1266883538 Q * dowdle Remote host closed the connection 1266883704 Q * yarihm Quit: This computer has gone to sleep 1266884980 Q * bonbons Quit: Leaving 1266885032 M * Chlorek hm 1266885041 M * Chlorek Bertl sleeping now 1266885057 M * Chlorek anyone alive? 1266885099 M * Chlorek i have an error 1266885102 M * Chlorek http203://c.sed.pl/err 1266885111 M * Chlorek anybody knows what is wrong? 1266885200 M * daniel_hozac what's the actual URL? 1266885218 M * Chlorek http203://c.sed.pl/err 1266885220 M * Chlorek hm 1266885223 M * Chlorek hm hm 1266885236 M * Chlorek something recode :: to 203: 1266885277 M * daniel_hozac you can't strace across context switches. 1266885287 M * daniel_hozac what's your problem exactly? 1266885310 M * Chlorek vcontext: execvp("/usr/sbin/vspace"): Permission denied 1266885326 M * Chlorek when i starting all my vservers 1266885335 M * daniel_hozac and /usr/sbin/vspace has exec permission? 1266885344 M * Chlorek yes 1266885351 M * daniel_hozac do you have grsec or similar? 1266885361 M * Chlorek yes, i have grsecurity 1266885371 J * infowolfe ~infowolfe@c-71-236-152-35.hsd1.or.comcast.net 1266885407 M * Chlorek but it works early 1266885582 M * daniel_hozac i guess you have something in dmesg then? 1266885632 M * Chlorek vxW: [�vcontext�,6325:#3|3|3] did hit the barrier. 1266885671 M * daniel_hozac do you have a barrier on / or something? 1266885673 M * Chlorek but i set barrier for / 1266885859 M * Chlorek ok, i'll ask Bertl tomorrow 1266885861 M * Chlorek bye ;) 1266886593 Q * infowolfe Quit: Leaving 1266887218 J * infowolfe ~infowolfe@c-71-236-152-35.hsd1.or.comcast.net 1266887644 M * cehteh hmpf setting up an network card which should acquire its ip from a dhcp (openvpn) inside a vserver is a bit pain .. 1266887852 Q * infowolfe Quit: Leaving 1266888134 J * infowolfe ~infowolfe@c-71-236-152-35.hsd1.or.comcast.net 1266891646 Q * fzylogic Quit: fzylogic 1266892781 Q * tpo Ping timeout: 480 seconds 1266894069 Q * imcsk8 Quit: Leaving 1266896691 J * jrklein ~jrklein@2001:0:53aa:64c:0:63b5:b4d8:6cf 1266896693 Q * jrklein 1266897627 J * SauLus_ ~SauLus@c207146.adsl.hansenet.de 1266898037 Q * SauLus Ping timeout: 480 seconds 1266898037 N * SauLus_ SauLus 1266904837 J * balbir ~balbir@122.248.161.59 1266905826 M * incd Hmm, I made a new vserver guest, it doesn't want to change its netmask/broadcast to right ones 1266905873 M * incd It has the same values that the first vserver has, except IP 1266906583 M * daniel_hozac how did you make it? 1266906821 M * incd http://linux-vserver.org/Building_Guest_Systems#Building_guests_using_the_clone_build_method 1266906829 M * incd Changed IP's after cloning. 1266907265 M * daniel_hozac so your command was what? 1266907303 J * petzsch ~markus@dslb-094-222-103-154.pools.arcor-ip.net 1266907443 M * incd daniel_hozac: yea :) 1266907464 N * Bertl_zZ Bertl 1266907468 M * Bertl morning folks! 1266907468 M * daniel_hozac that was not a yes/no question :-) 1266907484 M * Bertl who is maintaining 'yea' :) 1266907571 M * petzsch sounds like a new web2.0 tool noone needs ;-) 1266907574 M * petzsch morning folks 1266907607 Q * niki Quit: Leaving 1266908320 M * incd daniel_hozac: sorry :) vserver mail build -m clone --hostname mail.xxx.fi --interface eth0:81.175.xxx.xxx/24 --initstyle gentoo -- --source /vservers/www1 1266908324 M * incd was the command 1266908435 M * incd Bertl: Now with "vserver-info" version 0.30.216-pre2880 with 2.6.32 doesn't hang up the server :) 1266908440 M * incd It just says "Killed" 1266908448 M * incd *vserver-stat 1266908454 M * Bertl what util-vserver version? 1266908471 M * incd Kernel: 2.6.32.8-vs2.3.0.36.29.1 and util-vserver: 0.30.216-pre2880; Feb 22 2010, 09:30:12 1266908492 Q * petzsch Quit: Leaving. 