1200873713 Q * jescheng Remote host closed the connection 1200873727 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200873900 J * yang ~yang@cpe-212-18-59-220.dynamic.amis.net 1200874032 Q * dna__ Quit: Verlassend 1200875118 Q * derjohn_mobil Ping timeout: 480 seconds 1200876530 J * Infinito argos@201-3-19-145.gnace701.dsl.brasiltelecom.net.br 1200877085 Q * zbyniu Ping timeout: 480 seconds 1200877114 Q * Infinito Ping timeout: 480 seconds 1200877206 Q * AndrewLee Server closed connection 1200877220 J * AndrewLee ~andrew@flat.iis.sinica.edu.tw 1200877548 J * dowdle ~dowdle@67-42-172-50.blng.qwest.net 1200879543 M * Bertl off to bed now .. have a good one everyone! 1200879549 N * Bertl Bertl_zZ 1200881278 M * misc-- goodnight Bertl_zZ ;) 1200881534 Q * bragon Ping timeout: 480 seconds 1200882838 J * kir_home ~kir@ipsecgw.sw.ru 1200885545 J * balbir_ ~balbir@122.167.78.53 1200885649 Q * kir_home Ping timeout: 480 seconds 1200885957 J * kir_home ~kir@ipsecgw.sw.ru 1200887088 Q * kir_home Ping timeout: 480 seconds 1200887983 Q * mire_ Remote host closed the connection 1200888314 J * mire ~mire@165-170-222-85.adsl.verat.net 1200888787 J * eyck_ ZcgqzSOo@nat05.nowanet.pl 1200888787 Q * eyck Read error: Connection reset by peer 1200890575 J * eyck 6qjGVPQ2@nat05.nowanet.pl 1200890575 Q * eyck_ Read error: Connection reset by peer 1200891488 Q * larsivi_ Ping timeout: 480 seconds 1200892928 J * eyck_ B37VxrFp@nat05.nowanet.pl 1200893078 Q * eyck Ping timeout: 480 seconds 1200893733 J * eyck MF1Tc8JW@nat05.nowanet.pl 1200893733 Q * eyck_ Read error: Connection reset by peer 1200894841 J * eyck__ sgWHIX21@nat05.nowanet.pl 1200894841 Q * eyck Read error: Connection reset by peer 1200894918 J * sharkjaw ~gab@shell.ormset.no 1200895204 Q * jescheng Remote host closed the connection 1200895215 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200895256 J * Master_Peace ~RadioSant@c-69-140-214-244.hsd1.md.comcast.net 1200895262 P * Master_Peace 1200895562 J * eyck jiE8jDUU@nat05.nowanet.pl 1200895643 Q * eyck__ Ping timeout: 480 seconds 1200896044 Q * eyck Ping timeout: 480 seconds 1200896119 J * eyck_ dqQkUfbV@nat05.nowanet.pl 1200896344 Q * pmenier Quit: Konversation terminated! 1200896614 Q * eyck_ Ping timeout: 480 seconds 1200897130 J * virtuoso ~s0t0na@ppp91-122-94-19.pppoe.avangard-dsl.ru 1200897539 Q * virtuoso_ Ping timeout: 480 seconds 1200899190 J * _bjh_ ~bjh@84.112.154.154 1200899731 J * Slydder ~chuck@194.59.17.53 1200899738 M * Slydder morning all 1200900015 J * Punkie ~Punkie@goc.coolhousing.net 1200900525 J * eyck LGEI38N8@nat05.nowanet.pl 1200901009 Q * eyck Ping timeout: 480 seconds 1200901055 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200901063 Q * balbir_ Ping timeout: 480 seconds 1200902146 J * eyck zEsFKYAX@nat05.nowanet.pl 1200902331 J * derjohn_mobil ~aj@p5B23D8DE.dip.t-dialin.net 1200902556 J * balbir ~balbir@122.167.78.53 1200902653 Q * eyck Ping timeout: 480 seconds 1200903868 Q * balbir Ping timeout: 480 seconds 1200903909 Q * nebuchadnezzar Server closed connection 1200904100 J * kir_home ~kir@ipsecgw.sw.ru 1200904490 J * zbyniu ~zbyniu@host13-188.crowley.pl 1200904947 M * Slydder derjohn: bist du da? 1200905195 Q * kir_home Quit: Ухожу я от вас 1200905276 J * larsivi ~larsivi@85.221.53.194 1200905550 Q * JonB Quit: Leaving 1200905727 J * gebura ~gebura@77.192.186.197 1200905805 M * gebura hi 1200905989 J * balbir ~balbir@122.167.78.53 1200906037 Q * derjohn_mobil Ping timeout: 480 seconds 1200906114 J * harry ~harry@d54C363EF.access.telenet.be 1200906629 J * meandtheshel1 ~sa@85-127-204-19.dynamic.adsl-line.inode.at 1200906761 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200906790 J * pmjdebruijn ~pmjdebrui@jester.pcode.nl 1200906793 M * pmjdebruijn lo 1200906804 M * pmjdebruijn I noticed that on Debian, a debian vserver is started with runlevel 3 1200906811 M * pmjdebruijn that's odd 1200906819 M * pmjdebruijn well actually Debian deviates from the standard... 1200906831 M * pmjdebruijn anyway, is there a way to change the default runlevel with which a vserver starts? 