936 M * TheSeer so i'll reboot now..
1117107947 M * TheSeer *keep fingers crossed*
1117107948 M * TheSeer ;>
1117107952 M * daniel_hozac heh, yeah.
1117107991 J * jsambrook ~jsambrook@host-62-69-64-93.bsve.net
1117108030 P * jsambrook 
1117108064 M * TheSeer *wait*
1117108071 M * TheSeer i HATE waiting if a server comes back..
1117108072 M * TheSeer ;>
1117108115 M * daniel_hozac indeed, the suspense is horrible.
1117108159 M * TheSeer lucky me, i just have about 10 minutes to the server housing location ;>
1117108184 M * daniel_hozac heh, i can't afford co-lo so all my servers are right next to me ;)
1117108214 M * TheSeer hmm
1117108217 M * TheSeer not back yet..
1117108231 M * TheSeer i prolly broke something
1117108250 M * TheSeer i upgraded from fc2 to fc3 while beeing at it..
1117108257 M * daniel_hozac ah.
1117108261 M * TheSeer so it might have a problem with that...
1117108267 M * daniel_hozac yeah.
1117108271 M * Vudumen hmm i cannot find in the doc. i can hook vserver startup in /etc/vservers/*/apps/vshelper/startup
1117108278 M * Vudumen is there any other thing for shutdown?
1117108347 M * TheSeer hmm.. okjay.. gonna head over to the colo
1117108349 M * daniel_hozac can't you use post-start.d and post-stop.d for that?
1117108360 M * daniel_hozac good luck, TheSeer.
1117108687 M * Vudumen well as i see if i have a vnet interface in a context then the context cannot be destroyed
1117108710 M * daniel_hozac ah.
1117108723 M * Vudumen so before the stop of the vserver i should remove these interfaces with vnet else i cannot fire up this context again because it cannot create the context (because it's still alive)
