1282523371 Q * imcsk8 Read error: Connection reset by peer 1282523390 J * imcsk8 ~ichavero@evdomip-43-0.iusacell.net 1282525741 Q * imcsk8 Read error: Connection reset by peer 1282525760 J * imcsk8 ~ichavero@evdomip-43-0.iusacell.net 1282528681 Q * imcsk8 Read error: Connection reset by peer 1282528700 J * imcsk8 ~ichavero@evdomip-43-0.iusacell.net 1282529643 Q * ktwilight Ping timeout: 480 seconds 1282529838 Q * hel_ Ping timeout: 480 seconds 1282531027 Q * FireEgl Remote host closed the connection 1282531447 J * ktwilight ~keliew@91.176.55.68 1282532038 Q * derjohn_mob Read error: No route to host 1282534646 N * Bertl_zZ Bertl 1282534650 M * Bertl morning folks! 1282534739 M * theocrite 'morning Bertl 1282539687 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com 1282539932 J * sharkjaw ~gab@90.149.128.29 1282540298 M * Bertl off for now ... bbl 1282540303 N * Bertl Bertl_oO 1282541040 Q * imcsk8 Ping timeout: 480 seconds 1282541122 J * imcsk8 ~ichavero@201.144.130.18 1282542892 J * derjohn_mob ~aj@tmo-109-179.customers.d1-online.com 1282545349 J * ncopa ~ncopa@180.40.189.109.customer.cdi.no 1282545541 J * ghislain ~AQUEOS@adsl2.aqueos.com 1282546545 Q * derjohn_mob Ping timeout: 480 seconds 1282547551 J * Piet ~Piet__@04ZAADZ9X.tor-irc.dnsbl.oftc.net 1282547554 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1282547895 Q * BenG Quit: I Leave 1282548059 Q * imcsk8 Quit: This computer has gone to sleep 1282548064 J * derjohn_mob ~aj@tmo-109-25.customers.d1-online.com 1282548095 Q * balbir_ Ping timeout: 480 seconds 1282548333 M * pmjdebruijn Bertl_oO: morning 1282548351 M * pmjdebruijn Bertl_oO: I think 2.6.27.48 doesn't build on 2.6.27.52 1282548377 M * pmjdebruijn Bertl_oO: http://pastebin.com/SjF9xuqN 1282548451 M * pmjdebruijn Bertl_oO: the patch did apply with a tad of fuzz... 1282548654 M * pmjdebruijn obviously not properly :( 1282548818 Q * wibble Remote host closed the connection 1282548920 P * kir Leaving. 1282549122 J * petzsch ~markus@p4FF45348.dip.t-dialin.net 1282549447 M * Hollow i feel so stupid ... i'm setting up scheduler parameters, and have also set sched_hard in context flags, but when i run a cpuhog and watch /proc/virtual/42/sched nothing happens except "ticks spent in user-space" increases 1282549465 M * Hollow i'm running 2.6.35 with 2.3.0.36.31 1282549482 M * Hollow any ideas? 1282549505 Q * Chlorek Ping timeout: 480 seconds 1282549753 J * Chlorek cokolwiek@c.sed.pl 1282550178 Q * derjohn_mob Ping timeout: 480 seconds 1282550415 J * Yellowcap ~AlexBurns@95.223.36.117 1282550421 M * Yellowcap i have a problem with my clock. 1282550455 M * pmjdebruijn what problem with your clock? 1282550721 M * pmjdebruijn if you don't explain, no-one can try to help you :p 1282550896 A * _Shiva_ take a wild guess: "The guest's clock is off by two hours.." ;-) 1282550905 M * pmjdebruijn haha :) 1282550918 M * pmjdebruijn or someone is trying to run NTP inside a guest :) 1282551093 J * ntrs_ ~ntrs@77.28.1.215 1282551194 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1282552097 Q * Romster Quit: Geeks shall inherit properties and methods of object earth. 1282552697 J * balbir_ ~balbir@122.248.161.59 1282553660 J * derjohn_mob ~aj@213.238.45.2 1282554242 Q * petzsch Quit: Leaving. 1282554513 J * petzsch ~markus@p4FF45348.dip.t-dialin.net 1282554716 J * AlexBurnsRED ~AlexBurns@ip-95-223-36-117.unitymediagroup.de 1282554716 Q * Yellowcap Read error: Connection reset by peer 1282557561 J * Yellowcap ~AlexBurns@ip-95-223-36-117.unitymediagroup.de 1282557561 Q * AlexBurnsRED Read error: Connection reset by peer 1282558879 Q * matthew-_ Remote host closed the connection 1282561473 Q * Yellowcap Ping timeout: 480 seconds 1282564677 Q * petzsch Quit: Leaving. 