1260490938 J * dowdle_ ~dowdle@scott.coe.montana.edu 1260490938 Q * dowdle Read error: Connection reset by peer 1260491061 N * dowdle_ dowdle 1260491184 Q * derjohn_mob Ping timeout: 480 seconds 1260491747 J * derjohn_mob ~aj@d026173.adsl.hansenet.de 1260491852 J * jrklein ~jrklein@2001:0:53aa:64c:0:4c1b:b4d8:690 1260492467 J * imachine eaee3cefab@mc2-p010.mc2.chalmers.se 1260492470 M * imachine hello 1260492515 M * imachine I run linux-vserver on linux-debian, I have a question, is it possible to run a vserver inside a box, then cut that box to lan only, and make the vserver have an external ip and local ip, and have all routing go through that vserver, including the traffic from the main box? 1260492531 M * imachine the physical server, being the mother of the vserver-firewall? 1260492538 M * imachine it sounds strange I know 1260492567 M * imachine ;) 1260492595 M * imachine it's not really necessary - I couold just fire up a firewall on the main box, and forget about a separate firewall all together ;) 1260492607 M * imachine however, the question remains :-) 1260492643 M * Bertl well, Linux-VServer uses ip isolation, so no virtual network stack is involved by default 1260492662 M * Bertl i.e. there is no routing between host and guest or between guests on the same host 1260492704 M * imachine but if I keep my vservers on lan, and want them to see the world, I need to turn on routing on the main box 1260492711 M * imachine but I guess I can't turn on routing on a vserver 1260492755 M * grant shorewall ;) 1260492759 M * Bertl nope, as network is on the host 1260492767 M * imachine nevermind, I'll just run shorewall on the host 1260492771 M * imachine grant, yes ;) 1260492777 M * grant hehe 1260492781 M * Bertl of course, you can give priviledges to a guest to control the firewall _for_ the host 1260492793 M * imachine Bertl, yeah, but that's not necessary I guess. 1260492805 M * Bertl and probably not very useful either :) 1260492808 M * imachine yeah 1260492819 M * imachine it's not what I want anyway 1260492830 M * grant child stop father trinking beer 1260492831 M * imachine I guess it was a bit overhead to begin with :) 1260492861 M * Bertl you can do such things with xen though 1260492913 M * grant i tryd to configure a serfer with one firewall and the lan server on the other hand 1260492918 M * grant server 1260492919 M * Bertl like mapping interfaces into domUs and routing between them and the dom0 1260492926 M * grant so with xen 1260492929 M * grant really big shit hehe 1260492948 M * Bertl personally I prefer kvm, if full virtualization is required 1260492983 M * grant but is it more secure than xen? 1260493001 M * Bertl more important (to me) it is simple to use :) 1260493006 M * grant hr 1260493051 M * Bertl security wise, it's a process on the host, so apart from implementation issues and security flaws, it should be fine 1260493146 M * grant bertl why the grsecurity part is not standard in the vserver patch? 1260493177 M * Bertl because it usually is quite experimental ... 1260493185 M * grant hmmm 1260493498 M * imachine hmm now question: 1260493546 M * imachine if my vservers have two ips, one external, bound to say eth0, and one internal, bound to virtual dummy0, if I enable routing on the host for the virtual dummy0 network, how will the vserver enter world? 1260493577 M * Bertl if you route anything through dummy0 it will be lost in the void :) 1260493594 M * Bertl and nothing (good :) will ever come out of it either :) 1260493598 M * imachine will it "know" automatically to choose the proper interface, i.e. eth0 in this case for "out", and will it know to use "dummy0" only for the virtual network. 