1220835188 A * MooingLemur has been beating on 2.3.0.35.5 for a few days
1220835212 M * MooingLemur haven't seen anything particularly weird yet :)
1220835279 M * MooingLemur would mounting an ext3 partition on a 2.6.26 kernel upgrade or do something to its superblock?
1220835317 M * Bertl yes, IIRC there are new flags, but they are forward and backward compatible (mainline)
1220835373 M * MooingLemur /dev/mapper/vs primary superblock features different from backup, check forced.
1220835381 M * MooingLemur I was test-fscking to see how long it would take :)
1220835421 M * MooingLemur 2 hours.  dm-crypt 10x1TB raid6 :P
1220836385 Q * androsch 
1220836536 M * Bertl okay, off to bed now .. have a good one everyone! cya!
1220836544 N * Bertl Bertl_zZ
1220837036 Q * doener_ Remote host closed the connection
1220838759 Q * xdr Ping timeout: 480 seconds
1220840471 Q * quinq Remote host closed the connection
1220840870 J * BrunoXLambert ~Bruno@dsl-155-199.b2b2c.ca
1220841659 J * derjohn_foo ~aj@p5B23E075.dip.t-dialin.net
1220842088 Q * derjohn_mob Ping timeout: 480 seconds
1220843294 Q * bzed Remote host closed the connection
1220843317 J * Loki_muh loki@satanix.de
1220843320 Q * Loki|muh Remote host closed the connection
1220843328 N * Loki_muh Loki|muh
1220843365 J * bzed ~bzed@devel.recluse.de
1220843373 J * emcepe ~mcp@wolk-project.de
1220843693 Q * emcepe Read error: Connection reset by peer
1220843693 J * mcp- ~mcp@wolk-project.de
1220843772 Q * mcp Ping timeout: 480 seconds
1220843772 N * mcp- mcp
1220845826 Q * padde Remote host closed the connection
1220845833 J * padde ~padde@patrick-nagel.net
1220846199 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 
1220846199 T * ChanServ -
1220846213 J * morrigan_ morrigan@IRC.13thfloor.at
1220846213 Q * morrigan Read error: Connection reset by peer
1220846963 J * doener ~doener@i577B947D.versanet.de
1220848452 Q * mcp Read error: Connection reset by peer
1220848493 J * mcp ~mcp@wolk-project.de
1220848603 Q * nenolod Remote host closed the connection
1220848615 J * nenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net
1220849666 Q * padde Remote host closed the connection
1220849740 J * padde ~padde@patrick-nagel.net
1220849796 Q * meebey Remote host closed the connection
1220849797 J * meebey meebey@booster.qnetp.net
1220849832 Q * DLange Remote host closed the connection
1220849839 Q * biz Remote host closed the connection
1220849842 J * biz biz@baze.de
1220849865 J * DLange ~DLange@dlange.user.oftc.net
1220849962 Q * _gh_ Ping timeout: 480 seconds
1220851348 Q * pmenier_off Quit: Konversation terminated!
1220852116 Q * padde Remote host closed the connection
1220852143 J * padde ~padde@patrick-nagel.net
1220852258 Q * laptopnenolod Quit: <arika> this sh scripting is the language of the future
1220852970 J * ntrs ~ntrs@77.29.193.68
1220853093 J * ntrs_ ~ntrs@77.29.199.120
1220853531 Q * ntrs Ping timeout: 480 seconds
1220854734 Q * larsivi Quit: Konversation terminated!
1220855120 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1220855832 Q * ntrs_ Ping timeout: 480 seconds
1220856539 J * nas_ ~chatzilla@opengw.lga.net.sg
1220856565 M * nas_ bertl
1220856597 M * nas_ guys anyone knows how to make changes to ipvsadm permanent
1220856598 M * nas_ ?
1220856617 M * nas_ coz when i reboot the table is cleared again
1220857327 J * ntrs ~ntrs@77.29.199.120
1220858017 Q * ntrs Ping timeout: 480 seconds
1220858425 N * DoberMann[ZZZzzz] DoberMann
1220858752 J * larsivi ~larsivi@85.221.53.194
1220860244 Q * derjohn_foo Ping timeout: 480 seconds
1220860680 J * loddafni1 ~mike@chello080108111137.5.11.univie.teleweb.at
1220861720 J * fanto666 fantomas@fantomas.fantomas.sk
1220861837 M * fanto666 hello, if I have kernel with "CONFIG_VSERVER_REMAP_SADDR=Y", but the localhost IP is in the vserver, can't I bind to localhost even?
