Centroid.EU Blog
(this blog is mostly encrypted - adults only)||
|
Previous Page
January 4th, 2019
As you know my switch is very loud. Until I can fix it I have set up a
redundant setup here at home, using trunk(4) and OSPF (ospfd). I'm gonna
try to cover the configs here.
The hallway router's OSPF config looks like this:
router-id 0.0.0.2
redistribute default
redistribute 0.0.0.0/0
area 0.0.0.0 {
interface trunk0 {
auth-type simple
auth-key $password
}
interface gif0 {
metric 100
auth-type simple
auth-key $password
}
}
The Office's OSPF setup looks like this:
router-id 0.0.0.3
fib-update yes
redistribute 192.168.35.0/24
redistribute 192.168.2.0/24
redistribute 192.168.177.3
area 0.0.0.0 {
interface ix1 {
auth-type simple
auth-key $password
}
interface gif0 {
metric 100
router-priority 5
auth-type simple
auth-key $password
}
}
This causes gif0 to go on when ix1 (switch) is not available, and reverts back
to switch when it turns on. I have a timer on the switch, at a 12 hour Hz.
Lastly the living room is not served with OSPF. It is just a trunk interface
and looks like this:
uranus$ more /etc/hostname.trunk0
trunkport em0
trunkport em5
trunkproto failover
inet 192.168.177.40 255.255.255.0 192.168.177.255
inet6 autoconf
up
Trunk notices the link going from active to inactive and does a failover from
trunkport em0 to trunkport em5 (which is connected directly to the router).
It all seems to work out. There is a caveat. When ssh'ed from office to the
Internet and OSPF returns back to the switch in the morning, the session
expires because it came from the wifi's interface endpoint. Also when it's
evening and the switch turns off, one has to clear the ARP cache in the office,
because it still thinks 192.168.177.3 (my dns server) is on the local link.
Once it is cleared it routes via wifi.
0 comments
January 3rd, 2019
I have donated to the offspring from Freifunk Franken. I don't use Freifunk
anymore personally but I think it's a great concept, within reason. I left
Freifunk because I did not have enough time at the time, and I still don't
have enough time :-).
0 comments
January 1st, 2019
The 10 GbE switch is too loud. I'm going to work today to set a timer on it
so that it turns off at 8PM and turns on at 8AM. Also I'm going to set up
a wireless alternative path from office to Internet (and from living room to
Internet). This requires trunk(4) and bridge(4) modifications in OpenBSD.
In theory it should work, but we'll see about that really.
0 comments
January 1st, 2019
I'm learning Microsoft Windows (Server and Active Directory). My schedule
looks like this:
Saturday->Monday family + reading books
Tuesday + Thursday Windows Administration (34 days or 272 hours)
Wednesday + Friday Delphinusdnsd + Windows Programming (34 days or 272h)
Start: January 7th, 2019
Duration: 17 weeks
End: May 3rd, 2019
I'm going to have a very ghetto basics course that I'm developing as I go. I'm
using literature to guide me. Also I'm looking at jobs on the side, but I'm
not going to apply for a Windows job until May 3rd as I'd really like to learn
more about this system first. If a good UNIX job comes along I'll apply to it
likely before May 3rd. I'm very excited about this all and I'm glad I have the
opportunity to do this. Here is a list of books I purchased last year that I
will receive today.
Mastering Active Directory - Francis, Dishan
Gruppenrichtlinien in Windows Server und Windows 10 - Holger Voges et al.
Windows Server 2019: Praxiseinstieg - Joerg Schieb
I'm sure I'll find valuable things in these books. I'm also going to start
another course in June if no job found by then, it'll likely run until October.
In it I believe I want to learn reverse engineering tools in Windows. Not sure
if I'll get there yet. Like said I'm very excited.
0 comments
January 1st, 2019
I'm sitting on 1000 EUR of donation money for OpenBSD. I will begin paying out
half of that shortly. By end of May I should have paid the full amount minus
the small donation I gave to Gilles Chehade of OpenSMTPD in late 2018 (unless
something unexpected happens and I have to use it for something else). Either
way it all makes it into the OpenBSD eco-system. I'm very proud of this and
I'm making sure that my investments in Microsoft will never surpass the invest
ment for OpenBSD.
0 comments
December 31st, 2018
As I write this the earth already rolled into 2019. Currently the east coast
of Australia is celebrating new years. It will be new years here in about
10 hours. I'm likely going to have a quiet new years. I'm at my parents but
going to bed at 8PM or so. Whether I'll get woken at midnight will depend
on other people whether they decide to have fireworks this year or not.
So happy new year 2019. One year away from 2020! May peace be unto thee.
0 comments
December 30th, 2018
I have been thinking around this often. I use OpenBSD which promises security,
yet functionality and at free cost. In conversation people often mention this
"great open society". But what challenges does an open society really have?
For one you can simplify and think of security vs. functionality as a scale
like in the constellation sign "libra" of the zodiac. But is this a false
view of the world? When we think of a closed society (ie. Germany in 1942, or
Soviet Union in 1982) what would you say if I said European Union in 2018?
Think of laws as the prescription for a society. A totally closed society you
can do nothing. You shouldn't even try because the default policy is a black
list. On the other hand a totally open society you can do everything, the
default policy is a white list. Obviously in all societies there is the meaning
of law and order. Meaning you don't go out and kill at will just because there
there is no law. So in this context, an open model has a modification, it has
a "black entry" on something you can't do. In this case murder. Throw in the
security. Now what changes? An Open Society has to add 153 exception policies
into its fabric, and the Closed Society does nothing. Is it more secure? In
a systematic approach are "hacks" or exception policies wanted? Or should we
just let it be closed? Then throw freedom into the mix and guess who has to
add nothing and who has to write exceptions to grant citizens a feeling of
being wanted, given opportunity too, in order to progress.
It's a never-ending philosophical debate I would think but if there is a way
to find a balance between open and closed without systematically hacking the
default policy, I'd like to know about it.
0 comments
December 30th, 2018
In my archives I found this link (german). Notice the date... 2013. It's close to 2019 now. Meaning
the honey is very sweet in Frankfurt for the BND. And.. the current management
of DE-CIX don't really seem to mind much, you'd think after 6 years they might
have done an action other than taking the Republic to court over this. Somehow
I think this is all old news and recycled.
0 comments
December 30th, 2018
DE-CIX (the frankfurt exchange point) is a victim to its own success. The
honey is sweet here, hence it's easy for parasytes like BND to spy here. The
realisation that a mesh is really a set of stars that are interconnected can
be seen in the picture (I made it myself). What we need is a few more "mini"
IX's that complete the fabric from transitioning from star to mesh. Some links
will need to be taken out and others will have to be shortened in order to
route around Frankfurt. It's costlier, so expect your internet to become
costlier too. We also need better routing that won't just take the shortest
path but also the safest path (around a potential spy node). More on this
later.
0 comments
December 28th, 2018
The maintainer of the IX point has lost a challenge in court to remove the
BND spy service from Frankfurt (Europes biggest IX). There is only one thing
left to do now. Dissolution of the IX.
The fabric of Germany's IP network may be better off without such a huge IX
in its midst. It should be natural to be able to fight mass spying. And it
should not be at any length be illegal. Stay tuned!
0 comments
Next Page
|
Search
RSS Feed
 Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
May, 2023
April, 2023
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|