1260493617 M * imachine I only want dummy to have a network, a dmz ;) 1260493620 M * Bertl there is no 'virtual' network, and dummy0 will not be used :) 1260493622 M * imachine for my vservers to share ;) 1260493655 M * Bertl nevertheless, you can put your 'private' ips on dummy0, the guests will use 'lo' instead 1260493677 M * imachine huh 1260493684 M * imachine so the guests share the lo iface ? 1260493694 M * imachine together with the host ? 1260493703 M * Bertl yes and no, host local network communication always uses lo 1260493717 M * imachine yeah, 1260493724 M * Bertl as the guests use ip isolation, the networking happens on the host, and it is local :) 1260493724 M * imachine what I want is: one vserver to be say mysql 1260493732 M * imachine and other vservers to connect to that vserver 1260493740 M * Bertl sure, no problem with that 1260493740 M * imachine hence, dummy0 and private network, dmz sorta. 1260493764 Q * dowdle Remote host closed the connection 1260493770 M * Bertl yeah, works, still, if you tcpdump on dummy0, you'll see nothing, but if you inspect lo, you'll get all the traffic 1260493780 M * imachine ok 1260493791 M * imachine I get it, so it actually goes through lo 1260493808 M * imachine no probs with that I guess 1260493830 M * Bertl yep, with recent Linux-VServer 'lo' as you know it is properly isolated too 1260493841 M * imachine recent = ? 1260493877 M * Bertl i.e. the guests each get a separate 127.x.y.1 ip, which is mapped to and from the 127.a.b.c range 1260493884 M * Bertl recent means vs2.3 1260494041 M * imachine ok 1260494053 M * grant ah lo is not shared anymore!? 1260494060 M * grant intrsting 1260494082 M * imachine how can I check which version I have ? 1260494093 M * Bertl it is part of the kernel name 1260494094 M * grant in the name of the kernel patch :) 1260494129 M * imachine not in my cas 1260494131 M * imachine well 1260494132 M * imachine mebb 1260494133 M * Bertl except for debian kernels, they are a mystery :) 1260494137 M * imachine but I have default debian kernel 1260494139 M * imachine yeah ;) 1260494147 M * Bertl is it 2.6.26? 1260494151 M * imachine perhapsh I can query some /proc ? 1260494152 M * imachine yea 1260494162 M * Bertl then I'd suggest to read this first: 1260494178 M * Bertl http://linux-vserver.org/Installation_on_Debian#Issues_with_the_current_2.6.26_Kernel 1260494319 M * imachine Bertl, would you suggest using the unofficial packages from zbla.net ? 1260494335 M * imachine aside from building your own, ofcourse :) 1260494375 M * Bertl no idea, I think I haven't heard of them ... 1260494411 M * imachine Bertl, it's on the link you showed me.. 1260494432 M * Bertl so probably it worked for somebody :) 1260494705 Q * yarihm Quit: Leaving 1260495080 Q * derjohn_mob Ping timeout: 480 seconds 1260495356 M * imachine ;) 1260495367 M * imachine checking it out now wondering how it will bite with lenny 1260495378 M * imachine it looks testing'y ;) 1260495614 J * derjohn_mob ~aj@d026173.adsl.hansenet.de 1260496123 M * imachine works fine so far on lenny 1260496129 M * imachine cheers gonn go sleep, ttyl 1260496796 J * hparker ~hparker@205.162.219.231 1260497868 Q * hparker Ping timeout: 480 seconds 1260499559 J * geb ~geb@earth.gebura.eu.org 1260499740 J * hparker ~hparker@208.4.189.181 1260502466 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1260502913 Q * derjohn_mob Ping timeout: 480 seconds 1260503277 J * hparker ~hparker@208.4.189.181 1260503456 J * derjohn_mob ~aj@d026173.adsl.hansenet.de 1260504031 J * saulus_ ~saulus@c192152.adsl.hansenet.de 1260504443 Q * SauLus Ping timeout: 480 seconds 1260504448 N * saulus_ SauLus 1260504507 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1260507095 Q * Piet Remote host closed the connection 1260507229 J * Piet ~Piet__@659AAD6M6.tor-irc.dnsbl.oftc.net 1260511205 Q * niki Quit: Leaving 1260512507 M * Bertl off to bed now .. have a good one everyone! 