1220864099 J * dna ~dna@73-222-dsl.kielnet.net
1220864393 J * quinq ~quinq@quinq.eu.org
1220865457 Q * puck Ping timeout: 480 seconds
1220865565 J * ntrs ~ntrs@77.29.199.120
1220866181 J * giovanni_h ~giovanni@143.225.229.185
1220866401 Q * giovanni_h Remote host closed the connection
1220866907 J * yarihm ~yarihm@84-74-147-84.dclient.hispeed.ch
1220866988 J * dna_ ~dna@73-222-dsl.kielnet.net
1220867219 M * MooingLemur nas_: I think ipvsadm from lvs, not vserver :)
1220867257 M * daniel_hozac fanto666: what?
1220867337 Q * dna Read error: Operation timed out
1220867728 N * Bertl_zZ Bertl
1220867732 M * Bertl morning folks!
1220867781 Q * pisco Remote host closed the connection
1220867916 Q * dna_ Ping timeout: 480 seconds
1220868071 M * Bertl nas_: you want to talk to the ipvsadm folks :)
1220868087 M * nas_ mooing lemur: yeah your're right
1220868100 M * nas_ bertl, i will after i get home
1220868102 M * nas_ later
1220868107 M * Bertl k
1220868108 M * nas_ it's 6PM here
1220868120 M * nas_ =)
1220868155 J * pisco ~pisco@tor.noreply.org
1220868169 Q * nas_ Quit: ChatZilla 0.9.83 [Firefox 3.0/2008061015]
1220868180 J * esa bip@62.123.8.2
1220868469 J * dna ~dna@34-203-dsl.kielnet.net
1220868943 J * dna_ ~dna@158-211-dsl.kielnet.net
1220869142 J * dna__ ~dna@62-212-dsl.kielnet.net
1220869347 Q * dna Ping timeout: 480 seconds
1220869436 Q * dna_ Ping timeout: 480 seconds
1220870337 Q * yarihm Quit: This computer has gone to sleep
1220870428 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net
1220870756 Q * Pazzo Quit: Ex-Chat
1220870776 J * Pazzo ~ugelt@reserved-225136.rol.raiffeisen.net
1220871825 J * xdr ~xdr@4-173-96-87.cust.blixtvik.se
1220871970 J * yarihm ~yarihm@84-74-147-84.dclient.hispeed.ch
1220872441 Q * dna__ Ping timeout: 480 seconds
1220872530 Q * BrunoXLambert Quit: Leaving
1220872691 J * dna ~dna@231-193-dsl.kielnet.net
1220872714 J * magIc20o0 ~magIc20o0@f048041046.adsl.alicedsl.de
1220872758 Q * magIc20o0 
1220873144 Q * yarihm Quit: Leaving
1220874671 Q * ntrs Ping timeout: 480 seconds
1220875724 J * yarihm ~yarihm@whitehead2.nine.ch
1220876061 Q * Aiken Remote host closed the connection
1220876108 M * fanto666 daniel_hozac: I turned CONFIG_VSERVER_REMAP_SADDR=y in kernel config. Then I created vserver that has loopback ionterface as one of interfaces configured (nodev of course). Now it seems that even connections from localhost are remapped to first interface even when loopback is available in the vhost. 
1220876139 M * fanto666 does CONFIG_VSERVER_REMAP_SADDR remap source IP always or only if loopback (localhost) is not available in the context?
1220876153 M * daniel_hozac a) don't assign 127.0.0.1 to guests. b) in Linux-VServer <2.3, 127.0.0.1 will always be remapped to the first IP address.
1220876181 M * Bertl c) there is the single ip special casing too
1220876207 M * daniel_hozac only in 2.3, and CONFIG_VSERVER_REMAP_SADDR doesn't exist there :-)
1220876236 M * fanto666 daniel_hozac: a) why? b) what if localhost was the first IP ?
1220876237 M * Bertl well, it's default in 2.2
1220876336 M * daniel_hozac fanto666: because 127.0.0.1 is going to mess with services on the host, and if you assign it to more than one guest, they're all going to mess with eachother.
1220876370 M * fanto666 that's the risk of all IP's mapped to guests if they are available from host, isn't it? 
1220876407 M * Bertl nope, 127. is kind of special there
1220876716 M * fanto666 hmm what kind of special? I need the vserver to connect to service on localhost
1220876744 Q * pisco Ping timeout: 480 seconds
1220876745 M * Bertl that is something completely different
1220876769 M * Bertl 'localhost' inside a guest should be assinged to the first IP (for vs2.2) and to 127.0.0.1 for vs2.3
