1162598498 M * almak yes. The idea is to have different services on different ports sharing same IP 1162598502 Q * Aiken Quit: Leaving 1162598543 M * Bertl okay, now let's make that example from above working, even with apache using port 80 on all three of them 1162598571 M * Bertl we simply assing a private ip to each guest, let's say 10.0.0.1 - 10.0.0.3 1162598599 M * Bertl now we can start and bind apache to the private ips inside each guest 1162598647 M * Bertl to allow the guests to reach the internet, we simply add an SNAT rule to the host, 'masquerading' the private ips for outgoing traffic 1162598692 M * Bertl to make the apaches reachable from the internet, we have to do similar DNAT for incoming traffic, something like: 1162598709 M * Bertl -> port 8001 -> 10.0.0.1:80 1162598716 M * Bertl -> port 8002 -> 10.0.0.2:80 1162598722 M * Bertl you get the idea? 1162598748 M * almak yes. basically nat the traffic. 1162598774 M * Bertl in this process, you can also tag the traffic with fwmark for example 1162598928 J * lilalinux_ ~plasma@dslb-084-058-211-172.pools.arcor-ip.net 1162598988 M * almak So filter can be based on private ip 1162599179 M * Bertl in this setup, yes 1162599296 M * almak What is the use of the fwmark you were referring to? 1162599356 Q * lilalinux__ Ping timeout: 480 seconds 1162599451 M * Bertl with iptables, you can set a so called fwmark 1162599495 J * patulo ~iuuuju@187-200-231-201.fibertel.com.ar 1162599500 M * patulo Hi to all ! 1162599505 M * Bertl welcome patulo! 1162599528 M * patulo Hi Bertl !! 1162599565 M * patulo I'd like to ask something... would you like to listen ? (actually read =)) 1162599588 M * Bertl as usual, go ahead ... 1162599599 M * patulo thanks !!... 1162599627 M * patulo I'm using LVM for management storage/vserver 1162599666 M * patulo do I have to setup /etc/vserver/vs-name/fstab adding a " / none bind" ? 1162599671 M * patulo as I read in the docs ? 1162599688 M * Bertl nah, but it is advised if you have one lvm per guest 1162599725 M * patulo yes, I have 1 LVM / guest... because if I add that line I got an error like this: 1162599734 M * patulo rs01:~# vserver vs100 start 1162599734 M * patulo mount: special device /vserver/vs100 does not exist 1162599734 M * patulo /usr/local/etc/vservers/vs100/fstab:3:1: failed to mount fstab-entry 1162599749 M * daniel_hozac that's because you got the path wrong. 1162599762 M * daniel_hozac but anyway, the scripts will do that for you, whether you ask for it or not. 1162599791 M * patulo Oooops.... sorry!!! your're right !!! its /vserverS/vs100 ... SORRY !!! 1162599801 M * daniel_hozac so there's no need to put it in the fstab if you've already mounted it where it should be. 1162599804 M * patulo I feel like a dumb 1162599827 M * patulo ok, so don't add that line in fstab... Great ! 1162599899 J * ntrs ~ntrs@66.112.68.203 1162599902 M * patulo thank you very much daniel and Bertl !!! 1162599917 M * Bertl it has advantages to put it into the fstab, if you want to manipulate the lvm when a guest is shut down (at least with older tools) 1162599924 M * Bertl wb ntrs! 1162599933 P * stefani I'm Parting (the water) 1162599936 M * daniel_hozac you wouldn't want a bind mount then, you'd want the actual mount ;) 1162599946 M * Bertl right 1162599970 M * patulo I'd had the following issue 1162599982 M * patulo vserver vsname stop 1162600003 M * patulo umount /vservers/vsname 1162600036 Q * ntrs_ Read error: Operation timed out 1162600051 M * daniel_hozac and you still couldn't do anything to the volume? yeah, that's expected. 1162600062 M * daniel_hozac because it's still mounted in the other namespaces. 1162600067 M * patulo and when I try to mount it again it says that device is already mounted or busy... but actually it doesn't appear in mtab neither in the output of the mount command 1162600082 M * patulo how can I solve that ? 1162600096 M * Bertl yep, you'll find it in some /proc/mounts 1162600125 M * patulo but what should I do to mount it again ? 1162600133 M * patulo and restart the vserver ? 1162600152 M * daniel_hozac hmm, mounting it again should work fine. 1162600161 M * Bertl depends on the filesystem 1162600183 M * daniel_hozac yeah, i guess. 1162600203 M * patulo I'm sure it doesn't ... I'm using an md level 1 device with LVM over it and the LVs are ext3 1162600322 M * Bertl yeah, ext3 is supposed to work here 1162600360 Q * lilalinux_ Remote host closed the connection 1162600473 M * patulo I'll go to investigate it better, and I'll tell you exactly when it happens (it's not allways). Actually I'm still not pretty sure when... 1162600505 M * Bertl most important, check with 'vnamespace -e -- cat /proc/self/mounts 1162600621 M * patulo great... I'll write it down ! 1162600694 M * patulo In fact I'm investigating this because I got a kernel crash..., would you like to see the /var/log/messages output ? 