1266908514 M * Bertl looks good, probably the guest (gentoo) is confused 1266908546 M * incd Yea 1266908576 M * Bertl there was a magic line to fix that, IIRC it should be on the wiki, if not, I think daniel_hozac will remember 1266908653 M * incd Anyways, can't get correct netmask/broadcast for my new guest. :/ 1266908677 M * Bertl maybe the ip is already configured on the host? 1266908695 M * Bertl (after the guest 'died', with the wron mask) 1266908736 M * Bertl in this case, remove it manually on the host with 'ip a del ...' 1266908748 J * sharkjaw ~gab@90.149.121.45 1266908899 M * incd or datacenter has bad routing yet again, I'll try the IP with a host that is known working, etc :p 1266909490 J * dna ~dna@91.112.50.30 1266910471 Q * derjohn_mob Ping timeout: 480 seconds 1266910540 J * ncopa ~ncopa@245.39.189.109.customer.cdi.no 1266910622 J * ghislain ~AQUEOS@adsl2.aqueos.com 1266911217 J * yarihm ~yarihm@80-219-173-83.dclient.hispeed.ch 1266911475 J * marcin ~marcin@flip.wutanic.com 1266911582 M * marcin Hi, can someone help me? I'm using Debian Lenny with default package linux-image-vserver. Take a look: http://pastebin.org/95734 1266911592 M * marcin I'm using: 2.6.26-1-vserver-amd64 1266912173 J * dna_ ~dna@91.112.50.30 1266912436 M * ghislain marcin: debian packages are toot old for using cgroup 1266912451 M * ghislain you should use beng packages for that 1266912460 M * ghislain or compile from source 1266912581 Q * dna Ping timeout: 480 seconds 1266912946 M * marcin ghislain: too old? So in this way, I should do kernel upgrade to newer version? What are beng packages? 1266913306 Q * dna_ Ping timeout: 480 seconds 1266914627 Q * balbir Ping timeout: 480 seconds 1266915759 J * derjohn_mob ~aj@213.238.45.2 1266915899 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1266916316 J * thierryp ~thierry@zankai.inria.fr 1266916434 M * ghislain yes cgroup is vserver 2.3, you want to use cgroup isn't it ? 1266916444 J * tpo ~tpo@cable-dynamic-87-245-106-94.shinternet.ch 1266916463 M * ghislain vserver 2.3 requires newest kernels and latest util-vserver tools not available in the debian repository. 1266916513 M * ghislain http://linux-vserver.org/util-vserver:Devdebianpackage 1266916774 J * barismetin ~barismeti@zanzibar.inria.fr 1266917004 Q * _nono_ Ping timeout: 480 seconds 1266917586 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1266918193 J * _nono_ ~gomes@libation.ircam.fr 1266919837 Q * tpo Ping timeout: 480 seconds 1266919926 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1266920195 Q * derjohn_mob Remote host closed the connection 1266920377 J * petzsch ~markus@dslb-094-222-103-154.pools.arcor-ip.net 1266920504 Q * ncopa Ping timeout: 480 seconds 1266921078 J * ncopa ~ncopa@90.149.60.78 1266921378 J * derjohn_mob ~aj@213.238.45.2 1266921407 Q * bonbons Quit: Leaving 1266921536 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1266921959 Q * yang Remote host closed the connection 1266922261 J * yang yang@yang.netrep.oftc.net 1266923631 J * bobnormal ~irc@87-194-32-179.bethere.co.uk 1266923754 J * niki ~niki@94.145.207.11 1266924309 J * balbir ~balbir@122.248.161.59 1266924430 M * bobnormal i have to have a DNS server running on my VServer host, but i want to run one in a guest as well. will a combination of certain nflags and 127.x.y.z-binding in one or both of the host and guest allow for this? otherwise how can i achieve it? 1266924567 M * Bertl what's the problem? 1266924702 M * bobnormal basically when i try to bind UDP port 53 in the guest on 127.0.0.2 for example it fails with 'port in use' since the host is using it .. so im playing with various nflags etc. and 127.0.0. binding to see if its possible to work around 1266924723 M * bobnormal i know with some configs i've previously seen 127.something.not.001 in guests 1266924738 M * bobnormal perhaps if i disable the right flags i can bind to that specifically within the guest to solve? 1266924779 M * Bertl why would you want to bind 127.0.0.2? 1266924817 M * Bertl I mean, don't get me wrong, you can do that, but I'm not sure what you want to accomplish? 