1220876789 M * fanto666 does the vs2.3 have it's own localhost?
1220876808 M * daniel_hozac it's own 127.0.0.1, yes.
1220876810 M * Bertl vs2.3 has 127.x isolation, if that is what you ask
1220876823 M * fanto666 aha... what if I want to provide some TCP servicve to local guests?
1220876841 M * Bertl no problem, normal IPs work fine for that
1220876877 M * daniel_hozac and if you don't want a private 127.x, you can disable it. (in 2.3)
1220876923 M * fanto666 well, my first problem was that I could not connect to localhost from the guest...
1220876923 J * pisco ~pisco@tor.noreply.org
1220876927 M * fanto666 I'll look at that
1220876960 M * Bertl connecting to localhost (inside the guest) always works
1220876979 M * fanto666 from the guest to the host
1220876989 M * daniel_hozac that's not localhost.
1220876996 M * Bertl that's connecting outside/across the isolation
1220877029 M * fanto666 since the host is (should be) providing tcp service to the guest
1220877056 M * Bertl yes? why not provide them via 'normal' ips?
1220877086 M * fanto666 mostly because it should not be available from other hosts...
1220877092 M * fanto666 Is there any problem in sharing IP addresses between host and guests?
1220877111 M * Bertl yes, there is the inherent problem of DoS and security
1220877123 M * fanto666 this is not an issue here
1220877130 M * daniel_hozac another host could connect to your 127.0.0.1 if it wanted to.
1220877148 M * fanto666 host? you mean a guest
1220877318 M * daniel_hozac no, i mean host.
1220877318 Q * FireEgl Read error: Connection reset by peer
1220877351 M * fanto666 hmmm ... if I provide 127.0.0.1 to a guest?
1220877377 M * daniel_hozac no, that's completely beside the point.
1220877385 M * daniel_hozac even without Linux-VServer.
1220877404 M * fanto666 ok, so let's not talk about that...
1220877414 M * daniel_hozac my point is that using 127.0.0.1 over any other IP address doesn't add any "security"
1220877443 M * daniel_hozac you'll still have to use iptables to protect the service from outside access.
1220877456 M * Bertl assign a special private IP to the host, run the services there (and only there), setup iptables to keep it local and you are fine and secure
1220877473 M * fanto666 I'm trying to find out why connection to 127.0.0.1 didn't work ...
1220877494 M * fanto666 I added 127.0.0.1 to list of that guest' IP's and it still does not
1220877495 M * Bertl because you are trying to reach a different 127.0.0.1 (from the host)
1220877519 M * fanto666 I have vserver 2.2, that does not have private localhost iirc
1220877521 M * Bertl it will work if you put the 127.0.0.1 as first ip (for the guest)
1220877538 M * Bertl but note: almost nothing else will work properly then :)
1220877542 M * fanto666 bertl good, I asked that too but it was forgotten somehow
1220877585 M * fanto666 hmmm, does the vserver remap ALL source IP's ? doesn't that work with routing tables etc ?
1220877602 M * Bertl it remaps all 127. accesses
1220877714 M * fanto666 daniel_hozac I think that rp_filter and routing tables should take care of that
1220877791 M * daniel_hozac and the same is true for using any other private address.
1220877792 M * fanto666 bertl is is possiblt to turn that off for specific vserver?
1220877804 M * daniel_hozac not in 2.2
1220877806 M * Bertl not with vs2.2
1220877840 M * fanto666 and is it possible to share localhost between guests/host with 2.2 ?
1220877862 M * Bertl yes
1220877917 M * fanto666 and should connect from guest to service running on host/127.0.0.1 work?
1220877925 M * Bertl no
1220877964 M * fanto666 bertl and can I share localhost other way than use 127.0.0.1 as first IP of a guest?
1220877982 M * Bertl yes, as localhost has nothing to do with 127.0.0.1 :)
1220878022 M * fanto666 ok, can I share 127.0.0.1 other way than use 127.0.0.1 as first IP of a guest? (which will make many things not working)
1220878025 M * fanto666 :-)
1220878040 M * Bertl yes, with vs2.3
1220878090 M * fanto666 because with 2.2. the only way is to fuck thing up?
1220878122 M * daniel_hozac or, you know, use a private IP
1220878124 M * Bertl because this setup is not secure and not advised and not required and thus it was never planned or implemented in vs2.2
1220878156 M * fanto666 as i understand it: but I can do the same with eny other host's IP, because it's only 127.0.0.1 that is private for guets
1220878166 M * Bertl fanto666: look, there are a milion of absurd things we could have implemented in vs2.2, but we didn't :)
1220878190 M * Bertl 127.x has special meaning and thus is handled special
1220878205 M * fanto666 Bertl: to have it working, it would be enough fo have one thing NOT implemented :)
1220878225 M * fanto666 s/fo/to
1220878232 M * Bertl fanto666: go ahead, rip out the 127.x handling
1220878240 M * Bertl fanto666: you'll see what breaks then
1220878260 J * FireEgl FireEgl@173.16.9.10
1220878357 M * fanto666 well, I just did not know about this feature...
1220878426 M * Bertl that's why we explained it, and showed you how to do what you want to do in a secure way
1220878433 J * ntrs ~ntrs@77.29.77.210
1220878879 M * fanto666 so if I put 127.0.0.1 as IP to a guest, it will still be used as private ?
1220878893 M * awk ok, I kow this is off topic, but you all are geniuses here and nobody else can help
1220878902 M * awk do you know what the problem might be if I have a vpn tunnel that is ALWAYS using 100% bandwith? is it too heavy encryption ? cisco, ipsec
1220878973 M * fanto666 awk... newer version of cisco vpn client probably?
1220879182 J * nas ~chatzilla@bb116-14-16-236.singnet.com.sg
1220879190 M * nas guys
1220879200 M * nas hello
1220879220 M * nas bertl i was able to make the load balancer work without vserver
1220879262 M * nas but then i come to think of maybe there is another alternative to load balancing
1220879290 M * nas =)
1220879360 M * Bertl fanto666: if you assign 127.0.0.1 to a guest (vs2.2) it will either be ignored, or used as the default ip for almost everything (depending on your config)