1282564683 J * petzsch ~markus@p4FF45348.dip.t-dialin.net 1282564985 J * petzsch1 ~markus@p4FF45348.dip.t-dialin.net 1282565165 Q * petzsch Ping timeout: 480 seconds 1282566780 Q * petzsch1 Quit: Leaving. 1282567131 J * BenG ~bengreen@cpc6-aztw22-2-0-cust100.aztw.cable.virginmedia.com 1282567638 Q * mnemoc Remote host closed the connection 1282570200 Q * sharkjaw Remote host closed the connection 1282570827 J * mnemoc ~amery@shell.opensde.net 1282571131 Q * Piet Ping timeout: 480 seconds 1282571730 J * Piet ~Piet__@04ZAAD0GB.tor-irc.dnsbl.oftc.net 1282573699 J * Yellowcap ~AlexBurns@ip-95-223-36-117.unitymediagroup.de 1282573700 Q * Yellowcap 1282573712 J * Yellowcap ~AlexBurns@ip-95-223-36-117.unitymediagroup.de 1282574540 M * pmjdebruijn Yellowcap: if you don't explain your problem we can't help you 1282574750 Q * balbir_ Ping timeout: 480 seconds 1282574889 J * dowdle ~dowdle@scott.coe.montana.edu 1282575788 Q * mnemoc Remote host closed the connection 1282575853 J * mnemoc ~amery@shell.opensde.net 1282575856 J * petzsch ~markus@p4FF47CD4.dip.t-dialin.net 1282575901 Q * BenG Quit: I Leave 1282576491 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1282576651 J * dna ~dna@88.74.202.34 1282576728 M * daniel_hozac Hollow: 2.6.35 doesn't have the token bucket scheduler anymore. 1282576834 M * daniel_hozac you need to use the cpu.shares cgroup support, or what the new hard scheduler is called... 1282577719 Q * ncopa Quit: Ex-Chat 1282577901 J * balbir_ ~balbir@122.172.194.10 1282577943 J * dna_ ~dna@dslb-094-222-112-084.pools.arcor-ip.net 1282578238 Q * dna Ping timeout: 480 seconds 1282578369 J * dna ~dna@dslb-094-223-172-032.pools.arcor-ip.net 1282578648 Q * dna_ Ping timeout: 480 seconds 1282578785 J * dna_ ~dna@dslb-094-222-119-039.pools.arcor-ip.net 1282578867 J * dna__ ~dna@dslb-094-223-173-135.pools.arcor-ip.net 1282578953 Q * dna Ping timeout: 480 seconds 1282579308 Q * dna_ Ping timeout: 480 seconds 1282579473 J * dna_ ~dna@dslb-094-222-212-024.pools.arcor-ip.net 1282579646 J * dna ~dna@dslb-092-078-101-101.pools.arcor-ip.net 1282579763 J * imcsk8 ~ichavero@201.174.32.227 1282579906 Q * dna__ Ping timeout: 480 seconds 1282579936 J * dna__ ~dna@dslb-094-222-125-062.pools.arcor-ip.net 1282579996 Q * dna_ Ping timeout: 480 seconds 1282580065 J * dna_ ~dna@dslb-094-222-223-190.pools.arcor-ip.net 1282580087 Q * dna__ Read error: No route to host 1282580275 J * dna__ ~dna@dslb-094-222-219-096.pools.arcor-ip.net 1282580326 Q * dna Ping timeout: 480 seconds 1282580414 J * dna ~dna@dslb-088-074-200-083.pools.arcor-ip.net 1282580493 Q * dna Read error: Connection reset by peer 1282580506 J * dna ~dna@dslb-088-074-200-083.pools.arcor-ip.net 1282580713 Q * dna_ Ping timeout: 480 seconds 1282580806 Q * dna__ Ping timeout: 480 seconds 1282581046 Q * dna Ping timeout: 480 seconds 1282581245 Q * Chlorek Quit: - 1282581254 J * Chlorek cokolwiek@c.sed.pl 1282581626 J * dna ~dna@dslb-092-078-103-038.pools.arcor-ip.net 1282581720 J * dna_ ~dna@dslb-092-078-103-038.pools.arcor-ip.net 1282581928 Q * derjohn_mob Ping timeout: 480 seconds 1282582052 J * dna__ ~dna@dslb-094-223-167-232.pools.arcor-ip.net 1282582111 Q * dna Ping timeout: 480 seconds 1282582354 J * dna ~dna@dslb-094-223-168-196.pools.arcor-ip.net 1282582458 Q * dna_ Ping timeout: 480 seconds 1282582621 Q * dna__ Ping timeout: 480 seconds 1282582668 J * dna_ ~dna@dslb-094-223-170-155.pools.arcor-ip.net 1282582775 J * dna__ ~dna@dslb-094-223-170-246.pools.arcor-ip.net 1282583086 Q * dna Ping timeout: 480 seconds 1282583171 Q * dna_ Ping timeout: 480 seconds 1282583180 J * derjohn_mob ~aj@tmo-099-41.customers.d1-online.com 1282584026 Q * petzsch Quit: Leaving. 1282584385 J * petzsch ~markus@p4FF47CD4.dip.t-dialin.net 1282586315 Q * petzsch Quit: Leaving. 1282586484 J * petzsch ~markus@p4FF47CD4.dip.t-dialin.net 1282586514 N * Bertl_oO Bertl 1282586519 M * Bertl back now ... 