plicate that in the config file for
dhcpcd; I can figure out the script I'm sure, but the base config is not
clear to me.
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
OpenPGP_signature.asc
Description: OpenPGP digital signature
On 7/24/2024 04:10, Roy Marples wrote:
On Wed, 24 Jul 2024 02:48:15 +0100 Karl Denninger wrote ---
> I'd like to replicate this that is currently being sent up via
dhcp6c, which is not quite-clear to me from the docs on how to do that..
> #
>
solve and neither do the release note or user manual
links)
Thanks in advance!
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
OpenPGP_signature.asc
Description: OpenPGP digital signature
Nevermind -- I found an old Bugzila entry on this; the mlx4 driver does
not autoload the dependency (mlx4en) kernel module. With that loaded
manually it now appears to be working properly.
On 7/25/2024 12:45, Karl Denninger wrote:
Unable to determine PCI device chain minimum BW
--
Karl
now delayed auth had been obsoleted, thanks for letting
me to notice.
I'll try dhcpcd instead of dhcp6c.
Best Regards,
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
OpenPGP_signature.asc
Description: OpenPGP digital signature
one script" that
handles both -- right now, with two programs, I have to deal with both
separately as there are things on that box that do have to be
reconfigured or at least restarted on an IP address change.
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/
On 7/30/2024 16:54, Karl Denninger wrote:
On 7/30/2024 10:44, Roy Marples wrote:
Don't use -T in the real world. It will exit once one address family completes.
You probably want the --noconfigure option.
Roy
Ah, ok.
Well, next couple days I cannot screw with the network configur
On 7/31/2024 07:10, Roy Marples wrote:
Roy Marples
On Wed, 31 Jul 2024 03:38:46 +0100 Karl Denninger wrote ---
> Starting dhcpcd.
> dhcpcd-10.0.8 starting
> igb0: link state changed to UP
> igb1: link state changed to UP
> no in
On 7/31/2024 08:00, Karl Denninger wrote:
On 7/31/2024 07:10, Roy Marples wrote:
Roy Marples
On Wed, 31 Jul 2024 03:38:46 +0100 Karl Denninger wrote ---
> Starting dhcpcd.
> dhcpcd-10.0.8 starting
> igb0: link state changed to UP
> igb1
v6ra_autoconf
ia_pd 0/::/56 intnet1/42 intnet2/56
Thanks.
- Chris
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
OpenPGP_signature.asc
Description: OpenPGP digital signature
t translate those packets then I can use the VPN to get INTO
the network but I CANNOT use it to make the remote machine appears to be
PART OF the network, and that sucks.
Any ideas?
--
-- Karl Denninger
/The Market Ticker ®/ <http://market-ticker.org>
Cuda Systems LLC
I don't think so -- gre is not involved in the config.
On 4/20/2013 7:59 PM, Steven Hartland wrote:
> - Original Message - From: "Karl Denninger"
> ...
>> My "ordinary" NAT entry is simply "nat 1 ip from any to any via em1",
>> whic
On 4/20/2013 9:36 PM, Karl Denninger wrote:
> I don't think so -- gre is not involved in the config.
>
> On 4/20/2013 7:59 PM, Steven Hartland wrote:
>> - Original Message - From: "Karl Denninger"
>> ...
>>> My "ordinary" NAT entry
On 4/20/2013 11:01 PM, Karl Denninger wrote:
> On 4/20/2013 9:36 PM, Karl Denninger wrote:
>> I don't think so -- gre is not involved in the config.
>>
>> On 4/20/2013 7:59 PM, Steven Hartland wrote:
>>> - Original Message - From: "Karl Denninger&q
FreeBSD-STABLE 10 r263037M
Configuration has outside IPSEC connections coming in to Strongswan
which should then be able to NAT back out to the Internet. The premise
here is that "roaming" people may connect to this box and obtain both
access to "inside" resources and outside Internet access,
On 3/22/2014 5:44 PM, Karl Denninger wrote:
FreeBSD-STABLE 10 r263037M
Configuration has outside IPSEC connections coming in to Strongswan
which should then be able to NAT back out to the Internet. The
premise here is that "roaming" people may connect to this box and
obtain both
On 3/23/2014 12:01 AM, Karl Denninger wrote:
On 3/22/2014 5:44 PM, Karl Denninger wrote:
FreeBSD-STABLE 10 r263037M
It *looks* like anything coming in through IPSEC and being decoded in
there never goes through the ipfw chain at all.
This may be addressed by PR185876 checking
On 3/23/2014 10:57 AM, Karl Denninger wrote:
On 3/23/2014 12:01 AM, Karl Denninger wrote:
On 3/22/2014 5:44 PM, Karl Denninger wrote:
FreeBSD-STABLE 10 r263037M
It *looks* like anything coming in through IPSEC and being decoded
in there never goes through the ipfw chain at all
The second bind() call does fail but if the application ignores the return
code.... Are you sure all the associated system call return codes are being
checked?
The right way to do this Imho is to have a parent process that calls bind and
listen, gets the notification of an incoming connection
power supply becomes a $200 one once the
warranty ends - good for them, not good for you.
Other than that, I've been pretty happy with their stuff. Sure beats a lot
of other "PC" vendors out there in terms of reliability, heat management,
BIOS updates, etc.