1220879379 M * Bertl nas: okay?
1220879386 M * nas yeah
1220879388 M * nas it worked
1220879405 M * nas but then again i only have 2 boxes
1220879433 M * nas so you think maybe i can get away with directors and still have a performance ok system?
1220879507 M * nas is there a simpler way to load balance http requests between say 2 http servers?
1220879565 M * nas or you think it's ok to mix smtp and http load balancer?
1220879607 M * nas because i have another 2 boxes but then it is dedicated for load balancing the email servers
1220879649 M * nas you think it would be a good idea to squeeze in the http in that load balancer
1220879688 M * Bertl well there are many different options here, not sure that you really want to balance email at all
1220879722 M * nas why?
1220879781 M * Bertl well, that requires a smart delivery system with shared disk space (rw)
1220879822 M * nas yeah
1220879835 M * nas well anyway, i have two options here
1220879882 M * nas either i build a RAS http server out of the two boxes only
1220879903 M * Bertl awk: first, get the source for your vpn solution, then use gdb or strace -fF on it
1220879926 M * nas or squeeze in the http balancer in the existing load balancer
1220879956 M * Bertl what does the existing load balance balance right now?
1220879969 M * nas coz in the ldirector there are entries there that lets you specify which service to virtualize
1220879975 M * nas like smtp, http, ftp
1220879981 M * nas smtp
1220879988 M * awk Bertl: its a vpn tunnel, cisco 2801 box to a vpn box in another country
1220880025 M * Bertl awk: so?
1220880081 M * awk Bertl: was wondering if you had ideas of the top of your head :)
1220880116 M * Bertl 100% cpu sounds like a software bug, unless you have _very_ strong encryption :)
1220880127 M * awk no its 100% bw
1220880129 M * awk not cpu
1220880146 M * awk even though nobody is using it, it just runs at 10%
1220880147 M * fanto666 hmmm can packets from/to guest's localhost be seen by tcpdump on the host?
1220880148 M * awk 100%
1220880180 M * Bertl ah, 100% bandwidth, didn't read that correctly
1220880188 M * Bertl well, that sounds even more like a software bug
1220880203 M * Bertl fanto666: yes
1220880225 M * awk yes
1220880238 M * nas bertl: what do you think?
1220880276 M * Bertl nas: IMHO your options range from balancing all to nothing, but that's not really Linux-VServer related
1220880311 M * nas ahahaha
1220880320 M * nas yeah, you've got a point ther
1220880323 M * nas there
1220880340 M * nas but i'm still gonna use vserver for the http servers
1220880343 M * nas so there
1220880366 M * Bertl I would use Linux-VServer for the web and the mail services
1220880388 M * Bertl that way you can start/stop the entire service on 1-4 hosts as you like
1220880627 M * nas bertl: i execute this command in the vserver
1220880629 M * nas ifconfig lo:0 192.168.0.225 netmask 255.255.255.255 -arp
1220880646 M * nas but then when i restart it's gone again
1220880688 M * Bertl you do not use ifconfig inside a guest
1220880781 Q * tam Ping timeout: 480 seconds
1220880880 M * Bertl if you want that to happen on guest startup, put it in the guest's startup scripts
1220880891 M * Bertl if that is something you want configured on the host, do it there
1220881060 M * nas bertl: you mean here  -> http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1220881103 M * Bertl yep
1220881129 M * nas startup scripts as in /etc/vservers/<vservername>/interfaces/0/setting etc.
1220881251 M * Bertl well, more like /etc/vservers/<vserver-name>/scripts/* but if you can get away with one of the /etc/vservers/<vserver-name>/interfaces/<if>/* entries, then it is fine too
1220881287 M * nas oh ok.
1220881312 M * nas how do i make the script execute on startup?
1220881329 M * nas like in host put it in /etc/init.d
1220881354 M * Bertl they are all executed on guest startup or shutdown, depending on the script name (check the url you pasted :)
1220881737 J * dowdle ~dowdle@scott.coe.montana.edu
1220881881 M * nas bertl: ok
1220881907 M * nas bertl: is there a way to make entries in ipvs table not disappear
1220881913 M * nas even after reboot
1220881920 Q * pisco Remote host closed the connection
1220881923 M * Bertl no idea, check with the ipvs folks
1220881939 Q * larsivi Quit: Konversation terminated!
1220882033 M * nas ok. thanks... :)
1220882048 M * nas logging off now. tomorrow again i'll see
1220882054 M * Bertl k, cya!
1220882073 Q * nas Quit: ChatZilla 0.9.83 [Firefox 3.0.1/2008070208]
1220882491 J * pisco ~pisco@tor.noreply.org
1220883447 Q * brc synthon.oftc.net weber.oftc.net
1220883447 Q * MooingLemur synthon.oftc.net weber.oftc.net
1220883447 Q * Hollow synthon.oftc.net weber.oftc.net
1220883450 J * brc bruce@megarapido.cliquerapido.com.br
1220883450 J * MooingLemur ~troy@shells195.pinchaser.com
1220883450 J * Hollow ~hollow@proteus.croup.de
1220884196 J * tam ~tam@gw.nettam.com
1220885395 J * ghislainocfs2 ~Ghislain@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1220886911 Q * micah Read error: Connection reset by peer