1200906903 M * daniel_hozac apps/init/runlevel.start, as per the flower page. 1200907136 M * Slydder anyone running the last 2.3 version that can tell me how to add loopback devices to existing 2.2 guests? 1200907160 M * daniel_hozac huh? 1200907187 M * Slydder just upgraded on of my 2.2 servers to 2.3 and would like to add the new loopback support. is it automatic if I enabled it in the build? 1200907198 M * daniel_hozac in the kernel? yes. 1200907320 M * Slydder yep. just checked it after the server rebooted. loopback is there. anything specific i should watch out for in the 2.3 release? 1200907359 M * daniel_hozac not really. 1200907433 M * Slydder oh. was wondering if i still need to do the 256ip patch? have they changed the limit? gonna go check the change log. 1200907441 M * daniel_hozac there is no limit. 1200907457 M * Slydder no more limit. cool 1200907654 M * pmjdebruijn daniel_hozac: thanks 1200907715 J * dna ~dna@199-212-dsl.kielnet.net 1200908288 Q * vasko Server closed connection 1200908304 J * vasko ~vasko@unreal.rainside.sk 1200908304 A * vasko is gone. Gone since Tue Jul 31 15:17:00 2007 1200909041 Q * Slydder Remote host closed the connection 1200909175 J * _root____ ~root@82-171-214-117.dsl.ip.tiscali.nl 1200909205 N * _root____ WDTY 1200909222 J * Slydder ~chuck@194.59.17.53 1200909240 M * Slydder lol. forgot one should not run ntpdate while in X. lol 1200909331 M * kaouete really ? why ? I did it a lot of time without problem :) 1200909650 M * derjohn Slydder, ja :) 1200909888 Q * AStorm Remote host closed the connection 1200909899 M * sid3windr heh 1200909903 M * sid3windr I always get a scare when I do that 1200909904 M * Slydder if the time difference is too much (a major step) then xserver has to restart becaus of timing. 1200909907 M * sid3windr because my screen turns blank 1200909913 M * sid3windr as the screensaver activates ;) 1200909914 Q * duckx Server closed connection 1200909918 M * sid3windr I never had the x server restart :o 1200909925 M * Slydder a sqew is not bad though 1200909935 J * duckx ~Duck@tox.dyndns.org 1200909952 M * Slydder mine was ca -3000 seconds off. lol 1200909970 M * Slydder sorry +3000 seconds 1200910075 M * Slydder anyone ever thought of virtualizing a bunch of snort sensors using vserver? I'm thinking it would work if the ether devices context were not so restricted. guessing that the current context for the devices would stop promiscues (?) mode. 1200910136 J * ensc ~irc-ensc@77.235.182.26 1200910329 Q * mire Ping timeout: 480 seconds 1200910381 M * WDTY 1200910436 J * mire ~mire@165-170-222-85.adsl.verat.net 1200910507 Q * WDTY Quit: changing servers 1200910515 J * AStorm ~astralsto@chello089077127128.chello.pl 1200910669 Q * gebura Quit: Quitte 1200910998 Q * ard Server closed connection 1200911016 J * ard ~ard@gw-tweakb16.kwaak.net 1200911220 J * gebura ~gebura@77.192.186.197 1200911523 Q * AStorm Quit: Fighting IRC addiction, live! 1200911595 J * AStorm ~astralsto@chello089077127128.chello.pl 1200911722 Q * FloodServ Service unloaded 1200911916 Q * AStorm Quit: Fighting IRC addiction, live! 1200912044 J * AStorm ~astralsto@chello089077127128.chello.pl 1200912066 J * FloodServ services@services.oftc.net 1200912409 J * sezuan ~sezuan@port-87-234-157-167.dynamic.qsc.de 1200912610 Q * FloodServ Service unloaded 1200912641 J * FloodServ services@services.oftc.net 1200912941 J * mattzerah ~matt@121.50.220.156 1200913337 Q * FloodServ Service unloaded 1200913561 J * FloodServ services@services.oftc.net 1200913900 Q * Punkie Quit: Odcházím 1200915282 J * gdistasi ~gdistasi@143.225.229.142 1200915294 M * gdistasi Hi there 1200915351 M * gdistasi about planetlab... do you know what happens in the guest system when I create a ppp0 interface in the host system? 1200915571 M * daniel_hozac hmm? 1200915667 N * mattzerah mattzerah`afk 1200915670 M * gdistasi I meant, in my test system, when I add an interface to the host system, it also appears in guest system... I'd like to change that behaviour, and add the interface to the host system manually 1200915680 M * gdistasi in my planetlab test system 1200915726 M * daniel_hozac by default, guests are not limited network-wise. 1200915783 M * gdistasi you are talking about planet lab hosts, aren't you? 1200915798 M * daniel_hozac yes. 1200915828 M * gdistasi and if I wanted to change that behaviour for a specific interface? (not at boot time, but when I want) 1200915851 M * daniel_hozac it's not interface related at all, it's IP-based. 1200915900 M * daniel_hozac what are you trying to accomplish? 1200915952 M * gdistasi oh, ok... I need to study this thing (any reference?)... however, If I wanted to do that on an IP basis? 1200915993 M * gdistasi in particular, I need to establish a ppp connection, but I don't want the IP to be visible for guests 1200916153 M * daniel_hozac visible, or accessible? 1200916199 M * gdistasi accessible 1200916338 M * daniel_hozac for visibility, there's a sliver attribute called ip_addresses. to prevent the guests from accessing it, you'll want some iptables rules. 1200916470 J * Punkie ~Punkie@goc.coolhousing.net 1200916510 J * Julius ~julius@p57B25876.dip.t-dialin.net 1200916513 M * gdistasi thanks... can I change that attribute (ip_addresses) dynamically? 1200916538 M * gdistasi and how? 1200916571 M * daniel_hozac yeah, but it's not per-host, it's per-sliver. 1200916806 M * gdistasi what is a sliver? a slice? 1200916845 M * daniel_hozac a slice spans multiple hosts, a sliver is what's running on one of them. 1200916884 M * gdistasi ok 1200916948 J * eyck SU6FmYO2@nat05.nowanet.pl 1200916965 M * gdistasi I could work out the visibility problem doing an "naddress --remove --ip ..." for all the slivers, except the one I want to grant visibility 1200917033 M * gdistasi is that the best procedure? 1200917093 M * daniel_hozac naddress --set 1200917325 M * gdistasi ok, thanks... I can't find the documentation 1200917342 M * daniel_hozac naddress --help 1200917371 M * gdistasi but I think I will succede to do that 1200917383 M * gdistasi thank you, bye 1200917420 N * mattzerah`afk mattzerah 1200917750 Q * Aiken Remote host closed the connection 1200917906 Q * JonB Quit: This computer has gone to sleep 1200918096 Q * mark17 Remote host closed the connection 1200918107 N * Bertl_zZ Bertl 1200918110 M * Bertl morning folks! 1200918131 M * daniel_hozac morning Bertl! 1200918276 Q * balbir Read error: Operation timed out 1200918404 Q * gebura Quit: Quitte 1200918416 M * mattzerah morning Bertl :) 1200918419 M * mattzerah night all 1200918423 M * mattzerah :) 1200918439 M * mattzerah too late for me to be up *sigh* 1200918447 Q * mattzerah Quit: GONE! 1200919045 J * balbir ~balbir@122.167.75.183 1200919455 Q * zLinux Remote host closed the connection 1200920015 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200920052 J * lilalinux ~plasma@80.69.41.3 1200920808 M * gdistasi still about planetlab... how do I get the nid of a sliver? 1200921165 J * gebura ~gebura@77.192.186.197 1200921211 M * daniel_hozac it's the uid of the slice user. 1200921412 M * gdistasi daniel_hozac: I'm in the host context... 1200921433 M * daniel_hozac so id should give it to you. 1200921494 M * gdistasi thanks 1200921540 Q * lilalinux Remote host closed the connection 1200921570 M * gdistasi about naddress: is this correct? (I want to give ip visibility only to one slice: naddress --set --nid $NID --ip ppp0 1200921610 M * daniel_hozac that would limit the guest to current primary IP of ppp0, so it would have to access to eth0. 1200921689 M * gdistasi exscuse me, I didn't understand: in that way, would the guest see only the ip address of ippp0? 1200921702 M * daniel_hozac yes. 1200921728 M * gdistasi but would it use eth0 in case the default route is set to eth0? 1200921746 M * daniel_hozac yes, but the source address would be that of ppp0. 1200921770 M * gdistasi oh... 1200921798 M * gdistasi what I was trying to do was grant visibility of an IP to only one guest 1200921881 M * gdistasi as planetlab grant visibility to all of the guests as default 1200921993 J * ftx ~ftx@dslb-084-060-194-007.pools.arcor-ip.net 1200921995 M * daniel_hozac it doesn't work like that. 1200922011 M * gdistasi so the solution could be doing naddress --remove --ip ... ---nid $NID for every $NID which is different from the NID I want to grant visibility 1200922039 M * daniel_hozac no, --set with the address assigned to eth0. 1200922065 M * gdistasi yes, with the address assigned to ppp0 (I need to do that for ppp0) 1200922089 M * gdistasi I need the guest to see both eth0 and ppp0 1200922111 M * gdistasi and any other interface that could be present on the host 1200922113 M * daniel_hozac --remove wouldn't work because a) that address is not assigned to the guest, 0.0.0.0 is. and b) it's only supported on 2.[012] kernels with the IPv6 patch. 1200922124 M * Bertl daniel_hozac: http://paste.linux-vserver.org/11682 is this expected? 1200922162 M * daniel_hozac huh... that seems very wrong. 1200922169 M * gdistasi but you said before that guests see all of the IPs of the host system (in planet lab). Am I wrong? 1200922241 M * Bertl daniel_hozac: 0.30.215-pre2667 on ppc 1200922248 M * daniel_hozac i'm getting it too. 1200922286 M * Bertl kernel or util-vserver issue? 1200922299 M * daniel_hozac ah, it's a util-vserver thing. 1200922305 M * daniel_hozac try 127.0.0.1/8 1200922344 M * Bertl yep, works better :) 1200922381 M * daniel_hozac i rewrote the address parsing code, i guess i made it a bit too strict :) 1200922407 M * daniel_hozac will fix. 1200922411 M * Bertl np, thanks! 1200922738 Q * mire Ping timeout: 480 seconds 1200922776 M * gdistasi daniel_hozac: exscuse me, If I establish a ppp0 connection, is the address of ppp0 visible to all the guests? 1200922785 M * gdistasi (in planetlab) 1200922831 M * daniel_hozac yes. 1200922980 M * gdistasi and if I do: naddress --remove --ip PPP0_IP --nid $NID , is the ppp0 address not visible to $NID anymore? 1200923032 M * daniel_hozac as i said, --remove won't work because that address is not assigned to the context in the first place, and that operation is not implemented in most kernels. 1200923130 M * gdistasi I agree about the kernel, but I meant to do "naddress etc etc" after having established the ppp0 connection 1200923156 J * sourcerer ~philipp@N174P000.adsl.highway.telekom.at 1200923209 M * gdistasi am I right? 1200923212 M * daniel_hozac yes, as i said, naddress --set --ip --nid $NID should work fine. 1200923324 M * gdistasi why are you talking about eth0? so should I do "naddress --set --ip --nid $NID for every context and then do naddress --add --ip --nid $NID for the NID I want to grant ppp0 visibility? 1200923346 M * daniel_hozac yes. 1200923353 P * sourcerer Konversation terminated! 1200923463 M * gdistasi but isn't it faster to do "naddress --remove --ip --nid $NID" for any NID != the need I want to grant ppp0 visibility? 1200923477 M * gdistasi for any NID != the NID I need I want to grant ppp0 visibility? 1200923482 J * esa` bip@ip-87-238-2-45.adsl.cheapnet.it 1200923486 Q * esa Ping timeout: 480 seconds 1200923502 M * gdistasi for any NID != the NID I want to grant ppp0 visibility? (sorry) 1200923524 M * daniel_hozac but --remove _doesn't_work_. 1200923609 M * gdistasi does it depend on the kernel version? my kernel version is the default on onelab: 2.6.12-1.1398_FC4.9.onelab 1200923633 M * daniel_hozac which definitely won't work. 1200923648 M * daniel_hozac but that's beside the point. the setup doesn't allow for that either. 1200923665 M * daniel_hozac besides, if you're using an old build like that, i doubt your even using network contexts. 1200923705 M * gdistasi an old build? that's the default build on onelab 1200923846 M * daniel_hozac current production, yes. 1200924114 J * mire ~mire@165-170-222-85.adsl.verat.net 1200924119 M * gdistasi yes... I'm talking with a colleague here, I think we will shift to the last kernel that is being experimented by Parmentelat 1200924148 M * daniel_hozac that still doesn't support --remove. 1200924177 M * daniel_hozac but that's not even the point. the point is, you cannot remove an address that is not assigned. 