1117108767 M * daniel_hozac so how about pre-stop.d?
1117108799 M * Vudumen hmm
1117108804 M * Vudumen where should i create this directory?
1117108860 M * daniel_hozac flower page says /etc/vservers/vserver-name/scripts
1117108867 M * Vudumen thanks :)
1117110782 M * Vudumen hmm interesting. it should be a bug.
1117110800 M * Vudumen i don't use vnet, just fire up the vserver then shut it down and it cannot be started again.
1117110814 M * Vudumen vcontext: vc_create_context(): File exists
1117112091 P * sebd bye
1117112414 M * FaUl re
1117112763 M * TheSeer daniel_hozac: your kernel is broken ;-P
1117112892 M * Doener|gone Vudumen: http://archives.linux-vserver.org/200505/0085.html
1117112899 M * Doener|gone don't you folks read the ml? ;)
1117112902 N * Doener|gone Doener
1117113011 M * Vudumen Doener: i read. and once it just stopped coming to me
1117113013 M * Vudumen dunno why :(
1117113080 M * Vudumen another thing
1117113088 M * Vudumen i just type reboot if i want to reboot my box
1117113102 M * Doener it hangs, because init hangs, same solution ;)
1117113102 M * badiane good morning
1117113107 M * Vudumen since this kernel (rc2 w & w/o ngnet) sometimes it does nothing :/
1117113110 M * Doener morning badiane 
1117113118 M * badiane :-)
1117113127 M * Vudumen thanks
1117113129 M * Doener Vudumen: there are some vshelper processes in context 0, kill them
1117113149 M * badiane if I need to configure my madwifi ath0 from the vserver 
1117113167 M * Vudumen Doener: fine it helped :)
1117113179 M * Vudumen Doener: with this solution you pointed me out will this problem be solved?
1117113185 M * Doener yes
1117113187 M * Vudumen (reboot problem on host side)
1117113187 M * badiane do I place the pre up statements that would have gone in the interfaces file in the script section of the vserver 
1117113189 M * Vudumen fine :) thanks
1117113206 M * Doener you're welcome
1117113206 M * badiane like ssid 
1117113213 M * badiane rate mode 
1117113222 M * badiane all the iwpriv and iwconfig stuff 
1117113280 M * Doener badiane: the tools don't support such stuff... if you really want to up/down the interface together with the vserver, create pre-start/post-stop scripts to do those calls
1117113312 M * badiane that's what I had figured and wanted to know where to place the commands 
1117113322 M * badiane cool 
1117113334 M * badiane another thing I need cleared 
1117113344 M * Vudumen hmmhmm. modprobe ipt_VNET and it fails :(
1117113350 M * Vudumen other vnet netfilter modules works
1117113358 M * badiane I'm trying to simulate a proxy which will have 4 interfaces
1117113375 M * badiane dmz net lan wlan 
1117113396 M * badiane the since the host sees all of the interfaces 
1117113413 M * badiane should I use 
1117113424 M * badiane the input 
1117113448 M * badiane or forward since there will be different subnets 
1117113483 M * badiane the net for example will be pointing to the interface that is actually connected to the dsl modem eth0 
1117113493 M * badiane all of the other "nets" are on eth1
1117113498 M * badiane except for the madwifi
1117113507 M * badiane which will be running hostap
1117113515 M * badiane what i'm inquiring about 
1117113580 M * badiane are how to envisage the rules inside the proxy, between the two proxies (choke fw) and the actual host and the outside and the host between the vservers
1117114416 J * qua ~qua@212.161.7.155
1117115330 Q * pusling Ping timeout: 480 seconds
1117115511 M * FaUl narf 
1117115526 M * FaUl bash-2.05b$ echo this is -- a test -- with more -- than one|sed -r 's/.*?-- //'
1117115526 M * FaUl than one
1117115531 M * FaUl bash-2.05b$ echo this is -- a test -- with more -- than one|perl -ne 's/.*?-- //; print' 
1117115534 M * FaUl a test -- with more -- than one
1117115535 M * FaUl ;wtf?
1117115537 M * FaUl bash-2.05b$ 
1117115832 M * qua sed consumes as much as it can from left, perl apprently doesn't. maybe there is a switch in perl. in sed I would expect this behaviour
1117115849 M * Doener qua: the ? should make the * non-greedy
1117115875 M * Doener FaUl: but you're using extended regexps...
1117115883 M * Doener remove the -r and it will behave like perl
1117115913 M * qua it doesn't
1117115926 M * Doener $ echo this is -- a test -- with more -- than one|sed -r 's/.*??-- //'
1117115926 M * Doener than one
1117115926 M * Doener doener@doener ~ $ echo this is -- a test -- with more -- than one|sed 's/.*?-- //'
1117115926 M * Doener this is -- a test -- with more -- than one
1117115932 M * FaUl jes
1117115937 M * FaUl yes even
1117115944 M * qua and I don't know why the "?" should make it non-greedy?
1117115953 M * Doener hmm, ignore the double ? in the first one, doesn't matter...
1117115973 M * FaUl but this still differes from the perl output 
1117115983 M * FaUl in fact without -r it doesn't replace anything
1117115993 M * FaUl qua: because this is what man perlre says ;)
1117116008 M * Doener FaUl: hm, right...
1117116083 M * FaUl Doener: anyway, ill replace this sed with perl - i don't care about this milliseconds ;)
1117116087 M * qua FaUl: OK, I wouldn't expect sed to conform to some perl spec, but anyway. I thought regexps were all different and people were expected to get used to it ;D
1117116119 M * Doener "man sed" says "see perlre"... but it seems not too match :/
1117116139 M * qua not mine..
1117116145 M * qua sed 4.1.4 debian
1117116156 M * Doener sed 4.1.3 gentoo
1117116162 M * qua ah
1117116200 M * qua you have the superdocumenting distro. that explains it. I can confirm than even unoptimized installation of sed gives the same result
1117116258 M * FaUl qua: ok 
1117116271 M * qua but sorry, I don't know why that happens. I will go and hide, rather than flame. my servers are on deb now fine, won my battle