1162600713 M * Bertl of course 1162600722 M * patulo Nov 3 19:12:27 localhost kernel: c0140b46 1162600722 M * patulo Nov 3 19:12:27 localhost kernel: Modules linked in: ext3 jbd ext2 mbcache pcspkr psmouse serio_raw rtc parport_pc parport evdev reiserfs dm_mirror dm_snapshot dm_mod raid1 md_mod ide_generic ide_cd cdrom ide_disk ehci_hcd ohci_hcd usbcore forcedeth sata_nv amd74xx libata scsi_mod generic ide_core processor 1162600722 M * patulo Nov 3 19:12:27 localhost kernel: EIP: 0060:[] Not tainted VLI 1162600722 M * patulo Nov 3 19:12:27 localhost kernel: EFLAGS: 00210097 (2.6.16-2-vserver-k7 #1) 1162600723 M * Bertl please upload to paste.linux-vserver.org 1162600731 Q * dreamind Quit: dreamind 1162600734 M * patulo oops, sorry... I'll paste it there 1162600788 M * patulo after that crash I had to reboot the real box 1162600846 M * Bertl hmm, looks somewhat incomplete to me 1162600864 M * Bertl i.e. I'd expect a stack trace right after that part 1162600889 M * patulo and this morning I got another strange issue: one guest started to work with the filesystem as read-only .... wierd, isn't ??? 1162600905 M * patulo look the next lines: 1162600912 M * patulo Nov 3 19:12:27 localhost kernel: EFLAGS: 00210097 (2.6.16-2-vserver-k7 #1) 1162600912 M * patulo Nov 3 19:30:54 localhost -- MARK -- 1162600912 M * patulo Nov 3 19:50:55 localhost -- MARK -- 1162600912 M * patulo Nov 3 20:10:55 localhost -- MARK -- 1162600912 M * patulo Nov 3 20:59:37 localhost syslogd 1.4.1#18: restart. 1162600931 M * patulo at 20.59 I rebooted the box.... 1162600938 M * Bertl that sounds like a hardware issue 1162600956 M * Bertl most filesystem remount read-only when the underlying I/O is faulty 1162600968 M * daniel_hozac shouldn't that log something? 1162600983 M * Bertl yeah, it does, unless the log is on that filesystem :) 1162600984 M * daniel_hozac this is not the first time i've heard of remounting ro... 1162601000 M * patulo wait... I have something in syslog 1162601025 M * patulo yes, but its a little bit long to paste it here 1162601034 M * daniel_hozac use paste.linux-vserver.org. 1162601042 Q * bonbons Quit: Leaving 1162601051 M * patulo yes, I'm pasting it there right now 1162601188 M * patulo Berlt, you mean a HD failure ? 1162601207 M * Bertl for example 1162601269 M * patulo but the md is syncronized 1162601298 M * patulo rs01:~# cat /proc/mdstat 1162601298 M * patulo Personalities : [raid1] 1162601298 M * patulo md3 : active raid1 hda6[0] hdc6[1] 1162601298 M * patulo 142496448 blocks [2/2] [UU] 1162601312 M * patulo and the other mds seems to be ok too 1162601317 M * Bertl is everything on the raid? 1162601388 M * patulo there are 3 md devs for the real os and 1 for the guests filesystem 1162601400 M * Bertl the oops you uploaded looks familiar, not sure it was fixed in a later kernel or vserver patch 1162601416 M * patulo ooohhh... should I upgrade ? 1162601428 M * Bertl anyway, we are in the process of releasing 2.1.1, so that'd be a good chance to update 1162601432 M * daniel_hozac that's always a good idea ;) 1162601441 M * daniel_hozac but the Debian kernels track stable. 1162601460 M * patulo yeah, but its a production server... I have to be fast and clean doing it ! 1162601486 M * patulo the box is running a debian apt etch kernel 1162601547 M * patulo what do you recommend ? 1162601566 M * patulo this box has been working fine for 63 days before 1162601617 M * Bertl well, if it _works_ for you, no need to upgrade 1162601635 M * Bertl but as I said, the kernel trace reminds me of a fixed issue 1162601663 M * daniel_hozac and 2.6.16 was a looong time ago ;) 1162601680 M * patulo look, not sooo long: 1162601688 M * patulo rs01:~# uprecords 1162601688 M * patulo # Uptime | System Boot up 1162601688 M * patulo ----------------------------+------------------------------------------------- 1162601688 M * patulo 1 63 days, 21:54:09 | Linux 2.6.16-2-vserver- Mon Jul 24 12:14:53 2006 1162601712 M * daniel_hozac the box i'm IRCing from now has been up for 100 days, and it's running a 2.6.17 based kernel. 1162601760 M * daniel_hozac the last vserver patch for 2.6.16 was released in june. 1162601767 M * patulo ok daniel, you've convinced me... how do I should update ? can I update with apt ? or do I have to compile ? 1162601790 J * Aiken ~james@tooax6-218.dialup.optusnet.com.au 1162601790 M * daniel_hozac IIRC there should be 2.6.18 kernels available. 1162601841 M * patulo I should do the update in 5 minutes or some people will kill me =P 1162601867 M * Bertl hehe, well, I hope you have a remote console at hand 1162601893 M * patulo I'll go physically to the datacenter... 1162601986 M * Bertl okay, well, then should at least reverting to the old kernel not pose a problem 1162601998 M * Bertl (if the new one doesn't work as expected) 1162602180 M * patulo yeah... ok Bertl and Daniel, you guys as always are very very friendly !!!. Thank you very much for your support !. I hope the upgrade works fine ;) 1162602444 M * daniel_hozac you're welcome! 1162603807 Q * shedi Quit: Leaving 1162604039 N * _[PUPPETS]Gonzo [PUPPETS]Gonzo 1162604626 Q * ruskie Remote host closed the connection 1162604742 J * ruskie ~ruskie@ruskie.user.oftc.net 1162604937 Q * sebastian 1162605116 J * ruskie_ ~ruskie@84.20.228.4 1162605312 Q * ruskie Ping timeout: 480 seconds 1162605312 Q * ruskie_ Read error: Connection reset by peer 1162605474 J * ruskie ~ruskie@ruskie.user.oftc.net 1162605750 J * shedi ~siggi@inferno.lhi.is 1162606363 Q * crypt Quit: Leaving 1162606408 Q * gerrit Ping timeout: 480 seconds 1162606723 J * FCOJ ~mordur@dsl-201-4.hive.is 1162608662 Q * node_ Ping timeout: 480 seconds 1162609273 Q * patulo 1162609573 M * Aiken Bertl ping 1162609588 Q * FCOJ Quit: Leaving 1162609740 M * Bertl Aiken: pong! 1162609897 M * Aiken If I do this http://paste.linux-vserver.org/623 I get http://paste.linux-vserver.org/624 1162609914 M * Aiken if I comment out the setattr I get a clean fsck 1162609967 M * Aiken this a possible bug or something else? 1162610005 M * Aiken since I had the problem with chown + cow I have been forcing a few more fsck.ext3 and narrowed it down to that 1162610253 M * Bertl hmm, looks interesting 1162610267 M * Bertl could you try the same with ext2? 