1266924878 M * bobnormal i want to host a DNS server within a vserver, however my annoying CTO has mandated all environments must have their own recursive DNS server running to prohibit interdependencies in case of dns server failure 1266924886 M * bobnormal wihch therefore includes the vserver host 1266924904 M * Bertl okay? 1266924956 M * bobnormal havent got it working yet, perhaps bind options for host-environment DNS != specific ip 1266925013 M * bobnormal aha, possibly nameserver 127.0.0.1:1234 might work 1266925017 M * bobnormal in /etc/resolv.conf 1266925105 M * bobnormal nope seems unsupported in linux, OSX supports it though 1266925112 M * Bertl well, you certainly have a host IP, and your guest will have a public? IP too, yes? 1266925139 M * bobnormal no, host will forward the port 1266925172 M * Bertl but to a guest IP, no? 1266925177 M * bobnormal yes. 1266925214 M * Bertl so, the only thing you need 127.x for dns then is the control prot (to start and stop it) 1266925265 M * Bertl i.e. you make sure the guest has single_ip disabled, and the lback stuff enabled, then you can simply start bind inside the guest including the control port 1266925290 M * Bertl it will then be available on :DNS 1266925312 M * bobnormal ok i will try that now, thanks. 1266925318 M * Bertl on the host, all you need to do is to restrict bind to the public? IP you want to use (host wise) 1266925324 M * bobnormal ahh no 1266925328 M * bobnormal the host needs to localhost bind only 1266925336 M * bobnormal its a service for itself only 1266925337 M * Bertl even better then 1266925345 M * bobnormal ok let me try :) 1266925392 M * bobnormal with single_ip disabled, the guest will have to bind specifically to its allocated guest IP, correct? ie: 0.0.0.0 bind will not remap 1266925417 M * Bertl 0.0.0.0 will be mapped to the guest IP(s) 1266925425 M * bobnormal ok 1266925431 M * bobnormal will try before asking any more questions :) 1266925797 M * bobnormal host is running unbound dns daemon lsof verifies localhost:domain bind. guest nflags from nattribute --get are 'lock.lback_remap,lback_allow,hide_netif,hide_lback,state_admin'. guest starts pdns (powerdns) daemon and reports "binding UDP socket to '0.0.0.0' port 53: Address already in use" 1266925916 M * bobnormal argh my bad. unfamiliar with pdns syntax. sorry. :) looks like it's working. 1266925931 M * Bertl good :) 1266925967 M * bobnormal yep! :) next stop, globally distributed vserver-lockdown pdns nameserver with dynamic geoip+dynamic backend-failure-detecting resolution style! :P 1266925985 M * bobnormal or at least, 2x continents within the year 1266926002 M * bobnormal now just gotta sort that horrid mysql replication out ... 1266926274 M * Bertl nap attack .. bbl 1266926298 N * Bertl Bertl_zZ 1266926940 Q * ncopa Ping timeout: 480 seconds 1266927230 Q * niki Quit: Leaving 1266927244 J * niki ~niki@94.145.207.11 1266927487 J * ncopa ~ncopa@245.39.189.109.customer.cdi.no 1266927555 M * _Shiva_ OT: is there a source for recommended hardware to be used in high throughput storage systems..? i.e SAS-controllers other than LSI/mega_sas based..? i think that PERC/6e can't handle my current iops.. 1266928975 Q * marcin Remote host closed the connection 1266929247 J * Psy0rz ~psy0rz@lounge.datux.nl 1266929312 M * Psy0rz is it true that normally the userspace tools and config doesnt change with a new vserver update? i went from 2.2 to 2.3. 1266929443 M * harry yesh 1266929546 M * Psy0rz oki :) 1266929557 M * Psy0rz everything SEEMS to be ok for now :0 1266929579 M * Psy0rz when will 2.3 be renamed to stable? its more stable than "stable" already,right? 1266929837 Q * BenG Quit: I Leave 1266929946 J * marcin ~marcin@flip.wutanic.com 1266930121 J * jpic ~jpic@chocolatpistache.com 1266930127 M * jpic hi, what does that mean please? http://dpaste.com/163548/ 1266930201 M * Psy0rz when something listens on a tcpport, on 0.0.0.0, is it true it wont listen on 127.0.0.1 automaticly? 