1117116317 M * qua anyway, I have a X11 problem with vservers..
1117116336 M * qua .. that is covered in FAQ, but suggested solution doesn't help
1117116353 M * qua # sshd with X11-Forwarding in a vserver
1117116353 M * qua     add 'X11UseLocalhost no' to your sshd_config 
1117116387 M * qua and I still get: X11 connection rejected because of wrong authentication.
1117116426 M * qua any idea?
1117116444 M * Doener did you restart sshd? what does $DISPLAY contain?
1117116462 M * qua the related mailing list thread mentions it, but it doesn't help the guy initially.. then it "all of a sudden" starts working, everybody happy, go home, write faq
1117116518 M * qua Doener: yup, restarted. DISPLAY=machinename::12.0
1117116520 M * qua Doener: yup, restarted. DISPLAY=machinename:12.0
1117116542 M * qua which is since I have already logged in once, that was 11
1117116543 M * Doener machinename = the vserver or the host?
1117116547 M * qua yup
1117116559 M * Doener i guess that means vserver ;)
1117116560 M * qua eh, vserver
1117116565 M * qua sorry ;)
1117116668 M * qua unfortunately I still live under impression X11 is black magic. so my debugging skills hit wall soon. strace of say, xclock, doesn't give me anything sensible, except obvious EACCESS when read()'ing the socket
1117116706 M * Doener hm, try to delete ~/.Xauthority and re-login
1117116717 M * qua did, didn't work either
1117116738 M * qua confirming if I can actually do it on the remote root server now
1117116760 M * qua yup
1117116807 M * qua unless there is some other xauth junk in /tmp.. doesn't seem so
1117116834 M * FaUl juuhuuu
1117116844 M * FaUl finally managed to get a vserver with ngnet up :)
1117116880 M * Doener qua: hm, EACCESS? on which socket?
1117116973 M * qua eh sorry EAGAIN, I already forgot and don't write C day to day
1117116983 M * Doener no problem, just wondered...
1117116995 M * qua socket(PF_FILE, SOCK_STREAM, 0)         = 4
1117117020 M * qua actually this one
1117117022 M * qua socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
1117117031 M * qua read(3, 0xbffff538, 8)                  = -1 EAGAIN (Resource temporarily una
1117117045 M * qua not much detail is there
1117117128 J * pusling ~pusling@195.215.29.124
1117117151 M * qua anyway, you *can* do it, right?
1117117163 M * Doener hm, no idea, and i got to go now... back in a few hours, but probably Bertl will show up earlier and solve this ;)
1117117167 M * qua remote vserver X11 over ssh?
1117117180 M * qua OK, thanks
1117117204 M * Doener yes, i have several vservers to which i connect through ssh and use x11 forwarding
1117117210 M * Doener cya!
1117117219 N * Doener Doener|gone
1117117219 M * qua cya
1117117240 M * FaUl hmm
1117117325 M * qua oops
1117117363 M * qua the actual root server has the same problem. another machine with vserver kernel doesn't
1117117448 M * qua how does the connection work? I can see listeners on TCP 6010, 6011.. but that presumably is just for the local serving app, then it goes over already existing ssh socket to my X client at my desk, right?
