1452473434 J * cryptonight ~cryptonig@00021703.user.oftc.net 1452473739 M * cryptonight is it possible that some daemons won't work in a guest with 127.0.0.1 ? requiring a private ip added like 192.168.x.x ? 1452473939 M * Bertl depends on the configuration 1452473943 Q * fstd Remote host closed the connection 1452473955 J * fstd ~fstd@xdsl-87-78-17-121.netcologne.de 1452473967 M * Bertl you can run a guest with ip isolation and with network namespaces 1452473998 M * Bertl when you use IP isolation, you have two more choices, you can use a simple one-ip mapping scheme 1452474059 M * Bertl and you can use a multi-ip scheme, with or without local host virtualization (mapping) 1452474249 M * cryptonight hmm, weird thing is a courier imap/pop daemon is not binding to 127.0.0.1 in a guest, it does to the routable IP. 1452474344 M * Bertl well, what configuration do you have? 1452474394 M * cryptonight while mysql for example binds nicely to 127.0.0.1 and other subsystems of postfix too 1452474420 M * cryptonight the courier daemons have no IP specified, so they should bind to 127.0.0.1 + routable IP 1452474437 M * cryptonight host itself runs only ssh btw 1452474610 M * cryptonight there is not much else in terms of config, rest of the options is just related to tls, ports, certs 1452474639 M * Bertl I'm talking about the guest config here 1452474666 M * Bertl what is in /proc/virtnet//* 1452474734 M * cryptonight ah ok 1452474739 M * cryptonight the info shows: Lback: 127.0.102.1 1452474763 M * cryptonight and then 0: [1.2.3.4-0.0.0.0/255.255.255.255:0010] 1452474791 M * cryptonight i hope i'm not making a dumb mistake by forgetting to add an extra interface for 127.0.0.1 ? in the guest interfaces dir :( 1452474794 M * Bertl so you assigned a /32 ip? 1452474813 M * cryptonight yes 1452474835 M * Bertl why that? don't you have a proper netmask? 1452474851 M * Bertl also, is that the only IP assigned to the guest? 1452474855 M * cryptonight well, that's a good question, it was asked by DC to set for the extra IPs in the subnet 1452474860 M * cryptonight yes 1452474860 M * Bertl if so, what do the flags look like? 1452474910 M * cryptonight Flags: 0000000406000300 1452474927 M * Bertl so you have the SINGLE_IP special casing enabled 1452474956 M * Bertl which means that bindings to * (0) will always be replaced by a binding to the single assigned IP 1452474981 M * Bertl which is exactly what happens to your courier 1452475025 M * cryptonight hmm, i guess that's not good ? lol 1452475039 M * cryptonight how can i correct that btw ? 1452475044 M * Bertl disable the single ip special casing and you will get a * bind as expected :) 1452475058 M * Bertl http://linux-vserver.org/Capabilities_and_Flags 1452475066 M * cryptonight oh lmc, thanks ! 1452475083 Q * undefined Quit: Closing object 1452475104 M * Bertl you can just put ~single_ip in the nflags config entry 1452475110 M * Bertl http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1452475156 M * cryptonight ah ok, lemme do that 1452475660 M * cryptonight much appreciated, works like a train 1452475762 M * cryptonight btw, just a quick thought, guest to guest communications over their loopback IPs like Guest 1 has 127.0.1.20 and Guest 2 has 127.0.1.56, is that blocked by default ? 1452475834 J * undefined ~undefined@75-141-158-50.dhcp.mdfd.or.charter.com 1452475922 P * undefined 1452475925 J * undefined ~undefined@00011a48.user.oftc.net 1452476042 M * Bertl the problem is that 127.x.y.1 is used for each guest and gets remapped to 127.0.0.1 inside each guest (and vice versa) 1452476074 M * Bertl so while it is not "blocked" per se, as long as you have the remapping enabled, you won't be able to reach anything outside your 127.x.y.1 1452476218 M * Bertl but usually guests have an IP outside the 127.x.y.z range assigned as well, and that can be used for guest to guest communication 1452476445 M * cryptonight ah i see, and remapping is done by default by the kernel setting "automatically assign loopback ip" ? 1452476522 M * cryptonight (examples should have been indeed 127.x.y.1 btw, just saw what i wrote heh) 1452476527 M * Bertl no, remapping is done by the LBACK_REMAP flag :) 1452476558 M * Bertl the automatically assign loopback ip option automatically assigns a loopback ip per guest :) 1452476583 M * cryptonight ah ok, but this LBACK_REMAP flag, is it on by default ? 1452476677 M * Bertl it is turned on by default if you select the automatic assignment 1452476699 M * Bertl (you can still override it) 1452476797 M * cryptonight ok nice ! lots of indepth config is possible i see 1452476824 M * Bertl indeed, for the 127.x.y.1 communication, why would you want that? 1452476935 M * cryptonight well i don't want that, i was just thinking if a second guest was put up on the same system what would happen 1452476984 M * Bertl it would get a different 127.x.y.1 IP which shows up as 127.0.0.1 inside the guest 1452477008 M * Bertl everything targeted at 127.x.y.z would end up being remapped to that IP 1452477054 M * cryptonight you thought of everything ! :) 1452477070 M * Bertl we had some time to work out the kinks :) 1452477123 M * cryptonight i remember the old versions where there was no loopback or not working as it should, so a private IP was used to act as localhost 1452477147 M * Bertl that must have been really old indeed 1452477307 M * Bertl i.e. lback remapping was introduced in the early 2.6 kernel patches 1452477471 M * Bertl (around 2.6.22 IIRC) 1452477512 M * cryptonight oh ok, so the official stable patch for 2.6.22 (vs2.2.07) already had that feature ? 