1282586886 J * ntrs__ ~ntrs@77.28.163.10 1282586949 J * ghislain1 ~AQUEOS@adsl2.aqueos.com 1282586949 Q * FireEgl Remote host closed the connection 1282586949 Q * ntrs_ Read error: Connection reset by peer 1282587221 J * petzsch1 ~markus@p4FF47CD4.dip.t-dialin.net 1282587244 Q * ghislain Ping timeout: 480 seconds 1282587596 Q * petzsch Ping timeout: 480 seconds 1282587892 J * FireEgl FireEgl@Sebastian.Atlantica.CJB.Net 1282588913 Q * balbir_ Ping timeout: 480 seconds 1282589547 J * Dr4G0N ~Und3rT4k3@190.218.73.171 1282589641 Q * Piet Ping timeout: 480 seconds 1282589938 Q * Dr4G0N 1282592619 M * orcish_mage hi all 1282592639 M * orcish_mage somebody know what's the ststus on ngnet? 1282592661 M * daniel_hozac similar functionality is in the mainline kernel now, so it's long been abandoned. 1282592688 M * Bertl goes by the name 'network namespaces' nowadays 1282592804 M * orcish_mage so I can run a samba nmbd inside a vserver guest now (and not set up the broadcast address explicitly)? 1282592822 M * daniel_hozac i've never had an issue with that... 1282592912 M * orcish_mage how do I go about that? because so far I always have assigned a broadcast address manually to the vserver with nmbd 1282593580 M * orcish_mage put differently: is vserver + network namespaces roughly equiv. to what OpenVZ calls "veth" (virtual ethernet interface)? 1282593592 M * daniel_hozac yes 1282593696 M * orcish_mage splendid. is there a howto fot this? 1282593811 M * orcish_mage search dug up this page: http://linux-vserver.org/util-vserver:SplitSharedNetworks 1282593833 M * orcish_mage which sounds good but still no info on how to do this 1282594083 M * daniel_hozac ard might have written something on it. 1282594203 J * Piet ~Piet__@04ZAAD0MV.tor-irc.dnsbl.oftc.net 1282594361 J * Walex ~Walex@o1.phyip3.dur.ac.uk 1282594855 M * ard heheh 1282594874 M * ard I was busy typing that 1282594902 M * ard and then something else was happened and I forgot where I put that... 1282595006 M * ard orcish_mage : it's real easy if you were already to do things in multiple vlans 1282595042 J * ghislain ~AQUEOS@adsl2.aqueos.com 1282595160 M * orcish_mage hhi ard, I'm not doing it at all for now. I am weighing my options what virtualization software to use and I remembered from past setups that vserver had a problem with services that use the broadcast address (ie. sambas' nmbd) 1282595294 Q * ghislain1 Ping timeout: 480 seconds 1282595329 M * ard well if you do things like that you need either a macvlan or a bridge to create something to connect to the namespace 1282595337 M * orcish_mage so I usually put a .255 address on the vserver host in question manually. It means that only ONE vserver in a subnet can have broadcast ability (unless you can give the .255 address to more than one vserver) 1282595464 M * ard Heheh... 1282595478 A * ard never uses nmbd 1282595486 M * orcish_mage does it mean that a guest can then do just about anything with it's network interface? 1282595493 M * orcish_mage including sniffing? 1282595501 M * ard no 1282595506 M * ard but you can enable that 1282595515 M * ard it will have it's own complete ipstack 1282595522 M * orcish_mage ok 1282595532 Q * dna__ Quit: Verlassend 1282595549 M * ard I use it to this way: I have a big blade that is going to have multiple vservers in multiple DMZ's 1282595558 M * ard there can be more than one vserver in a DMZ 1282595561 M * orcish_mage but if I bridge that to my real if. then they should be able to sniff traffic, right? 