1117117531 M * qua anyway, I will give it a break and get something to eat instead.. cya
1117117542 N * qua quA
1117118090 Q * rs Quit: rs
1117119986 Q * quA Ping timeout: 480 seconds
1117120545 M * Vudumen hmm, i cannot load ipt_VNET with these messages from the kernel:
1117120545 M * Vudumen ipt_VNET: Unknown symbol vnet_get
1117120545 M * Vudumen ipt_VNET: Unknown symbol netif_receive_skb_ngnet
1117120547 M * Vudumen any ideas?
1117120566 M * Vudumen all other vnet modules (iptable_vnet, ipt_vnet) is loaded well
1117120632 M * FaUl what exactly does iptables btw? is it required or just recommed?
1117120673 M * Vudumen iptables is an interface to configure the packet filter of the kernel
1117120687 M * Vudumen for ngnet it's required to use for "packet routing" :)
1117121254 Q * mcp Read error: Connection reset by peer
1117121267 J * mcp ~hightower@wolk-project.de
1117121331 M * TheSeer daniel_hozac: around?
1117121672 Q * virtuoso Quit: leaving
1117121717 J * virtuoso ~s0t0na@80.253.205.251
1117121841 M * FaUl virtuoso: ah, so ipnet won't work without it? 
1117121883 M * Vudumen FaUl: yes. NGNET requires it since you define which ip packets should go to which virtual interface
1117121892 M * FaUl ah, ok
1117121940 M * Vudumen i wonder if bertl is interested in testing vserver on opteron. i have a sun v20z for this if he wants to use it :)