1260512513 N * Bertl Bertl_zZ 1260513942 J * sharkjaw ~gab@90.149.121.45 1260515095 J * zbyniu_ zbyniu@ip-62.181.188.13.static.crowley.pl 1260515095 Q * zbyniu Read error: Connection reset by peer 1260515725 J * ntrs__ ~ntrs@77.29.8.85 1260517011 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1260519887 N * bobnormal_ bobnormal 1260519893 M * bobnormal mornin'! 1260521061 J * friendly ~friendly@ppp118-209-31-140.lns20.mel4.internode.on.net 1260521498 Q * DreamerC Quit: leaving 1260521568 J * DreamerC ~DreamerC@122-116-181-118.HINET-IP.hinet.net 1260523492 J * thierryp ~thierry@zankai.inria.fr 1260524291 Q * friendly Quit: Leaving. 1260525893 Q * derjohn_mob Ping timeout: 480 seconds 1260526180 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1260526995 J * kir ~kir@swsoft-msk-nat.sw.ru 1260527724 M * ghislain hello there, what if i chxid a file that is hashified ? 1260527729 M * ghislain do it lead to issues ? 1260527773 M * daniel_hozac yes, only that guest will be able to access the file. 1260527801 M * ghislain dam it thanks 1260527810 M * ghislain to untag i chxid -c 0 ? 1260527813 M * daniel_hozac yes 1260527911 M * ghislain that explain a lot :D 1260528116 M * ghislain i guess that vserver xx hashify untag the files but my nightly cron put them back 1260528345 M * ghislain daniel_hozac: the faq sems flawed it says: 1260528347 M * ghislain mkdir /etc/vservers/.defaults/apps/vunify/hash /vservers/.hash 1260528347 M * ghislain ln -s /vservers/.hash /etc/vservers/.defaults/apps/vunify/hash/root 1260528387 M * ghislain is it not mkdir /vservers/.hash ; ln -s /vservers/.hash /etc/vservers/.defaults/apps/vunify/hash ? 1260528405 P * phrst 1260528469 M * daniel_hozac no 1260528473 M * daniel_hozac the FAQ is correct. 1260528609 M * blathijs ghislain: The "FAQ way" works for me. It allows for multiple has dirs (e.g., one per filesystem) 1260528661 M * ghislain ok, if we messed things up how can we un-hashify and start over without loosing data :D 1260528685 M * ghislain blathijs: thanks i do not remember why i done it the wrong(tm) way..silly me 1260528762 M * blathijs ghislain: I think you can just throw away the .hash directories, since the files will be hardlinked in their real places anyway. Remove one part of a hardlink shouldn't affect the others. Not 100% sure if this works for these unify hardlinks as well, though. 1260531628 J * davidkarban ~david@80.250.18.198 1260531799 Q * DLange Ping timeout: 480 seconds 1260531941 J * DLange ~DLange@dlange.user.oftc.net 1260532364 J * balbir ~balbir@122.163.214.80 1260533030 Q * ntrs__ Ping timeout: 480 seconds 1260535681 M * thierryp daniel_hozac: hi there 1260535763 M * daniel_hozac hi 1260535792 M * thierryp hi; still struggling with the f12 build 1260535801 M * thierryp I've worked around the patches conflicts 1260535810 M * thierryp and was curious about IPV6 1260535824 M * thierryp I've had to ignore the result of the make oldconfig stuff 1260535845 M * thierryp this was triggering a warning about IPV6 being set to 'm' in the config 1260535854 M * thierryp the original f12 config that is 1260535874 M * thierryp and it looks like the vs patch has somehow impacted that setting 1260535893 M * thierryp boolean symbol IPV6 tested for 'm'? test forced to 'n' 1260535898 M * thierryp any clue on that ? 1260535909 M * thierryp not that I need ipv6, just being curious 1260535952 M * daniel_hozac set it to y. 1260536002 M * thierryp OK 1260536013 M * thierryp what's wrong with the module ? 