1266930205 Q * yarihm Quit: This computer has gone to sleep 1266930224 M * harry jpic: do you have a vserver guest running with the same context id already? 1266930513 M * bobnormal _shiva_: storage is a world unto itself :) very complex once you pass a certain point .. we do video .. much hassle. vserver > * for iops 1266930520 M * jpic harry: i think not 1266930592 M * jpic harry: there are two vservers with no names running actually: http://dpaste.com/163551/ the second one has the same context ... is it fixable without reboot? 1266930615 Q * marcin Ping timeout: 480 seconds 1266930657 M * harry sure 1266930660 M * harry vkill 1266930677 M * harry vps to see what processes are running in that context 1266930682 Q * thierryp Ping timeout: 480 seconds 1266930683 M * harry then vkill to kill those 1266931093 J * thierryp ~thierry@193.48.223.248 1266931138 J * marcin ~marcin@flip.wutanic.com 1266931149 M * Psy0rz i want a virtual loopback device for my vserver? do i use LBACK_REMAP to get that? 1266931153 M * Psy0rz or is that unsafe 1266931160 M * jpic what version of vps allows to list the processes of a context? 1266931234 M * harry Psy0rz: it's safe afaik 1266931238 M * harry jpic: man vps ? 1266931344 M * jpic i figured with vps -A | grep, thanks! i think we should upgrade vserver-utils because our man vps is not really helpful 1266931421 M * harry what version are you running? 1266931452 M * harry just run the latest one... 216 something :) 1266931755 M * jpic Latest version available: 0.30.216_pre2864 1266931756 M * jpic Latest version installed: 0.30.216_pre2849 1266931779 M * bobnormal jpic: i use htop .. if you just want pids, if you have cgroups you can cat /dev/cgroup//tasks 1266931832 J * marcin_ ~marcin@flip.wutanic.com 1266931929 Q * marcin Ping timeout: 480 seconds 1266932007 M * harry jpic: that would be "late enough" :) 1266933589 M * Psy0rz why does util-vserver has a crypto api? 1266933594 Q * thierryp Remote host closed the connection 1266933635 Q * sharkjaw Quit: Leaving 1266933892 J * thierryp ~thierry@vis248d.sophia.inria.fr 1266934116 Q * thierryp Remote host closed the connection 1266934444 J * thierryp ~thierry@zankai.inria.fr 1266934519 N * Bertl_zZ Bertl 1266934529 M * Bertl back now ... 1266934754 M * _Shiva_ bobnormal: i think i've found the problem on the Perc that causes controller resets on heavy I/O .. ;-) the queue w/i the controller seems to be limited to 1008 cmds.. but it's configured to be a JBOD for 15 disks which all have nr_requests 128 from the Kernel.. which may cause a queue overflow on heavy I/O - doh! 1266934809 M * Bertl nice controller :) 1266934844 M * _Shiva_ Bertl: that's why i asked about alternatives ;-) 1266934874 M * Bertl depends on the usage pattern, in many cases software raid is superior to hardware raid setups 1266934895 M * _Shiva_ Bertl: ..that's why it's configured as JBOD ;-) 1266934896 M * Bertl in some cases a hardware raid setup is better suited 1266934948 M * _Shiva_ Bertl: actually, it has each disk configured as a single RAID-0.. as the controller does not know anything about jbos.. 1266934952 M * _Shiva_ jbod 1266935221 M * Bertl hehe, yeah, probably this controller is one of those better used as HW raid if at all 1266935260 M * Psy0rz how can i make a process that does listens on 0.0.0.0, also make listening on 127.0.0.1? 