1117122108 M * SiD3WiNDR o_O
1117122111 M * SiD3WiNDR gimme! :p
1117122290 M * FaUl Vudumen: i've only a sun ultra enterprise 2 and an alpha :)
1117122337 M * Vudumen :)
1117122364 M * Vudumen we work with 3 alphas
1117122372 M * Vudumen we use them as CGI server for our users
1117122428 M * FaUl hehe
1117122469 A * FaUl isn't sure wether he should put his server back in the rack or leave it under his desktop
1117122523 M * FaUl on the one hand, the kernel seems to work, on the other hand there is still no v6-support in it ;-)
1117123090 J * Doener` ~doener@p54876385.dip.t-dialin.net
1117123095 M * FaUl hey Doener` 
1117123123 M * daniel_hozac TheSeer: what's the problem with it?
1117123377 J * mep_ mep@80.145.221.41
1117123521 Q * Doener|gone Ping timeout: 480 seconds
1117123786 Q * mep__ Ping timeout: 480 seconds
1117123840 J * jsambrook ~jsambrook@80.229.143.166
1117123843 P * jsambrook 
1117124024 Q * prae Quit: Client exiting
1117124203 Q * mountie Read error: Connection reset by peer
1117124253 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com
1117125409 N * mountie _mountie
1117125557 N * _mountie mountie_
1117125593 N * mountie_ mountie
1117127249 J * schmitty42 ~schmitty@dsl3-63-249-68-100.cruzio.com
1117127412 Q * schmitty42 Quit: 
1117128061 Q * eXplasm Quit: Verlassend
1117128183 Q * romke Quit: bleh
1117128218 J * yarihm ~yarihm@217-162-112-55.dclient.hispeed.ch
1117129754 J * eXplasm explasm@p549FF7D4.dip.t-dialin.net
1117129780 N * Bertl_oO Bertl
1117129811 M * Bertl evening folks!
1117129914 M * FaUl hey Bertl 
1117129951 M * FaUl Bertl: i've replaced chbind with the following perl-script: 
1117129953 M * FaUl !/usr/bin/perl
1117129953 M * FaUl my $f; 
1117129953 M * FaUl $f .= "$_ " foreach @ARGV;
1117129953 M * FaUl $f =~s/^.*?-- //;
1117129955 M * FaUl exec split (" ", $f) or die "$f: $!\n";
1117129959 M * FaUl now everything works fine
1117129991 M * Bertl excellent!
1117130004 M * Bertl I still don't understand how it did work back then ...
1117130517 M * FaUl Bertl: how many testing-work do you expect for that ipv6-implementation?
1117130537 M * Bertl hmm, should not be too much ... 
1117130577 M * FaUl fine :-)
1117130589 M * Bertl but it requires to adapt the userspace iptables tools too
1117130602 M * FaUl well - thats no problem at all
1117130634 M * Bertl so I'd say 2-3 days implementation together with testing
1117130645 M * Bertl and probably a week or two for final testing
1117130649 M * FaUl i only wonder wether i should put this server back into its rack or leave it below my desk :)
1117130674 M * FaUl do you think it's save to put it back?
1117130680 M * FaUl because it's anoying loud :-)
1117130865 M * Bertl hmm, do you need the sound for testing?
1117130885 M * FaUl no, but i possibly need the console for panics/etc
1117130903 M * FaUl thats why i ask
1117130906 M * Bertl ah, yes, but you should use a serial console for that anyways
1117130936 M * FaUl hmm
1117130940 M * FaUl why?
1117130981 M * SiD3WiNDR cause it rocks ;)
1117130991 M * SiD3WiNDR and then you don't need the real console nearby ;)
1117131013 M * FaUl mhh, right
1117131023 M * FaUl but i've never configured a serial console
1117131037 M * FaUl is it only agetty ttyS0 9600 or something like that?