1220886925 J * micah ~micah@micah.riseup.net
1220889071 M * Bertl hey ghislainocfs2!
1220889149 M * ghislainocfs2 hello
1220889155 M * ghislainocfs2 just hanging around ;)
1220889169 M * Bertl how's the OCFS2 progress? do you have multi node setup by now?
1220889176 M * ghislainocfs2 monday all customer jump on your back, no time to play with toy, a pity
1220889183 M * ghislainocfs2 not at all lol
1220889196 M * Bertl ah, i.c. well, tomorrow is a day too
1220889196 M * ghislainocfs2 i need the fAI server to work to install the nodes
1220889216 M * ghislainocfs2 yes :)
1220890504 N * DoberMann DoberMann[PullA]
1220891293 Q * yarihm Quit: Leaving
1220892203 J * blues_ blues@adw151.neoplus.adsl.tpnet.pl
1220892231 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1220892323 Q * blues Ping timeout: 480 seconds
1220892421 J * SlackLnx ~Lee@bl7-145-135.dsl.telepac.pt
1220892596 M * biz I'm using a 2.6.22.19-vs2.2.0.7-grsec2.1.11 kernel with util-vserver 0.30.214 and have just bootstrapped an Ubuntu Hardy guest system, but I'm unable to start it
1220892613 M * ktwilight error?
1220892614 M * biz vserver foo start works fine, no errors, the init script go through
1220892628 M * biz vserver foo status does show it as "not running"?
1220892651 M * biz err, as "stopped".
1220892677 M * Bertl biz: are you sure you enabled at least one service inside the guest?
1220892696 M * Bertl otherwise this behaviour is kind-of expected
1220892709 M * biz Ah.
1220892719 M * biz That's good to know, I have no service in there
1220892735 M * Bertl start e.g. syslog or sshd and it should keep running
1220892816 M * biz Bertl: that's it! Thanks very much :-)..
1220892830 M * Bertl you're welcome!
1220892998 Q * xdr Ping timeout: 480 seconds
1220893192 N * pmenier pmenier_off
1220894881 J * xdr ~xdr@gote2.180.cust.blixtvik.net
1220895898 Q * Wonka Ping timeout: 480 seconds
1220897054 J * Wonka produziert@chaos.in-kiel.de
1220897055 J * _gh_ ~gerrit@12.7.84.227
1220897075 J * vargadani ~vargadani@catv-89-135-16-217.catv.broadband.hu
1220897111 M * vargadani hi... what will be the effects of creating a lo interface inside a guest (v. 2.2.0.7)?
1220897122 M * vargadani eg. I have sshd on the host and in the guest as well
1220897140 M * vargadani are they supposed to work separately?
1220897167 M * Bertl you cannot 'create' lo inside a guest
1220897237 M * vargadani i just did it :)
1220897249 M * vargadani let me explain how :)
1220897283 M * vargadani i moved the eth0 (int 0) to 1 in the /etc/vservers/vserver1/interfaces dir
1220897289 M * vargadani and created a new one (0)
1220897299 M * vargadani I editied a few infos on
1220897309 M * vargadani IP 127.0.0.1, name lo mask /8
1220897315 N * DoberMann[PullA] DoberMann
1220897321 M * vargadani i kinda suppose that is not quite LO
1220897324 M * vargadani though
1220897346 M * Bertl will be fun when you stop the guest, I'd say
1220897378 M * Bertl but putting that aside, a) that is not a good idea, b) you didn't create any lo, you assigned the loopback address to the guest
1220897378 Q * Mr_Smoke Read error: Connection reset by peer
1220897404 M * Bertl the main question is, why are you doing that? :)
1220897407 J * Mr_Smoke ~smokey@layla.lecoyote.org
1220897577 M * ktwilight you could have easily assigned a listening ip address to sshd :/
1220897848 M * vargadani Bertl: I was doing that cause I had no other choice as far as I can see... It seems silly now but it was the only way to install zimbra
1220897860 M * vargadani or I couldn't do it in any other ways
1220897877 M * vargadani ktwilight: yeah.. i tried that...
1220897882 M * Bertl sure, the first question is, does zimbra use 127.0.0.1 or Localhost
1220897889 M * vargadani 127.0.0.1
1220897895 M * vargadani in almost all config files
1220897912 M * Bertl then it is broken and should be fixed, nevertheless you can still make it work with vs2.3
1220897920 M * vargadani i tried to modify all 127.0.0.1 to 192.168.1.110
1220897937 M * Bertl modify them to 'localhost' and set localhost to the first assigned ip
1220897940 M * vargadani Bertl: I know I could use 2.3 but it is not stable yet...
1220897974 Q * Pazzo Quit: Ex-Chat
1220897997 M * ktwilight am not great with networking, but would it be possible to alias localhost in /etc/hosts to an ip?
1220898012 M * Bertl yep, that'S the idea
1220898014 M * vargadani ktwilight: it should be
1220898018 M * ktwilight doh, nevermind, i thought zimbra uses "localhost"
1220898033 M * vargadani no... that silly thing uses 127.0.0.1
1220898048 M * ktwilight whoever architect it should be shot dead :/
1220898056 M * Bertl which is broken by design ... you might want to let the zimbra folks know
1220898062 M * vargadani i stop the whole guest now, remove the "lo" and see what happens
1220898077 M * vargadani they know about that, they just don't care
1220898083 M * Bertl prepare your remote console
1220898099 M * vargadani in other VMs 127.0.0.1 isn't an issue
1220898120 M * Bertl Linux-VServer is no VM, and you can easily make it an issue on a normal Linux system
1220898139 M * Bertl (just use 127.0.0.2 for localhost and block 127.0.0.1 :)
1220898141 M * vargadani understood sir!
1220898394 M * vargadani Bertl: you mentioned something about modifying "it" to localhost and set localhost to the first assigned ip...