1266935268 M * Psy0rz without changing anything inside the guest 1266935298 M * Bertl by actually having a 127.0.0.1 inside the guest 1266935316 M * Bertl i.e. most likely your guest has the single_ip special casing enabled 1266935343 M * Bertl and a single IP assigned, try to put ~single_ip in nflags and restart the guest 1266935355 M * Psy0rz ah that disables it 1266935365 M * Psy0rz i do actually have a lo with 127.0.01 1266935366 M * Psy0rz somehow :D 1266935368 M * Bertl for this particular guest, yes 1266935373 M * Psy0rz is it safe? 1266935388 M * Bertl it is fine, just a little more overhead 1266935401 M * Psy0rz just like my manager ;) 1266935507 M * Psy0rz so with: 1266935507 M * Psy0rz LBACK_REMAP 1266935507 M * Psy0rz ~single_ip 1266935517 M * Psy0rz it almost feels like a native linux box? :) 1266935551 M * Psy0rz with everything working like expected, being secure, and not influencing the host when listening on a port etc? 1266935610 M * Psy0rz so if i ping to 127.0.0.1, will it go through the iptables input chain and how will it look? 1266935867 M * Bertl it will be shown as 127.x.y.1 (according to the lback setup) 1266935885 M * Bertl it will go over 'lo' and will get the reply over 'lo' too 1266936177 M * Psy0rz ikk 1266936177 M * Psy0rz k 1266936182 M * Psy0rz thanks 1266936187 M * Psy0rz very nice :) 1266936202 M * Psy0rz so why is 2.3 still experimental? 1266936221 M * Psy0rz i read somewhere its better in some ways the 2.2 1266936239 M * Bertl it has more features, but they are not stabilized yet 1266936282 M * Bertl we planned to get that done till end of the month, but I doubt I'll find the time, but there is some progress 1266936299 M * Bertl feel free to join and help 1266936321 M * Psy0rz ah k 1266936329 M * Psy0rz i'm helping by putting it in production now :D 1266936341 M * Psy0rz with a 2.6.27 kernel 1266936356 M * Bertl let us know how it goes and report back any issues you encounter 1266936376 M * Bertl make sure to test them against a recent kernel though :) 1266936430 M * Psy0rz offcourse i will :) 1266936441 M * Psy0rz well we use 2.6.27 because its long time supported 1266936444 M * Psy0rz with patches 1266936467 M * Bertl sure, np, I guess 2.6.31 will get long-term support too 1266936504 M * Psy0rz hope so 1266936524 M * Psy0rz the normal kernels are impossible to track for a distro maintainer :) 1266936532 M * Psy0rz with all the 3rd party modules and stuff 1266936565 M * _Shiva_ Bertl: hum? thought kregkh said 2.6.32 would be LTS? 1266936601 M * Psy0rz any version would do :) 1266936611 M * Psy0rz last we used was 2.6.16 1266936618 M * Psy0rz and now we went to 2.6.27 1266936632 M * Psy0rz hope it still stays a while 1266936682 M * _Shiva_ http://www.kroah.com/log/linux/stable-status-01-2010.html 1266936703 M * _Shiva_ explicitly: "Today the last 2.6.31-stable kernel was released, all users of this kernel series are strongly encouraged to switch to the 2.6.32 kernel series, as there will not be any more updates for this branch in the future." 1266936723 M * Psy0rz so if i use iptables -IINPUT -i lo -jACCEPT in the mainserver, i'm still safe with 2.3? 1266937323 M * Bertl _Shiva_: well, if the performance regressions and stability issues I saw with 2.6.32 remain an the recent kernel patches, there will be a long term maintained 2.6.31 :) 1266937892 Q * ex Remote host closed the connection 1266938201 J * ex ex@valis.net.pl 1266938377 J * dna_ ~dna@91.112.50.30 1266938410 M * _Shiva_ Bertl: maybe it more like: "we aim at 2.6.32 to be LTS and ditch 2.6.31... all of you, please switch to 2.6.32 to help fixing regression and stability issues on a much broader userbase" ;-) 1266938505 M * _Shiva_ alas, it's a pity that they do not aim at 2.6.33.. to have i.e. DRBD in mainline support.. 1266938891 M * Bertl is drbd finally stable? 1266939370 M * Psy0rz drbd8? 1266939829 J * tuxmania ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1266939830 Q * bonbons Read error: Connection reset by peer 1266939876 N * tuxmania bonbons 1266940104 Q * derjohn_mob Ping timeout: 480 seconds 1266940279 J * morfoh ~morfoh@shell.opensde.net 1266940339 M * morfoh moin moin 1266940641 M * _Shiva_ Bertl: drbd is/will be in 2.6.33 mainline 1266940659 Q * ghislain Ping timeout: 480 seconds 1266940962 J * dowdle ~dowdle@scott.coe.montana.edu 1266941049 J * ghislain ~AQUEOS@adsl2.aqueos.com 1266941269 J * dna__ ~dna@91.112.50.30 1266941396 Q * balbir Ping timeout: 480 seconds 1266941681 Q * dna_ Ping timeout: 480 seconds 1266941956 Q * niki Ping timeout: 480 seconds 1266942251 M * geb is drbd finally stable? 