1260536022 M * daniel_hozac it can't be a module. 1260536064 M * daniel_hozac the code required to keep it as a module hasn't been written. 1260536074 M * thierryp ok - that's fine with me 1260536098 M * thierryp while i'm at it.. 1260536141 M * thierryp since I'll rebuild the kernel for f12, I could also rebuild util-vserver 1260536149 M * thierryp unless the fedora stock is up2date 1260536154 M * daniel_hozac it's not. 1260536157 M * thierryp fedora currently has util-vserver-build-0.30.215+svn2847-143596525.fc12.x86_64 1260536164 M * thierryp what should I use then ? 1260536180 M * fback daniel_hozac: iirc there's a patch for pld (polish linux distribution) that allows ipv6 as a module 1260536312 M * thierryp I can see that this version of util-vserver does not have support for f12 itself 1260536354 M * daniel_hozac fback: maybe you should tell them to submit it upstream. 1260536854 M * cehteh does vserver benefit from the new samepage merging in 2.6.32? guess unification does the job already in a different way or? 1260537272 J * cri ~cri@fsfe-zurich.vmk.zhdk.ch 1260537377 M * cri hi, is it OK that all pages on http://oldwiki.linux-vserver.org/ redirect to the home page? 1260537414 M * cri I'm trying to access some pages on the old wiki 1260537735 M * daniel_hozac cehteh: yes. 1260537762 M * daniel_hozac cehteh: unification does that, to some extent. 1260537807 M * cehteh yeah .. i wonder if the page-merger can do more / better and if it would worth the efforts nothing done so far i assume 1260537878 M * daniel_hozac give it a try, feel free to report. 1260537935 M * cehteh i am busy with other things .. didnt even figured out whats needed to merge pages, i read that potential pages have to be marked somehow 1260537956 M * cehteh this is not out of the box working 1260538106 P * kir Leaving. 1260538551 M * daniel_hozac cri: try it now. 1260538592 M * cri daniel_hozac: much better, thanks :) 1260538636 N * Bertl_zZ Bertl 1260538642 M * Bertl morning folks! 1260538850 Q * sharkjaw Quit: Leaving 1260539593 M * fLoo hey Bertl 1260539626 Q * fLoo 1260539793 J * fLoo fLoo@188.194.83.192 1260539794 M * fLoo re 1260539826 M * Bertl how's piA? :) 1260540442 Q * jrdnyquist Remote host closed the connection 1260540597 M * fLoo i'm fine thanks 1260541031 J * derjohn_mob ~aj@80.85.196.112 1260541581 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1260542134 J * docelic ~docelic@78-2-115-20.adsl.net.t-com.hr 1260542143 J * ntrs__ ~ntrs@77.29.6.129 1260542628 J * barismetin ~barismeti@zanzibar.inria.fr 1260542680 M * ghislain just a little question, if i move the .hash directory on the same partition this should not be an issue for the running hashified vserver's ? as the inode should not change only the directoy's one ? 1260542925 M * Bertl should be fine 1260542933 Q * balbir Ping timeout: 480 seconds 1260542945 M * vServer_User hi guys 1260542965 M * ghislain thx 1260542966 M * vServer_User i think the network hangs i was experiencing were caused by NFS 1260542972 M * vServer_User *think* 1260543230 M * vServer_User so vserver is free and clear again :) 1260543487 M * Bertl good :) 1260544533 Q * geb Ping timeout: 480 seconds 1260544596 M * thierryp is there a chroot patch for yum-3.2.5 available ? 1260544762 M * daniel_hozac 3.2.5? 3.2.4 doesn't apply to that? 1260545845 Q * thierryp Remote host closed the connection 1260545876 Q * fLoo 1260546561 J * dowdle ~dowdle@scott.coe.montana.edu 1260547835 J * barismet_ ~barismeti@zanzibar.inria.fr 1260547896 Q * barismetin Read error: Connection reset by peer 1260548684 Q * davidkarban Quit: Ex-Chat 1260548787 J * niki ~niki@0x5553169c.adsl.cybercity.dk 1260548794 J * Evet ~Evet@85.106.155.3 1260548797 M * Evet hey 1260549284 J * thierryp ~thierry@ANice-256-1-153-8.w90-52.abo.wanadoo.fr 1260549773 Q * thierryp Ping timeout: 480 seconds 1260550306 Q * derjohn_mob Ping timeout: 480 seconds 1260550635 Q * SubZero Ping timeout: 480 seconds 1260551358 Q * cri Quit: Leaving. 