IRC Server infrastructure
From NeoWiki
Server Infrastructure is an issue needed to be focused on. With frequent outages certain key points need addressed.
With these goals discussed, we may be able to alleviate some stress on servers, and create a more balanced and load friendly network.
Let me know what you think?
Contents |
[edit] Server List
| Hostname | Administrator | Location |
|---|---|---|
| irc.rickb.net | RickB | Fort Lauderdale, FL |
| fry.neoturbine.net | Fry | San Diego, CA |
| stars.neoturbine.net | Stars | Maryland |
| galatea.neoturbine.net | Stiv2k | Orlando, FL |
| pizzapie.neoturbine.net | Gonffen | Philadelphia, PA |
| beastlyfingers.intheskywithdiamonds.net | TrevorJ | Stow, OH |
| eli.neoturbine.net | Echoline | La Grande, OR |
| linolium.mine.nu | Linolium | White Rock, BC, Canada |
| sahal.neoturbine.net | Sahal | Chicago, IL |
Is this table at all useful? Should it go in a separate article of it's own, maybe? Eric 01:04, 24 March 2009 (UTC)
Maybe we should also list all listening ports. I know that everyone is listening on at least 6667, 8067 and SSL on 6697. I'm also listening on 21, 23, and 21489. Sahal 23:08, 13 October 2009 (UTC)
[edit] DNS
- 1.) We need a viable up to date solution for DNS, make the effect of down servers minimal on the client.
[edit] Replies
A DNS server with some sort of MySQL backend would be excellent for quick updating (They exist - RickB was looking at one awhile back, I think) . As-is, DNS is sort of scattered between zoneedit, rick, dyndns, and lovely CNAME records. Getting a DNS A record change, as it is now, can require talking to more than one person and possibly over 24 hours. If RickB ran that, we could have a PHP administrator panel for all the server owners to login to, in order to modify their own x.neoturbine.net or whatever. /Theory Eric 20:35, 14 April 2009 (UTC)
We should try to integrate this into the servers interface (on the site redesign) that Stiv2k (SteveB) and others are working on. Maybe have a script that automatically updates info to ZoneEdit. This should probably not be done instantly 'cause we might get throttled. Once a day sounds reasonable. Sahal
There has been discussion about this recently. My idea was to write our own scripts to function as a fully operational dynamic DNS service, to relieve ourselves of our dependence on ZoneEdit, as well as provide this service to others. It can probably be done with a couple perl scripts and should be investigated on further. Stiv2k
[edit] Implemented Items
- #Redundancy was implemented as Neoturbine HA or MESH!
- #Management was also implemented in Neoturbine HA.
Sahal 23:08, 13 October 2009 (UTC)
[edit] Redundancy
- 2.) We need "Redundancy" or "Fail Over" links to keep the network together in the event of a net split. (the upcoming verfdsion of Unreal is rumored to have actual support for that feature)
I have recommended this a few times, it just isn't feasible at this point, we could have a spider network, but all that would accomplish is annoying the hell out of people who are opered. If the next version has that capability, great, if not, we are stuck. --Rickb
[edit] Replies
I've been trying to convince everyone to run a SILC network along side Neoturbine NET IRC for a while. It offers REAL secure person-to-person and person-to-many communications (unlike SSL on top of IRC) [1], hidden "leafs", switching servers in times of netsplits, and much much more! It would really be a great addition to our network. irssi already has plug-in support for SILC so most of our (long time) users could take advantage of it. SILC
Also, our network map is very skewed right now. I'm not sure of the exact topology but it seems all the servers are basically linked to RickB directly. Maybe we should split that up (at least in one more place) so its more geographically balanced. Is that possible? Here's a crappy diagram that shows what I'm thinking. What's the point of this? Maybe we could have south.irc.neoturbine.net and north.irc.neoturbine.net or east/west. Geographical sexiness...? No? Fast/Slow? Orange/Green? Separate but equal! Sahal
This has already been done. The "someone else's fast server" you describe in your diagram is fry's server aka fry.neoturbine.net. You can visualize rickb's server as the North or East hub, whereas fry's is the South or West hub. The links are somewhat skewed because we inherently have more east coast servers than west coast servers; go figure. Stiv2k
[edit] Management
- 3.) Managing servers from a central point, possibly a VPN within our network, it would give us great security and also a way to grant users certain access rights to certain resources.
[edit] Replies
What exactly do you mean by managing servers? Do you want access to all the servers so you can launch attacks against your enemies? :P Can you elaborate? Sahal
Possible but not practical, we could have an synced config of some sort, but it would have to be more like a network include, that would inherently create more work, more limited access and would make things very bureaucratic.
--Rickb
With cURL installed on each server, remote includes are possible.
http://forums.unrealircd.com/viewtopic.php?f=3&t=353
Eric 20:15, 29 September 2008 (UTC)
Oh, is this idea similar to (reminds me of) what fry once implemented: Netban? Of course, his .conf file only include(ed|s) lines for bans (i'm assuming, i'ven't seen it) but I'm sure we could use the same basic idea for other unreal configurations. Also, If we had these configurations signed it would be easier to trust them... Signing_Party (i always have an agenda.) :P
The curl includes sound great (they seem less complex than fry's method) but they do not have the ability to check digital signatures. At least in fry's method you have the option to write a script that would check the signatures before 'installing' them. I don't want to include a file if i haven't verified that it's from who i think its from. I don't really care if you hijack my home server but if its on a high speed link.... :x Sahal
The Netban script would be extremely useful, if we used it. Getting people to adopt any sort of standard is like pulling teeth. The script as it is now, in the article, would pull a remote include via HTTP via neoturbine.net/netban.conf (which is a 404.. of course). The netban.conf could have all sorts of neat blocks for everyone's IRCd configuration. The MOTDs/rules could all be standardized. Opers could be global across the network instead of just server-by-server. Anything that goes in the unrealircd.conf could be specified in the netban.conf (or whatever-you-name-it.conf), and if every server used it, the network would be that much easier to manage. Eric 20:15, 24 March 2009 (UTC)
You have a fact stated incorrectly in the above statement. the script uses rsync to fetch a file from antigaprime.ath.cx not http. i don't know anything about rsync except it can tell if a file has been updated since you last got it. of course we could use wget. this capability is in wget (-N) [2] too and works as long as the http server is giving out correct headers. Sahal 17:00, 13 April 2009 (UTC)