1162610322 M * Bertl seems like a block not being accounted properly 1162610330 Q * bronson Quit: Ex-Chat 1162610330 M * Aiken same with ext2 1162610461 M * Bertl okay, I ahve some vague idea what that could be 1162610481 M * Bertl could you retry the same without the --iunlink setting? 1162610499 M * Bertl i.e. just comment the setattr --iunlink test 1162610519 M * Aiken if the setattr is commented out the fsck is clean 1162610528 M * Bertl okay, thought so 1162610541 M * Bertl let's do another one, like this: 1162610552 Q * sladen Ping timeout: 480 seconds 1162610557 M * Bertl echo blah > a/test 1162610572 M * Bertl setattr --iunlink a/test 1162610582 M * Bertl rm -rf a 1162610598 M * Bertl or even without the a dir 1162610615 M * Aiken so comment the ln 1162610639 M * Bertl well, no, we want the iunlink set on a single file 1162610671 M * Bertl which then gets removed ... let me adjust the setup for you (sec) 1162610680 J * sladen paul@starsky.19inch.net 1162610724 M * Aiken it does the same 1162610730 M * Bertl http://paste.linux-vserver.org/625 1162610741 M * Bertl same problem with that one? 1162610758 M * Aiken which is what I have just done 1162610761 M * Aiken same problem 1162610781 M * Bertl okay, good, that is what I expected 1162610803 M * Bertl yeah, looks like a bug, will check (and hopefully fix) in a few minutes 1162611649 J * nadav ~nadav@87.68.170.225.cable.012.net.il 1162611773 M * Bertl welcome nadav! 1162611782 M * nadav thanks Berti 1162612582 P * nadav 1162614456 M * Bertl Aiken: hmm, that seems trickier than expected 1162614722 M * Aiken is it something in general or just a problem in the world of alpha? 1162614742 M * Bertl general issue, can recreate it here on QEMU/i386 1162614751 M * Aiken ok 1162614761 M * Bertl I suspected the CoW breaking alternate branch 1162614777 M * Bertl the one which resets the flags) 1162614791 M * Aiken I better go, wife is not so patiently waiting for me to go into town with her 1162614796 M * Bertl but ATM I have no indication that the code is executed at all 1162614797 M * Aiken just heard the car start 1162615217 Q * Aiken Read error: Connection reset by peer 1162615219 J * Aiken_ ~james@tooax6-218.dialup.optusnet.com.au 1162615575 M * Bertl have to compile a mainline kernel, something looks fishy here 1162616699 M * Bertl okay, stumbled over a mainline issue, but that seems unrelated 1162617373 M * Bertl it's definitely something going wrong when ext2/3 deletes a file with iunlink set 1162617395 M * Bertl (i.e. it is ext2/3 specific, and it doesn't happen when the flags aren't present) 1162621740 Q * Piet charon.oftc.net neutron.oftc.net 1162621740 Q * Wonka charon.oftc.net neutron.oftc.net 1162621740 Q * bj charon.oftc.net neutron.oftc.net 1162621740 Q * fosco charon.oftc.net neutron.oftc.net 1162621849 J * Piet hiddenserv@tor.noreply.org 1162621849 J * fosco fosco@konoha.devnullteam.org 1162621849 J * bj ~bj@insanefactory.com 1162621849 J * Wonka produziert@chaos.in-kiel.de 1162623533 J * Piet_ hiddenserv@tor.noreply.org 1162623685 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162623767 Q * AndrewLee Ping timeout: 480 seconds 1162623852 Q * Piet Remote host closed the connection 1162625062 M * Bertl Aiken_: ping? 1162625111 M * Aiken_ you rang? 1162625124 M * Bertl I guess I found it ... tricky issue indeed 1162625139 M * Bertl doing final tests now, should have a patch in a few minutes 1162625144 M * Aiken_ ok 1162625290 M * Bertl yep, fixes it, we did not deallocate blocks on CoW files (for ext2/3) 1162625303 M * Bertl that matches the strange reports fo 'missing disk space' 1162625321 M * Bertl (which could be recovered by fsck :) 1162625413 M * Bertl http://vserver.13thfloor.at/Experimental/delta-ext23-fix01.diff 1162625454 M * Bertl this should fix both issues, the last hunk is just for correctness (stumbled over that while debugging) the first two fix the real issue 1162625506 M * Bertl Aiken_: thanks a lot for doing extensive testing on the CoW stuff, we have to mention that on the Hall'o'Fame ... without your work we would have missed quite a bunch of issues ... 1162625788 A * Aiken_ has already been put in the hall of fame by Bertl :) 1162625821 M * Aiken_ I have had the missing disk space as well but that settled down after the chown + cow was fixed with rc44 or 45 1162625981 M * Bertl without that additional fix, you could get it quite easily by applying the iunlink to files and then removing them 1162626007 M * Aiken_ compiling now 1162626023 M * Bertl inode gets freed quite fine, the blocks not 1162626106 M * Bertl it's funny that ext2/3 has a separate check in the block handler 1162626281 M * Hollow morning! 1162626323 M * Bertl hey Hollow! 