1282595572 M * ard per DMZ there is one vserver that's just used as an ipstack container 1282595598 M * ard the vserver can only do what you allow it to do. 1282595633 M * ard the default with svn2912 is that if you use a network namespace, the vserver can also do network configuration 1282595676 M * daniel_hozac umm, no. 1282595679 M * ard I explicitly configure them to use both the network namespace (seperate ipstack) and the network context (basically a filter and access control on IPs) 1282595690 M * ard ow, ok, :-) 1282595713 Q * petzsch1 Quit: Leaving. 1282595722 M * ard Then it just doesn't do network context :-) 1282595756 M * orcish_mage ok, but my point is if you have a bridge... ALL traffic down to L2 is visible in the guest too, or am I mistkaken? 1282595783 M * ard it will be on the interface, but the vserver doesn't have rights to see it 1282595793 M * ard unless you give it 1282595835 Q * derjohn_mob Ping timeout: 480 seconds 1282595845 M * orcish_mage wow, this is substantially different from OpenVZ, isn't it? IIRC there you can not keep them form sniffing. 1282595862 M * ard I so love vserver :-) 1282595894 M * Bertl orcish_mage: you cannot sniff on traffic in a properly configured guest 1282595904 M * ard I don't know openvz, but this is one of the things I have against pure virtual machines 1282595914 N * BobR_oO BobR 1282595924 M * Bertl but of course, if you use a bridge with all rights 1282595948 M * Bertl then you can pick up local traffic like on a real machine 1282596056 M * orcish_mage is there a howto on this? bcause quick googling did not provide anything too useful. 1282596056 M * ard well, the idea with virtualization is that the bridge is as low cost as possible, so shouldn't do all kinds of filtering 1282596080 M * daniel_hozac not really. 1282596121 M * Bertl ard: no, the idea is that there just is no other way to get a VM on a network without special hacks :) 1282596139 M * ard :-) 1282596142 M * Bertl ard: i.e. it is the simplest way (for the VM coder) to do it :) 1282596239 M * orcish_mage well, I know how to set up bridges, I know how to assign IPs to vservers, I have no clue about linux namespaces (and didn't find a howto on that either so far). where should I start? 1282596260 M * ard orcish_mage : mkdir spaces;touch spaces/net 1282596275 M * ard that's a start :-) 1282596296 M * ard as a vserver configuration I mean 1282596311 M * orcish_mage I assume in /etc/vservers// 1282596315 M * ard then you need to create interfaces and move interfaces to the other namespace 1282596318 M * ard yes 1282596326 M * ard one moment: I will paste what we do 1282596508 M * ard http://paste.linux-vserver.org/16615 1282596564 J * derjohn_mob ~aj@d045228.adsl.hansenet.de 1282596589 J * dna ~dna@dslb-094-223-170-246.pools.arcor-ip.net 1282596795 M * ard this script is run as: 1282596799 M * ard vlan-holder-scripts/pre-stop.d/setup_network_namespace 1282596801 M * ard and: 1282596806 M * ard vlan-holder-scripts/post-start.d/setup_network_namespace 1282596816 M * ard s/vlan-holder-scripts/scripts/g 1282596831 M * ard and it assumes bond0 as the interface :-) 1282597121 M * orcish_mage i assume this is on a Debian style machine? 1282597170 M * orcish_mage I'll have a closer look at the script over dinner. thanks man 1282597283 J * ntrs_ ~ntrs@77.28.169.16 1282597531 J * petzsch ~markus@p4FF47CD4.dip.t-dialin.net 1282597709 Q * ntrs__ Ping timeout: 480 seconds 1282597781 N * BobR BobR_zZ 1282597935 M * ard orcish_mage : the magic is in giving the network device to another device... You have to use veth pairs to do the bridging 1282598133 M * orcish_mage what does vspace do? 1282598291 M * ard it can help you perform tasks in a vservers namespace without giving up rights 1282598310 M * ard in this case we enter the network namespace to set up basic networking 1282598431 M * orcish_mage oh, one important thing: is this available in the stable branch? 