Pinned post

also give me a second, I have to paste untrusted code into a root shell

-Teknikal_Domain, 2022.

#PeerTube v4.3 is out! 😍😍😍
▪ automatic import of videos from a remote channel
▪ UI improvements
▪ better integration of videos and live streams
▪ more instances customizations

Discover improvements and new features of this latest version on :

Specifically the Romans measured things in "libra" (which is why the symbol for Libra is a scale), but people under the Romans who used Proto-Germanic heard the phrase "libra pondo" (Latin for "the weight measured in libra") and just started being like "haha oh yeah this thing is X pondo heavy". So the word "pound" is derived from the Latin word for "weight" ("pondus") but we use "lb" because that's how the Romans abbreviated libra, the actual unit of measurement they used.

Show thread

What I'll likely end up doing is designating one CE group as enterprise, and another group as residential, with one IPv4 only and one IPv4/IPv6 client each. Each CE group has it's own DHCP server, but probably share the same central AAA server.

In total this means... at least 5 IS-IS areas (if I go back to IS-IS now that I realized my configuration mistake and don't stay on OSPF). Backbone, borders, res CE, ent CE, internal servers.

I bet my laptop and VM will love running some 3 dozen routers

Show thread

Note on that: what that means is that for regular customers, the AAA server is going to have the DHCP server send out a free address and start tracking them (once I learn how to configure the accounting part of AAA), and for enterprise customers, that means giving a static map for whatever IP block they're assigned that, if done right, either gets autoconfigured because PPP IPCP, or just heck with it, no configuration. They assign it themselves (Like I do right now)

Show thread

This also means that... for special considerations, that all those PPP links used because... serial, likely need to go to a central AAA server like RADIUS, which might even be able to set things like static routes too instead of leases.

I know it can do it but this is spiraling out of control quickly.

Next up: CG-NAT, AKA NAT444. Seems pretty simple in theory, with a couple VRFs and some IP pools to configure the mappings.

Show thread

There's no need, those interfaces are already on the same subnet, and therefore, there's already a RIB entry stating that subnet prefix goes out that interface.

Now, Cisco is Big Brain(TM) and made it so that a DHCPv6 relay will inspect the relayed responses to slap static routes in. IPv4 DHCP does this too... if the interface the client is on is unnumbered.

So that means all my PE-CE links need to be over something P2P (serial), because multiaccess links (ethernet) can't be unnumbered.

Show thread

More progress on discovering how the internet is just one giant ball of duct tape:

IPv6! Fun fact, Cisco equipment ignores the managed config flag in RAs, and only asks for a prefix, nothing else.

Fun fact 2: DHCPv6 leases are automatically added to the RIB as static routes, until the lease is expired or released.

At first I thought this was weird that (IPv4) DHCP doesn't, and DHCPv6 does... then I remembered how IPv4 works...

Man, okay. I'm here doing some heavy , basically building a scale internet model in ... But like, some things just don't seem to ever work as intended (hey just like when real thing)... Where's an engineer's brain to pick for , and OSPF/IS-IS information when I need one?!

(Note: yes, those two are separate)

Solution: NSSA. a Not-So-Stubby Area seems to be the combination I'm looking for. ASBRs are still, well, accepted, and can send their routes to the ABR, and the ABR acts as a gateway for the entire area. Ergo, the PE router itself (ASBR) doesn't need an entire copy of the routing table, it just sends anything from the CE to the ABR, and that can figure out the correct path across the backbone to the other ASBR with a connection to the destination AS.

Show thread

Excuse me while I brainstorm out loud.

The nice thing about this is that, in theory, not every PE router needs a copy of the global routing table, only the backbone routers and ASBRs do. Of course, that means having multiple areas.

In the real world this is a stubby area, or basically a dead-end in the topology. The ABR for the stubby area will re-write the LSAs it gets so that everything in the area uses them as the default route.

Problem, the PE is still technically an ASBR.

Show thread

The PE router there is connected to "me" over _serial_ with PPP (for the heck of it) with unidirectional (CE to PE) CHAP auth.

PE router redistributes its connected routes into OSPF, meaning my assigned IP block is sent to the ASBR, who redistributes that into BGP.

Fun fact: the AS13335 router is the origination point of it's announced prefixes (for and with loopback interfaces. AS30036 doesn't announce anything "internal" (yet)

Show thread

Currently, both AS30036 and AS13335 are BGP peers with the IXP acting as a transparent route server (so even though that's the gateway of last resort for both ASBRs, nobody cares about it for routing). AS30036 redistributes OSPF external type-2 routes to BGP (aka, consumer routes), and redistributes BGP routes to OSPF as type-1. Only has OSPF area 0 for now, thigh as I expand them they might go to IS-IS.

Show thread

If anyone is wondering: Heck with these labs teaching things like routing and BGP by just plugging routers together. I'm probably going to end up building a scale internet model (if I can) with all the layers and working parts and O̶̩̐̊h̴͉́̉ ̶͍͔͙͛́̓g̴͓͕̟̍o̸̩͆̌ͅd̶̡͇̰̍̃͌ ̶̳̈́̐͑h̵̨̯̃̑e̷̢͙̳̓̃̕l̴̨̳̃̓͂p̸͚̼̍̍ ̵̘͉̇̇m̴͙̟͙̽̓e̶͈͇̋́ ̵̢͔̏̌̀p̴̺̗̗̌ļ̶͍̿ĕ̵̪ȧ̴̡̯͍s̴̲̞̎e̵͕̦̽.

Show thread

How to melt a laptop:

5 dynamips cisco 7200s, 1 VIRL IOSvL2 (so, QEMU), 2 Debian QEMU instances, and 2 Debian Docker containers.

(Yes I know technically not every icon, namely the Open vSwitch controller and IXP router, aren't correct. They help me remember what does what)

Late post

He's the only one I know that actually enjoys just being in the carrier.

What better way to start off an account than with a somewhat-relevant meme?

This is one of my all-time favorites. I actually used it for my application essay to Texas A&M's University Honors program. (I got in; they must have liked it.)

What the....! 😳

RT @[email protected]

🔥 New Post: Announcing InAppBrowser - see what JavaScript commands get injected through an in-app browser

👀 TikTok, when opening any website in their app, injects tracking code that can monitor all keystrokes, including passwords, and all taps.


Well, desk needs work but at least 3/4 of my room is clean (enough). Desk is getting re-arranged and rebuilt, anyways.

Show older
Tek's Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!