1277942474 Q * geb Read error: Connection timed out 1277942524 J * geb ~geb@mars.gebura.eu.org 1277942656 Q * dowdle Remote host closed the connection 1277942875 Q * balbir Ping timeout: 480 seconds 1277943375 J * balbir ~balbir@122.172.11.187 1277943434 J * derjohn_foo ~aj@d003182.adsl.hansenet.de 1277943485 Q * geb Read error: Connection timed out 1277943523 J * geb ~geb@mars.gebura.eu.org 1277943867 Q * aj__ Ping timeout: 480 seconds 1277944240 Q * MeCooL Ping timeout: 480 seconds 1277945016 Q * sladen Quit: leaving 1277945195 J * sladen ~paul@starsky.19inch.net 1277946218 M * Bertl off to bed now ... have a good one everyone! 1277946233 N * Bertl Bertl_zZ 1277949047 Q * geb Quit: ZNC - http://znc.sourceforge.net 1277949228 J * geb ~geb@mars.gebura.eu.org 1277950177 Q * geb Read error: Connection timed out 1277950247 J * geb ~geb@mars.gebura.eu.org 1277951210 Q * geb Read error: Connection timed out 1277952266 J * geb ~geb@mars.gebura.eu.org 1277952755 Q * geb Quit: ZNC - http://znc.sourceforge.net 1277953237 J * SauLus_ ~SauLus@d025007.adsl.hansenet.de 1277953646 Q * SauLus Ping timeout: 480 seconds 1277953646 N * SauLus_ SauLus 1277953924 Q * FireEgl Quit: Leaving... 1277954165 J * geb ~geb@mars.gebura.eu.org 1277954296 Q * geb 1277955349 J * FireEgl ~FireEgl@2001:470:e056:1:b158:3b6b:4ca4:18a 1277961350 Q * FireEgl Ping timeout: 480 seconds 1277963572 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no 1277964097 J * petzsch ~markus@dslb-088-075-164-132.pools.arcor-ip.net 1277965665 J * niki ~niki@94.145.207.11 1277965946 Q * derjohn_foo Ping timeout: 480 seconds 1277966261 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1277967479 J * derjohn_foo ~aj@213.238.45.2 1277968128 J * mtg ~mtg@vollkornmail.dbk-nb.de 1277969154 J * FireEgl FireEgl@Sebastian.Atlantica.US 1277970241 Q * derjohn_foo Ping timeout: 480 seconds 1277970614 J * barismetin ~barismeti@zanzibar.inria.fr 1277970952 J * derjohn_mob ~aj@213.238.45.2 1277971491 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1277971649 Q * derjohn_mob Ping timeout: 480 seconds 1277971826 J * derjohn_mob ~aj@213.238.45.2 1277971933 Q * FireEgl Ping timeout: 480 seconds 1277972308 J * thierryp ~thierry@zankai.inria.fr 1277972872 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1277973296 Q * FireEgl Remote host closed the connection 1277974007 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1277974165 Q * daniel_hozac Ping timeout: 480 seconds 1277975302 J * daniel_hozac ~daniel@c-cb3771d5.08-230-73746f22.cust.bredbandsbolaget.se 1277975421 Q * derjohn_mob Ping timeout: 480 seconds 1277977578 M * yang Hello ! I experience sshd error on guest telling me sshd[9718]: error writing /proc/self/oom_adj: Permission denied 1277977590 M * yang -rw-r--r-- 1 root root 0 2010-07-01 09:44 oom_adj 1277977628 M * yang It makes it impossible to log in via ssh 1277978424 J * sharkjaw ~gab@90.149.128.29 1277978613 M * yang fixed 1277981289 M * maharaja update ssh? 1277982882 J * derjohn_mob ~aj@213.238.45.2 1277983521 Q * derjohn_mob Ping timeout: 480 seconds 1277983643 J * derjohn_mob ~aj@213.238.45.2 1277983725 Q * balbir Read error: Connection reset by peer 1277984103 Q * FireEgl Read error: Connection reset by peer 1277984699 J * balbir ~balbir@122.172.1.146 1277984843 J * FireEgl ~FireEgl@2001:470:e056:1:6d51:833f:a7f7:aae7 1277984848 J * _Radiance ~Radiance@193.16.154.187 1277984942 Q * Radiance Ping timeout: 480 seconds 1277985907 Q * FireEgl Ping timeout: 480 seconds 1277985918 J * geb ~geb@mars.gebura.eu.org 1277987338 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1277988148 Q * bzed Quit: meh. 1277988247 Q * petzsch Quit: Leaving. 1277988428 J * bzed ~bzed@devel.recluse.de 1277991000 Q * sharkjaw Remote host closed the connection 1277991175 J * petzsch ~markus@dslb-088-075-164-132.pools.arcor-ip.net 1277991519 J * vserver_guy ~vserver@mirror.sonassi.com 1277991525 M * vserver_guy hi troops 1277992859 Q * mtg Quit: Verlassend 1277992860 N * Bertl_zZ Bertl 1277992864 M * Bertl morning folks! 