--- Log opened Sun Apr 23 00:00:24 2023
00:32 <@Dagmar> Mainly by people with their heads _far_ up their asses
00:32 <@Dagmar> @#$@#
11:40 <@Dagmar> Apparently this shit-slowness is _new_ to the 7.0.x Fortinet firmware
11:41 <@Dagmar> I just went after the one 6.4.x unit we have left and aside from teh fact that there are two nameserver boxes and only _one_ place to put the hostname for them (no, that's not an oversight) it seems to be able to make DoT queries of dns.google just fine
11:42 <@Dagmar> Just because I'm a glutton for pain I also picked another location and enabled DoT just to watch the thing start failing
11:45 <@Dagmar> And I am definitely going to be a dick about this to them
11:46 <@Dagmar> I just managed to get it to exhibit acceptable performance to 8.8.4.4 but not 8.8.8.8
11:46 <@Dagmar> It may be that their default nameservers are just shit
11:47 <@Dagmar> I know I can't seem to get anything but a TLS failure out of them, so I've no idea how they're managing to resolve ever
11:47 <@Dagmar> Either way, these are teh default settings for the appliance and it's neither my job nor my responsbility to troubleshoot their infrastructure
12:08 <@Dagmar> Holy shit I think maybe their nameservers _are_ knackered
12:08 <@Dagmar> I get a different response about 1 out of 5 times running `kdig -d @96.45.46.46 +tls-ca +tls-hostname=globalsdns.fortinet.net dsurreal
12:08 <@Dagmar> .org
12:08 <@Dagmar> `
12:16 <@Dagmar> ...and apparently Comcast has given us a bunch more IP addresses than we had previously
12:16 <@Dagmar> It looks like htey turned our /30 into a /25
16:17 < Evilpig> weird
16:19 < Evilpig> anything else living on that segment that you can see?  maybe they moved you into some type of business vlan with other customers to save on the routing overhead of having so many smaller subnets?
16:21 <@Dagmar> Well, I can ping those other sites and get a response so I'm pretty sure something is buggered
16:21 <@Dagmar> The last time I went "a'hunting" to figure out what our netblock (if any) actually was that was what I did then.  Pinged various addresses around ours to see which ones arrived or resulted in an ARP reply
16:21 <@Dagmar> er ARP query
16:24 < Evilpig> I had a weird one with comcast today.  Dad was having issues the other night, I called them up and they fiddled around remotely and right as she's saying "I don't see nay issues" it suddenly popped on.  after some prodding she said the snr looked a little off and wasn't sure if it was a site wiring issue or modem and set up a tech call for today
16:25 < Evilpig> later I got a ccall from "xfinity advanced techncial services team" and they informed me that they didn't see any issues but because she had rolled a truck they got involved.  eventually dude finds the same snr problem that she did and said "we'll leave the tech scheduled as is"  good call homie
16:26 < Evilpig> the next night, ANOTHER called from advanced technical services, that claimed to have no knowledge of the other dude calling and I recounted to his dumb ass what happened then, and he too eventually went "oh, I see that okay then"
16:27 < Evilpig> before he hung up I asked if I was going to get a third call to verify my tech visit and if this one was going to help me change my ways ala a christmas carol, he was not amused
16:28 < Evilpig> tech shows up today, comes to my dad and says, someone put a filter on the main just before your junction.  I took it off and your signal went back to where it should be, then gave him a sheet of paper with the job number, contractor id, and contact info should it happen again to call them instead of comcast
16:35 <@Dagmar> loooool
16:35 <@Dagmar> THey had idiots do that to me and Oddball over at Blair House by mistake
16:35 <@Dagmar> THey have a team that does regular audits of connection points to make sure no one's stealing cable, and they're not hte brightest people
16:36 <@Dagmar> THey misread things and decided we didn't have cable, so they put a filter on the line
16:36 <@Dagmar> ...and they managed to fuck up the crimp so that the outer ground was touching the signal wire on _both ends_
16:37 <@Dagmar> I say this because I literally just walked outside and opened the box to look at it and could _see_ how shit the crimping was
16:37 <@Dagmar> I called Comcast and said "either this was malicious mischief or someone from your crew needs to be properly trained"
16:38 <@Dagmar> Cuz we _saw_ the guy doin' his work but he put that crimp in there and skedaddled
16:42 < Evilpig> crap!  nearly forgot to throw some time on my vpn subscription.  it runs out in three days
--- Log closed Mon Apr 24 00:00:25 2023