03:41.18 | *** join/#gllug samsath (~samsath@d154-20-51-223.bchsia.telus.net) |
09:06.07 | Pcsett | moin |
09:06.14 | Pcsett | is back (gone 15:50:54) |
09:08.22 | Pcsett | Owt 'appening? |
09:14.59 | ChoHag | Nope. |
09:21.13 | jpds | I see. |
09:24.46 | antiphase | guffs |
09:26.47 | Cope | moin |
09:29.25 | ChoHag | Yesterday one of our servers, which is used to dump databases onto because we don't know how to do replication, had a disc failure. |
09:29.57 | ChoHag | It was rebooted, fiddled with, and so this morning it failed again. |
09:31.12 | ChoHag | Sadly, people are surprised. |
09:32.03 | wethrin | oops |
09:34.04 | jpds | ChoHag: How many times did they reboot it? |
09:34.23 | ChoHag | I don't recall. |
09:34.30 | ChoHag | At least once. Maybe it wasn't enough. |
09:34.39 | jpds | Three times - should do it. |
09:34.41 | ChoHag | They did do an fsck though so that should have fixed it right? |
09:35.14 | jpds | It's like https://www.youtube.com/watch?v=W8_Kfjo3VjU all over again. |
09:50.55 | cbz | ChoHag: propose that be repurposed as the backup server |
09:51.30 | ChoHag | It already does pretty much all the backing up that goes on. |
09:51.59 | ChoHag | <Foreigner> Arr! Let me buy this US flag and burn it. America we hate you. |
09:52.10 | ChoHag | <America> We know. Good luck with that. |
13:18.02 | *** join/#gllug dick_turpin (~dick_turp@host217-34-163-30.in-addr.btopenworld.com) |
13:19.26 | dick_turpin | Think about PFC Bradley Manning who's been held for 254 days in solitary at the Marine Corps Base in Quantico. |
13:19.45 | Provito | Morgan is making him sweat |
13:26.06 | AndyMillar | ChoHag: if I ever work at a company you get employed at, I'll probably run screaming |
13:26.14 | AndyMillar | as you have the worst luck with chosing companies ever |
13:26.19 | AndyMillar | also: we hiring |
13:27.21 | Cope | lots of hiring going on |
13:28.06 | dick_turpin | AndyMillar: Can I work for you? |
13:28.28 | dick_turpin | I aslo have bad luch with an employer |
13:29.28 | *** join/#gllug wethrin_ (~dankolb@styx.eco.li) |
13:29.39 | Cope | I just had a very good lunch |
13:29.44 | Cope | mmm sushi |
13:30.33 | dick_turpin | wethrin \o/ |
13:30.40 | wethrin | yo |
13:31.07 | dick_turpin | Did you see my Trixbox message the other day? |
13:31.12 | wethrin | No.... |
13:31.49 | dick_turpin | I /pm'd you |
13:32.34 | dick_turpin | Never mind it was only more of the same un-professional run headlong into a debacle story |
13:34.40 | wethrin | you did? |
13:34.48 | wethrin | Oh |
13:34.51 | wethrin | that was last week! |
13:34.56 | wethrin | Yes, yes I saw that |
13:36.44 | AndyMillar | dick_turpin: are you an excellent linux sysadmin? |
13:36.56 | dick_turpin | Its still not done and, wait for it, he told accounts to chase the final payment Bwahahahaha |
13:37.04 | dick_turpin | AndyMillar: Yes |
13:37.05 | wethrin | oh dear |
13:37.45 | dick_turpin | AndyMillar: I am also very young for my age, have a full head of hair, all my own teeth |
13:41.28 | *** join/#gllug stu_ (~stu@dyn1241-49.vpn.ic.ac.uk) |
13:45.33 | boudiccas | and a bald pate |
13:46.30 | dick_turpin | boudiccas: Ssh I said I had a full head of hair I might just blag my way into this one |
13:46.49 | dick_turpin | http://richs-lxh.com/shared/the-rejection-letter.txt sfw |
13:47.08 | boudiccas | but its along way for a daily commute |
13:47.15 | boudiccas | *a long |
13:47.19 | dick_turpin | Now that's how you respond to a rejection letter |
13:54.21 | ChoHag | AndyMillar: I've already done Betfair. I don't imagine their sister company is any different. |
14:08.29 | *** join/#gllug Nafallo (~nafallo@ubuntu/member/nafallo) |
14:14.34 | AndyMillar | ChoHag: we're kinda very different :p |
14:14.51 | Cope | you would say that |
14:14.55 | Cope | alternative: |
14:15.08 | Cope | 'Yeah - we're the same; fair cop; done one, done 'em all.' |