1277992896 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1277992925 M * ard is weird... 1277992968 M * ard interfaces given to another network namespace should fall back to the main network namespace if no processes are alive in the network namespace, right? 1277993025 M * ard ow wait: 1277993027 M * ard http://www.spinics.net/lists/linux-containers/msg20933.html 1277993032 M * Bertl should they? I'd assume they disappear 1277993144 M * ard well, that's the status que indeed. But I thought the original patches made sure that "physical" interfaces return somewhere... 1277993161 M * ard s/que/quo/ 1277993192 M * Bertl but they don't I presume? 1277993217 M * ard correct :-) I just lost my vlan1500 somewhere into network namespace :-) 1277993229 M * ard eh network namespace limbo that is 1277993290 M * ard if I use lxc-unshare and then give the device away to the new namespace, and then let that process die, it is lost 1277993327 M * Bertl hehe :) 1277993329 M * ard same if I give it to a vserver with seperate namespace, but at least with vserver I can enter the network namespace 1277993356 M * Bertl the url you gave mentions a setns syscall? 1277993362 A * ard is going to group vservers into different network namespaces 1277993402 M * ard the setns currently on ip route works by using a pid from another network namespace 1277993441 M * ard but the current doesn't allow you to view or alter any existing network namespaces. Those patches show at least some promises in the right direction ;-) 1277993484 M * ard aargh... have to do some socializing :-( 1277993689 M * Bertl have fun 1277994531 M * Bertl off for now ... bbl 1277994536 N * Bertl Bertl_oO 1277995015 Q * petzsch reticulum.oftc.net galapagos.oftc.net 1277995015 Q * gnuk reticulum.oftc.net galapagos.oftc.net 1277995015 Q * sladen reticulum.oftc.net galapagos.oftc.net 1277995015 Q * raceme reticulum.oftc.net galapagos.oftc.net 1277995015 Q * DelTree reticulum.oftc.net galapagos.oftc.net 1277995015 Q * Guy- reticulum.oftc.net galapagos.oftc.net 1277995015 Q * _Shiva__ reticulum.oftc.net galapagos.oftc.net 1277995015 Q * Vudumen reticulum.oftc.net galapagos.oftc.net 1277995015 Q * maharaja reticulum.oftc.net galapagos.oftc.net 1277995015 Q * biz reticulum.oftc.net galapagos.oftc.net 1277995015 Q * matthew-_ reticulum.oftc.net galapagos.oftc.net 1277995015 Q * chaotix_ reticulum.oftc.net galapagos.oftc.net 1277995015 Q * Hollow reticulum.oftc.net galapagos.oftc.net 1277995015 Q * manana reticulum.oftc.net galapagos.oftc.net 1277995015 Q * sn00d reticulum.oftc.net galapagos.oftc.net 1277995015 Q * kolorafa reticulum.oftc.net galapagos.oftc.net 1277995015 Q * PowerKe reticulum.oftc.net galapagos.oftc.net 1277995015 Q * _are_ reticulum.oftc.net galapagos.oftc.net 1277995015 Q * zbyniu reticulum.oftc.net galapagos.oftc.net 1277995015 Q * groente reticulum.oftc.net galapagos.oftc.net 1277995015 Q * blathijs reticulum.oftc.net galapagos.oftc.net 1277995015 Q * ard reticulum.oftc.net galapagos.oftc.net 1277995015 Q * DreamerC reticulum.oftc.net galapagos.oftc.net 1277995015 Q * weasel reticulum.oftc.net galapagos.oftc.net 1277995015 Q * fLoo reticulum.oftc.net galapagos.oftc.net 1277995024 J * dowdle ~dowdle@scott.coe.montana.edu 1277995026 Q * FireEgl Ping timeout: 480 seconds 1277995047 J * petzsch ~markus@dslb-088-075-164-132.pools.arcor-ip.net 1277995047 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1277995047 J * sladen ~paul@starsky.19inch.net 1277995047 J * PowerKe ~tom@d5153A6A9.access.telenet.be 1277995047 J * zbyniu ~zbyniu@ip-62.181.188.13.static.crowley.pl 1277995047 J * DreamerC ~DreamerC@122-116-181-118.HINET-IP.hinet.net 1277995047 J * kolorafa ~kolorafa@irc.kolorafa.dlk.pl 1277995047 J * sn00d ~ard@gw-tweakb16.kwaak.net 1277995047 J * manana ~mayday090@84.17.25.144 1277995047 J * fLoo fLoo@irc.coresec.de 