1200924246 J * Infinito argos@201-3-20-166.gnace701.dsl.brasiltelecom.net.br 1200924996 M * gdistasi oh, I'm sorry but I'm not getting it... we've just said that guests see all the ip addresses of the host system. Doesn't that mean that every ip address of the host is assigned to every guest? 1200925033 M * daniel_hozac no. 1200925038 M * gdistasi oh 1200925043 M * daniel_hozac 0.0.0.0 is assigned to the guests. 1200925092 M * gdistasi Is that only true for ppp interfaces? 1200925115 M * daniel_hozac no. 1200925168 M * gdistasi but my colleague said that guests saw the address of ppp0... maybe I should check 1200925214 M * daniel_hozac yes, as they should. 1200925234 M * gdistasi :) 1200925457 M * Slydder anyone ever thought of virtualizing a bunch of snort sensors using vserver? I'm thinking it would work if the ether devices context were not so restricted. guessing that the current context for the devices would stop promiscues (?) mode. 1200925658 M * gdistasi I've just checked... slices see ppp0 address, in the same way the root of the host does 1200925681 M * gdistasi in the host:" 1200925681 M * gdistasi ppp0 Link encap:Point-to-Point Protocol 1200925681 M * gdistasi inet addr:83.225.99.152 P-t-P:10.64.64.64 Mask:255.255.255.255 1200925689 M * gdistasi sorry 1200925700 M * daniel_hozac as i said, that's expected. 1200925711 M * gdistasi the same for the guest 1200925778 M * gdistasi you said that the guest would see 0.0.0.0 as ppp0 ip address 1200925785 M * gdistasi am I right? 1200925813 M * daniel_hozac no, i said that 0.0.0.0 is assigned to the guest. that's equivalent to not restricting it at all. 1200925957 M * gdistasi Does 0.0.0.0 represents all the ip address of the host, namely that the guest is able to bind to any address? 1200925991 M * Bertl 0.0.0.0 is IP_ADDR_ANY 1200925992 M * daniel_hozac as i just said... 1200926022 M * gdistasi ok, thank 1200926044 M * gdistasi ok, how can I see the addresses assigned to a guest? 1200926056 M * daniel_hozac cat /proc/virtnet//info 1200926128 Q * Infinito Quit: Quitte 1200926143 M * gdistasi there is no /proc/virtnet//info... maybe because of the old build 1200926182 M * gdistasi how can I modify addresses assigned to a guest? 1200926201 Q * larsivi Quit: Konversation terminated! 1200926270 Q * sharkjaw Quit: Leaving 1200926358 P * meandtheshel1 Leaving. 1200926507 M * gdistasi am I right about the old build being responsible for me not being able to find /proc/virtnet//info? 1200926538 M * daniel_hozac yes. 1200926588 J * FireEgl FireEgl@FireEgl.CJB.Net 1200926726 M * gdistasi no solution to modify ip addresses assigned to a guest? 1200926782 M * daniel_hozac if there is no context, then it's simply not limited. 1200926808 M * gdistasi I mean in the latest kernels 1200926963 Q * gdistasi Quit: Konversation terminated! 1200926993 M * daniel_hozac it's not a kernel thing, it's a userspace thing. 1200927011 M * daniel_hozac but the latest nightly build should work... 1200927088 Q * mire Ping timeout: 480 seconds 1200927887 J * gdistasi ~gdistasi@143.225.229.142 1200927954 M * Bertl daniel_hozac: please let me know when there is an updated 215 pre available for testing ... 1200928176 Q * sid3windr Server closed connection 1200928177 J * sid3windr luser@bastard-operator.from-hell.be 1200928615 J * Genghis genghis@78-21-253-62.access.telenet.be 1200928698 Q * FaUl Server closed connection 1200928861 Q * pmjdebruijn Remote host closed the connection 1200929113 Q * Genghis Quit: ( www.nnscript.com :: NoNameScript 4.2 :: www.regroup-esports.com ) 1200929119 J * Genghis genghis@78-21-253-62.access.telenet.be 1200929345 M * daniel_hozac Bertl: http://people.linux-vserver.org/~dhozac/t/uv-testing/util-vserver-0.30.215-pre2668.tar.bz2 1200929370 M * Bertl ah, great! tx! 1200929494 Q * Genghis Quit: ( www.nnscript.com :: NoNameScript 4.2 :: www.regroup-esports.com ) 1200929498 J * Genghis genghis@78-21-253-62.access.telenet.be 1200929645 Q * _bjh_ Quit: leaving 1200929902 Q * gdistasi Remote host closed the connection 1200929996 Q * Punkie Quit: Odcházím 1200930215 P * Slydder 1200930338 J * pmjdebruijn ~pmjdebrui@jester.pcode.nl 1200930340 M * pmjdebruijn hi 1200930344 M * pmjdebruijn I noticed there were two files 1200930350 M * pmjdebruijn runlevel and runlevel.start 1200930356 M * pmjdebruijn what's the difference? 