[06:32] <sakhi> moonin
[07:18] <inetpro> good morning
[07:22] <superfly> morning, inetpro and sakhi
[07:24] <bmg505> good morning, in another 2 hours my 5 day holiday starts
[08:56]  * Symmetria begins his crusade against rpki in the defense of internet freedom and autonomy
[08:57] <tumbleweed> superfly: disabling your ubuntu-za drupal cronjob fro now.
[08:57]  * nlsthzn watches in interest, having no clue what he sees but enjoying  it non the less
[09:02] <Symmetria> heh, nlsthzn there are proposals in the works in the global internet community that if implemented would hand governments a rather effective internet kill switch
[09:02] <Symmetria> and the ability to very easily shut off entire isps, countries or sections of the internet
[09:02] <Symmetria> they are *EXTREMELY* dangerous proposals backed by some extremely nasty agendas on the back end, agendas which have been fairly well hidden up till now
[09:03] <Symmetria> trust me, life is about to get very very very interesting going forward
[09:03] <nlsthzn> he who holds the switch, holds the power... sounds like America is up to no good again
[09:03] <Symmetria> heh, its worse than just the americans 
[09:04] <Symmetria> this would create a situation where if two countries went to war, the one country could turn off the other country :P
[09:04] <Symmetria> it would create a situation where through some simple court orders, a government could decide that only its isp could actually function
[09:05] <Symmetria> its... nasty
[09:05] <Symmetria> and the implications and ramifications of the proposed policy are being very well hidden, the proponents of it with their agendas are playing up the positives rather effectively
[09:07] <nlsthzn> Well, good luck with your crusade!
[10:11] <bmg505> well actually those laws are in place for telephone calls and mail and packages and even humans, so its logical that it will also happen for the internet, it does not make it right though but it does put it in perspective
[12:08] <tumbleweed> nice job WA, http://ftp.wa.co.za/pub/debian/
[12:10] <cocooncrash> Hah
[12:11] <tumbleweed> that debian thing, nobody uses it, right? :)
[12:11] <superfly> nope, no one
[12:11] <superfly> :-P
[12:11] <linuxboy> ubuntu does
[12:11] <tumbleweed> nobody will miss it then
[12:11] <linuxboy> not often though
[12:12] <froztbyte> #glug.za/freenode.#glug.za.2011.02.log:1235:2011-02-09 16:19:47<+froztbyte> have WA figured out how to run a mirror yet?
[12:12] <froztbyte> tumbleweed: ^
[12:12] <tumbleweed> froztbyte: I've been trying to educate them...
[12:12] <tumbleweed> they seem to have worked out how to keep thier mirror in sync (although that could be luck)
[12:12] <superfly> tumbleweed: did you try lots of pretty pictures in a powerpoint presentation? :-P
[12:12] <tumbleweed> this is a new era of sillyness
[12:15]  * sakhi thinks wa DSL console should be https.
[12:18] <linuxboy> sakhi: did you see clug when someone bitched about them putting the username/password in the URL?
[12:18] <cocooncrash> sakhi: You can use HTTPS.
[12:21] <linuxboy> http://lists.clug.org.za/pipermail/clug-chat/2008-February/024451.html
[12:21] <sakhi> linuxboy: nope I didn't see that post.
[12:22] <linuxboy> sakhi: happened in 2008
[12:26] <sakhi> cocooncrash: I think that page should be forced to https if it is apache webserver (not sure how you do in IIS)
[12:27] <sakhi> its good that it is encryped though.
[12:32] <superfly> yeah, I think half their problem is probably IIS and ASP.NET :-P
[12:32] <linuxboy> and the other half are some of the people who manage them?
[13:10] <superfly> no doubt :-P
[14:22] <marcog> Symmetria: any eta on resolving uct's international issues?
[15:47] <Symmetria> marcog, uct is on drugs
[15:47] <Symmetria> there was no problem from tenet's side with international
[15:47] <Symmetria> if there is a problem, its internal
[15:47] <Symmetria> and I told them this, 4 times
[15:47] <froztbyte> it's always someone else if they don't know what the problem is
[15:48] <froztbyte> we've got the same thing from our clients when they're unable to resolve their internal network issues
[15:48] <froztbyte> "must be supplier!!"
[15:48] <marcog> Symmetria: you mean icts then, sigh
[15:50] <froztbyte> see the part where inability to solve problems was mentioned
[15:50] <Symmetria> marcog heh, if you look at the total seacom bandwidth today, there was never a drop off in traffic 
[15:50] <marcog> Symmetria: uct's internet *is* fucked though, whatever the cause
[15:50] <Symmetria> there was a problem with international graphing because at one point we were running without the bandwidth control system (which actually means, all limits and restrictions were not in effect, which would have sped things up, not slowed them down)
[15:51] <Symmetria> yeah I see you're running at a peak of only around 150mbit 
[15:51] <Symmetria> and a peak national at around 220
[15:51] <Symmetria> which is kinda low
[15:51] <Symmetria> chances are their proxies arent handling
[15:51] <marcog> it does indeed seem to be proxy issues
[15:51] <marcog> cause when i tunnel, there are no problems
[15:52] <Symmetria> heh students back today?
[15:52] <marcog> yes!
[15:52] <marcog> :(
[15:52] <Symmetria> proxies probably getting raped 
[15:52] <Symmetria> because bandwidth isnt the issue
[15:52] <froztbyte> what hardware do their proxies run on?
[15:52] <Symmetria> I warned them about this 
[15:52] <Symmetria> froztbyte you dont wanna know :)
[15:53] <froztbyte> why?
