XMPP Service Operators - 2023-04-10

  1. andrey.utkin

    What are user-side tools to manage personal MAM archive? Like, truncate or purge it? I think I heard of such some time ago.

  2. Menel

    As far as I know it is still an idea in the developers heads at this point.

  3. frog

    Just to clarify my understanding of the previous discussion regarding sslh and transparent proxying. Is it possible to avoid needing to rewrite iptables/nftables rules if using the proxy protocol? It seems ejabberd supports it, but the community prosody module can't do it on TLS ports

  4. Harper

    Can someone clarify nixnet? Since ~March 30th I get > Failed to establish outbound s2s connection konvers.me -> muc.nixnet.services: Peer certificate rejected: certificate has expired; bouncing for 268 secon But search.jabber.network shows numerous mucs on nixnet with many users in them. Is that just servers who haven't rebooted or dropped connection for two weeks? or are some servers not checking cert? or???

  5. Harper

    unrelated I also see > Failed to establish outbound s2s connection conference.konvers.me -> jabber.lqdn.fr: DNS lookup failed: when trying to resolve it on a few resolvers I get a timeout, but some eventually return result on repeat

  6. nuegia.net

    are you sure your resolver is good?

  7. Harper

    I'm using quad9 DoT with opportunistic dnssec

  8. Harper

    have no issues with others

  9. nuegia.net

    dns can fail in non-obvious ways if TCP is dropped or your MTU isn't set correctly in combination with icmp filtering

  10. Harper

    mtu is fine, and there is no icmp filtering

  11. Harper

    lqdn.fr has their own nameserver and I suspect it is just slow

  12. nuegia.net

    $ host -t SRV _xmpp-server._tcp.jabber.lqdn.fr _xmpp-server._tcp.jabber.lqdn.fr has SRV record 0 5 5269 iota.lqdn.fr.

  13. nuegia.net

    i had 3 NXDOMAIN errors querying iota then the third time:

  14. nuegia.net

    dig iota.lqdn.fr ; <<>> DiG 9.16.37-Debian <<>> iota.lqdn.fr ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23934 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;iota.lqdn.fr. IN A ;; AUTHORITY SECTION: lqdn.fr. 899 IN SOA pi4.lqdn.fr. root.pi4.lqdn.fr. 2023031601 21600 3600 1209600 3600 ;; Query time: 3 msec ;; SERVER: 192.168.55.1#53(192.168.55.1) ;; WHEN: Mon Apr 10 13:04:28 PDT 2023 ;; MSG SIZE rcvd: 86

  15. nuegia.net

    still NXDOMAIN

  16. nuegia.net

    dns is indeed broke

  17. nuegia.net

    I am upset with the state of (or rather lack thereof) internet registries in America

  18. nuegia.net

    Why is it that in America, we don't have LIRs and only the RIR ARIN?

  19. nuegia.net

    ARIN charges $2500 initially and $600/year recurring fee for the smallest possible IPv6 range.

  20. nuegia.net

    That's absolutely absurd

  21. nuegia.net

    This isn't V4, these resources are not scarce. That could buy over 20 years of registration fees in europe.

  22. nuegia.net

    What has stopped american LIRs from forming?

  23. nuegia.net

    What is stopping us from pooling together and starting our own LIR?

  24. nuegia.net

    one moment, I might have some info wrong

  25. nuegia.net

    it's actually a lot more affordable if for an 'isp' and the qualification for isp doesn't just mean your a company like comcast

  26. nuegia.net

    end user means your a mass mailing company or your providing a product without support

  27. nuegia.net

    otherwise not providing a internet service like your a steel mill but need your own range

  28. nuegia.net

    turns out the ARIN region does have LIRs but their not defined the same as in the LACNIC or APNIC regions. Large ISPs like lumen, charter, Frontier are LIRs. ARIN is unable to provide a list of LIRs and this may or may not be private information. LIRs in the ARIN region cannot issue ASNs. Only ARIN can issue ASNs. LIRs in the ARIN region can issue IPv6 blocks, but you do not actually own the registration rights to those blocks. If you switch peers or backbone providers you may lose those blocks.

  29. nuegia.net

    Very recently as of Effective 1 January 2022 the ARIN board voted to change and ratify the way fees are handled across these LIRs, including "fee harmonization" which I think means LIR fees are the same as ARIN, defeating much of the point of LIRs.

  30. nuegia.net

    Supposedly this was done to deter 'end user' type registrations from getting lower rates for LIRs like lumen, charter, frontier, etc.

  31. nuegia.net

    https://www.arin.net/resources/fees/fee_schedule/

  32. Harper

    is the price really the big blocker when these are prereqs? > Have 13 end sites (offices, data centers, etc.) within one year > Use 2,000 IPv6 addresses within one year

  33. nuegia.net

    that's not the requirements for the smallest allocation

  34. nuegia.net

    at least I don't think, the way their documented is really confusing

  35. nuegia.net

    https://www.arin.net/resources/guide/request/