--
--
Karl Denning
n purpose.
I'd like to ram that up someone's chute out at Microslug, never mind
that their default proposals are intentionally insecure (gee, I wonder
if someone in the government "asked nicely" for that?) That's fixable
with a bit of registry editing, but the lack of IKEv2 frag support is a
killer and has basically forced me to support OpenVPN when there are
windows clients around and you have no control (at all) over the
networks in the middle between the client and server.
--
Karl Denninger
k...@denninger.net <mailto:k...@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
.ibm.com/support/knowledgecenter/en/ssw_i5_54/rzab6/xacceptboth.htm
--
Karl Denninger
k...@denninger.net <mailto:k...@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
On 1/4/2018 10:32, Lewis Donzis wrote:
> On Jan 4, 2018, at 10:17 AM, Karl Denninger wrote:
>> I've written a fair bit of code that binds to both Ipv4 and v6 for
>> incoming connections, using two sockets (one for each.)
>>
>> Perusing around the 'net I see
?" sort of request; what I find
especially interesting, however, is that it /always /happens when
talking to Project machines for updates whether for packages or SVN,
which is why I'm bringing it here.
--
Karl Denninger
k...@denninger.net <mailto:k...@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
s
Which appears to be the same place you are pulling from.
On 12/9/2018 20:04, Jamie Landeg-Jones wrote:
> Karl Denninger wrote:
>
>> Since I can't find evidence of a FreeBSD problem internally this is more
>> of a "is anyone else seeing this on Cox?" sort of reque
quite-severe incident
because it left the external connection completely invisible -- if there
had been nobody available on the "inside" to do that manually.....
I'm on 12-STABLE r343809 on the specific box in question.
--
Karl Denninger
k...@denninger.net <mailto:k...@denn
that should be documented.
>
>
This is kinda serious in that the above manifestation in svn effectively
disables it for those of us that are on IPv4 connections and have no
provider capability for IPv6 at the present time. When I was running
10.2 this was not a problem but as soon as
ot; outcome for that involuntary
situation. But in the event that a local process *would* cause a buffer
overrun the kernel will instead return an error to the calling process
and *not* toss the data on the floor.
--
Karl Denninger
k...@denninger.net <mailto:k...@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
omeone can confirm it's working
properly on other architectures but not on ARM.)
On 5/12/2017 12:45, Karl Denninger wrote:
> Under fairly heavy stress (~50% of the 100Mbps possible FDX performance)
> I've now run into a problem that is turning into something I can repeat
>
implify the IPv4 gameplaying that's
necessary to have something behind a gateway router while on a "globally
visible", but possibly changing "at whim", IpV6 address.
I assume someone has gone after this issue by now so if there's "prior
art" a pointer would
e the
> network starts? Of is there a better way?
>
> Thanks!
I am seeing the same behavior with an X220 Thinkpad with (what I believe
is) the same Centrino (a/b/g capable) WiFi card. It works /most of the
time /eventually, but often will cycle two or three times before it
finally
see what I mean) and StrongSwan will happily allow that. If you set
something even better (e.g. modp2048) and haven't made the registry
changes on the client side then a client that hasn't done it with
registry changes (whether by Powershell or direct edit) will not be able
to connec
On 1/13/2020 10:26, Victor Sudakov wrote:
> Karl Denninger wrote:
>
> [dd]
>
>> Strongswan works fine with Win10 HOWEVER note that Windows 10 until
>> somewhat recently (last summer, I believe) and ALL PREVIOUS VERSIONS
>> (e.g. Win7, 8, etc.) had a SEVERE problem
his; snippet from
/etc/rc.conf:
#
# IPv6 on internal interface, autoconfigure
#
ifconfig_igb0_ipv6="inet6 accept_rtadv"
rtsold_enable="YES"
And it does.
.
(addresses and options)
status: active
nd6 options=23
--
Karl Denninger
k...@denninger.n
e /etc/rtadvd.conf
# Set the preferred lifetime to 10 minutes on advertised prefixes.
# All other parameters are default.
#
igb1:\
:pltime#600:
That's pretty-much it.
I'm on 12.2 at present on this box and have not yet checked 13.0.
--
Karl Denninger
k...@denninger.net <mailto:k...@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
tps://reviews.freebsd.org/D22012
Maybe some FreeBSD comitter could pickup the torch and move things forward?
Roy
The issue that I had with it not configuring properly on a cold boot, as
far as I know, has not been addressed -- unless there are updates since
you and I conversed on that point.
--
K
expected on an immediate
basis but the box did come up, did get a delegation and my clients got
SLACC addresses as expected so "first blush" it looks good.
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
On 2/21/2025 14:18, Roy Marples wrote:
Aha!
On Fri, 21 Feb 2025 18:34:25 + Roy Marples wrote
---
> On Fri, 21 Feb 2025 17:49:28 +0000 Karl
Denninger wrote ---
> > The issue that I had with it not configuring properly on a
cold boot, as far as I
call which can be used to push
changes to a DDNS server and since its "one thing instead of two" if
you're on dynamic addresses and using DDNS its more-convenient than
dealing with it in both the "factory" DHCP software for IPv4 and in
dhcp6c for the "6" side.
--
Karl Denninger
k...@denninger.net
/The Market Ticker/
/[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
39 matches
Mail list logo