1162626365 M * Hollow still fiddling on 2.1.1? ;) 1162626373 M * Bertl yeah 1162626409 M * Bertl but it's all Aiken's fault :) 1162626422 M * Hollow another bug? 1162626426 M * Bertl yep 1162626435 M * Hollow Bad Thing 1162626452 M * Bertl you remember the space issues micah reported half a year ago? 1162626476 M * Bertl (which nobody could reproduce) 1162626526 M * Hollow no :) 1162626537 M * Bertl well, those are fixed now *G* 1162626554 M * Hollow delta-ext23-fix01? 1162626559 M * Bertl yep 1162626572 M * Hollow ah, i only use xfs :) 1162626586 M * Bertl lucky chap :) 1162626669 M * Aiken_ seems to be fine, my test case is not reproducing the problem now 1162626758 M * Bertl excellent! and tx a lot! 1162626776 M * Bertl I'm off to bed now ... so have a good one everyone! and cya! 1162626790 M * Aiken_ gn 1162626793 N * Bertl Bertl_zZ 1162626809 M * micah Bertl_zZ: !! 1162626844 M * micah wow, thats really amazing 1162626861 M * micah I had chalked that problem up to PEBKAC 1162626927 M * micah great work Bertl and Aiken_ 1162627131 Q * node_ Ping timeout: 480 seconds 1162628142 J * FireEgl ~FireEgl@Sebastian.Atlantica.US 1162628418 J * bonbons ~bonbons@83.222.36.111 1162629854 J * dna_ ~naucki@123-247-dsl.kielnet.net 1162630392 N * Piet_ Piet 1162630446 M * Piet this is definately the most impressive how-to i've ever seen. http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1162630454 M * Piet and i don't mean the text 1162630580 M * Hollow flower power? :) 1162630613 M * Piet woodstock is alive 1162630673 M * Piet so which how-to should one use for setting up vserver guests on debian? 1162630717 M * Piet i was looking on the wiki but it seems this doesn't exist yet, just the link to it. and there is no such doc on the old wiki either unless i missed it 1162630738 M * Hollow e.g. http://deb.riseup.net/vserver/ 1162630751 M * Hollow (from the old wiki) 1162630852 M * Piet hehe, good hint, thanks 1162631714 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162632327 Q * DreamerC Quit: leaving 1162632344 J * DreamerC ~dreamerc@61-217-226-119.dynamic.hinet.net 1162632367 Q * DreamerC 1162632403 J * DreamerC ~dreamerc@61.217.226.119 1162632590 M * Hollow derjohn2: morning ;) 1162632852 M * derjohn2 Hollow, heh ;) Im under supervision ;) 1162632928 M * Hollow really? 1162632979 Q * meandtheshell Quit: exit (0); 1162632991 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162633158 Q * michal` Ping timeout: 480 seconds 1162633400 J * coocoon ~coocoon@dslb-084-056-159-108.pools.arcor-ip.net 1162633411 M * coocoon hello 1162633416 J * michal` ~michal@www.rsbac.org 1162633484 Q * ruskie Quit: killed 1162634530 J * AndrewLee ~andrew@tnlug.linux.org.tw 1162635220 J * ruskie ~ruskie@ruskie.user.oftc.net 1162635245 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1162636164 J * Piet_ hiddenserv@tor.noreply.org 1162636588 Q * Piet Ping timeout: 480 seconds 1162637619 M * |yang| Hello ! I am using kernel 2.6.17.13-vs2.0.2.1 and my server halts like once in a week...is it possbile that this kernel version contains some sort of a bug? 1162637640 M * |yang| I don't exclude the hardware problem with my server 1162637651 M * |yang| But there is nothing in the logs 1162637937 M * bonbons |yang|: no panic showing on console? 1162637962 Q * ensc Killed (NickServ (GHOST command used by ensc_)) 1162637971 J * ensc ~irc-ensc@p54B4DD17.dip.t-dialin.net 1162638021 M * |yang| bonbons: no just "connection reset by peer" error, and then the server needs to be rebooted 1162638037 M * |yang| and Hard drive doesn't contain bad blocks 1162638061 M * bonbons no way to connect to it using a serial console or local console? 1162638080 M * |yang| it's co-located in the datacenter, I can't access it 1162638105 M * |yang| It started bugging like 2 months ago...and now drops approx. once a week...before i had it stable with 100+ days of uptime 1162638252 M * |yang| Either someone triggers a remote bug exploit, to drop it...or it comes to some hardware failure 1162638262 M * |yang| i can't really tell 1162638339 M * bonbons did you try setting up netconsole and putting kernel log level a little bit higher? (it's sending kernel messages via UDP) 1162638379 M * |yang| nope 1162638395 M * |yang| I wouldn't know how to read kernel errors 1162638409 M * |yang| if they come in those strange codes like 0xxx2323x2312 1162638434 M * bonbons the important point is to first know if it's a kernel error 1162638475 M * bonbons if you get a kernel panic with trace maybe we can find out what causes the issue 1162638494 M * |yang| so how do i make that kernel logging 1162638535 M * |yang| you mean i should monitor /var/log/kern.log? 1162638578 M * bonbons that's the local logging of kernel messages 1162638622 M * bonbons but when kernel crashes the trace most often will not reach /var/log/kern.log 1162638629 M * |yang| yes 1162638639 M * |yang| so, what shoudl i do? 1162638750 J * comfrey ~comfrey@host193-150.pool8289.interbusiness.it 1162638925 M * bonbons Do something like "modprobe netconsole netconsole=10000@123.123.123.123/eth0,10000@124.124.124.124/00:00:00:00:00:00" 1162638956 M * bonbons replace 123.123.123.123 with the IP address of your crashing box, 124.124.124.124 with the IP address of the host that will capture the output 1162639001 M * |yang| so i need to have some sort of a logger enabled on remote machine? 