1200930367 M * pmjdebruijn are they the same? is either of them depriciated? 1200930588 J * gdistasi ~gdistasi@143.225.229.142 1200930636 M * gdistasi In the last planetlab kernel, are all the host's IPs automatically visible to all the guests? 1200930639 M * daniel_hozac runlevel.start is preferred. 1200930649 M * daniel_hozac gdistasi: yes. 1200930676 M * pmjdebruijn ok 1200930677 M * pmjdebruijn clear 1200930684 M * pmjdebruijn daniel_hozac: thanks again 1200930730 M * gdistasi Is that different from the standard vserver setup? In my vserver setup I need to specify the addresses I want to give visibility to the guest (I'm talking about visibility, not accessibility) 1200930787 M * daniel_hozac gdistasi: yes. 1200930792 M * gdistasi I need to set /etc/vservers//interfaces/ 1200930819 M * gdistasi how is that accomplished? by using naddress? 1200930870 M * daniel_hozac yep. 1200930881 M * gdistasi thanks 1200930950 M * gdistasi ok, I think I just won't care about visibility and concentrate on accessibility 1200930954 M * Bertl okay, heading to PROFOSS now .. will try to report back from the hotel :) 1200930967 M * daniel_hozac have fun! 1200930975 N * Bertl Bertl_oO 1200931214 M * gdistasi how can I distinguish in the host system packet generated from a guest system? 1200931321 M * gdistasi packets generated 1200931778 Q * marcel Remote host closed the connection 1200931837 M * gdistasi Are packets generated from a guest marked? 1200931955 M * daniel_hozac yeah. 1200932017 J * marcel ~marcel@lt3.xs4all.nl 1200932090 J * derjohn_mobil ~aj@212.23.103.36 1200932448 M * gebura hum it isn't directly vserver related but is there some planetlab users here ? 1200932498 M * gebura ( http://www.planet-lab.org/ , it seems that they use vserver for deploying applications upside real servers) 1200933008 M * gdistasi here I am 1200933143 Q * Adrinael Server closed connection 1200933144 J * Adrinael adrinael@rid7.kyla.fi 1200933233 M * gdistasi daniel_hozac: are they marked with the sliver's id? 1200933698 M * gdistasi however, I tried in a more recent vserver host, and /proc/virtnet//info refers to IPs visible to the guest, not the IPs assigned to the guest 1200933698 Q * ||Cobra|| Read error: Connection reset by peer 1200933912 J * ||Cobra|| ~cob@pc-csa01.science.uva.nl 1200933988 M * gebura sorry gdistasi i din't see that you wrote it just after /join 1200933995 M * gebura :) 1200934028 M * gebura i didn't know about the marks but i think it must be easy to set some 1200934033 M * gebura if you see 1200934034 M * gebura http://wiki.linux-vserver.org/Networking_vserver_guests 1200934069 M * gebura you can see that, guest paquets work with PRE/POSTROUTING 1200934103 M * gebura so i think you can simply put the mark youself 1200934151 M * gdistasi I looked at that page but it doesn't mention mark... 1200934200 M * gdistasi so packets are handled in prerouting and postrouting, but how do I distinguist the guest has generated the packets? 1200934200 M * gebura hum 1200934224 M * gebura it is iptables options 1200934224 Q * JonB Quit: This computer has gone to sleep 1200934231 M * gebura -s $ip i think 1200934237 M * gebura and for setting the marks 1200934239 M * gebura -set-mark mark[/mask] 1200934239 M * gebura Set connection mark. If a mask is specified then only those bits 1200934239 M * gebura set in the mask is modified. 1200934281 M * gdistasi but if I rely on ip addresses I could just distinguish packets generated by a specific guest by its ip address 1200934314 M * gdistasi the problem is that a single ip address could be shared among many guests 1200934362 M * gebura you know that guest have their own ip adress ? 