On 2018-05-21 at 02:46 -0400, Phil Pennock wrote: > If there's anyone who would like to de-peer, please let me know.
No complaints, that's nice. :) > Otherwise, tomorrow evening (I think) I'll uncomment the membership > entries on the new host and repoint spodhuis.org DNS, then take down the > old instance a bit later (after a DNS TTL or so). As expected, some clients held onto DNS for longer than others. There are still some clients using the old IP, although that may well be pool inclusion. I do not expect any peers to be stuck though. It's been 24½ hours on a 5 minute TTL. I'm about to take down sks-paris. Today I re-deployed sks-ohio with a fresh image containing the latest Ubuntu kernel today's security fixes (Spectre Variant 4, mostly) and the outage lasted longer than the expected 1 minute, because I hadn't updated the image to pull from the correct encrypted repository of TLS keys, so it was missing the key/cert for sks-ohio and nginx didn't start. Oops! Fixed. https://sks-ohio.pennock.tech/pks/lookup?op=stats FWIW, to better track this down in future, I'm now generating _some_ logs for HKP requests. This does not include IP address. I'll follow up with a second email to not bury a privacy change deep in this mail. -Phil
signature.asc
Description: Digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel