News items for tag ipv6 - Koos van den Hout

2017-01-20 APRS on the Raspberry Pi: trying to decode APRS packets 1 month ago
So the mobilinkd is now connected to serial over bluetooth on the Raspberry Pi, but now to get APRS data into aprx.

So far aprx does start but I see absolutely no data coming in, even when aprsdroid will see traffic. Something strange.
koos@joy:~ $ sudo aprx -v
2017-01-20 22:05:10.593 aprx start - 2.9.0
2017-01-20 22:05:10.594 TTY /dev/rfcomm0 opened
2017-01-20 22:05:20.624 CONNECT APRSIS aprsc.pa4tw.nl:14580
^C
2017-01-20 22:18:06.115 aprx ending (SIG 2) - 2.9.0
2017-01-20 22:18:06.116 aprx ending (SIG 2) - 2.9.0
It's a good thing aprsc.pa4tw.nl has an IPv6 address as this Raspberry Pi is only configured for IPv6.

Testing with minicom on /dev/rfcomm0 does show the startup messages from the mobilinkd but absolutely no APRS data in KISS format,,,
== BeRTOS AVR/Mobilinkd TNC2
== Version 2.0.1.571
== Voltage: 4019mV
== Starting.
Switching the mobilinkd between the Raspberry Pi and the smartphone with aprsdroid does seem to confuse something, it's not always showing data in aprsdroid either.

Installing the Linux ax25-tools and using kissattach and configuring aprx to use that interface doesn't help either.

Back to the KISS over serial port over bluetooth config I changed the setting 'bluetooth tracking' on the mobilinkd, which is advised for digipeater setups. And now I am seeing something:
koos@joy:~ $ sudo aprx -v
2017-01-20 23:12:17.568 aprx start - 2.9.0
2017-01-20 23:12:17.569 TTY /dev/rfcomm0 opened
9621    PE4KH-8   R     DB0NY>APZ17,DB0KX-2*,PE0FK-10*,PI1SHB*,PA7J-2*,WIDE2*,PI1APU*,LOCAL:!5103.84N/00736.63E#www.g07.de
2017-01-20 23:12:30.378 CONNECT APRSIS aprsc.pa4tw.nl:14580
9728    PE4KH-8   R     PI1APU>APND13:>W3,NL7      PAradigm    operation!
9831    PE4KH-8   R     PA3BXR-9>UQ5QW1,PA7J-2*,WIDE1*,PI1APU*,WIDE2-1:`zDKnA8>/]"3m}431.275MHz=
9867    PE4KH-8   R     PI1SHB>APRX29,PI1APU*,WIDE2-1:!5142.02N/00520.78E#PHG3460/2m Digi/IGate 's-Hertogenbosch
9934    PE4KH-8   R     PA5JB>APU25N,PE2KDK*,PI1APU*,WIDE2*:>202317zDX: PI1SHB 51.42.02N 5.20.78E 76.3km 133� 23:13
9942    PE4KH-8   R     PI1DFT>APMI01,PI1SHB*,PI1APU*,WIDE2*:@202317z5159.70N/00420.17E#WX3IN1 Digipeater 2 mtr. pi1dft ziggo.nl
10007   PE4KH-8   R     PI1APV-2>APMI04,PI1DFT*,PA7J-2*,WIDE1*,PI1APU*,LOCAL:@202318z5130.81N/00344.00EI digi vliegveld MIDDEN ZEELAND
10018   PE4KH-8   R     DB0OTV-2>APOT21,DB0KX-2*,PE0FK-10*,PI1SHB*,PI1APU*,WIDE2*:>FILL IN DIGI + D-Star + C4FM QRG = 439,500 MHz -7,6 MHz
10122   PE4KH-8   R     PE9R>APX204,PI1APU*,WIDE2-1:=5202.5 N/00439.0 E-PHG2290QRV PI6NOS/ PI2NOS
10175   PE4KH-8   R     PA7J-2>APMI01,PI1APU*,WIDE2*:@210000z5149.68N/00450.43E-WX3IN1 PA7J Digi & I-gate Hardinxveld
10209   PE4KH-8   R     PD0JAC-10>UQ4XS8,PI1SHB*,PI1APU*,WIDE2-1:`{Mym>5#/>"4/}=
10227   PE4KH-8   R     PA3BI-10>APRS,PI1DFT*,WIDE1*,PA7J-2*,WIDE2*,PI1APU*,LOCAL:!5214.65N/00426.30E-000/000www.isemann.nl/A=000696
10277   PE4KH-8   R     PI1APV-2>APMI04,PI1DFT*,PA7J-2*,WIDE2*,PI1APU*,LOCAL::PI1APV-2 :BITS.11111111,Telemetry
10316   PE4KH-8   R     PI1SHB>APRX29,PI1APU*,WIDE2-1:!5142.02N/00520.78E#PHG3460/2m Digi/IGate 's-Hertogenbosch
And the results are showing up via the aprsc dashboard on aprsc.pa4tw.nl. Almost all packets I receive and forward are rejected as duplicate packets, but I have seen some packets accepted. So I guess I'm not really needed as an I-gate.

Tags: , , ,
2016-11-12 Disabling IPv4 on the Raspberry Pi 3 months ago
I have two Raspberry Pi's running in the house, currently with IPv4 still enabled on them. They both run Raspbian 8.0. I was wondering whether I can disable IPv4 on the Raspberry Pi, but a google search does not yield very helpful answers, most of the search terms I try still find pages about disabling IPv6. I want to disable the legacy IP protocol.

Only one way to find out: go for it. Now rebooting one with the statement ipv6only in /etc/dhcpcd.conf.

First thing I noticed was that the searchdomain was not set in /etc/resolv.conf which was indeed only available via the DHCP process for IPv4. So now radvd advertises the search domain via the DNSSL option in /etc/radvd.conf:
   RDNSS 2001:980:14ca:42::18 {
   };
   DNSSL idefix.net {
   };
The first results are:
  • It turned out the ntp config on the raspberry had one IPv6-only and one IPv4-only server. Added a dual-stack server.
  • And ndpmon really does not like the DNSSL option, even when I add it in the config_ndpmon.xml file as
                      <dnssl>
                        <domain lifetime="600">idefix.net</domain>
                      </dnssl>
    
    Fixed by changing it to
                      <dnssl>
                        <domain lifetime="600">^Fidefix^Cnet</domain>
                      </dnssl>
    
    yes, with literal ctrl-F and ctrl-C characters, showing that there is some error in the parsing somewhere.
  • rwhod is IPv4-only so the status is not visible in my network anymore. A workaround for that is not disabling IPv4 completely but just removing the default route, not using ipv6only in /etc/dhcpcd.conf but using the option nooption routers.

Tags: , , ,
2016-11-07 The future of the Internet is IPv6 3 months ago
Just read Internet Architecture Board Statement on IPv6 with:
The IAB expects that the IETF will stop requiring IPv4 compatibility in new or extended protocols. Future IETF protocol work will then optimize for and depend on IPv6.

Preparation for this transition requires ensuring that many different environments are capable of operating completely on IPv6 without being dependent on IPv4 [see RFC 6540]. We recommend that all networking standards assume the use of IPv6, and be written so they do not require IPv4. We recommend that existing standards be reviewed to ensure they will work with IPv6, and use IPv6 examples. Backward connectivity to IPv4, via dual-stack or a transition technology, will be needed for some time.