1220898414 M * vargadani Bertl: would modifying them to the IP of the 1st interface have the same effect?
1220898426 M * Bertl yes, just less flexible
1220898526 J * Aiken ~Aiken@ppp118-208-124-125.lns4.bne4.internode.on.net
1220898622 M * vargadani alright... I removed the 127.0.0.1 interface... now the whole thing stopped working even though I have 192.168.1.111 in every single config file
1220898665 M * Bertl with what error/issue/message?
1220898684 M * Bertl also check that you still _have_ a loopback ip on the host
1220898688 M * vargadani no error/issue/message... it hands there
1220898714 M * vargadani ifconfig only returns 1 interface... that is the eth0
1220898721 M * Bertl on the host, yes?
1220898764 M * vargadani there is one eth0 interface inside the guest and there is lo on the host
1220898793 M * Bertl okay, now define 'stopped working'
1220898794 M * vargadani is that what you ment....
1220898864 M * vargadani alright...
1220898896 M * vargadani the definition of stopped working: it hangs.... so eg: when I try to connect to ldap it send the request message and doesn't recieves anything
1220898904 M * vargadani netstat -tap looks ok
1220898908 M * vargadani as fas as I can tell
1220898929 M * vargadani so they processes are running and the status of zimbra also tells that they are running
1220898942 M * daniel_hozac so, figure out why.
1220898944 M * vargadani however when I try to connect to it, it just hangs and sits
1220898952 M * Bertl which ldap?
1220898961 M * vargadani daniel_hozac: I am on it for 3 days with little success
1220898966 M * vargadani openldap
1220898984 M * Bertl I mean, where is it running?
1220899029 M * vargadani inside the guest...
1220899033 M * vargadani is that what you ment?
1220899043 M * Bertl okay, try to contact it manually then
1220899076 M * vargadani telnet?
1220899105 M * daniel_hozac or, you know, ldapsearch.
1220899312 M * vargadani in fact, I don't know anything about ldap...
1220899316 M * vargadani i have never used it
1220899336 M * vargadani but clamd, amavisd, httpd, mysql and a whole lot more are running 
1220899343 M * vargadani and they all together make up zimbra
1220899380 M * ktwilight start reading ;)
1220899527 M * vargadani thanx... i was reading enough throughout the last 3 days... I don't really want to learn ldap
1220899552 M * Bertl well, if it works for you with the 'hack' you did with adding 127,0.0.1
1220899572 M * Bertl (and you don't want to use vs2.3) then go for it
1220899719 M * vargadani I might use 2.3
1220899736 M * vargadani i just don't want to believe that it can't be done!
1220899751 M * vargadani i am sure it's me and not vserver or zimbra
1220899761 M * vargadani Bertl: how stable is vserver 2.3?
1220900002 J * ntrs_ ~ntrs@77.29.67.119
1220900442 Q * ntrs Ping timeout: 480 seconds
1220901257 J * larsivi ~larsivi@169.80-202-217.nextgentel.com
1220901343 Q * _gh_ Read error: Operation timed out
1220901347 Q * loddafni1 Read error: Connection reset by peer
1220901843 M * Bertl vargadani: reasonably stable but not stable enough to become a stable release :)
1220901870 M * vargadani good... as long as it doesn't crash on me in 45 mins
1220901877 M * vargadani i am good with it :)
1220901901 M * vargadani i will have a presentation in which i want to use linux vserver
1220901913 M * Bertl well, the last release which did that was 0.9.something, IIRC :)
1220901930 M * Bertl but of course, _any_ kernel can crash on you anytime
1220901942 M * vargadani that is true! 
1220901957 M * vargadani still it would be a shame if a linux kernel crashed on me
1220901965 M * vargadani when i do the presentation on it :)
1220902052 M * ktwilight the BSOD :)
1220902115 M * vargadani BSOD?
1220902307 M * Bertl something Windows(tm) users talk about all the time :)
1220902472 M * vargadani ahha...
1220902487 M * vargadani i haven't really used windows since win 98
1220902497 M * vargadani so... please, enlighten me!
1220902524 M * Bertl http://en.wikipedia.org/wiki/BSOD
1220902541 M * biz is there a way to do the following permanently with the /etc/vservers/interfaces/... config system? 
1220902571 M * biz ip addr add foo peer bar dev baz, then naddress --add --nid CONTEXT --ip foo
1220902591 M * biz This will add an IP and then add it to the guest system
1220902616 M * biz the important thing for my setup is the ip .. *peer* option
1220902617 M * Bertl well, looks like the default behaviour to me?
1220902650 M * biz Yeah, except the peer option
1220902659 M * ktwilight vargadani, :)
1220902678 M * Bertl biz: check with daniel_hozac, he probably knows
1220902712 M * biz daniel_hozac: hello? :-)
1220902740 M * daniel_hozac /etc/vservers/interfaces/x/peer is supported in trunk.
1220902757 M * daniel_hozac +<guest>/
1220902772 M * vargadani bluescreen... dang... yeah I met that a lot! -_-
1220902773 M * biz it this only util-vserver or do I need the devel version of the kernel patch, too?
1220902827 M * daniel_hozac util-vserver only grows support, it doesn't drop support for older kernels.
1220902854 M * daniel_hozac except for a few experimental kernel patches, pretty much any patch since the beginning of the project should still work fine.