1452477528 M * cryptonight i see it has CONFIG_VSERVER_REMAP_SADDR, not sure if that's the same ? 1452477557 M * Bertl nah, but the vs2.3.0.34 patch had it 1452477564 M * Bertl (also for 2.6.22) 1452477619 M * cryptonight ah ok, the development patch 1452477648 Q * transacid Ping timeout: 480 seconds 1452477675 M * Bertl yep, so 9 years ago ... 1452477704 M * Bertl anyway, off to bed now ... have to rest a little ... cya 1452477715 N * Bertl Bertl_zZ 1452477718 M * cryptonight ok mate, thanks again for the great edu ! g'night 1452477742 M * Bertl_zZ you're welcome! 1452477824 J * transacid ~transacid@transacid.de 1452478266 J * derjohn_mobi ~aj@x590c20f2.dyn.telefonica.de 1452478707 Q * derjohn_mob Ping timeout: 480 seconds 1452479480 Q * transacid Ping timeout: 480 seconds 1452480591 Q * a1-away magnet.oftc.net dacia.oftc.net 1452480703 J * a1-away ~jelle@62.27.85.48 1452480825 J * transacid ~transacid@transacid.de 1452483948 Q * padde Remote host closed the connection 1452484050 J * padde ~padde@patrick-nagel.net 1452490633 Q * derjohn_mobi Ping timeout: 480 seconds 1452492867 Q * Sirenia Ping timeout: 480 seconds 1452492904 Q * cryptonight Quit: cryptonight 1452494753 J * derjohn_mobi ~aj@tmo-110-165.customers.d1-online.com 1452497621 J * Ghislain ~aqueos@adsl1.aqueos.com 1452497742 Q * derjohn_mobi Ping timeout: 480 seconds 1452499296 J * thierryp ~thierry@zeta.inria.fr 1452501238 J * derjohn_mobi ~aj@fw.gkh-setu.de 1452501774 N * Bertl_zZ Bertl 1452501775 M * Bertl morning folks! 1452503834 M * Guy- hi 1452503908 M * Guy- slightly off-topic question: I need to improve my understanding of TCP, specifically the flow control stuff (slow start, window scaling, selective acknowledgements, effects of packet loss in detail, traffic control mechanisms and so on) 1452503933 M * Guy- do any of you know a good book? I know there are many books on TCP/IP, but the ones I saw don't go into enough detail 1452504161 M * Bertl online? free? any preferences? 1452504722 M * Guy- Bertl: well, online and free is best, but I'm willing to buy it 1452505713 M * Bertl http://www.tcpipguide.com/free/index.htm 1452505755 M * Bertl TCP/IP Illustrated is a nice book too, but you want the 1st edition :) 1452506878 J * Sirenia ~sirenia@454028b1.test.dnsbl.oftc.net 1452507070 M * Guy- Bertl: does that have info on relatively recent developments like htcp and such? 1452507091 M * Guy- I did find the tcpipguide.com site too 1452507101 M * Guy- thanks 1452507169 M * Bertl if you are referring to the hypertext caching prototcol, that's a completely different layer 1452507978 M * Guy- no 1452508002 M * Guy- sorry, I meant https://en.wikipedia.org/wiki/H-TCP 1452508163 M * Bertl unlikely to be covered there 1452508717 M * Guy- still, thanks 1452508738 M * Bertl you're welcome! 1452514761 J * padde_ ~padde@patrick-nagel.net 1452514817 J * fstd_ ~fstd@xdsl-87-78-17-121.netcologne.de 1452514861 Q * padde Read error: Connection reset by peer 1452514861 Q * fstd Read error: Connection reset by peer 1452514862 N * padde_ padde 1452514863 N * fstd_ fstd 1452516424 J * Gremble ~Gremble@cpc87151-aztw31-2-0-cust755.18-1.cable.virginm.net 1452517143 Q * fstd Remote host closed the connection 1452517156 J * fstd ~fstd@xdsl-87-78-9-197.netcologne.de 1452520087 Q * Gremble Quit: I Leave 1452520891 Q * thierryp Remote host closed the connection 1452521100 J * thierryp ~thierry@zeta.inria.fr 1452521379 J * thierryp_ ~thierry@zeta.inria.fr 1452521379 Q * thierryp Read error: Connection reset by peer 1452523145 J * thierryp ~thierry@zeta.inria.fr 1452523145 Q * thierryp_ Read error: Connection reset by peer 1452524356 Q * thierryp Remote host closed the connection 1452525287 M * Ghislain hi, we agree that to add vroot it is mknod -m 660 /dev/vroot20 b 4 20; ? 1452528606 M * Guy- what is the purpose of having such a device node? 1452528701 Q * Bertl Ping timeout: 480 seconds 1452529657 Q * transacid magnet.oftc.net dacia.oftc.net 1452529958 J * transacid ~transacid@transacid.de 1452533396 J * Bertl herbert@IRC.13thfloor.at 1452534783 J * thierryp ~thierry@82.226.190.44 1452535017 M * Bertl off for a nap ... bbl 1452535018 N * Bertl Bertl_zZ 1452542602 Q * derjohn_mobi Ping timeout: 480 seconds 1452545762 J * derjohn_mob ~aj@p578b6aa1.dip0.t-ipconnect.de 1452546463 J * bonbons ~bonbons@2001:a18:22e:7701:19d6:9d02:3080:2cd7 1452552747 Q * bonbons Quit: Leaving 1452555401 Q * Ghislain Quit: Leaving.