1331771382 Q * chrissbx Ping timeout: 480 seconds
1331773267 M * Bertl off to bed now ... have a good one everyone!
1331773276 N * Bertl Bertl_zZ
1331776873 J * ghislain ~AQUEOS@adsl2.aqueos.com
1331778696 J * chrissbx ~chrissbx@69-196-185-139.dsl.teksavvy.com
1331786488 Q * grobie Ping timeout: 480 seconds
1331788798 Q * clopez Ping timeout: 480 seconds
1331796758 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no
1331796876 Q * ncopa 
1331798897 J * voegelas ~voegelas@HSI-KBW-109-192-051-187.hsi6.kabel-badenwuerttemberg.de
1331798981 Q * ghislain Quit: Leaving.
1331799022 J * ghislain ~AQUEOS@adsl2.aqueos.com
1331799354 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no
1331801682 N * Bertl_zZ Bertl
1331801686 M * Bertl morning folks!
1331802259 J * derjohn_mob ~aj@87.253.171.195
1331802284 J * bonbons ~bonbons@2001:960:7ab:0:4431:1c02:68ee:1414
1331802290 M * ghislain plop(tm)
1331807422 Q * deathtje Ping timeout: 480 seconds
1331807793 J * deathtje ~deathtje@216.67.225.106
1331809864 Q * derjohn_mob Ping timeout: 480 seconds
1331810899 J * derjohn_mob ~aj@87.253.171.195
1331812569 Q * derjohn_mob Ping timeout: 480 seconds
1331813304 Q * ensc|w Remote host closed the connection
1331813314 J * ensc|w ~ensc@www.sigma-chemnitz.de
1331813439 J * clopez ~clopez@82.25.60.213.dynamic.mundo-r.com
1331813984 J * morfoh ~morfoh@shell.opensde.net
1331814053 M * morfoh hi
1331814126 M * Bertl hi
1331814167 M * morfoh Hi Bertl, I tried to apply the 3.0.23-vs2.3.2.3 patch on top of the latest 3.0.24 and noticed a hunk failing
1331814184 M * morfoh http://nopaste.opensde.net/?NTgyOT.txt <-- this is the patch for the patch ;)
1331814233 M * morfoh arch/s390/kernel/ptrace.c <-- there it failed
1331814245 M * Bertl LOL, okay, will upload an updated patch for that
1331814247 M * morfoh because upstream changed header files
1331814363 M * morfoh Bertl: thanks, but what is that funny ?!?!? ;)
1331814374 M * morfoh my ugly patch for your patch ? ;)
1331814380 M * Bertl that you diffed the diffs
1331814412 M * Bertl if you look at the patch, then you'll see that about 99% are completely useless
1331814432 M * morfoh yes ... sure
1331814444 M * morfoh next time I will only rant :p
1331814446 M * morfoh :D
1331814466 M * Bertl nah, it's fine, but if you want to improve it, use something like interdiff
1331814492 M * morfoh okay... somehow I wanted to make your life easy
1331814517 M * Bertl I appreciate the try
1331814556 M * morfoh :)
1331814572 M * morfoh guess you are used to that kind of diffs anyway ;)
1331814646 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com
1331814667 M * Bertl I'm used to all kind of diffs, this one was just a funny example which made me laugh (because it shows how easily relevant information can be covered with irrelevant)
1331814792 M * morfoh yes ... I know what you mean. Now that I know better what kind of diffs you like I promise to send nicer ones next time ;)
1331814819 M * Bertl no problem
1331814827 M * morfoh I know
1331814974 M * morfoh guess mnemoc would have ripped of my head for that ... so making you lough is the much better alternative ;)
1331815315 J * chrissbx_ ~chrissbx@69-196-185-139.dsl.teksavvy.com
1331815347 Q * nou Read error: Connection reset by peer
1331815401 J * nou Chaton@causse.larzac.fr.eu.org
1331815627 Q * chrissbx Ping timeout: 480 seconds
1331816063 Q * Alex[fob] Ping timeout: 480 seconds
1331816068 J * derjohn_mob ~aj@87.253.171.221
1331818047 M * Bertl k, uploaded updated patch for 3.0.24
1331818475 M * morfoh Bertl: thanks 
1331818477 M * BenG heh, just after I've finished compiling for 3.0.23 :)
1331818522 M * Bertl hehe, too slow :)
1331818529 M * morfoh (:
1331820845 Q * clopez Ping timeout: 480 seconds
1331821011 Q * derjohn_mob Ping timeout: 480 seconds
1331821652 J * derjohn_mob ~aj@87.253.171.212
1331822747 Q * ncopa Ping timeout: 480 seconds
1331822813 J * Alex[fob] ~alex@2001:638:80a:109::152:0
1331823462 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no
1331824036 J * kir ~kir@swsoft-msk-nat.sw.ru
1331826244 Q * BenG Quit: I Leave
1331826625 J * sponge ~sponge@spongeserv.com
1331826736 M * sponge hey guys, having a vserver networking problem i can't seem to solve. got 2 interfaces on the host and all the vservers for internal and public. the host's connection is fine, but i can't even ping the gateway from the vservers unless i specify ping -I specifying the external interface. it was working at one point but i think a reboot caused some unsaved settings to be wiped and i'm not sure how it was configured