1117131050 M * SiD3WiNDR serial console howto on tldp
1117131057 M * SiD3WiNDR but essentially for a full serial console
1117131062 M * SiD3WiNDR - config lilo to output also on serial
1117131069 M * SiD3WiNDR - config kernel to put console output on serial
1117131077 M * FaUl ok
1117131081 M * SiD3WiNDR - get a getty running from inittab
1117131081 M * FaUl ill read that howto :)
1117131083 M * SiD3WiNDR hehe
1117131092 M * SiD3WiNDR perhaps pass panic=30 or so to your kernel too
1117131099 M * SiD3WiNDR otherwise you'll still have to walk to the rack to reset the machine ;)
1117131236 M * Bertl getty is bonus
1117131254 M * Bertl what you need is a kernel command line with console=ttyS0 or similar
1117131577 M * FaUl ah ok
1117131581 M * FaUl thats nice ;)
1117131789 M * FaUl hmmm, serial console...
1117131844 M * Doener` evening tzbf, greetings tzlf!
1117131861 M * FaUl hehe ;-)
1117131862 M * Bertl hey Doener`!
1117131865 M * FaUl hey Doener` 
1117131889 M * Doener` (that's time-zone-{bound,less}-folks ;)
1117132210 J * X freebsd@219.95.4.183
1117132334 M * FaUl oh, an X-server
1117132339 M * FaUl :-)
1117132593 M * Bertl welcome X!
1117132611 M * Vudumen hi allz again :)
1117132622 M * Vudumen Bertl: i have a problem :( with ngnet i cannot load the ipt_VNET module
1117132654 M * Bertl Vudumen: gross!
1117132678 M * Bertl what message do you get on modules_install and when you try to load it?
1117132682 M * Vudumen ipt_VNET: Unknown symbol vnet_get
1117132682 M * Vudumen ipt_VNET: Unknown symbol netif_receive_skb_ngnet
1117132691 M * Vudumen modules install works fine
1117132706 M * Vudumen depmod -a doesn't tell me any problems
1117132708 M * Bertl maybe there are dependancies then?
1117132725 M * Bertl do you use modprobe or insmod?
1117132729 M * Vudumen modprobe
1117132740 M * Bertl hmm, should resolve dependancies
1117132778 M * Vudumen Bertl: and another thing. if you would like i can give you a sun v20z (2 opterons) to test vserver on this platform
1117132784 M * Vudumen the machine is located here in out data center
1117133176 J * dvhart_ ~dvhart@pool-71-111-115-8.ptldor.dsl-w.verizon.net
1117133238 M * dvhart_ I just finished reading the paper (http://www.13thfloor.at/vserver/papers/PAPER.txt) and have read through a patch for 2.4 and 2.6.11
1117133254 M * dvhart_ the latter was 18k lines and the former some 5k IIRC
1117133271 M * dvhart_ is the biggest difference the Additional Modifications mentioned in the paper?
1117133290 M * dvhart_ namely accounting, virtualization of things like uptime, and the use of capabilities?
1117133310 M * dvhart_ thus all the additions to the various filesystems
1117133338 M * dvhart_ 2.6.11 patch was v 1.9.5-rc1
1117133710 M * Doener` those modifications, plus a whole new syscall interface, some other small additions, more limits, scheduler stuff...
1117133732 M * Doener` Bertl will probably add some more to the list ;)
1117133767 M * dvhart_ so the HARD CPU and priority calculations based on tokens are new to the 1.9.5 series
1117133769 M * dvhart_ ?
1117133817 M * Doener` yep
1117133823 M * dvhart_ thanks
1117133824 M * dvhart_ I noticed a CPU virtualization item in the kernel TODO.  Is anyone working on that now?  Are any approaches in particular being discussed?