1162639006 M * |yang| logger watcher 1162639014 M * bonbons and replace 00:00:00:00:00:00 with the MAC-address of your target machine (if both are on same subnet, otherwise MAC address of your gateway) 1162639049 M * bonbons netcat listening should already be sufficient 1162639112 M * bonbons just do something like "netcat -u -l -p 10000 | tee /var/log/kernel.remote.log" 1162639119 M * |yang| ok thanks ! 1162639198 M * bonbons you will only see the output that gest to local console, so you may want to increase logging level ("dmesg -n 8" to get everything, this way you can also check that netconsole output arrives at your logging host) 1162639384 M * |yang| 124.124.124.124 = ip of remote box? 1162639464 M * |yang| ok 1162639467 M * |yang| yes i see 1162639620 M * |yang| but on my remote box there is no file called kernel.remote.log 1162639774 M * |yang| Ok I guess this tee command created it 1162640212 M * bonbons yes, tee writes to file and stdout what it gets from stdin 1162640315 M * |yang| Osgiliath: ? 1162640766 Q * Aiken_ Quit: Leaving 1162641860 Q * comfrey Quit: Lost terminal 1162644694 M * matti :) 1162644915 J * sebastian ~sebastian@pD957F530.dip.t-dialin.net 1162646326 Q * mire_ Ping timeout: 480 seconds 1162646936 Q * duckx Quit: Client exiting 1162646949 J * mire_ ~mire@126-167-222-85.adsl.verat.net 1162647019 J * duckx ~Duck@tox.dyndns.org 1162648085 M * derjohn2 bonbons, I included you v6 patch in my standard devel kernel now (linux-vserver.derjohn.de) 1162648112 M * derjohn2 bonbons, did you update in the last 3-4 weeks ? Or is the patch "stable"? 1162648167 M * derjohn2 oh - I am away now .. 1162648175 M * bonbons last update included a minor fix and porting to newest release 1162648220 M * bonbons newest at that time, but I don't think there were many possibly conflicting changes since then 1162648304 M * derjohn2 ah - if oyu font mind, ping me if its ready :) 1162648307 M * bonbons the only item that may cause trouble is IPv4 addresses mapped in IPv6 (in the area of collision detection, thus avoid permitting their use) 1162648331 M * derjohn2 well, I am not using v6 yet, but want to be prepared ... 1162648336 M * derjohn2 thx ! / me away now !! 1162648383 M * bonbons I had no issues with it, but don't have stress-tested it it either (no big IPv6 pipe here...) 1162648391 Q * duckx Read error: Connection reset by peer 1162648393 J * duckx ~Duck@tox.dyndns.org 1162648706 J * coocoon ~coocoon@dslb-084-056-159-108.pools.arcor-ip.net 1162650248 Q * Piet_ Ping timeout: 480 seconds 1162650365 J * Piet_ hiddenserv@tor.noreply.org 1162650505 Q * click Ping timeout: 480 seconds 1162650741 J * click click@ti511110a080-5188.bb.online.no 1162650842 P * click 1162650898 J * click click@ti511110a080-5188.bb.online.no 1162652744 N * Piet_ Piet 1162652756 J * e-mess ~emes@xdsl-3289.wroclaw.dialog.net.pl 1162653393 J * Piet_ hiddenserv@tor.noreply.org 1162653439 Q * Piet Killed (NickServ (GHOST command used by Piet_)) 1162653665 M * e-mess hi ppl 1162653665 N * Piet_ Piet 1162653674 M * e-mess how's the ngnet development going? 1162653683 M * e-mess i see the latest patches are over 1 year old 1162653698 M * e-mess is it completely abandoned or just not maintained for a while? 1162653717 M * daniel_hozac it's on hold waiting for the mainline virtualization ;) 1162653756 M * e-mess i'm trying now to merge it to some kernel src but i'm not sure if it makes any sense to play with it 1162653810 M * daniel_hozac they are just proof-of-concept patches. 1162653878 M * daniel_hozac what do you need it for, anyway? 1162654283 M * e-mess i'd like to have only virtual interfaces in vservers 1162654333 Q * meandtheshell Remote host closed the connection 1162654353 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162655486 Q * mire_ Remote host closed the connection 1162655542 J * mire ~mire@126-167-222-85.adsl.verat.net 1162655596 Q * Piet Quit: Piet 1162655688 N * Bertl_zZ Bertl 1162655692 M * Bertl morning folks! 1162655718 M * Bertl e-mess: why? because you like the overhead a virtual interface would add? 1162655781 M * daniel_hozac morning Bertl! 1162655913 M * daniel_hozac Bertl: am i reading the code correctly that VXSM_IDLE_TIME has to be in set_mask for every update to keep it enabled? 1162655970 M * daniel_hozac like if someone just alters the max tokens value, it'll reset idle time? 1162656023 M * Bertl yep 1162656056 M * daniel_hozac hmm, ok. 1162656076 M * Bertl I know the interface is not the best, but at that time there was no chance for a good one and I wanted folks to be able to use it 1162656102 M * Bertl we can adjust that if it helps ... 1162656302 M * daniel_hozac well, it's not a bug as long as it's documented, right? :) 1162656361 M * daniel_hozac i'll just add an option to set the idle time, so it can be kept. 1162656386 M * daniel_hozac and is there any particular reason there's not a separate fill_rate2/interval2 in the struct? 1162656589 M * daniel_hozac i suppose i could add them myself in the userspace interface. 