Tags: , ,
2016-06-27 Ancient configuration causing warnings 8 months ago
Lots of error messages showing up recently looking like:
Jun 27 12:02:23 greenblatt named[4789]: checkhints: d.root-servers.net/A (199.7.91.13) missing from hints
Jun 27 12:02:23 greenblatt named[4789]: checkhints: d.root-servers.net/A (128.8.10.90) extra record in hints
The hints come from the root-hints file which the resolver software (bind9) uses to know where to start resolving. I checked my db.root, which said:
;       last update:    Jun 17, 2010
;       related version of root zone:   2010061700
But it is from the ubuntu 12.04 bind9 package:
# dpkg -S /etc/bind/db.root
bind9: /etc/bind/db.root
Solution with help from How Do I Update The Root Hints Data File for BIND Named Server? - UNIX fu was getting the latest from ftp.rs.internic.net which now says
;       last update:    March 23, 2016
;       related version of root zone:   2016032301
and I should get less warnings now. Comparing the two files shows changed IPv4 addresses for d.root-servers and h.root-servers, changed IPv6 addresses for a.root-servers and h.root-servers and added(!) IPv6 addresses for c.root-servers, d.root-servers, i.root-servers and j.root-servers.

Tags: , ,
2016-06-16 Recovered the Raspberry Pi 8 months ago
So when the Raspberry Pi 3 came out in February I bought one, complete with power supply, case, microSD card and small keyboard. I just could not resist it. I installed it, connected it to the network and did not really have a task for it. It is joy.idefix.net.

After a while this changed and I started running dump1090 on it to get an idea of the planes in range from my house. It is connected to the antenna used in the earlier ADS-B receiving experiments and sees high altitude and/or nearby airplanes fine.

Recently I ran some updates and those failed because the root-filesystem was filling up. I did not notice that left some files missing, so I just ran the commands to resize the raspbian root filesystem to fill the SD card - Coderwall and waited for the reboot. This ended up in a nice multicolour screen with nothing running. I looked that up and found Raspberry Pi with boots up with Rainbow screen - Raspberry Pi Stack Exchange so it was time to recover. I mounted the SD card on an x86 linux system and found the kernel.img and other files in /boot were missing. I searched how to mount the raspbian image and found How can I mount a Raspberry Pi Linux distro image? - Raspberry Pi Stack Exchange. I started with using the loopback device, copied the whole /boot directory from that image and did a filesystem check in the SD card. It booted again but showed driver issues. I reran all the updates which reinstalled the raspberrypi-kernel package and after that the driver problems were gone and things worked again.

Tags: , ,
2016-03-09 Verschil in gevolg hik tussen ipv6 en ipv4 11 months ago
Met de regelmatige hikken van mijn VDSL verbinding merk ik nu ook een raar verschil tussen IPv4 en IPv6 voor langlopende TCP sessies van buiten af naar een service op mijn server. Die met IPv6 worden veel eerder verbroken bij een VDSL hik.

Van buiten af zie ik ook een verschil in het gevolg voor IPv4 en IPv6. De output van mtr voor IPv4 vanaf shell.xs4all.nl:
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 124.ae0.xr4.1d12.xs4all.net       0.0%     2   63.5  31.9   0.4  63.5  44.7
 2. 0.ae1.dr12.d12.xs4all.net         0.0%     2    0.4   0.8   0.4   1.2   0.6
En de output van mtr voor IPv6 vanaf shell.xs4all.nl:
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 124.ae0.xr4.1d12.xs4all.net       0.0%     4    1.1  24.0   0.4  92.7  45.8
Een hop minder.

Xs4all heeft keurig de router IP adressen consistente namen voor IPv4 en IPv6 gegeven.

Tags: , ,
2016-01-29 Linux dummy network interfaces can be very handy 1 year ago
The recent interruptions in the outside Internet connection made my wish to improve some things in the server at home so internal things keep running through an interruption.

I have to request an IPv6 range for an interface to make wide-dhcpv6-client run, it won't run when I don't configure the interface to assign a /64 to, and my ISP will not route IPv6 when I don't use IPv6 prefix delegation to request the space which is static anyway. But I want the wired and wireless network to have fixed IPv6 ranges so things keep running even when the outside link has a hickup. Solution: request the IPv6 range for a dummy network interface and assign static IPv6 ranges to the ethernet interfaces. In /etc/network/interfaces:
auto dumdh6
iface dumdh6 inet static
    pre-up ip link add name dumdh6 type dummy
    address 0.0.0.0
And in /etc/wide-dhcpv6/dhcp6c.conf:
interface ppp0
{
        send ia-pd 0;

                script "/etc/wide-dhcpv6/dhcp6c-script";
};
id-assoc pd {
        prefix-interface dumdh6 {
                sla-id 3;
        };
};
And there is another dummynet interface to assign the fixed IP addresses to I use for hosting services. This means those services can start (and keep running) even when the link hickups and removes the IP address from the ppp interface. Earlier I did this on an unused vlan interface, but using dummynet feels more tidy.