1220902916 M * biz Oh, that's fine. Thanks for the info :-)
1220905079 J * BrunoXLambert ~Bruno@modemcable188.10-70-69.static.videotron.ca
1220905637 Q * quinq Remote host closed the connection
1220905664 J * quinq ~quinq@quinq.eu.org
1220905671 J * yarihm ~yarihm@84-74-147-84.dclient.hispeed.ch
1220906212 Q * dna Quit: Verlassend
1220906291 J * geb ~geb@188.170.100-84.rev.gaoland.net
1220906347 M * geb hi
1220906728 M * vargadani in about 5 mins, I will either confirm that Zimbra works with 2.3 or pull the trigger O_o
1220906965 Q * yarihm Quit: This computer has gone to sleep
1220907089 Q * BrunoXLambert Quit: Leaving
1220907265 M * vargadani trigger
1220907461 Q * bonbons Quit: Leaving
1220908290 J * balbir_ ~balbir@bi01p1.co.us.ibm.com
1220908787 M * Bertl vargadani: did you setup vs2.3 properly?
1220908803 M * vargadani i think so
1220908808 M * Bertl make sure that you do not assign any 127.x to the guest
1220908810 M * vargadani but tell me, how to set it up properly?
1220908819 M * vargadani i don't have them
1220908834 M * Bertl also, if you have only one IP for your guest, disable the single IP special casing
1220908834 M * vargadani i mean i didn't assign anything 127.x to the guests
1220908850 M * daniel_hozac and enable CONFIG_VSERVER_AUTO_LBACK.
1220908866 M * vargadani alright...
1220908875 M * vargadani where do i find info on how to do those?
1220908879 M * Bertl you can do the former in the guest config
1220908883 M * Bertl http://linux-vserver.org/Capabilities_and_Flags
1220908904 M * Bertl nflags, add ~SINGLE_IP
1220908950 M * Bertl check that you see eth0 and lo inside the guest
1220909019 M * vargadani they are
1220909029 M * vargadani visible
1220909067 M * Bertl good, sshd is running inside the guest?
1220909077 M * vargadani yes
1220909086 M * Bertl try ssh 127.0.0.1 then
1220909104 M * Bertl check the logs what is reported as 'connect from'
1220909135 J * yarihm ~yarihm@84-74-147-84.dclient.hispeed.ch
1220909262 M * vargadani i get the connection refused
1220909307 M * Bertl did you change anything in the sshd setup on that guest?
1220909321 M * vargadani yes
1220909323 M * Bertl (like adding a listen directive?)
1220909328 M * vargadani no
1220909332 M * vargadani i commented that one out
1220909339 M * vargadani it is listening on port 2222 instead
1220909341 M * vargadani that's all i did
1220909356 M * Bertl so you tried to ssh to that port, yes?
1220909374 M * vargadani yes
1220909382 M * vargadani i reinstall sshd just in case
1220909390 M * Bertl what does 'lsof -ni :2222' say?
1220909415 M * Bertl and what does your /proc/virtnet/<nid>/* files contain?
1220909417 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines)
1220909544 M * vargadani alright...
1220909555 M * vargadani i have sshd running on the host as well
1220909575 M * vargadani when connecting from inside the guest to 127.0.0.1 i connect to the host
1220909590 M * Bertl then you di something wrong :)
1220909593 M * Bertl *did
1220909602 M * vargadani i figured
1220909607 M * vargadani i wonder what...
1220909623 M * Bertl we'll see from the virtnet files
1220909682 M * vargadani http://paste.linux-vserver.org/12442
1220909693 M * vargadani maybe it would be easier to remove the guest and install a new one
1220909742 M * Bertl single IP is still enabled
1220909766 M * vargadani i don't know how to disable it
1220909779 M * Bertl 23:21 < Bertl> nflags, add ~SINGLE_IP
1220909799 M * vargadani yeah well that doesn't tell me anything useful...
1220909826 M * daniel_hozac if you had read the link that went with it, you'd understand.
1220909854 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html
1220909868 M * Bertl search for nflags
1220909929 M * Bertl limit your host's sshd to the host IPs if you want to run/test with sshd on the same port
1220910044 M * Bertl okay, off to bed now ... have a good one everyone!
1220910051 N * Bertl Bertl_zZ
1220910295 Q * esa Remote host closed the connection
1220910382 J * esa bip@62.123.8.2
1220910421 Q * FireEgl Ping timeout: 480 seconds
1220910691 J * BrunoXLambert ~Bruno@dsl-155-199.b2b2c.ca
1220911255 N * DoberMann DoberMann[ZZZzzz]
1220911267 J * doener_ ~doener@i577BB27B.versanet.de
1220911368 Q * doener Ping timeout: 480 seconds
1220911593 Q * vargadani Remote host closed the connection
1220912630 J * derjohn_foo ~aj@e180222195.adsl.alicedsl.de
1220913169 Q * nkukard Ping timeout: 480 seconds
1220913183 Q * yarihm Quit: Leaving
1220913196 J * nkukard ~nkukard@196.212.73.74
1220913402 Q * esa Remote host closed the connection
1220913428 J * esa bip@62.123.8.2
1220914089 Q * esa Ping timeout: 480 seconds
1220914180 J * esa bip@62.123.8.201
1220914316 M * biz daniel_hozac: do you know why a guest always uses its first interface's IP address as the source-address?