14:16.22 | AndyMillar | nah, we're a completley different company, different systems, different people, different management :p |
14:17.23 | ChoHag | Well I'm available for a new contract in April. |
14:17.29 | ChoHag | whores himself out |
14:21.02 | dick_turpin | is all whored out |
14:28.28 | dick_turpin | Just had a customer email "We have two iphones and a Nokia E90 and need a bit of help configuring them" I've emailed with a price per phone, I await the distraught phone call |
14:29.53 | antiphase | ONE MILLION DOLLARS |
14:30.32 | *** join/#gllug cityLights (~cityLight@bzq-84-109-112-194.red.bezeqint.net) |
14:30.37 | cityLights | hi all |
14:30.42 | antiphase | Wod up homes |
14:30.56 | cityLights | well I mean , antiphase , hali and leeds |
14:31.03 | cityLights | the ppl I know |
14:31.29 | cityLights | let me start off with a linux question |
14:32.31 | cityLights | assume I have eth0 - connected to the internet and ppp0 which is established using l2tp and ppp0 gw is the default gateway |
14:33.06 | cityLights | I run a vpn server on the machine and I want the clients to connect to eth0 and be answered via eth0 |
14:33.34 | cityLights | I dont know all the subnets the clients will use to conenct, so, how can I solve this? |
14:34.02 | dick_turpin | antiphase: Close actually at least as far as our customers are concerned, I want £65 per unit. What's the betting they ring one of the gaffers "Have you seen what Pete says!" |
14:38.37 | dick_turpin | ChoHag: [linuxjobs] Senior Linux (Red Hat) System Administrator, London £60K |
14:45.05 | antiphase | cityLights: Why do you use your VPN as a default gateway? |
14:47.25 | *** join/#gllug wethrin (~dankolb@styx.eco.li) |
14:54.48 | cityLights | casue I want to remote access my pc |
15:02.50 | Pcsett | is away: I'm getting the whiskey |
15:05.58 | antiphase | You might have to draw a picture |
15:13.27 | *** join/#gllug PcSett (~don@host86-135-102-188.range86-135.btcentralplus.com) |
15:19.10 | *** join/#gllug gmarkall (~graham@109.181.202.60) |
15:43.59 | PcSett | is away: I'm getting the whiskey |
15:45.58 | dick_turpin | holds up a really good crayon drawing for antiphase |
15:46.36 | jpds | PcSett: Again? |
15:54.20 | antiphase | Nasty Irish whiskey as well |
16:36.21 | *** join/#gllug gmarkall (~graham@109.181.202.60) |
16:41.37 | *** part/#gllug dick_turpin (~dick_turp@host217-34-163-30.in-addr.btopenworld.com) |
17:42.46 | *** join/#gllug cityLights (~cityLight@bzq-84-109-112-194.red.bezeqint.net) |
17:44.24 | cityLights | antiphase: as requested here is the network I mean: http://img819.imageshack.us/img819/5553/diagram1y.png |
17:47.54 | antiphase | Can you run scripts when clients connect to the VPN? |
17:49.25 | antiphase | I might just be confused now |
17:52.39 | cityLights | initially before I connect to the l2tp server I got only one NIC , eth0 - and it provides the defualt gateway to the internet |
17:53.07 | cityLights | so when a client connects to the 1.1.1.1 address it is replied using the 1.1.1.1 address |
17:53.56 | cityLights | now when I establish the l2tp and use it as a default gateway, any out going communication is via the 2.2.2.2 address - right |
17:54.25 | cityLights | so is the client connects to address 1.1.1.1 it is answered with the 2.2.2.2 address |
17:54.28 | cityLights | how to fix |
17:54.42 | cityLights | the pc is a linux box |
17:54.54 | cityLights | so I can add any kind of routing |
18:11.26 | antiphase | If your PC connects to eth0's IP address, that's where the replies will come from |
18:11.42 | antiphase | or maybe not |
18:11.53 | antiphase | I remember this from a few weeks ago now |
18:12.22 | antiphase | I think I said you need more than one routing table, but I don't know if you can mark inbound traffic for outbound routing |
18:14.06 | antiphase | I'm really quite confused by your diagram though |