Tags: , ,
2016-01-28 Shodan using the IPv6 ntp pool to find active IPv6 addresses 1 year ago
Recently posted: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes. So I tried:
ntpdate -d -u 2a03:b0c0:3:d0::18:b001
And indeed:
Jan 28 14:42:25 server kernel: [1187976.106758] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=55554 WINDOW=54358 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107191] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34680 DPT=50070 WINDOW=26315 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107256] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=32764 WINDOW=15398 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107309] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=41249 DPT=44818 WINDOW=15146 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107380] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=52 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=13864 DPT=30718 LEN=12 
Jan 28 14:42:25 server kernel: [1187976.107427] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=59140 DPT=25565 WINDOW=53087 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.108613] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=55 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=32950 DPT=8888 LEN=15 
Jan 28 14:42:25 server kernel: [1187976.110197] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=39721 DPT=64738 LEN=20 
Jan 28 14:42:25 server kernel: [1187976.110315] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=50 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=46499 DPT=5632 LEN=10 
Jan 28 14:42:25 server kernel: [1187976.110405] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=65 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=21934 DPT=47808 LEN=25 
Jan 28 14:42:31 server kernel: [1187981.938880] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.030058] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.197203] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34237 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:33 server kernel: [1187984.398977] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34245 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:34 server kernel: [1187984.620836] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34244 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
I would have expected more ports tested.

Tags: , , ,
2016-01-14 Boot-time IPv6 on the homeserver not working 1 year ago
I shutdown and rebooted the homeserver to get an updated kernel and look at some other things. After booting up again I noticed the problem with IPv6 not active on interfaces that started early was happening again. No linklocal addresses configured, no global addresses configured. This affects all ethernet interfaces and ppp0 for the link to the outside world. I also noticed this problem after the upgrade, see Upgrading the homeserver to Ubuntu 12.04 but the problem remains even with an updated kernel (currently 3.2.0-97-generic).

I have no idea what causes this and how to fix it. It seems related to Debian bug #726569: haproxy doesn't start on boot due to missing IPv6 address on interface but in that case the address is configured but just not available to applications to bind to. Related Beware the IPv6 DAD Race Condition - Andrew Ayer suggests the same (duplicate address detection race condition) but has disabling duplicate address detection (DAD) as workaround.

Tags: , ,
2016-01-08 IPv6 visitor stats 2015 1 year ago
Time to count IPv6 visitor percentage to different websites again:
SiteJuly 2009July 2010July 2011July 2012July 2014July 2015
http://idefix.net/ my homepage 1% 2% 2% 3% 4% 6%
http://netwerk.idefix.net/ hcc!pcgg netwerkgroep 2% 2% 2% 3% 1% 3%
http://weather.idefix.net/ weather maps < 1% 5% 6% 7% 6% 12%
http://bbs.idefix.net/ BBS files 1% 1% 1% 3% 7%
http://webcam.idefix.net/ the webcam < 1% 1% < 1% 2% 2% 5%
http://www.virtualbookcase.com/ The Virtual Bookcase < 1% 1% 1% 4% 87% 3% 80% 6%
http://www.camp-wireless.org/ Camp Wireless < 1% 1% 1% 3% 70% 3% 82% 6%
http://weatherstation.idefix.net/ Weather station Utrecht Overvecht 1% 5%
Interesting numbers. Results for The Virtual Bookcase and Camp Wireless are totally skewed thanks to some IPv6 bot constantly checking the site from constantly changing IPv6 addresses .. but without privacy extensions enabled. Other sites are showing a growth consistent with general IPv6 growth in the world.