1117133868 M * dvhart_ Just thinking outloud, it seems that rebuilding sched domains to isolate certain CPUs per VPS might be feasible
1117134013 M * Doener` IIRC the cpu virtualization there means virtualizing the values shown in top ;)
1117134120 M * dvhart_ heh
1117134120 M * dvhart_ oops
1117134164 M * Doener` IIRC Bertl mentioned some ideas for the cpuset stuff that made it into 2.6.12-rcX.. but as I don't know what they (cpusets) are about, you may now look at me and say: "WTF you're talking about? That got nothing to do with my idea" ;)
1117134198 M * dvhart_ well what about CPU isolation then, any interest there?
1117134262 M * dvhart_ heh
1117134269 M * Doener` Bertl: where are you? we need someone who got a vision for Linux-VServer development ;)
1117134279 M * dvhart_ nah cpusets would be another approach
1117134307 A * dvhart_ research cpusets a while back... forgot to write down the pros/cons... dammit
1117134337 M * Doener` i'm sure there are some folks out there who would appreciate it... i don't have any smp box so... ;)
1117134394 M * dvhart_ thanks for the input though, I'll stop back in later... perhaps at a more appropriate time for whatever TZ most of the vserver folks are on :-)
1117134466 M * Doener` some folks here are almost timezone agnostic ;) now + 2-4 hours is usually a good time to be here
1117134488 M * dvhart_ cool thanks
1117134918 J * Loki|muh_ loki@satanix.de
1117134918 Q * Loki|muh Read error: Connection reset by peer
1117135047 Q * mcp Read error: Connection reset by peer
1117135143 J * mcp ~hightower@83.136.81.245
1117135499 J * berni_ ~berni@svr01.mucip.net
1117135500 Q * berni Read error: Connection reset by peer
1117136044 Q * berni_ Ping timeout: 480 seconds
1117136712 J * albeiro albeiro@albeiro.usercloak.oftc.net
1117139229 J * berni ~berni@svr01.mucip.net
1117139841 Q * dvhart_ Ping timeout: 480 seconds
1117141001 J * mef ~mef@targe.CS.Princeton.EDU
1117141289 J * dvhart_ ~dvhart@bi01p1.co.us.ibm.com
1117141861 Q * dvhart_ Ping timeout: 480 seconds
1117142185 A * mugwump yawns
1117142195 N * id_werk id
1117143759 Q * mef Quit: Leaving
1117143778 J * dvhart_ ~dvhart@bi01p1.co.us.ibm.com
1117145109 J * monrad ~monrad@213083190130.sonofon.dk
1117145325 J * romke ~romke@procyon.romke.net
1117146133 J * _sebd ~sebd@lesdeveloppementsdurables.org
1117146134 Q * mep_ Read error: Connection reset by peer
1117147436 J * terr ~gilles@ip-213-49-162-64.dsl.scarlet.be
1117147481 M * terr Hello.
1117147595 M * terr ?
1117147693 M * daniel_hozac hi.
1117147743 M * terr Are you waiting for advice too?
1117147756 M * daniel_hozac nope, just lurking :)
1117147790 M * terr Maybe you have knowledge of routing and can help me?
1117147814 M * daniel_hozac well, your setup is way to complex for me ;)
1117147838 M * terr :-(
1117147847 M * Bertl hmm ... I'm back now, did anybody miss me *G* ;)
1117147866 M * terr I've just arrived.
1117147881 M * Bertl ah, so new routing experiences ;)
1117147898 M * terr Yes, trying and not succeeding.
1117147919 M * Vudumen Bertl: i missed you :)
1117147923 M * Vudumen check what i wrote to you
1117147947 M * Vudumen but now i go to bed...
1117147949 M * Vudumen i'm sleepy
1117147965 M * terr Good night :-)
1117147994 M * Vudumen bye all. good night
1117148046 M * terr Bertl: Do you have some time for clearing something up?
1117148093 M * Bertl Vudumen: yeah, good night .. we 'll talk about it tomorrow ..
1117148110 M * Bertl terr: probably ... what's up? ;)
1117148140 M * terr Do you remember my network setup?
1117148156 M * Bertl vaguely .. but I can look up your email, no?
1117148186 M * terr Yes, in the "Confused by routing" thread.
1117148196 Q * monrad Ping timeout: 480 seconds
1117148202 M * terr (the first message has a drawing)
1117148243 M * Bertl k, found it ...
1117148293 M * Bertl so, what's the issue?
1117148309 M * terr So, first question (to be sure I'm not trying something impossible):
1117148377 M * terr Is it possible to route packets from "Vs1" to "Vs2" through "Host2" (the FW)?
1117148404 M * daniel_hozac i may be dumb, but why do you want to do that?
1117148437 M * Bertl terr: it's probably possible, but not very useful ...
1117148450 M * terr To simulate a real network with DMZ and "private" subnets
1117148459 M * terr Why not useful?
1117148482 M * Bertl what would be the 'use'?
1117148526 M * terr What I said 2 lines above: Vs1 is a "secured" workstation in a private net...
1117148542 M * terr and Vs2 is a server in a DMZ?
1117148572 M * Bertl well, it is not, both are connected to the same interface, no?
1117148580 M * terr Or is it complete nonsense (and why)?
1117148607 M * Bertl and the 'normal' routing path would route packets inside the host
1117148615 M * terr Real interface (eth0) yes.
1117148634 M * terr But I thought I'm faking 2 or more interfaces using VLAN.
1117148649 M * Bertl yes, but on the same machine ...
1117148660 M * terr Vs2 is connected to eth0.2
1117148667 M * Bertl it's like setting up eth0 with ip 10.0.0.1 and 10.0.0.2
1117148668 M * terr Vs1 is connected to eth0.3
1117148689 M * Bertl and then trying to send packets from 10.0.0.1 over 10.0.0.3 to 10.0.0.2 ;)
1117148707 M * terr So?
1117148718 M * Bertl didn't say it's not possible, it's just not really useful ...
1117148723 M * daniel_hozac do you want to limit communication between the vservers, or what is the purpose?
1117148764 M * terr daniel_hozac: Yes, subject to the FW-enforced policy.
1117148823 M * terr I don't get it.  Is it useful to have a "private" and DMZ subnets connected through a FW?
1117148948 M * Bertl yes, if they are connecting different machines ...
1117149016 M * Bertl but as I said, let's not focus on the usablility, let's focus on the issues, no?
1117149059 M * terr Yes, the fact is: I don't have so many machines...
1117149097 M * terr That's why I want to simulate several subnets with several vservers on the same machine.
1117149149 M * terr Does that make any sense?
1117149162 M * Bertl yeah, it's fine for me ;)
1117149173 M * Bertl issues, issues ;)
1117149211 M * terr OK, OK, So,  euh... How do I do it?
1117149233 M * terr Currently all packets go through lo.
1117149235 M * Doener` i'm off to bed now... (if i'm able to sleep... dentist will make me suffer in a few hours... *shivers* ;)