1282598458 M * ard as long as you call the stable branch compiling the svn2912 version :-) 1282598462 M * pmjdebruijn Bertl: did you read the backlog a bit :) 1282598468 M * ard I have debian packagess 1282598492 A * ard has declared this stable 1282598553 M * orcish_mage i'm confused, where does svn2912 fit in? 1282598601 M * ard that's the svn version number you have to check out :-) 1282598631 M * ard on the other hand: network namespaces have been supported for a long time 1282598656 M * ard you could just try... 1282598808 M * orcish_mage ok this is what i assumed: I have a kernel (2.6.22.x) with the vs2.2.0.7 patch. I have to activate the right kernel options. I can then do stuff like in the script. amirite? 1282598814 M * daniel_hozac no. 1282598822 M * daniel_hozac you want as recent a kernel as possible. 1282598825 M * Bertl pmjdebruijn: regarding 2.6.27.52? 1282598828 M * daniel_hozac 2.6.35 is definitely preferred. 1282598967 Q * dna Quit: Verlassend 1282598971 M * pmjdebruijn Bertl: yeah 1282598997 M * orcish_mage bottom line i have to use experimental :( 1282599013 M * Bertl pmjdebruijn: I even answered mail on the ML regarding that issue 1282599036 M * pmjdebruijn Bertl: oh sorry 1282599082 M * pmjdebruijn oh there's a patch included 1282599087 M * pmjdebruijn that should fix it? 1282599117 M * pmjdebruijn Bertl: could you rediff the (experimental) patch on the website? 1282599186 Q * jkl Remote host closed the connection 1282599230 J * jkl jkl@c-71-196-138-95.hsd1.co.comcast.net 1282599274 M * Bertl will do when I find the time ... 1282599395 M * pmjdebruijn thanks for the help once again :) 1282599408 M * Bertl np 1282599500 M * pmjdebruijn btw, don't the other kernels have similar issues? 1282599506 M * pmjdebruijn the -stable's ? 1282599538 M * Bertl newer kernels do not have the rss accounting anymore 1282599543 M * pmjdebruijn oh 1282599548 M * pmjdebruijn :) 1282599556 M * Bertl was replaced by mainline memory cgroups 1282599569 M * pmjdebruijn well, 2.6.27.52 will probably be our last 2.6.27.x we'll use 1282599580 M * pmjdebruijn once squeeze is released, we'll move to 2.6.32.x 1282599591 M * pmjdebruijn self-built obviously :) 1282599721 J * cuba33ci_ ~cuba33ci@111-240-209-101.dynamic.hinet.net 1282599787 Q * cuba33ci Read error: Connection reset by peer 1282600031 M * Marillion pmjdebruijn: i believed you use ubuntu? 1282600048 M * pmjdebruijn nah 1282600052 M * pmjdebruijn well on the desktop 1282600056 M * pmjdebruijn and actually on some servers 1282600066 M * pmjdebruijn our vserver farm runs on Debian Lenny 1282600076 M * pmjdebruijn and will most likely be upgraded to Debian Squeeze 1282600076 M * Marillion ah ok :) 1282600093 M * pmjdebruijn I don't really care :) 1282600124 M * pmjdebruijn we have a rather custom setup, so what we use doesn't matter that much 1282600133 M * pmjdebruijn on "normal" server I tend to prefer Ubuntu LTS lately 1282600160 M * Marillion wait for Squeeze r1 is better, for produktive Systems suggest 1282600170 M * pmjdebruijn I doubt it 1282600197 Q * ntrs_ Ping timeout: 480 seconds 1282600323 M * Marillion it is _not_ must, but i will do it, when i have produktive Systems 1282600443 Q * petzsch Ping timeout: 480 seconds 1282601096 Q * mnemoc Quit: leaving 1282601246 J * petzsch ~markus@p4FF47CD4.dip.t-dialin.net 1282601325 Q * karasz Remote host closed the connection 1282601559 J * mnemoc ~amery@shell.opensde.net 1282601826 Q * Piet Remote host closed the connection 1282602818 Q * ghislain Quit: Leaving. 1282603775 Q * petzsch Quit: Leaving. 1282604421 Q * imcsk8 Quit: This computer has gone to sleep 1282605170 Q * bonbons Quit: Leaving 1282605721 Q * dowdle Remote host closed the connection 1282606335 J * Piet ~Piet__@659AABQ9T.tor-irc.dnsbl.oftc.net 1282607760 M * Bertl off to bed now ... have a good one everyone! 1282607767 N * Bertl Bertl_zZ