Method: unique IPv6 addresses seen in the whole month / total unique addresses (IPv4+IPv6) seen in the whole month.

Update: Filtering for 'curl' helped in normalizing the results.

Tags: ,
2015-12-13 Trying to squeeze in some radio hobby when propagation is cooperating 1 year ago
This weekend I wanted to play some radio but it was hard to find time and cooperating propagation. At the moment propagation seems very limited and it only happens during the hours the sun is up for the amateur bands I am active in (20 meter and 10 meter).

On Saturday it was rainy most of the day which ment the roof was wet and my signals weren't getting out when I got around to trying. I had enough incoming signals and had nice overviews on PSK reporter but nobody heard me when I had time to call/answer.

On Sunday it was dry and I made five PSK31 contacts, and one SSB contact. After sunset the 20 meter band dried up quickly for me so I hung out the endfed to try my luck on 40 meter. Calling CQ in RTTY mode on 7051 MHz got spotted on the reverse beacon network but nobody answered. What frequency on 40 meter is good for PSK31 varies, but the only frequency where I hear/see it active is 7.040 MHz which is currently outside the frequency range I'm allowed to use.

So I tried something else: JT-65 since I did hear the JT-65 tones above 7.076 MHz. The software was readily available via the Ubuntu ham radio software repository: wsjtx. It took me a bit of work to configure it to use hamlib via localhost: I can select the right rig type (NET rigctl 2) but I can't select a network host. Entering 'localhost' gave me a 'connection refused' error which I did not expect. I used strace to find out and the connection was only attempted to ::1, the IPv6 localhost where rigctld does not listen. I entered 127.0.0.1 as port and CAT control (controlling and monitoring my radio) started working. I saw some activity, and even tried answering a CQ call, but my answer was not received.

JT-65 takes time: transmitting a message of maximum 13 characters takes around 50 seconds(!). A full QSO including signal reports takes at least 6 minutes, it's really not a mode for chatting or for fast contacts. On the other hand: it is a weak-signal mode, JT-65 can dig up signals deep from the noise!

Tags: , ,
2015-06-03 Working IPv6 at Surfnet office 1 year ago
December last year I noticed IPv6 at the Surfnet office breaking in interesting ways. Recently I was invited to come over and test it again, news was that the problem I was seeing should be fixed now. I accepted that invitation and Yesterday I was at the new office and tested it. And indeed it now works good, I received a stable IPv6 assignment and I was able to keep long-running IPv6 sessions to multiple systems at home. The technical reasons behind it are 'interesting' but the good news is that the eduroamers network now has stable IPv6.

Tags: ,
2015-04-27 Upgrading the homeserver to Ubuntu 12.04 1 year ago
And to get to a version of Ubuntu with support available I kept doing and did 'do-release-upgrade' again today on the homeserver greenblatt.

Again the upgrade was running for a while. A big improvement is that the process now uses screen so I was able to attach to that running console from other sessions and answer questions.

After the upgrade the reboot came, and after the reboot I noticed resolving was broken. This was traced back to the ppp0 interface for the connection to the outside world and the internal interface for services having started completely without IPv6 support. Doing an ifdown and ifup helped, but this should all start correct automatically.

I noticed the new Postgresql 9.1 is already installed, but Postgresql 8.4 is the default version available over port 5432, so I can do the pg_upgradecluster when I have time for that.

Later I noticed some packages were held back. I traced this back to /etc/apt/preferences still being optimized for Ubuntu 8.04 hardy and hardy-backports. I emptied the preferences file and it all sorted itself out and now everything is up to date.