1162656606 Q * kerberos Remote host closed the connection 1162656742 M * Bertl the 'original' ide is to keep flexible and handle the idle time like a separate bucket 1162656760 M * Bertl which was found (very quickly) as not too useful 1162656772 M * Bertl i.e. the idle time bucket was reduced to R/I 1162656794 M * daniel_hozac ok. 1162656895 M * daniel_hozac so it's basically legacy then? 1162656931 M * Bertl yeah, well, when I would 'redesign' the interface, I'd just add it to the struct 1162656948 M * daniel_hozac ok, i'll do that then. 1162656956 M * daniel_hozac just handle it in the syscall wrapper. 1162656966 M * Bertl okay, sounds good to me 1162657228 M * daniel_hozac does http://people.linux-vserver.org/~dhozac/p/uv/experimental/syscall_setsched-v21.hc look ok to you? 1162657393 M * Bertl hmm, you probably want to set the idle time flag on the first call too 1162657419 M * daniel_hozac oh, i missed the parenthesis on the second mask. 1162657445 M * daniel_hozac hmm, you mean mask it out? 1162657455 M * daniel_hozac the first call should have the idle time flag, if the caller set it. 1162657496 M * Bertl ah, okay, it's early in the morning and I had no caffeine yet :) 1162657505 M * daniel_hozac hehe. 1162657529 J * Viper0482 ~Viper0482@p5496F4B6.dip.t-dialin.net 1162657538 Q * Viper0482 1162658268 Q * e-mess Quit: Leaving 1162658572 J * node_ ~dwindsor@c-69-143-154-220.hsd1.md.comcast.net 1162660507 Q * meandtheshell Remote host closed the connection 1162660529 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162660744 Q * meandtheshell Remote host closed the connection 1162660758 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162660837 Q * sebastian Ping timeout: 480 seconds 1162661833 Q * meandtheshell Remote host closed the connection 1162661846 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162662637 M * Bertl meandtheshell: fading? 1162662689 M * Wonka hm. how's IPv6 support in stable-prepatch? 1162662703 M * daniel_hozac what? 1162662703 M * Bertl fine, on the host 1162662737 M * Wonka and on the guests? 1162662744 M * Bertl missing 1162662750 M * Wonka mhh. 1162662767 M * Wonka what's to do there? 1162662769 M * meandtheshell Bertl: well something is horribly going wrong here ... gaim seems to be buggy 1162662778 A * Wonka wants ipv6 enabled vservers... 1162662786 M * Bertl Wonka: implement ipv6 support? 1162662804 M * Wonka there have been patches, iirc? 1162662812 M * daniel_hozac there are, but not for stable. 1162662888 M * Wonka hmm 1162662939 M * Wonka when will devel become stable? 1162663015 M * Bertl approximately 3-4 month 1162663062 M * Wonka hm 1162663138 M * Wonka so, if i have a good chance for a new kernel anyway, should i upgrade from 2.6.17.8-vs2.0.2-rc29 to anything newer? 1162663171 M * Bertl 2.1.1-rc47+ should be in good shape (on 2.6.18.1) 1162663204 M * Wonka on 2.6.18.2 also? 1162663283 M * Bertl is it out already? 1162663292 M * Bertl (i.e. did I miss it?) 1162663465 M * mnemoc how much does it affect the virtualization changes at .19 to vserver? 1162663475 M * Wonka Bertl: yes 1162663520 M * Wonka Bertl: fixing a shitload of stuff 1162663562 M * Bertl well, I guess we will have a patch in a few minutes for that one too :) 1162663629 M * Wonka gooood :) 1162663634 M * Bertl mnemoc: 2.6.19 will be quite different 1162663749 M * mnemoc different like in "try hard to stay at .18" ? 1162663837 M * Bertl well, depending on how much of the virtualization stuff gets in, and how much it breaks when used :) 1162663848 M * mnemoc :) 1162664003 M * Wonka much namespace stuff has gotten into .19 1162664577 J * sebastian ~sebastian@p54A96EBE.dip.t-dialin.net 1162665143 Q * derjohn2 Ping timeout: 480 seconds 1162665172 J * derjohn2 ~aj@dslb-084-058-248-067.pools.arcor-ip.net 1162666052 M * Bertl Wonka: http://vserver.13thfloor.at/Experimental/patch-2.6.18.2-vs2.1.1-rc48.diff 1162666170 M * Wonka *download* 1162666325 M * |yang| I would like to extend ircd connections over 1024 - so I got these instructions: 1162666328 M * |yang| [root@localhost root]# echo 128000 > /proc/sys/fs/inode-max 1162666328 M * |yang| [root@localhost root]# echo 64000 > /proc/sys/fs/file-max 1162666328 M * |yang| [root@localhost root]# ulimit -n 64000 1162666335 M * |yang| but the thing won't work on guest 1162666345 M * |yang| any idea 1162666359 M * Bertl probably your host limits the files too 1162666375 M * Bertl you might look into /etc/security.conf or so to raise that 1162666388 M * |yang| on host or guest? 1162666396 Q * coocoon Quit: KVIrc 3.2.0 'Realia' 1162666400 M * Bertl mainly host, Id say 1162666407 M * |yang| Bertl: i was following the instructions on http://www.criten.net/files/fd.txt 1162666420 M * |yang| can you tell me if those are safe to proceed? 1162667026 M * daniel_hozac Bertl: rc48 is rebase (just offsets, right?) and delta-ext23-fix01? 1162667127 M * Bertl yep 1162667159 M * daniel_hozac ok. 1162667168 M * Bertl |yang|: okay, did you modify that stuff on the host? 1162667194 M * |yang| Bertl: i will do it now, if you say it's safe... 1162667221 T * daniel_hozac http://linux-vserver.org/ <- new and shiny | latest stable 2.02.1, exp 2.02.2-rc4, devel 2.1.0, exp 2.1.1-rc48, stable+grsec 2.0.2.1 | util-vserver-0.30.211 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the wiki, and we'll forget about the minute ;) 1162667227 M * daniel_hozac ;) 1162667341 M * daniel_hozac so... where's 2.1.1? :) 1162667396 M * derjohn2 Bertl, you got a really fast rc release rate! WIl there be rc49 tomorrow? Then I wont start my compile runs now .. :) 1162667482 M * derjohn2 ahhh 2.6.18.2 1162667511 M * daniel_hozac hopefully there won't be any more rcs :) 1162667514 M * daniel_hozac (for 2.1.1) 1162667538 M * Bertl yep, after we fixed the ancient issue reported by micah et al 1162667550 M * Bertl 2.1.1 should be perfect :) 1162667556 M * daniel_hozac indeed. 