1200934413 M * gebura for myself i have a vserver with ip 192.168.0.1 witch do www , 192.168.0.2 for mail etc 1200934422 M * gdistasi not necessarily 1200934446 M * gdistasi in planetlab guests share the ip of the host 1200934462 M * gebura ah ok 1200934472 M * gebura i have to go 1200934480 M * gebura good luck for your problem :) 1200934490 M * gdistasi thanks, bye 1200934509 Q * gebura Quit: Quitte 1200934594 J * doh ~doh@0x535c99fa.arcnxx17.adsl-dhcp.tele.dk 1200935098 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200935180 J * dowdle_ ~dowdle@scott.coe.montana.edu 1200935191 Q * dowdle_ Remote host closed the connection 1200935213 Q * dowdle Remote host closed the connection 1200935223 J * dowdle ~dowdle@scott.coe.montana.edu 1200936123 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1200936199 M * doh hi there. Could anyone give me a few hints on how to use the /etc/vserver//rlimit files, or just the resource limiting files in general? Whatever documentation i find, i can't seem to find any that has a description on how to use these files, and some places theres even references to other files then those in rlimits. Thanks 1200936388 M * doh i see as and rss mentioned in http://linux-vserver.org/Resource_Limits, but here: http://oldwiki.linux-vserver.org/Memory+Allocation its the files are not in rlimits. Maybe its just outdated information? 1200936500 M * doh And then theres processor resources, which i dont know what files to use 1200936736 N * phedny Guest49 1200936742 J * phedny ~mark@126-021-128-083.dynamic.caiway.nl 1200936751 Q * Guest49 Quit: Reconnecting 1200936831 J * geb ~geb@i02m-87-89-233-228.d4.club-internet.fr 1200936850 M * geb 're 1200936873 M * geb gdistasi, i was thinking about your problem when driving back to home 1200936894 M * gdistasi oh, great 1200936899 M * geb you must know that you can also filter by destination/source port if you share the same ip 1200936909 M * geb --d-port for example 1200936926 M * geb i don't know the others, their is lot of options 1200936977 M * gdistasi yes, but that implies that I have to know in advance the source port of the connection 1200936993 M * geb yes, it was just an idea 1200937006 M * gdistasi yes, it could be of help 1200937039 M * geb if i remember well their is also an option to check user (system user) that initiate the connexion with identd 1200937063 M * geb but it imply that identd is installed or that you can install it on vserver 1200937081 M * geb i don't knwo well planetlab so i am not sure 1200937112 M * gdistasi there should also be a mark on the packet, which tells which user generates the packet 1200937168 M * gdistasi on planet lab a sliver should be associated with a user in the host system... can someone confirm that please? 1200937187 Q * dowdle Remote host closed the connection 1200937191 M * gdistasi geb, I don't know identd 1200937219 M * gdistasi let me take a look on the internet about that 1200937261 M * geb theire is lot of iptables patch/extention for adding some filters 1200937270 M * geb maybe some will help you 1200937355 M * gdistasi I hope so 1200937384 M * geb gtg, i will be happy to help you tomorow and/or ask you few question about planetlab 1200937390 M * geb bye :) 1200937412 Q * geb Quit: Quitte 1200937449 Q * marcel Read error: Connection reset by peer 1200937602 Q * derjohn_mobil Ping timeout: 480 seconds 1200937891 J * Punkie ~punkie@home.pekelny.net 1200937993 Q * JonB Quit: This computer has gone to sleep 1200938405 Q * jescheng Remote host closed the connection 1200938416 J * jescheng ~jescheng@proxy-sjc-2.cisco.com 1200938526 Q * gdistasi Read error: Connection reset by peer 1200938566 J * gdistasi ~gdistasi@143.225.229.142 1200939215 J * Martz ~Martz@router.palastanga.com 1200939341 Q * glen Server closed connection 1200939353 J * glen ~glen@elves.delfi.ee 1200940324 J * bragon ~bragon@2001:7a8:aa58::1 1200941234 J * hparker ~hparker@linux.homershut.net 1200941296 Q * gdistasi Quit: Konversation terminated! 1200941548 J * mire ~mire@165-170-222-85.adsl.verat.net 1200943102 J * gdistasi ~gdistasi@143.225.229.142 1200943107 M * gdistasi hi there 1200943172 M * gdistasi Does anybody know how I can tell which guest has generated a packet? 1200943233 M * gdistasi someone talked about a mark... I tried to match packets in iptables on a mark basis (using the id of the guest), but it didn't work 1200943604 Q * gdistasi Quit: Konversation terminated! 