1277995047 J * Hollow ~bene@shiva.xnull.de 1277995047 J * chaotix_ ~chaotix@port-87-234-145-129.dynamic.qsc.de 1277995047 J * matthew-_ ~ms@ns2.wellquite.org 1277995047 J * biz biz@baze.de 1277995047 J * maharaja raoul@93-189-26-52.rev.ipax.at 1277995047 J * Vudumen ~vudumen@perverz.hu 1277995047 J * _are_ ~quassel@h1417489.stratoserver.net 1277995047 J * groente ~groente@shell.puscii.nl 1277995047 J * _Shiva__ shiva@whatcha.looking.at 1277995047 J * weasel ~weasel@weasel.noc.oftc.net 1277995047 J * Guy- ~korn@elan.rulez.org 1277995047 J * DelTree ~deplagne@goldorak3.eric.deplagne.name 1277995047 J * raceme ~tof@ombos.raceme.org 1277995047 J * ard ~ard@gw-tweakb16.kwaak.net 1277995047 J * blathijs ~matthijs@drsnuggles.stderr.nl 1277995645 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1277996577 Q * ncopa Quit: Ex-Chat 1277997031 Q * thierryp Remote host closed the connection 1277997335 Q * balbir Read error: Connection reset by peer 1277998074 J * balbir ~balbir@122.167.254.71 1277999901 J * http203 ~http203@d80h232.public.uconn.edu 1277999945 Q * derjohn_mob Ping timeout: 480 seconds 1278000584 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1278000730 Q * barismetin Remote host closed the connection 1278001286 Q * FireEgl Ping timeout: 480 seconds 1278002695 Q * balbir Read error: Connection reset by peer 1278003452 J * balbir ~balbir@122.172.44.127 1278003980 J * dna ~dna@p54BCA65A.dip0.t-ipconnect.de 1278005007 J * Piet ~Piet__@04ZAADAL7.tor-irc.dnsbl.oftc.net 1278006332 J * hparker ~hparker@2001:470:1f0f:32c:215:f2ff:fee0:9872 1278008002 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1278008917 J * fzylogic ~fzylogic@dsl081-243-128.sfo1.dsl.speakeasy.net 1278009142 J * ghislain1 ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr 1278009468 Q * ghislain Ping timeout: 480 seconds 1278013263 J * FireEgl ~FireEgl@2001:470:e056:1:e9dc:6f67:94f:d929 1278013760 Q * fosco Quit: Lost terminal 1278013863 J * fosco fosco@91.208.40.1 1278014170 N * Bertl_oO Bertl 1278014174 M * Bertl back now ... 1278015015 Q * hel Ping timeout: 480 seconds 1278016156 Q * dna Quit: Verlassend 1278018125 J * derjohn_mob ~aj@d003182.adsl.hansenet.de 1278018157 Q * ghislain1 Quit: Leaving. 1278018205 Q * bonbons Quit: Leaving 1278018329 J * hel ~hel@portos.lennackers.de 1278018405 Q * gnuk Ping timeout: 480 seconds 1278018642 Q * hijacker_ Quit: Leaving 1278020325 Q * derjohn_mob Ping timeout: 480 seconds 1278021415 J * spart ~quassel@p54ABE704.dip.t-dialin.net 1278021419 Q * spart Remote host closed the connection 1278021441 P * petzsch 1278021912 P * weasel 1278024750 Q * Piet Ping timeout: 480 seconds 1278025193 M * _Shiva__ i think i found some issues with ipv6 again.. 1278025211 M * _Shiva__ 2.6.33.3-vs2.3.0.36.30.4 1278025316 M * _Shiva__ actually, i have a multihomed system with one prefix coming in on the host at eth0 and another is a sit-tunnel 1278025331 M * Bertl okay? 1278025381 M * _Shiva__ i've set up policy routing whith two tables that select default route from iproute2 rules according to their "from prefix" 1278025414 M * _Shiva__ address selection is ok from the host and selects the correct route and source address 1278025460 M * _Shiva__ now one of my guests has an ipv6 address from the tunnel iface - but tries to route out on eth0 1278025504 M * _Shiva__ seems like the "from" rule does not get selected here 1278025598 M * _Shiva__ funny though - the guest correctly answers to requests coming from "outside" but is not able to connect to the outside itself 1278025801 M * _Shiva__ (which sounds reasonable, as it only has an IPv6 address from the tunnel prefix and tries to send that through the wrong network - that drops the packet, sure) 1278025882 M * Bertl the guest has a single IP assigned? 1278025955 M * _Shiva__ inet6 2001:6f8:10ff:f106::53/64 scope global 1278026017 M * Bertl and that is the tunnel IP? 1278026096 M * _Shiva__ the tunnel has 2001:6f8:10ff::f106:2/64 on the host on the same interface 1278026126 M * Bertl so which one is primary? 