1162667594 M * |yang| bertl and there isn't a file called /proc/sys/fs/inode-max on the main 1162667617 M * Bertl but in the guest? 1162667648 J * lilalinux ~plasma@dslb-084-058-211-172.pools.arcor-ip.net 1162667651 M * Bertl |yang|: forget the inode-max it's not required 1162667671 M * Bertl what you want is to a) raise the host max, and b) adjust the ulimits 1162667691 M * Bertl once that is done, you can use the higher limits in the guest too 1162667707 M * Bertl daniel_hozac: btw, I thought about having 'real' per guest ulimits 1162667726 M * daniel_hozac hmm? 1162667734 M * daniel_hozac what does that mean? 1162667736 M * Bertl daniel_hozac: means, an upper limit, stored in the context info, so that a guest can lower/raise the 1162667753 M * Bertl a setting of unlimited would then default to the guest max 1162667793 M * derjohn2 does rc48 apply to 2.6.18.2 cleanly ? 1162667801 M * daniel_hozac derjohn2: it's supposed to. 1162667806 M * micah Bertl: I saw that you fixed that, I'm still surprised that issue actually was an issue :) 1162667809 M * daniel_hozac Bertl: isn't that what the rlimits are today? 1162667840 M * Bertl daniel_hozac: currently we have 'rlimits' which are 'per guest' limits 1162667862 M * Bertl i.e. all resources summed up <= rlimits (context) 1162667873 M * daniel_hozac right. 1162667891 M * Bertl now, ulimits are handled differently 1162667906 M * Bertl ulimits are rlimits per guest, and they are set on guest start, right? 1162667913 M * daniel_hozac right. 1162667915 M * Bertl s/guest/process 1162667923 M * daniel_hozac yeah, i figured ;) 1162667957 M * Bertl okay, now, let's assume we have an NPROC limit of 100 1162667964 M * Bertl (ulimit that is) 1162667980 Q * mire Quit: Leaving 1162668015 M * Bertl hmm, bad example, let's take the NOFILE :) 1162668100 M * Bertl so let's assume we have 10 file handles 1162668116 M * Bertl this in turn means that each process will be able to open 10 files 1162668133 M * Bertl and no process will be able to raise that limit 1162668156 M * Bertl although the guest (total) limit is 100 or 1000 1162668180 M * Bertl now, what I think would be an improvement (especailly as folks start to use ulimits now :) 1162668195 M * Bertl would be to ahve an upper 'per process' ulimit for each guest 1162668210 M * Bertl and map guest limits according to those ... 1162668215 Q * node_ Quit: Lost terminal 1162668301 M * daniel_hozac aren't the ulimits set on start an upper limit? 1162668320 M * Bertl they are the current value. nothing more 1162668334 M * Bertl we do not allow to raise them inside a guest (CAP_RESOURCE) 1162668336 M * daniel_hozac well, you're not allowed to raise the value above that? 1162668347 M * daniel_hozac right, or VXC_SET_RLIMIT. 1162668357 M * Bertl yes 1162668392 M * daniel_hozac ok, so the upper limit would let the guest root raise the limit, to the upper limit? or what? 1162668414 M * Bertl yeah, including infinity (which would be silently mapped to the limit) 1162668420 M * daniel_hozac right. 1162668477 M * daniel_hozac but how is that an improvement over what we have now with the ulimits, assuming the guest's root doesn't shoot himself in the foot? 1162668512 M * Bertl in two ways, a) a different limit between host and guest can be easily accomplished 1162668523 M * Bertl (well, that can be done with the tools too) 1162668526 M * daniel_hozac isn't that true already? can't you raise limits in the config? 1162668543 M * daniel_hozac i was thinking about that, maybe we should make exec-ulimit reset all of them to infinity? 1162668545 M * Bertl and b) raising limits inside (e.g. a bash shell or so) would work 1162668576 M * Bertl yeah, I'd appreciate an ulimit removal from tool side 1162668577 M * daniel_hozac but unless they have been lowered elsewhere, raising the limit wouldn't actually accomplish anything. 1162668620 M * Bertl think root login with pam 1162668661 M * daniel_hozac ah, true. 1162669384 M * daniel_hozac hmm, that didn't quite work out the way i had hoped. 1162669416 M * daniel_hozac is it really expected that you can't set NOFILE to INFINITY (current is 1024)? 1162669451 M * derjohn2 bonbons, your patch changelog reads: "Supports modular IPv6!". does that mean I can add v6 as kernel module? 1162669459 M * daniel_hozac derjohn2: yes. 1162669516 M * derjohn2 that from month may ... well, I should read the changelog better ;) .. well, for now I leave v6 statically compiled in. 1162669580 M * bonbons derjohn2: but IPv6 is not as modular as it should be, even vanilla-only, e.g. you can't rmmod ipv6 1162669614 M * Bertl daniel_hozac: IIRC, mainline has some limits enforced (kernel side limits) 1162669670 M * daniel_hozac Bertl: ah, yes, i guess the > NR_OPEN triggers. 1162669678 M * derjohn2 bonbons: You have alpha grade patches and beta grade. I took some version slightly modded by daniel_hozac. the files name is patch-2.6.18.1-vs2.1.1rc40-ipv6h.diff .. it that "current beta grade" ? 