1266942257 M * geb espcialy on debian :p 1266942311 M * Bertl :) 1266942391 M * Psy0rz on debian its probablly drbd0.6 or something ;) 1266942563 M * Bertl but stable! 1266942568 M * Psy0rz hehehe 1266943169 M * harry and probably with 2.0.40 kernel or so 1266943173 M * harry rockstable! : 1266943174 M * harry :) 1266943175 J * niki ~niki@212088073001.static.sonofon.dk 1266943283 M * Bertl off to grab some groceries .. bbl 1266943286 N * Bertl Bertl_oO 1266943293 M * harry have fun 1266943300 M * harry choose the right ones for the season! 1266943301 M * harry :p 1266943599 M * petzsch what would be the right groceries for the season? or do you store your frozen pizza on the balkony and now that it's melting outside have to switch back to fresh food :-D 1266943696 M * Bushmills brussels sprouts 1266943745 M * Bushmills and helianthus tuberosus 1266943871 A * petzsch is "cooking" some noodles right now ;) 1266943882 M * petzsch nothing for the gourmets... fine student food 1266944088 Q * niki Ping timeout: 480 seconds 1266944226 M * bobnormal petzch: at least you have space to cook :) 1266944651 J * niki ~niki@94.145.207.11 1266945316 Q * bobnormal Quit: tomorrow! 1266945334 J * imcsk8 ~ichavero@148.229.1.11 1266945874 J * derjohn_mob ~aj@213.238.45.2 1266946208 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1266946804 J * bXi bluepunk@irssi.co.uk 1266948475 M * Radiance hmm, anyone can recommend a workaround to prevent the stalling/unresponsiveness of most apps when transfering alot of data from internal HD to external usb disk ? 1266948512 M * Radiance the i/o wait states jump high 1266948526 M * daniel_hozac make your apps not use disk. 1266948555 M * Radiance it's also with the browser, can't click on a link etc 1266948567 M * Radiance or write text in an office document 1266948573 M * Radiance openoffice :) 1266948581 M * Radiance during the write 1266948612 M * Radiance like it reads alot but when after 10 seconds or so it starts writing to the usb disk i get to notice the stalling 1266948645 M * Radiance i'm checking if there is a way to empty the buffer much earlier in smaller amounts 1266948722 N * DoberMann[ZZZzzz] DoberMann 1266948803 M * Bertl_oO Radiance: i/o renicing, cfq bandwidth limits, 2.6.32 kernel 1266948848 N * Bertl_oO Bertl 1266948851 Q * gnuk Quit: NoFeature 1266948852 M * Radiance hmm ok, the nice -n 19 didn't do much 1266948856 M * Radiance but lemme check the rest 1266948862 M * Bertl not nice, ionice :) 1266948872 M * Radiance oh ok 1266948874 M * Radiance lemme check 1266948941 Q * thierryp Ping timeout: 480 seconds 1266950690 M * ne0futur hi all 1266950790 M * ne0futur is there any mean to allow a guest to have its own firewall / iptables ? 1266950805 M * Bertl network namespaces, but it adds some overhead 1266950847 M * ne0futur overhead means all the vservers would be slower ? 1266950880 M * Bertl packets will have to traverse two network stacks 1266950921 M * ne0futur ok 1266950962 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1266951281 Q * derjohn_mob Ping timeout: 480 seconds 1266951591 M * cehteh ne0futur: i made some scripting stuff where vserver admins can hook in firewall rules 1266951609 J * balbir ~balbir@122.172.106.33 1266951629 M * cehteh this has advantages but also problems, if a box gets rooted the cracker could change the firewall to his liking :P 1266951919 Q * BenG Quit: I Leave 1266952214 Q * barismetin Quit: Leaving... 1266952582 Q * balbir Ping timeout: 480 seconds 1266953272 Q * dna__ Quit: Verlassend 1266955112 J * kirstine ~kirstine@87-104-144-183-dynamic-customer.profibernet.dk 1266955157 Q * hijacker_ Quit: Leaving 1266955282 M * kirstine Hi there. I have a vserver host with 2 nics, one in DMZ and one on the local network. I have followed this guide and created 2 routing tables for the 2 nics 1266955301 M * Bertl okay 1266955302 M * kirstine I don't understand quite wat to do now 1266955338 M * kirstine I want to be able to create vserver guests in DMZ and guests on LAN 1266955354 M * Bertl you need to use IP based routing (i.e. 