This was probably the reason Postgresql 8.4 was left installed and active. After the updates above apt-get autoremove was going to delete Postgresql 8.4.
Read the rest of Upgrading the homeserver to Ubuntu 12.04

Tags: , , ,
2015-03-27 Overly interested Amazon EC2 nodes 1 year ago
On Camp Wireless and The Virtual Bookcase I see the following pattern in the access logs:
2620:108:700f::36bc:aade - - [27/Mar/2015:13:27:11 +0100] "GET / HTTP/1.1" 302 298 "-" "curl/7.36.0"
2406:da00:ff00::36e2:d963 - - [27/Mar/2015:13:27:38 +0100] "GET / HTTP/1.1" 302 298 "-" "curl/7.36.0"
Constant requests, 2 or 3 per minute from Amazon EC2 IPv6 addresses just requesting the / using curl. Over the day I now see 1334 unique addresses with at most 5 requests from one url.

The same pattern as described in Stange stream of HTTP GET requests in apache logs, from amazon ec2 instances - Server Fault with no real answer to the why.

It's not a problematic amount of traffic, I'd just like to understand what is happenning!

Tags: , , , , ,
2015-01-05 Leap second announcement 2 years ago
Promptly after fixing the previus leapsecond file I get the IERS Bulletin C number 49 today which states:
                                   UTC TIME STEP
                            on the 1st of July 2015


 A positive leap second will be introduced at the end of June 2015.
 The sequence of dates of the UTC second markers will be:

                          2015 June 30,     23h 59m 59s
                          2015 June 30,     23h 59m 60s
                          2015 July  1,      0h  0m  0s
And I notice the IETF seems to update the canonical leap-seconds file about two months after the decision is made by the IERS.

It's a good thing ntpd starts complaining when the file is about to expire.

Update 2015-01-06: An update was available from ftp://time.nist.gov/ but only when I connected over IPv6. An interesting form of IPv6 promotion. Notice the difference in messages between the old file and the new file loading:
Jan  5 13:54:33 ritchie ntpd[13710]: leapsecond file ('/etc/ntp/leap-seconds.3644438400'): good hash signature
Jan  5 13:54:33 ritchie ntpd[13710]: leapsecond file ('/etc/ntp/leap-seconds.3644438400'): loaded, expire=2015-06-28T00:00Z ofs=35 (no entries after build date)
Jan  6 10:14:17 ritchie ntpd[26348]: leapsecond file ('/etc/ntp/leap-seconds.3629404800'): good hash signature
Jan  6 10:14:17 ritchie ntpd[26348]: leapsecond file ('/etc/ntp/leap-seconds.3629404800'): loaded, expire=2015-12-28T00:00Z last=2015-07-01T00:00Z ofs=36

Tags: , ,
2014-12-11 IPv6 breaking without default router 2 years ago
Interesting type of IPv6 breakage currently at the Surf office:
Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : eduroamers.nl
   IPv6 Address. . . . . . . . . . . : 2001:610:188:431:9d25:9938:408e:6714
   Temporary IPv6 Address. . . . . . : 2001:610:188:431:2c5e:681:fda1:702
   Link-local IPv6 Address . . . . . : fe80::9d25:9938:408e:6714%11
   IPv4 Address. . . . . . . . . . . : 145.96.1.57
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : 145.96.0.1
What's missing here? A default gateway for IPv6. Which breaks any external IPv6 connectivity. And I like having external IPv6 connectivity, for example for logging into systems at home. The solution is simple:
C:\>ipconfig /renew6

Windows IP Configuration

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : eduroamers.nl
   IPv6 Address. . . . . . . . . . . : 2001:610:188:431:9d25:9938:408e:6714
   Temporary IPv6 Address. . . . . . : 2001:610:188:431:2c5e:681:fda1:702
   Link-local IPv6 Address . . . . . : fe80::9d25:9938:408e:6714%11
   IPv4 Address. . . . . . . . . . . : 145.96.1.57
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : fe80::222:dff:fe84:8800%11
                                       145.96.0.1
I wonder how this happens.

Update 2014-12-15: And I got in touch with someone at SURFnet who suggested the best cause of action: see if this problem persists after the upcoming move of the SURFnet offices.

Update 2015-06-03: And now the IPv6 over the wireless network at the Surfnet offices is fixed.