1162669694 M * daniel_hozac hmm, that's bonbons patch, i'm quite sure. 1162669746 M * derjohn2 daniel_hozac, might be... the patch didnt appy at that time, you already merged it in. But it could also be that i --fuzz 100 and it worled. I cant remember. 1162669757 M * daniel_hozac should be named patch-2.6.18.1-vs2.1.1rc42-ipv6k.diff though :) 1162669774 M * derjohn2 daniel_hozac, yours ? 1162669780 M * daniel_hozac no, bonbons. 1162669786 M * daniel_hozac my last IPv6 patch was delta-2.6.17.13-vs2.1.1-rc35-ipv6.diff. 1162669809 M * derjohn2 and: is thers some version number in the patches code ? 1162669854 M * derjohn2 "k" at the end is the "release grade"? then I should move from h to k .. 1162669965 M * bonbons derjohn2: the letter in the end is the one I increment on each release of my patch 1162670011 J * lilalinux_ ~plasma@dslb-084-058-224-247.pools.arcor-ip.net 1162670016 M * derjohn2 bonbons, ok. I was more in serach of a "k" inside the patches source. 1162670031 M * derjohn2 btw: http://homepage.internet.lu/brunop/vserver/ <-- still the d/l source ? 1162670069 M * bonbons inside the patch there isn't, better check http://people.linux-vserver.org/~bonbons/ipv6/ but I try to not forget to update the other side as well 1162670096 M * derjohn2 side ;) *g* well, it fits here ... 1162670106 M * derjohn2 aahh 1162670122 M * derjohn2 lnow I see the patches I was looking for! 1162670154 M * derjohn2 bonbons, daniel_hozac : does http://people.linux-vserver.org/~bonbons/ipv6/patch-2.6.18.1-vs2.1.1rc42-ipv6k.diff apply to "current all" (except Makefile ..) 1162670192 M * bonbons I didn't check with newer rcs, it should apply cleanly 1162670442 Q * lilalinux Ping timeout: 480 seconds 1162671204 J * coocoon ~coocoon@dslb-084-056-159-108.pools.arcor-ip.net 1162671259 M * daniel_hozac Bertl: so what do you suggest i do for RLIMIT_NOFILE? get NR_OPEN and set it to that? 1162671487 M * daniel_hozac hmm, actually, i wonder if this is a dietlibc problem. 1162671597 M * daniel_hozac nah, doesn't even work with bash. 1162672153 M * Bertl daniel_hozac: could it be that you have a hard vs soft issue? 1162672171 M * daniel_hozac i'm setting both to RLIM_INFINITY. 1162672627 M * Bertl what if you try: /proc/sys/fs/file-max 1162672675 M * daniel_hozac 37688 1162672686 M * daniel_hozac s/37688/37668/ 1162672692 M * Bertl does that work? 1162672768 M * daniel_hozac somehow, yes. 1162672814 M * Bertl but I think we could fix that in the kernel 1162672853 M * daniel_hozac but i'll still have to special-case it, or the utils will fail on older kernels ;) 1162672861 M * Bertl yes 1162672901 M * daniel_hozac IMHO it's very strange to not be able to reset a limit to infinity. 1162673182 J * Viper0482 ~Viper0482@p5496F4B6.dip.t-dialin.net 1162673201 P * Viper0482 1162673272 M * daniel_hozac and i don't see any way to get the value of NR_OPEN from userspace.. 1162673308 M * daniel_hozac (seems to be 1024*1024, according to include/linux/fs.h) 1162673736 J * |coocoon| ~coocoon@dslb-084-056-159-108.pools.arcor-ip.net 1162673736 Q * coocoon Read error: Connection reset by peer 1162674479 Q * |coocoon| Quit: KVIrc 3.2.0 'Realia' 1162675963 J * besonen ~besonen@dsl-db.pacinfo.com 1162676367 Q * besonen_ Ping timeout: 480 seconds 1162676420 M * derjohn http://plm.testing.osdl.org/patches/show/Linux-VServer-2.6.18.1-vs2.1.1-rc47 .. ppc broken? 1162676488 Q * duckx Read error: Connection reset by peer 1162676644 J * duckx ~Duck@tox.dyndns.org 1162677082 Q * meandtheshell Remote host closed the connection 1162677098 J * meandtheshell ~markus@85-125-230-96.dynamic.xdsl-line.inode.at 1162677207 M * daniel_hozac note more so than on vanilla ;) 1162677213 M * daniel_hozac (http://plm.testing.osdl.org/patches/show/linux-2.6.18.1) 1162677320 M * daniel_hozac s/note/not/ 1162677557 M * matled EXTRAVERSION in 2.6.18.2-vs2.1.1-rc48 should be ._2_-vs2.1.1-rc48, shouldn't it? 1162677671 M * Bertl hmm, and it is .1, I presume? 1162677678 M * matled yep 1162677699 M * Bertl okay, that is a bug in my scripts, I still have to fix 1162677706 M * Bertl (will change it in place) 1162677744 M * matled btw, do you have a git repository containing the vserver tree? 1162677931 M * Bertl yes, but it is not offical yet (i.e. I'm not using that as my main repository yet) 1162678701 Q * meandtheshell Remote host closed the connection 1162679238 J * mire ~mire@126-167-222-85.adsl.verat.net 1162680270 J * Aiken ~james@tooax6-244.dialup.optusnet.com.au 1162680652 M * Bertl morning Aiken! wb mire! 1162680677 M * Aiken hello 1162680684 M * Aiken notice a new rc for me to break :) 1162680746 M * Bertl yeah, nothing really new except for 2.6.18.2 1162681039 Q * dna_ Quit: Verlassend 1162681107 Q * besonen Ping timeout: 480 seconds 1162681117 Q * bonbons Quit: Leaving 1162681125 J * Piet hiddenserv@tor.noreply.org 1162681322 J * besonen ~besonen@dsl-db.pacinfo.com 1162682260 M * Bertl wb Piet! besonen! 1162682487 Q * lilalinux_ Quit: Leaving 1162682545 J * lilalinux ~plasma@dslb-084-058-224-247.pools.arcor-ip.net 1162682549 M * Piet Bertl: my durch dictionary got lost, 'besonen' means what? 1162682552 M * Piet oh, it's a nickname :) 1162682692 M * mnemoc :D 1162682695 M * mnemoc lol 1162683558 Q * lilalinux Quit: Leaving 1162684653 J * s0undt3ch_ ~s0undt3ch@81.193.60.133