Announcement

Collapse
No announcement yet.

Forum Move

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Forum Move

    NullTone just switched the forums over to a new box sitting at World Domination Headquarters. You might see some strangeness over the next couple of days as we tweak settings and all of that.

    The new box is faster and more stable than the last, and you will be seeing new features introduced after DEF CON, such as email notifications, a revamped calendar and a few ninja-goodies.
    Last edited by The Dark Tangent; July 9, 2005, 20:29.
    PGP Key: https://defcon.org/html/links/dtangent.html

  • #2
    DT, while I bow to your omniscience and never would think to question anything you ever do, think, or say, I wonder how many people will be able to follow the move so close to the Defcon dates. I'm sure we'll lose the script kiddies, and I guess that's a good thing. Upgrades and other changes have occured in the last just before con with 50/50 success. I have faith in Nulltone, it's just getting close to con is all.

    Comment


    • #3
      mmmm as well as the release of tardtools2005b2.php .. think Google Earth meets laser.swf. We could call the script from our TheCotWOPRbot and finally achieve automated troll removal technology for the new millennium, entirely seperate from human emotion.

      dun dun dun
      if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

      Comment


      • #4
        Originally posted by astcell
        I wonder how many people will be able to follow the move so close to the Defcon dates. ... Upgrades and other changes have occured in the last just before con with 50/50 success. I have faith in Nulltone, it's just getting close to con is all.
        Some information on this:
        The zone record information for the host is the thing that was changed to point to the new server.
        A lookup of the specific host information from the authoritative DNS for the defcon domain shows us that they request that any host or DNS attempting to resolve the name (forum.defcon.org) to an IP address should only cache for 1 hour (3600 seconds = 60 seconds x 60 minutes)

        old:
        forum.defcon.org. 3600 IN A [OLD-IP-ADDRESS-REMOVED]
        new:
        forum.defcon.org. 3600 IN CNAME forums.datamerica.com.
        forums.datamerica.com. 3600 IN A 216.231.63.37

        As a result, if clients and ISP DNS conform to the requested cache time, a 1 hour window of denied access may be possible.

        Beyond this, users can deal with local client caching issues (such as web browser) sometimes by quitting and restarting them.

        Use of a local "host" file can override local ISP DNS lookups in most OS. (/etc/hosts on *NIX and the "hosts.txt" file in Windows IIRC)

        Some ISP choose to cache longer than authoritative DNS suggest in lookup responses. For these users, there may be a longer delay. Such delays can be from one to 3 days, but seldom go beyond one day.

        Also, there may be a slightly longer time for caching proxies and their DNS lookups.

        My bigger complaint is forum speed. ATM, it takes longer to edit my posts-- and I do that a lot. I am hoping that things improve with time after the initial work is done. Any timeline for this?
        Last edited by TheCotMan; July 10, 2005, 02:28.

        Comment


        • #5
          These paes are indeed running slow. My DNS has still not updated, 12 hour is about right for my end, ho hum.

          Comment


          • #6
            Forum Speed

            Yeah, it is a bit slow, even though it is on a much faster box. I am investigating the firewall settings.

            I don't want to spend too much time on the firewall if possible, though, because that machine gets upgraded as soon as the second CPU and new drives arrive in the mail. Then the FW box will be about 2.5 times faster, and that might fix the problem.

            I'll do some tweaking now and see what happens, then let you guys know when the new upgraded box is getting ready to be deployed.
            PGP Key: https://defcon.org/html/links/dtangent.html

            Comment


            • #7
              Hopefully with the move, Nulltone will use his super-leet Ninja powers (The type that make people crap their pants), and keeps the forums up during the con.

              Comment


              • #8
                Strange behavior with performance

                Hmm.. I am starting to suspect strange networking issues, either with the cisco router to firewall connection, or some as of yet un-known problem.

                At first I thought it was the firewall being stressed out. Well I was looking at the load average, not the CPU usage stats. Load has doubled since the forum moved over, but that just meant the CPU idle time went from 99 percent free to 98.

                This will have to entail my friend Mr. tcpdump and find out where the latency is being introduced.

                UPDATE: Strange interactions between the firewall set at full duplex, and the forum machine set at full duplex (But really failing down to half duplex) caused some performance issues. Once both the firewall and the forums were set to auto negotiate they both came back up at full-duplex (And didn't fall back to half duplex.. go figure) I think that should make a visible difference. Let me know if you guys notice any difference.
                Last edited by The Dark Tangent; July 12, 2005, 00:18.
                PGP Key: https://defcon.org/html/links/dtangent.html

                Comment


                • #9
                  Originally posted by Dark Tangent
                  Once both the firewall and the forums were set to auto negotiate they both came back up at full-duplex (And didn't fall back to half duplex.. go figure) I think that should make a visible difference. Let me know if you guys notice any difference.
                  Noticeably smoother today, no more timeouts here. Bliss.