1278026160 M * Bertl and what does your 'from' rule contain? 1278026169 M * _Shiva__ ah - wait... 2001:6f8:10ff:f108::1/64 is on eth0 ... *splat* 1278026178 M * Bertl aha! 1278026380 M * _Shiva__ so actually the tunnel setup is: [PFX]::f106:1/64 <-> [PFX]::f106:2/64 which routes [PFX]:f106::2/64 through the tunnel (<- mind the double colon position) 1278026424 M * _Shiva__ which is [PFX]:f106::/64 as a subnet to be correct 1278026499 M * _Shiva__ [PFX]:f108::1/64 from the subnet is on eth0 and [PFX]:f108::53/64 on the tunnel iface, wich is handed over to the guest 1278026536 M * Bertl okay, but that IP will never be routed through the tunnel, no? 1278026571 M * _Shiva__ which one? ;-) 1278026579 M * Bertl the last one 1278026604 M * _Shiva__ this one _has_ to be routed bach through the tunnelö 1278026637 M * Bertl obviously the host has the whole /64 net on eth0, why should it send this IP through the tunnel? 1278026723 M * _Shiva__ as of: ip -6 rule add from [PFX]::/48 table v6tunnel && ip -6 route add default via [PFX]::f106:1/64 dev v6tunnel 1278026789 M * Bertl well, how did you test it on the host (you said you tested it) 1278026894 M * _Shiva__ ping6/traceroute6 which "-I " 1278026901 M * _Shiva__ with 1278026922 M * Bertl okay, and what packets does that generate? 1278026932 M * Bertl i.e. did you check source and destination? 1278027051 M * _Shiva__ (btw. the address on eth0 above was from another host.. aargh.. all is perfecly legal on the discussed host... has only its other prefix-IP on eth0) 1278027131 M * _Shiva__ ping6 does generate icmp6 packets and traceroute6 some udp6 (?).. but that was not your question ;-) 1278027145 M * _Shiva__ wait - i'll pastebin 1278027156 M * Bertl yep, just check with a dump tool what addresses are involved 1278027348 M * _Shiva__ http://paste.linux-vserver.org/15976 1278027484 M * _Shiva__ so by source selection it _does_ take another route 1278027498 M * Bertl and when you execute the second traceroute inside the guest, it takes a different path? 1278027606 M * _Shiva__ http://paste.linux-vserver.org/15977 1278027612 M * _Shiva__ correct 1278027773 M * Bertl and you used the very same traceroute6 command, i.e. with the -s and such? 1278027903 M * _Shiva__ hmm .. not really - i omitted the source addr3ess selection as the guest only has one 1278027926 M * Bertl then please try the same command ... 1278027980 M * _Shiva__ bingo - _then_ it works... 1278027997 M * Bertl see, so you were comparing apples and oranges 1278028030 M * Bertl now get a tcpdump or wireshark and check the generated packets in both cases 1278028042 Q * dowdle Remote host closed the connection 1278028109 M * _Shiva__ maybe - but the guest only has *one* ipv6 - so what else should it select as an origin..? so there is some nework namespace issue here, not? 1278028167 M * Bertl well, I'm kind of surprised that traceroute6 works inside the guest without giving capabilities 1278028223 M * _Shiva__ tracroute[6] does not need NET_CAP_RAW (as ping does).. 1278028251 M * Bertl and you didn't give that to the guest either, yes? 1278028404 M * _Shiva__ not that i know of.. pretty default /etc/vservers/.. - except for 32bit personality 1278028457 M * Bertl just checking, well, I'd suggest to get an strace -fF of both commands, as well as a network dump 1278028476 M * Bertl we then can compare them and probably figure out what happens 1278028674 M * _Shiva__ all three look pretty alike - from a src-dst pov 1278028717 M * _Shiva__ the only thing is the default route selection path when omiting the source address selection in the guest's traceroute 1278028756 M * Bertl means? 1278028768 M * _Shiva__ but tcpdump on the host shows, that it's using the guest's ipv6 for bothe traces (with and w/o explicit selection) 1278028793 M * Bertl good, upload everything, I'll have a look