1220914386 M * biz even if there is a second interface configured which uses the device that has an entry in the routing table on the host system
1220914451 M * daniel_hozac interfaces are not relevant.
1220914471 M * biz is it all about the routing table?
1220914478 M * daniel_hozac yes.
1220914533 M * biz let me explain: eth0 on the host-system is 172.16.1.1, eth1 on the host-system is 10.0.1.1
1220914570 M * biz eth0 in the guest-system is 172.16.1.2, eth1 in the guest-system is 10.0.1.2
1220914634 M * biz now when I connect to a remote service on eg. 10.0.1.5 (which is directly connected to eth1 of the local system), I get 172.16.1.2 as the source address there
1220914646 M * daniel_hozac what kernel?
1220914662 M * biz 2.6.22.19
1220914666 M * biz 10.0.1.0        *               255.255.255.0   U     0      0        0 eth1
1220914681 M * daniel_hozac use ip route show instead.
1220914706 M * biz and now the funny part. If I switch the interface numbering in /etc/vservers/.../interfaces, I get the other address as source-addr.
1220914731 M * biz 10.0.1.0/24 dev eth1  proto kernel  scope link  src 10.0.1.1
1220914746 M * biz I don't get this..
1220914754 M * daniel_hozac and you've got /etc/vservers/<guest>/interfaces/*/prefix set correctly, right?
1220914826 M * biz Uhm. It's 24
1220914925 M * daniel_hozac so what does cat /proc/virtnet/<nid>/info show? (use paste.linux-vserver.org)
1220915027 M * biz It's just 4 lines?
1220915049 Q * geb Quit: Quitte
1220915052 M * daniel_hozac 4 is greater than 3 :)
1220915108 M * biz ID:     40018
1220915108 M * biz Info:   ffff81011ef43d00
1220915120 M * biz 0:      172.16.1.2/255.255.255.0
1220915120 M * biz 1:      10.0.1.2/255.255.255.0
1220915125 M * biz slow enough? ;-)
1220915221 M * biz So if I swap interface 0 and 1 the source address is correct. Let me swap and try to connect something directly connected to eth0 and see what the source-address is there
1220915242 J * FireEgl FireEgl@adsl-61-147-242.bhm.bellsouth.net
1220915444 M * biz Indeed. The router connected to eth0 doesn't let me out because the source address is 10.0.1.2, while it should be 172.16.1.2
1220915556 M * daniel_hozac paste the output of ip addr show and ip route show.
1220915587 M * biz Ok. I'll pastebin it
1220915747 Q * FireEgl Ping timeout: 480 seconds
1220915993 M * biz http://paste.linux-vserver.org/12443
1220916130 M * daniel_hozac peer defined on ethernet? that makes little to no sense.
1220916199 M * biz You're from NL, right? Do you understand some german?
1220916220 M * daniel_hozac i'm from SE...
1220916220 M * biz It' because of this: http://wiki.hetzner.de/index.php/9_IP_Adressen_mit_Ubuntu
1220916269 M * biz Basically, they don't allow any direct traffic, so I need everything to go via 172.16.1.250 on eth0
1220916331 M * biz (Even stuff for the own subnet)
1220916361 J * FireEgl FireEgl@173.16.9.10
1220916365 M * daniel_hozac you might want to tell them about proxy_arp.
1220916428 M * biz net.ipv4.conf.default.proxy_arp=1
1220916438 M * daniel_hozac on their router?
1220916451 M * daniel_hozac #
1220916451 M * daniel_hozac     inet 10.0.1.1/24 brd 10.0.1.255 scope global eth1  
1220916451 M * daniel_hozac #
1220916452 M * daniel_hozac     inet 10.0.1.2/24 brd 10.0.1.255 scope global eth1  
1220916466 M * daniel_hozac that's not right. one of them should be secondary.
1220916490 M * daniel_hozac and that's something the kernel sets, so something is seriously wrong with your setup.
1220916600 M * biz I've experimented with multiple routing tables and source-ip policies earlier. I'll reboot and start from scratch
1220916676 M * biz The problem is with their policy for everything going out on eth0. I own an additional subnet, and I was yet unable to get it routed via their gateway without the "peer" setup
1220916738 M * biz With Xen, you simply add a default route that goes out via Dom0 which therefore goes out using their gateway
1220916867 M * daniel_hozac that's already what's happening with Linux-VServer.
1220916960 M * daniel_hozac to get the network setup, you can forget about Linux-VServer entirely, and just get it working on the host.
1220916971 M * daniel_hozac once that works, guests will work too.
1220917026 M * biz Ok, that's a good idea. How can I "simulate" adding an IP as if I'd start some guest? "ip addr add ... dev eth0"?
1220917056 M * daniel_hozac sure.
1220917975 M * biz Damn. I've got exactly the same setup as 30 minuter earlier.. and guess what. The source IP is correct now.. seems like there was something seriously messed up
1220917999 M * biz I've tested the configuration without Linux-VServers and it worked as it should..
1220918005 M * biz daniel_hozac: thanks very much
1220918027 M * daniel_hozac you're welcome.