                  Comment


                  • #10
                    Feels alot better from here on my slow ass work connection. Thanks for the upgrade.



                    Originally posted by Dark Tangent
                    Hmm.. I am starting to suspect strange networking issues, either with the cisco router to firewall connection, or some as of yet un-known problem.

                    At first I thought it was the firewall being stressed out. Well I was looking at the load average, not the CPU usage stats. Load has doubled since the forum moved over, but that just meant the CPU idle time went from 99 percent free to 98.

                    This will have to entail my friend Mr. tcpdump and find out where the latency is being introduced.

                    UPDATE: Strange interactions between the firewall set at full duplex, and the forum machine set at full duplex (But really failing down to half duplex) caused some performance issues. Once both the firewall and the forums were set to auto negotiate they both came back up at full-duplex (And didn't fall back to half duplex.. go figure) I think that should make a visible difference. Let me know if you guys notice any difference.
                    mage2atbleedingwounddotcom
                    KeyID 3B535825D9402365
                    FingerPrint C2AA E142 8826 BAE3 9C2B AA0C 3B53 5825 D940 2365

                    Comment


                    • #11
                      does the new forum server/firewall setup have some sort of client connections threshold, which if exceeded will result in a data for the user making the connections being suspend temporarily? i ask because while using mozilla, i'll typically click a whole series of links and launch them in new browsing tabs. i do this with google search results, with news headlines, and while flipping through online forums, including the DC forums.

                      i've found that if i just click through pages on these forums a single link at a time, everything is fine. pages load pretty quickly and i can get what i need without difficulty. if, however, i have a forum index pulled up and i click a series of discussion threads, launching them in new tabs and letting them load all at once, i'll have the first few bytes of each loading page... then everything hangs. i'll get nothing for the next 20 to 30 seconds. the tabs all go on, attempting to continue loading data... but nothing comes through.

                      is the web server interpreting my multiple connections from a single client as an attack or otherwise something to be blocked?
                      "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
                      - Trent Reznor

                      Comment


                      • #12
                        Originally posted by Deviant Ollam
                        if, however, i have a forum index pulled up and i click a series of discussion threads, launching them in new tabs and letting them load all at once, i'll have the first few bytes of each loading page... then everything hangs. i'll get nothing for the next 20 to 30 seconds. the tabs all go on, attempting to continue loading data... but nothing comes through.

                        is the web server interpreting my multiple connections from a single client as an attack or otherwise something to be blocked?
                        I can neither confirm nor deny if this does exist or does not (I'll leave that to someone else ;-) but I will say that I do the same thing as you describe- (use multiple tabs with right-click on "show me most recent unread post in thread") and I do not have problems so long as I limit it to about 3 or 4 tabs that are actually loading. When I keep these limits, I do not have any problems.

                        Also, the cookie system in Mozilla is not perfect with the forums for noting "read" threads when you do this. It can lead to weird "bugs" that are not really bugs in the forum software, but have to do with cookie updates in parallel by Mozilla instead of the expected serialized fashion used by most people.

                        Comment


                        • #13
                          Don't connect simultaneously more than 48 times from a given IP at a time. This is done to control various bots and tards from raping forum resources for their indexing or DoSing schemes.

                          Of course there are other more specific thresholds.. but details are available on a need to know basis.. and ...
                          if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

                          Comment


                          • #14
                            Originally posted by converge
                            Don't connect simultaneously more than 48 times from a given IP at a time. This is done to control various bots and tards from raping forum resources for their indexing or DoSing schemes.
                            I did not know if that was some sort of super-secret, security by obscurity thing. ( Dataworm: :-D )

                            If a user has a busted/old web client, it may be possible for the loading of one page to create well over 10 connections on pages with many different images, as it is *possible* for each image to be loaded with a separate connection.

                            Most pages do not have lots of different images though, and most modern clients people will use should support loading of multiple items through the same connection, and if they don't, 48 should be MORE than enough for any threads we still have if they only load one page at a time.

                            Newer* versions of HTTP allow for one connection to load more than one thing without starting a new connection.

                            * "Newer" heh. I think this started with HTTP/1.1 and that is not really that new.

                            Comment


                            • #15
                              well.. I'm reluctant to give out *all* the details about it, for obvious publicly readable reasons. But denying and/or providing no info would just be stiff imo.

                              Assuming that you are using an http1.1 complaint browser that only uses 1 connection per loading tab, the foremost possibility that strikes me is you are using a script/mod to autoload all of the links into tabs.. which would cause problems. Or you need to check the forums more often than every 48 active threads :p
                              if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

                              Comment

                              Working...
                              X