Sunday, 08/05/2016 15:47 UTC127-bit masks vs 64-bit masks on point-to-point links

I was looking through the usual subs on Reddit this morning and there was a post about things that scare people, and one of the comments was from someone who’s “scared of IPv6”. Fair enough, hex does look intimidating at first, especially when you’re only familiar with 32-bit dotted-decimal. Underneath this was a comment that said someting along the lines of “you can tell how familiar someone is at IPv6 by whether they use /127 or /64 on their point-to-point links”, which is a reference to RFC6164 compared to the commonly spouted “use /64s everywere” nonsense suggested by a lot of IPv6 learning resources.

Saturday, 07/05/2016 01:47 UTCwrong destinations are the way to get there

This evening I was just lounging around thinking about BGP, as you do, and reminded myself about an interesting quirk in IP.

What’s BGP got to do with it?

The way I was taught BGP at University emphasised using Loopback interfaces to move the single-point-of-failure you’d get physical interfaces, to a less-error prone virtual interface. In a basic two router lab setup with loopbacks implemented on both routers, this makes the network look something like the diagram below.

Monday, 02/05/2016 05:37 UTCsetting selinux contexts the proper way

Almost every mention of SELinux Contexts online references the use of chcon(1) for setting contexts on file and directories. This is a pretty shit way of setting contexts, since these changes don’t stay when the file system is relabeled, and with chcon(1) the contexts need to be manually set again after an OS reinstallation.

The proper way to set contexts is to use semanage(8), which appends a new line with the rule to /etc/selinux/targeted/contexts/files/file_contexts.local. Real useful, since the relabelling of a file-system will follow whatever rules are specified within this file, and it’s far easier to copy the file_contexts.local file than it would be to manually run chcon(1) after a relabel/reinstallation.

Monday, 25/04/2016 09:49 UTCoption 121: my favourite option

I’ll start this post off with this: don’t judge my skills on how my home network is setup. I use this setup to test out and learn about different techniques, some good, some bad. I would never setup a client’s network the way my home network is, but I wouldn’t know the best way to do something without trying the wrong ways first.

As part of my server reinstallation, I’ve been messing about with the routing on my network. Previously, all routing for the LAN was handled by the server itself using the routing features in the Linux kernel. This brought with it several performance issues, mainly when the server was under load the latency of all traffic apart from subnet-local ended up going to shit. This time I decided to use my Cisco 1841 as the default gateway of client-site subnets, reducing the hop count to the demarc by one.

Saturday, 16/04/2016 16:43 UTCbuilding deluge on centos 7

Since the deluge and deluge-web packages are omitted from the CentOS/RHEL and EPEL repositories for EL7, and I wouldn’t trust some unmaintained 3rd-party repo, I decided to build them from source. The instructions on the Deluge website fail to mention anything about what’s needed for CentOS/RHEL distributions so I guess I’ll write up what’s needed here.

Download the source

Get the latest version of the source from the Deluge project’s Source Mirror. Then extract the source with tar -xf .

Friday, 15/04/2016 14:03 UTCbridging router interfaces in ios

I have a strange network setup in my house with many subnets all over the place. To save from either putting a switch downstairs, or another cable run between downstairs and the main switches upstairs, I ended up just connecting the front-room TV to one of the WAN FastEthernet interfaces and setting up an internally-routed /24 for it. This setup gave the TV access to the Internet, but prevents it from reaching my Plex DLNA server, meaning no TV or films.