[15:53] <Symmetria> :P well, start by asking what operating system/proxy serverthey use
[15:53] <froztbyte> oh dear
[15:54] <froztbyte> I suppose we shouldn't go down this road
[15:54] <froztbyte> we've done a gigabit of live traffic across a cluster setup of our caches in testing before, so we know we can handle it
[15:54] <froztbyte> and we've got some updates coming over the next few weeks which push our capacities even further
[15:54] <froztbyte> but yeah...
[15:58] <froztbyte> what are they, bluecoat?
[16:02] <Symmetria> froztbyte microsoft isa
[16:03] <Symmetria> and apparently they are busy prepping 4 new boxes to add to the cluster
[16:05]  * froztbyte sadpandas
[16:27] <cocooncrash> froztbyte: When I first started at UCT, the caches were squids.
[16:28] <cocooncrash> Then they changed to Novel BorderManager, which was a complete cockup.
[16:28] <cocooncrash> And then IIS, which wasn't much better.
[16:28] <Symmetria> http://www.news24.com/SouthAfrica/News/DUT-classes-resume-after-protests-20110214 
[16:28] <Symmetria> heh
[16:28] <Symmetria> now THERE is something that could disrupt our international bandwidth
[16:28] <Symmetria> :P since our international gateway node is there
[16:29] <froztbyte> cocooncrash: as far as things go, squid's not really all that fantastic either
[16:29] <froztbyte> it /really/ is not geared for high traffic loads in its stock form
[16:29] <Symmetria> heh lusca handles high traffic loads better than squid 
[16:29] <froztbyte> ours is so patched up it looks like a totally different beast
[16:29] <froztbyte> yeah, lusca's already a helluva big step up on squid
[16:30] <Symmetria> lusca made some huge improvements and can comfortably serve a coupla gigs on a big enough box 
[16:30] <froztbyte> we ported our patchbase over to lusca, and are continuing developments there
[16:30] <froztbyte> Symmetria: depending on configuration
[16:30] <froztbyte> and traffic type across it
[16:30] <Symmetria> we used to use lusca frontend as a load balancer for serving firefox downloads, peaked it out at around 6gigabit/second on a single box 
[16:30] <Symmetria> the real trick to get that kinda through it.... stop caching anything :P
[16:31] <froztbyte> if you're running it as a gateway-style proxy for lots of people's connections, you need to do a loooooooooooot of tweaking
[16:31] <Symmetria> heh we tell everyone, turn off your disk caching
[16:31] <Symmetria> if you wanna use the stuff for logging/control fine
[16:31]  * froztbyte kicks ASDM in the nads
[16:32] <Symmetria> just dont try and cache anything
[16:32] <froztbyte> urgh *shudder*
[16:32] <Symmetria> because your disks arent fast enough to keep up 
[16:32] <froztbyte> squid + disk logging == B.A.D.
[16:32] <froztbyte> so bad
[16:32] <froztbyte> it does it synchronous :(
[16:32] <froztbyte> (the normal codebase)
[16:32] <Symmetria> heh what they SHOULD do is just stick a damn SCE in line 
[16:32] <Symmetria> that can do the logging for them
[16:33] <Symmetria> completely transparently
[16:33] <froztbyte> yes but that would require them to use their brains
[16:33] <Symmetria> and it logs far more than a proxy server ever would :P
[16:33] <froztbyte> not just their wallets
[16:33] <Symmetria> the sce logging facilities are... really really scary
[16:33] <Symmetria> (we disable them on the TENET sce, entirely)
[16:34] <Symmetria> but enabled, that thing can tell you the top transmitting email address and exactly how many bytes of email they sent for the last 2 weeks 
[16:34] <Symmetria> which it picks up from layer 7 analysis of traffic at up to 30gigabit/second
[16:34] <Symmetria> which is kinda... mindblowing
[16:34] <froztbyte> we've got an SCE deployment in limbo in the one customer network at the moment
[16:34] <froztbyte> waiting on another project to finish before it can be done
[16:35] <froztbyte> can't wait to play with it :)
[16:35] <Symmetria> heh you're gonna have fun deploying sce
[16:35] <Symmetria> setting it up is... a bitch slut whore
[16:35] <Symmetria> once it works, its fine
[16:35] <froztbyte> hehe
[16:35] <Symmetria> oh and its management interface = WINDOWS ONLY 
[16:35] <Symmetria> (and you *CANNOT* use an sce without that interface)
[16:35] <froztbyte> yeah, it's roughly like the ASAs
[16:36] <froztbyte> ASAs you can still kinda manage on the console....but you wouldn't want to
[16:38] <Symmetria> heh I've worked with cisco pix enough to know how to use an ASA through the console with relative ease
[16:38] <Symmetria> the sce is.... far far far more difficult than that
[16:39] <froztbyte> I've been getting to know the ASA console over the last while
[16:39] <froztbyte> usually mostly by poking at stuff in ASDM and then seeing what the underlying output is
[16:40] <Symmetria> heh thing is, the SCE relies on a bunch of backend components
[16:40] <froztbyte> pet peeve of mine is how crap the ASA testing/information commands are compared to the rest of the cisco line
[16:40] <Symmetria> whats known as a collection manager
[16:40] <Symmetria> a subscriber manager
[16:40] <Symmetria> and a management interface
[16:40] <Symmetria> all of which are seperate software components
[16:40] <Symmetria> the collection manager in turn talks to a mysql database
[16:40] <Symmetria> the sce transmits to the collection manager which decodes the shit and shoves it into mysql 
[16:42] <Symmetria> but make no mistake, the sce is a very very powerful platform
[16:42] <Symmetria> capable of insane throughput :)
[16:43] <froztbyte> it'll be capable of doing what this network needs for a looooooong time