Tags: ,
2014-11-03 Fun with network connection managers 2 years ago
I tried NetworkManager again because wicd was showing downsides, such as:
  • Not dealing correctly when the laptop is resumed with the ethernet cable attached: it doesn't run dhcp on the wired lan which makes services which only have IPv4 addresses unreachable. Took a while to understand that one for obvious reasons.
  • Making the wired network interface flap between connected and disconnected state when a network cable is inserted after boot. Solution: restart wicd first.
I tried NetworkManager again, kicked out ages ago because it fully depended on a Gnome desktop, which I don't run. But now it has nm-connection-editor and nm-cli which should make things less impossible. But after testing I found out NetworkManager is even worse for me than wicd.
Read the rest of Fun with network connection managers

Tags: , , ,
2014-09-22 (#) 2 years ago
So work made a laptop with the standard Windows 7 software image available to me and I noticed when I took it home it doesn't do any IPv6. Which is not what I want. Some searching found How to disable IPv6 or its components in Windows - Microsoft Support which has the right answers which were used by the people creating this software image. I changed the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents registry key to 0x01 so I don't get the Isatap/Teredo tunnels.

Interesting remark in that support article:
We do not recommend that you disable IPv6 or its components, or some Windows components may not function. Additionally, system startup will be delayed for 5 seconds if IPv6 is disabled.
I guess I'll have to find another way to disable the Isatap/Teredo tunnels to make the system boot faster. I want IPv6 to work when it's available native or not at all. Some aspects of the work network make things slow when tunneling protocols are tried. Which is probably the reason of disabling it in the first place.

Update 2014-10-01: It seems this setting gets reset somehow: I am at the Surfnet Relatiedagen 2014 and just noticed the laptop has no IPv6 on the network here, which surprised me. But a check of the settings showed no IPv6 addresses at all, not even link-local. A check on my Android phone shows globally routable IPv6 addresses.

Tags: , ,
2014-09-05 (#) 2 years ago
Oh and another interesting thing about the new TP-Link TL-WDR4300. It does IPv6. If I read the docs correctly it can do DHCP6 with prefix delegation or tunnels. It even gives itself an IPv6 address on the LAN side when that side runs address advertising. But ...
$ telnet -6 ap 80
Trying 2001:980:14ca:2:ea94:f6ff:fe91:21b3...
telnet: Unable to connect to remote host: Connection refused
the webinterface isn't available via IPv6. Nothing in the device is available via IPv6 according to nmap.

Tags: , ,
2014-08-04 IPv6 visitor stats 2014 2 years ago
Time to count IPv6 visitor percentage to different websites again:
SiteJuly 2009July 2010July 2011July 2012July 2014
http://idefix.net/ my homepage 1% 2% 2% 3% 4%
http://netwerk.pcgg.nl/ hcc!pcgg netwerkgroep 2% 2% 2% 3% 1%
http://weather.idefix.net/ weather maps < 1% 5% 6% 7% 6%
http://bbs.idefix.net/ BBS files 1% 1% 1% 3%
http://webcam.idefix.net/ the webcam < 1% 1% < 1% 2% 2%
http://www.virtualbookcase.com/ The Virtual Bookcase < 1% 1% 1% 4% 87%
http://www.camp-wireless.org/ Camp Wireless < 1% 1% 1% 3% 70%
http://weatherstation.idefix.net/ Weather station Utrecht Overvecht 1%
Interesting numbers. Results for The Virtual Bookcase and Camp Wireless are totally skewed thanks to some IPv6 bot constantly checking the site from constantly changing IPv6 addresses .. but without privacy extensions enabled.

Method: unique IPv6 addresses seen in the whole month / total unique addresses seen in the whole month.

Tags: , , , , , ,
  Older news items for tag ipv6 ⇒
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 2C66 3B5D F0D7 C263 local copy PGP key 2C66 3B5D F0D7 C263 via keyservers pgp key statistics for 0x2C663B5DF0D7C263 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews, Weather maps