1331826916 P * kir PING 1331826916
1331827000 M * Bertl sponge: kernel/patch/util-vserver version?
1331827068 M * sponge Linux version 2.6.32-28-vserver, vserver 0.30.215
1331827097 M * sponge the host os is ubuntu 10.04.4 LTS
1331827113 M * Bertl well, I'd suggest to update at least util-vserver, this version isn't able to handle that kernel
1331827173 M * sponge hm really? we've got 5 other boxes or so with the same vserver and kernel that are online, is it just unsupported/completely lucky if it works kind of thing?
1331827220 M * Bertl well, isolation will be partial
1331827245 M * Bertl i.e. you will get strange effects where guest affect the host system and similar
1331827280 M * sponge hm, i'll have to look into this, i'm extra cautious as these are production servers :\
1331827343 M * Bertl it's rather simple, 0.30.215 was released march 2008, do the math :)
1331827430 M * Bertl I have no idea why any distro would provide such outdated tools with a somewhat recent kernel
1331827451 M * sponge these are inherited systems, i'm not sure if they were installed through the package manager or we just kept with a known working version
1331827468 M * sponge will updating util-vserver in ubuntu be sufficient?
1331827489 M * Bertl maybe, I have no idea what version is current in ubuntu
1331827591 M * sponge looks like that's the latest version in lucid main \o/
1331827625 M * sponge seems like thats the version they ship in 11.10 too
1331827646 Q * chrissbx_ Remote host closed the connection
1331827683 M * Bertl seems to me like they don't care :)
1331827739 M * sponge any clue on the networking bit? if i understand right its completely host networking, its likely more of a routing issue on the host than a vserver bug, right? (esp because i can ssh around through internal addresses no prob)
1331827795 M * Bertl yes
1331827806 M * Bertl basically if network isolation is working/intact
1331827818 M * Bertl you have a subset of host IPs assigned to the guest
1331827835 M * Bertl and those IPs will be used by connections from the guest
1331827888 M * Bertl i.e. if your guest has GIP1 and GIP2 (the host has HIP1 and of course carries GIP1 and GIP2)
1331827924 M * Bertl then limiting whatever connection you make to GIP1 will give you the same behaviour as from inside the guest
1331827970 M * sponge yea those are all showing up inside the vserver, and forcing a ping to go out through that interface gets me external net. i just don't fully understand how to debug what it's doing by default
1331828017 M * Bertl first, ping is a bad choice for tests, as it doesn't happen on the IP layer (it's icmp)
1331828063 M * Bertl also note that when the guest has a choice (according to the routes) it will prefer the first assigned IP
1331828085 Q * ex Ping timeout: 480 seconds
1331828104 M * Bertl it will also fallback to that IP if the routing setup doesn't contain a route matching the other IPs and the desired destination
1331828155 Q * ncopa Quit: Leaving
1331828197 M * sponge the default does seem to be setup correctly, going out through the right gw on the right interface, the other routes above it all start with 50, 10, 184, or 192, but no luck trying 8.8.8.8 (both ping and a dns lookup on it)
1331828251 M * Bertl try to describe your setup
1331828508 M * sponge if you haven't noticed i'm not a sysadmin by trade so i'll do my best :) but i think its pretty simple, each vserver has a public ip and a private ip in the 192 range, there's no firewall on this host, and i'm even able to ssh into the affected vserver clients via their external ip from a remote site. its just outgoing traffic that seems to not make it unless i specify the interface on whatever commandline tool i'm trying to use
1331828644 M * Bertl okay, so, for example, we have x.x.x.x (public IP) and 192.168.y.y (private IP)
1331828659 M * Bertl on which interfaces do they show up inside the guest?
1331828686 M * sponge the private shows up under bond0, the public shows up under bond1 (which is consistent with the host)