1117149269 M * Doener` good night folks!
1117149273 M * Bertl night Doener`!
1117149274 M * terr Bye.
1117149275 N * Doener` Doener_zZz
1117149346 Q * dvhart_ Ping timeout: 480 seconds
1117149398 M * terr It seems that the current "ip" rules are not right.
1117149458 J * monrad ~monrad@0x535b06c0.ronxx3.adsl-dhcp.tele.dk
1117149552 Q * monrad Quit: 
1117149632 M * terr Private net is 192.168.83.0/24, DMZ is 192.168.79.0/24
1117149656 M * terr Firewall is 192.168.83.2 and 192.168.79.2
1117149688 M * terr Vs1 is 192.168.83.100 and Vs2 is 192.168.79.11
1117149800 J * ciphernaut ~a@61.88.18.130
1117149976 M * terr Herbert, knock three times if you are still there...
1117150165 M * Bertl knock knock knock ;)
1117150175 A * Bertl got a phone call ...
1117150208 M * Bertl okay, so far nothing new, what's your table setup?
1117150262 M * terr Inside Vs1 ?
1117150273 M * Bertl no, the routing tables on the host
1117150299 M * terr ip route ls
1117150299 M * terr 192.168.83.0/24 dev eth0.2  proto kernel  scope link  src 192.168.83.1
1117150299 M * terr 192.168.79.0/24 dev eth0.3  proto kernel  scope link  src 192.168.79.1
1117150299 M * terr 192.168.107.0/24 dev eth0.4  proto kernel  scope link  src 192.168.107.10
1117150299 M * terr 127.0.0.0/8 dev eth0.2  proto kernel  scope link  src 127.0.0.1
1117150301 M * terr 127.0.0.0/8 dev eth0.3  proto kernel  scope link  src 127.0.0.1
1117150304 M * terr default via 192.168.107.20 dev eth0.4
1117150367 M * terr I thought I should add something to a routing script in "pre-start.d"
1117150416 M * terr [As you had suggested, in order to reach the outside world.]
1117150420 M * Bertl let's try with 'ip route ls' and 'ip rule ls' and please upload it somewhere
1117150463 M * Bertl what are the 127.0.0.x entries doing there, btw?
1117150528 M * terr I don't know! There are added when I start the vservers.
1117150558 M * Bertl well, in this case, please also upload the vservers config ;)
1117150653 M * terr Shall I make a tar file and use the same trick as the other time (i.e. netcat to somewhere on your machine)?
1117150731 N * X MrX
1117150974 J * ml ~ml@visp230-172.visp.co.nz
1117151048 M * ml Hi all
1117151065 M * ml How is the new "Disable legacy net" kernel config supposed to wrok?
1117151069 M * Bertl welcome ml!
1117151085 M * Bertl ml: did you read the help text?
1117151107 M * ml Yes, but didn't shed much light on it...
1117151142 M * ml Trying with util-vserver 0.30.207 and it complains about chbind: vc_set_ipv4root(): Function not implemented
1117151154 M * Bertl which kernel version?
1117151170 M * ml 2.6.12-rc4-vs2.0-rc2
1117151171 M * daniel_hozac isn't that expected if legacy networking is disabled?
1117151205 M * ml So what should I change in the vserver config to make it run w/o legacy net?
1117151224 M * daniel_hozac you'll need ngnet.
1117151229 M * Bertl help says:
1117151235 M * Bertl config  VSERVER_NGNET
1117151238 M * Bertl         depends on EXPERIMENTAL
1117151242 M * Bertl           This disables the legacy networking API, which allows
1117151242 M * Bertl           to configure per vserver IPs as we know it.
1117151255 M * Bertl so what do you expect? ;)
1117151305 A * ml does a google research on 'ngnet'
1117151306 Q * ciphernaut Read error: Connection reset by peer
1117151332 M * Bertl terr: I'd prefer a simple 'overview' of the network files (maybe ls -lR + cats of the relevant files) uploaded to pastebin.com or wherever you prefer 
1117151351 M * ml Honestly, "configure per vserver IPs as we know it" isn't too useful description.
1117151378 M * Bertl well, give me a better one ;)
1117151386 M * ml Does it mean I could do "ip addr add blah" from inside the vserver?
1117151426 M * Bertl no it just means that it 'disables' the 'API' which allows you to configure the IPs for a vserver ;)
1117151428 M * ml I can't give a better description unless I know what is it supposed to do ;-)
1117151469 M * terr Bertl: File is ready to be netcat'ed to your place of preference...
1117151479 M * Bertl *sigh*
1117151563 M * Bertl ml: you know what an API is?
1117151667 Q * mountie Quit: LUNCK!
1117151714 M * ml Bertl: heh, indeed.
1117151757 A * ml was confused that something labeled "legacy" is needed even with the latest util-vserver...
1117151771 M * Bertl ml: okay, chbind uses the legacy network API. period. :)
1117151792 M * Bertl if you get rid of chbind, you can disable it ...
1117151828 M * ml Well yes, going through http://linux-vserver.org/NGNET-Testing-HOWTO ...
1117151865 J * mountie ~mountie@CPEdeaddeaddead-CM000a739acaa4.cpe.net.cable.rogers.com
1117151888 M * ml BTW "This disables the legacy networking API, which allows to configure per vserver IPs as we know it."
1117151928 M * Bertl should use them, no?
1117151929 M * ml Does it mean "disable and that allows you to configure IPs" or "disable something that allows ..."?
1117151952 Q * mountie Remote host closed the connection
1117151952 M * ml Now I know it's the latter but on the first read I thought it's the former.
1117151985 M * Bertl ah, okay, I got it ...