18:14.29 | antiphase | If your remote PC connects to your "other" PC with a VPN, there's not a problem anyway |
18:30.04 | *** join/#gllug mikejw (~mikejw@84.19.55.162) |
18:38.50 | cityLights | I dont understand that last line |
18:39.32 | cityLights | do you mean the "phone" connects to the pc using the 1.1.1.1 address? |
18:40.55 | cityLights | I mean when I ask these question - google responds with source base routing |
19:58.34 | antiphase | Phone? |
19:59.02 | cityLights | the remote host in the picture that is a client to the vpn server |
19:59.45 | antiphase | And your VPN server can't add static routes based on where a client is coming from? |
20:01.46 | cityLights | right |
20:02.06 | cityLights | the reason is that this client may connect from any coffee shop wifi |
20:02.25 | cityLights | I mean this used to be a case for source based routing- right |
20:02.38 | cityLights | this is what I read about in google |
20:03.21 | cityLights | now , the idea of marking incoming traffic from ppp0 to destiguish it from traffic from eth0 - sounds good |
20:03.24 | cityLights | but how |
20:03.31 | antiphase | You need to provide some information to cause correct routing to happen at some point; either your VPN server needs to add a static route when a client connects, or you need to somehow provide other information in advance, or there's an outside chance of some hack involving iptables and multiple routing tables |
20:03.44 | antiphase | Source routing hasn't been viable for at least 15 years, if not longer |
20:04.06 | antiphase | People will just drop your traffic or fail to honour routing information |
20:04.30 | cityLights | so the easy way IS to mark traffic from ppp0 |
20:04.33 | antiphase | Incoming traffic from ppp0? |
20:04.34 | cityLights | how ? |
20:04.42 | antiphase | Your diagram is shit, to be honest |
20:04.51 | cityLights | iptables -i ppp0 -MARK FF ? |
20:05.10 | cityLights | ok how should I draw it then? |
20:05.32 | antiphase | You need to show where connections are actually made, so it's clear why the problem exists and what needs to be done |
20:05.37 | cityLights | the fact that I draw it wrong - means I still strogle |
20:05.49 | cityLights | ok |
20:05.56 | antiphase | At the moment it's not clear which links are where and which are VPNs |
20:06.11 | cityLights | how can I demonstrate that ppp0 is virtual via eth0? |
20:06.42 | antiphase | Probably byindicating that there's only one physical interface |
20:07.40 | cityLights | I will remove the l2tp srv block |
20:08.23 | cityLights | and the isp block |
20:22.30 | antiphase | I might have a solution for you |
20:23.56 | antiphase | It's 50/50 if it will work though |
20:29.17 | cityLights | is this better? |
20:29.22 | cityLights | http://img156.imageshack.us/img156/971/diagram1.png |
20:29.50 | antiphase | http://pastebin.com/5jGw3u5B |
20:30.36 | antiphase | I think the picture is more informative now. Not sure I'd do it that way, but it doesn't matter |
20:49.13 | cityLights | seems fine, lets see it work |
20:49.36 | cityLights | btw, listening to gary numan |
20:51.33 | cityLights | oddest part today, was the end of the interview: |
20:52.01 | cityLights | he said , what is the salary you want |
20:52.08 | cityLights | I said : XXX |
20:52.24 | cityLights | then he repied , and a car? |
20:52.35 | cityLights | now what should I replay to this? |
20:52.42 | cityLights | no thanks |
20:52.45 | cityLights | ? |
20:53.00 | cityLights | meaning a company car |
21:17.30 | antiphase | Well I'm going to go to bed |
21:17.44 | antiphase | If your thing still isn't working we'll have to see about it another day |
21:19.11 | cityLights | np |
21:19.14 | cityLights | thanks mate |
21:19.26 | cityLights | take care |
23:58.30 | *** join/#gllug sabinef72 (~sabinef72@barcelone.ipv6.popipo.fr) |