1331828769 M * Bertl okay, on the host, in /proc/virtnet/<nid>/info in what sequence are they listed?
1331828803 M * Bertl (<nid> is the network id, usually identical to the guest context id used in the config)
1331828822 M * dkg when is it not identical?
1331828859 M * Bertl when you either set it to something different (again in the config) or when it is dynamically created
1331828882 M * sponge 3 of the 4 vservers have public ips and are having this issue actually, and all3  of them have the private ip listed as 0 and the public listed as 1
1331828896 M * Bertl that's what I suspected
1331828915 M * Bertl so, quick fix is probably simply to change the order in the config dir
1331828923 J * BenG ~bengreen@cpc10-aztw24-2-0-cust114.aztw.cable.virginmedia.com
1331828944 M * Bertl i.e. switch /etc/vservers/<name>/interfaces/{0,1}
1331828979 M * sponge hm i've got a bunch of working clients i can compare against first actually
1331829089 M * sponge well for what it's worth same vserver version, same kernel, other vservers have the private ip on 0 and public ips on 1 without issue
1331829162 M * Bertl as I said, quickfix, if you configure proper routes and rules the correct source IP will be selected
1331829204 M * Bertl to verify you can run tcpdump on the host, and check what happens when you try to connect to the outside
1331829223 M * Bertl I presume you will see that the packet is actually transmitted but with the wrong source IP
1331829376 M * sponge yea, the source ip is 127.0.1.1
1331829410 M * Bertl hmm, that is at least unusual
1331829430 M * Bertl did you assign any 127.x.x.x IPs to the guests?
1331829446 M * Bertl (or whoever did that setup :)
1331829470 M * sponge i only see 127.0.0.1 under lo in ip addr
1331829502 M * sponge i know the 127.0.1.1 thing is something we do by convention in some of our hosts, but i can't say i understand the reason. /etc/hosts ahs an entry for 127.0.1.1 on the host with the name 'ubuntu'
1331829531 M * sponge er i should say /etc/hosts in both cases, thats the only place i've ever used 127.0.1.1
1331829538 M * Bertl very strange
1331829567 M * Bertl anyway, depending on the kernel config, 127.x.x.x is handled special inside a guest
1331829597 M * Bertl i.e. it gets mapped to/from 127.0.0.1 to allow guest private localhost
1331830842 M * sponge i have no clue what i did but i think removing that "127.0.1.1 ubuntu" hosts entry and rebooting fixed it
1331830930 Q * derjohn_mob Ping timeout: 480 seconds
1331831270 M * sponge hmm i think i somehow actually fixed it. i removed that 127.0.1.1 hosts entry, tried doing an /etc/init.d/networking restart which completely broke everything, rebooted it and now it appears to be working
1331831280 M * sponge i'm not sure if that makes any sense at all as a solution but i'll take it
1331831343 M * Bertl as I have no clue where the 127.0.1.1 came from and how it made its way into the guest (maybe because of the old util-vserver)
1331831370 M * Bertl I cannot really comment on this, still updating is strongly advised
1331831512 M * sponge the 127.0.1.1 was in the hosts on the container. i'll def look into seeing what the deal with the old version on ubuntu is at least. many thanks!
1331831561 J * derjohn_mob ~aj@87.253.171.221
1331831590 M * Bertl np, you're welcome!
1331831630 P * sponge 
1331831714 Q * BenG Quit: I Leave
1331832369 Q * derjohn_mob Ping timeout: 480 seconds
1331832995 J * derjohn_mob ~aj@87.253.171.212
1331833299 J * clopez ~clopez@155.99.117.91.static.mundo-r.com
1331834652 Q * derjohn_mob Ping timeout: 480 seconds
1331836364 J * ex ex@valis.net.pl
1331837928 Q * Hunger Ping timeout: 480 seconds
1331839497 J * derjohn_mob ~aj@88.128.159.208
1331840723 Q * voegelas Quit: Leaving.
1331842056 J * hijacker_ ~hijacker@cable-84-43-134-121.mnet.bg
1331842390 Q * derjohn_mob Ping timeout: 480 seconds
1331842593 J * Hunger hunger@proactivesec.com
1331842723 P * pmjdebruijn 
1331843494 J * derjohn_mob ~aj@88.128.67.235
1331845099 Q * hijacker_ Quit: Leaving
1331845135 Q * nkukard Ping timeout: 480 seconds
1331845543 J * nkukard_ ~nkukard@dsl-246-172-76.telkomadsl.co.za
1331845679 Q * clopez Ping timeout: 480 seconds
1331845686 J * grobie ~grobie@tyr.schnuckelig.eu
1331846010 Q * Alex[fob] Read error: Operation timed out
1331846512 Q * nkukard_ Ping timeout: 480 seconds
1331846688 J * nkukard_ ~nkukard@41-133-138-246.dsl.mweb.co.za
1331847220 Q * nkukard_ Quit: Leaving
1331847238 J * nkukard ~nkukard@41-133-138-246.dsl.mweb.co.za
1331848490 Q * cuba33ci Read error: Connection reset by peer
1331848578 J * cuba33ci ~cuba33ci@114-36-231-170.dynamic.hinet.net
1331848817 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f
1331850057 M * Bertl off for a nap ... bbl
1331850067 N * Bertl Bertl_zZ
1331850520 Q * ghislain Quit: Leaving.
1331851160 Q * derjohn_mob Ping timeout: 480 seconds
1331855628 Q * bonbons Quit: Leaving