'ip rule ..') to make certain IPs use this or that table 1266955360 M * kirstine how do I tell vserver which routing table should be used? 1266955455 M * kirstine have I understood the concept right, should the main table be empty? 1266955504 M * Bertl you can have a main routing table and a guest routing table or just different routing tables for each guest/IP 1266955531 M * kirstine but how do I tell the guest which table to use? 1266955538 M * Bertl as I said, you use the rules to connect certain IPs to a table 1266955669 M * kirstine ok so the "ip rule" tells iproute which table with traffic on each network? 1266955698 M * kirstine "which table to use" I meant 1266955727 M * Bertl yep 1266955773 M * kirstine so I can ignore the fact that I get an empty result when I run "ip route show" on the guests? 1266955872 M * Bertl yes, if you do 'ip route show table ' then you'll see the proper routing table 1266955888 M * kirstine ok let me try :-) 1266956047 M * kirstine ok better wait until tomorrow when I am physically at the server, or someone might be unpleased when I mess up the interfaces without being able to fix it remotely ;-) 1266956063 M * kirstine tanks Bertl 1266956069 M * Bertl serial console is the magic word :) 1266956073 M * Bertl you're welcome! 1266956117 Q * petzsch Quit: Leaving. 1266956253 Q * kirstine Remote host closed the connection 1266956485 J * thierryp ~thierry@home.parmentelat.net 1266957177 Q * thierryp Quit: ciao folks 1266957418 J * derjohn_mob ~aj@c140122.adsl.hansenet.de 1266958044 Q * FireEgl Quit: Leaving... 1266961624 J * aljazm ~kvirc@tm.82.192.63.160.dc.telemach.net 1266961627 M * aljazm Hi! 1266961680 M * Bertl hi 1266961692 M * aljazm Sorry to boder you, but i need a hand with vserver. I was unable to find this in the manuals, that si why i came here. maybe you guys can help. I am unable to load third-party module into the system.. modprobe cant seem to find them? Is there a way to laod VirtualBox modules? 1266961732 M * Bertl well, you proably need to compile them against that kernel 1266961745 M * Bertl then you can load them (on the host) 1266961751 M * aljazm i did that - i think.. emerging 1266961761 M * aljazm (on the hiost) 1266961770 M * aljazm ...using gentoo 1266961843 M * Bertl not using gentoo, so I don't know the details, but if the modules have been built against the kernel (successfully), you should be able to load them with insmod or modprobe 1266961872 M * aljazm emerge downloads source and compiles it right? So i think that modules are compiled against the running kernel.. Module were built, i can find them, but i cant seem to load them 1266961903 M * Bertl well, if you found them, run insmod on them (with full path) and check dmesg 1266961911 M * aljazm huh 1266961915 M * aljazm i think i found the soufr 1266961920 M * aljazm source of the problem. 1266961938 M * aljazm modules were built again a different kernel 1266961942 M * aljazm 'against' 1266961964 M * Bertl well, there you go, won't work then :) 1266961964 M * aljazm thx for your patience 1266961973 M * Bertl np, you're welcome! 1266962047 Q * mcp Quit: ZNC - http://znc.sourceforge.net 1266964258 Q * aljazm Quit: KVIrc Insomnia 4.0.0, revision: , sources date: 20090520, built on: 2009/06/08 19:18:46 UTC http://www.kvirc.net/ 1266965156 N * DoberMann DoberMann[ZZZzzz] 1266966127 J * tpo ~tpo@cable-dynamic-87-245-106-94.shinternet.ch 1266966288 M * Bertl off to bed now ... have a good one everyone! 1266966292 N * Bertl Bertl_zZ 1266968969 Q * tpo Ping timeout: 480 seconds 1266969016 J * ghislain1 ~AQUEOS@adsl2.aqueos.com 1266969223 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1266969282 Q * ghislain Ping timeout: 480 seconds