1260552247 J * dna ~dna@p54BC97E1.dip0.t-ipconnect.de 1260552494 Q * FireEgl Ping timeout: 480 seconds 1260552773 J * dna_ ~dna@p54BC97E1.dip0.t-ipconnect.de 1260553092 N * DoberMann[ZZZzzz] DoberMann 1260553119 Q * dna Ping timeout: 480 seconds 1260553786 J * docelic_ ~docelic@78-2-72-254.adsl.net.t-com.hr 1260553935 Q * docelic Ping timeout: 480 seconds 1260553984 J * derjohn_mob ~aj@tmo-109-25.customers.d1-online.com 1260554154 Q * barismet_ Quit: Leaving... 1260554917 Q * gnuk Quit: NoFeature 1260555562 J * FireEgl Proteus@2001:470:e056:1:4::9 1260555871 J * thierryp ~thierry@home.parmentelat.net 1260555910 Q * derjohn_mob Ping timeout: 480 seconds 1260557007 Q * FireEgl Quit: Leaving... 1260557080 J * dna ~dna@p54BC97E1.dip0.t-ipconnect.de 1260557462 J * dna__ ~dna@p54BC97E1.dip0.t-ipconnect.de 1260557468 Q * dna_ Ping timeout: 480 seconds 1260557490 Q * bobnormal Quit: Leaving 1260557647 Q * thierryp Remote host closed the connection 1260557829 Q * dna Ping timeout: 480 seconds 1260557941 J * ntrs_ ~ntrs@77.28.5.101 1260558092 Q * Evet Quit: Leaving 1260558360 J * FireEgl ~FireEgl@2001:470:e056:1:4::9 1260558372 Q * ntrs__ Ping timeout: 480 seconds 1260558465 J * hparker ~hparker@linux.homershut.net 1260558639 Q * dna__ Ping timeout: 480 seconds 1260558654 J * dna ~dna@p54BC97E1.dip0.t-ipconnect.de 1260558904 J * hijacker ~hijacker@87-126-142-51.btc-net.bg 1260559046 P * gerrit 1260559745 N * zbyniu_ zbyniu 1260559857 J * dna_ ~dna@p54BC97E1.dip0.t-ipconnect.de 1260559988 Q * dna Ping timeout: 480 seconds 1260560380 Q * dna_ Ping timeout: 480 seconds 1260560447 J * dna ~dna@p54BC97E1.dip0.t-ipconnect.de 1260560633 J * kir ~kir@swsoft-msk-nat.sw.ru 1260560821 Q * kir 1260560828 J * kir ~kir@swsoft-msk-nat.sw.ru 1260560849 Q * kir 1260560959 Q * docelic_ Ping timeout: 480 seconds 1260561057 J * dna_ ~dna@p54BC97E1.dip0.t-ipconnect.de 1260561369 Q * dna Ping timeout: 480 seconds 1260561639 Q * dna_ Ping timeout: 480 seconds 1260561653 J * dna ~dna@p54BC97E1.dip0.t-ipconnect.de 1260561795 Q * DLange Quit: freenode 1260561919 J * DLange ~DLange@dlange.user.oftc.net 1260563199 J * cri ~cri@151.59.189.155 1260564231 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1260564614 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1260565165 Q * cri Ping timeout: 480 seconds 1260565609 J * blues_ ~blues@afgv127.neoplus.adsl.tpnet.pl 1260565729 Q * blues Ping timeout: 480 seconds 1260565834 J * cri ~cri@151.59.190.29 1260567548 Q * FireEgl Ping timeout: 480 seconds 1260567636 Q * hijacker Quit: Leaving 1260568141 J * FireEgl ~FireEgl@2001:470:e056:1:4::9 1260568340 Q * ghislain Quit: Leaving. 1260569039 J * ntrs__ ~ntrs@77.29.10.158 1260569115 Q * ntrs_ Read error: Connection reset by peer 1260569259 P * cri 1260569589 Q * jrklein Quit: jrklein 1260570433 J * dna_ ~dna@p54BC97E1.dip0.t-ipconnect.de 1260570513 Q * dna_ 1260570700 Q * dna Ping timeout: 480 seconds 1260571306 Q * Piet Remote host closed the connection 1260571375 J * Piet ~Piet__@659AAD69S.tor-irc.dnsbl.oftc.net 1260571873 Q * ktwilight Ping timeout: 480 seconds 1260572527 Q * ntrs__ Ping timeout: 480 seconds 1260572767 M * Bertl off for now ... bbl 1260572775 N * Bertl Bertl_oO 1260572866 J * docelic ~docelic@78-2-64-60.adsl.net.t-com.hr 1260574206 Q * bonbons Quit: Leaving 1260575241 Q * imcsk8 Quit: Leaving 1260575397 N * DoberMann DoberMann[ZZZzzz]