1200944216 J * JonB ~NoSuchUse@kg1-68.kollegiegaarden.dk 1200945851 J * Aiken ~james@ppp121-45-206-209.lns1.bne1.internode.on.net 1200945973 Q * JonB Quit: This computer has gone to sleep 1200946705 T * daniel_hozac http://linux-vserver.org/ | latest stable 2.2.0.6, 2.0.3-rc3, devel 2.3.0.32, stable+grsec 2.2.0.5 | util-vserver-0.30.214 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we'll forget about the minute ;) 1200947988 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1200949825 Q * bonbons Remote host closed the connection 1200949940 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1200950289 Q * bonbons Quit: Leaving 1200950584 Q * Genghis Ping timeout: 480 seconds 1200951478 Q * ftx Ping timeout: 480 seconds 1200951804 J * yarihm ~yarihm@84-75-103-252.dclient.hispeed.ch 1200952540 Q * yarihm Quit: Leaving 1200954068 Q * Julius Remote host closed the connection 1200954459 N * Bertl_oO Bertl 1200954520 M * Bertl evening from Brussels! 1200954531 M * daniel_hozac evening Bertl! how was the trip? 1200954579 M * Bertl surprisingly uneventfull :) 1200954633 M * Bertl -l 1200954876 J * derjohn_mobil ~aj@e180223142.adsl.alicedsl.de 1200956497 J * dna_ ~dna@199-212-dsl.kielnet.net 1200956878 Q * dna Ping timeout: 480 seconds 1200957202 Q * FireEgl Ping timeout: 480 seconds 1200957227 Q * daniel_hozac Ping timeout: 480 seconds 1200957238 Q * bragon Ping timeout: 480 seconds 1200957716 J * daniel_hozac ~daniel@ssh.hozac.com 1200957763 J * bragon ~bragon@2001:7a8:aa58::1 1200958893 M * doh does Per Context Quota, or user/group quotas in a vps work, and if so, how? 1200958926 M * daniel_hozac you need to use LVM or similar, and put each guest on a separate filesystem. 1200958935 M * Bertl yes, they work both, the former has been put on hold some time ago, because of insignificant interest ... 1200958951 M * doh hm, i thought it was the same tbh 1200958964 M * doh eg, Per Context quota being user/group quotas 1200958970 M * daniel_hozac per-context quota is for multiple guests on one filesystem. 1200958973 M * Bertl no, 'per context quota' means you can set a total for that context 1200958994 M * Bertl disregard the last comment 1200958997 M * daniel_hozac i thought we used disk limits for that? :) 1200959000 M * Bertl should have been: 1200959008 M * Bertl no, 'disk limit' means you can set a total for that context 1200959018 M * doh aha :) 1200959025 M * Bertl and 'per context quota' is on a shared partition (with tagging) 1200959049 M * Bertl the disk limits and the user/group quota on a separate partition are implemented and working 1200959099 M * Bertl daniel_hozac: to explain the confusion I'm spreading: I have been reading up on Linux-VServer history, and a few minutes ago, I read my suggestion for context quota :) 1200959121 M * doh A: simple, if you want user/group quota inside a vserver on a shared partition, then you are speaking of Per Context Quota. If you want to account/limit a vserver's disk usage we speak of Context Disk Limits. 1200959121 M * daniel_hozac ah, hehe 1200959125 M * doh that one confused me a bit 1200959176 M * Bertl daniel_hozac: http://www.paul.sladen.org/vserver/archives/200207/0034.html 1200959210 M * doh anyway, say i only want to run 1 vps, be it on its own partition, or with the root partition, can i do user/group quotas in that vps? 1200959229 M * Bertl on it's own partition, yes, with vroot in a secure way 1200959259 M * doh there any documentation on howto anywhere? 1200959323 M * daniel_hozac http://linux-vserver.org/Standard_non-shared_quota 1200959346 M * doh how did i miss that :o 1200959349 M * doh thanks 1200959436 M * Bertl the 'Disk Limits and Quota' wiki page is very scarce ... 1200959441 M * daniel_hozac indeed. 1200959456 M * daniel_hozac it's been on my todo... 1200959483 M * daniel_hozac (i also think they should be separate pages, but that's a separate discussion) 1200959600 M * doh but i am correct in assuming this needs a seperate partition, eg it can't be done if you run your vservers with the host root filesystem? 1200959632 M * Bertl correct