In my last post I talked about running a pure IPv6 network, as part of my ISP building project, but still allowing access to resources on the internet currently only available via IPv4.This works well assuming all the clients on the local network are IPv6 capable, unfortunately this is not always the case. There are legacy devices that do not understand IPv6.This is a real problem with IoT devices that are either no longer being maintained or just that have hardware that is incapable of using anything other than IPv4. There is also a small problem that a IP cam with a IPv6 address is probably available to the world with out some firewall rules or a ACL limiting access to the local /64, but those are problems for another day…Another issue is hard coded IPv4 addresses in legacy applications, this is a problem even if the OS/device supports both IPv4 & IPv6 but is only connected via IPv6.There is are a few of solution to both these problems.
Proactive Network Configuration Validation with Batfish – NANOG (2015) Presentation
Batfish is an open-source network configuration analysis tool in active development produced jointly by researchers at University of California, Los Angeles; University of Southern California; and Microsoft Research. Though its individual modules have various applications, its primary purpose is to detect bugs in network configurations. Batfish takes as input a set of network configurations, and an environment, which consists of a set of (in)active links and a set of external BGP advertisements. Users are able to ask customized queries about the control plane using Batfish’s domain-specific query language e.g. whether all loopback addresses are being advertised into OSPF, or whether all route policies attached to eBGP neighbors apply a particular community to incoming routes. Batfish also is able to compute the convergent data plane for a network, which provides further query facilities. Given the data plane, users can employ an off-the-shelf data plane checker or use Batfish’s data-plane queries to check common properties such as reachability/black holes, loops, etc, as well as novel properties (introduced at NSDI’15) regarding equivalence of multipath routes, fault-tolerance, and unique delegation of customer address space, with more to come.
IPv6 Buzz 035: Selling Your IPv4 Addresses For Fun And Profit – Packet Pushers
Your IPv4 addresses are a financial asset because the market for v4 address space is rising. The question is, for how long? Guest Lee Howard joins the IPv6 Buzz podcast crew to discuss the financial implications of selling IPv4 addresses. They also discuss the performance and operational benefits of moving to IPv6.
Source: IPv6 Buzz 035: Selling Your IPv4 Addresses For Fun And Profit – Packet Pushers
Linux Kernel 5.3 Officially Released – Now, it has support for 16 millions new IPv4 addresses in the 0.0.0.0/8 range – ipv6
Getting Ready for IPv4 Run-out — RIPE Network Coordination Centre
We currently have around 1.91 million IPv4 addresses remaining in our available pool. We expect to reach the end of this pool in the next few months, before the end of 2019. The exact date is not possible to predict as this depends on the rate at which new members/additional LIR accounts are opened.
Source: Getting Ready for IPv4 Run-out — RIPE Network Coordination Centre
Git committer e-mail. Which t use ?
Podcast (7 October 2015) http://bikeshed.fm/35
“Do you use a private or work e-mail when pushing git commits to repositories.”
The question is worth asking yourself as it’s (also) ’bout attribution of work you have done in either a public (fx GitHub) or private (fx Internal) domain.
The use of .mailmap partially solves the issue if you have by accident used multiple e-mail addresses when pushing commits in the past. But consider your opinion going forward…
“Do you stick with using one single e-mail of your own or the company provided one.”
Looking back myself I will probably (!) stick with using my own mail address for all git commits I do in the future. As attribution back to me becomes easier and the knack of using .mailmap will be (mostly) a thing of the past! (plus gitlab community edition does not yet support the .mailmap functionality!)
Illegitimate Source IPs At IXPs – Franziska Lichtblau
Talk on Ripe.net: https://ripe73.ripe.net/archives/video/1457/
Presentation file: Franziska Lichtblau: Illegitimate Source IP Addresses at Internet Exchange Points (PDF)
Interesting talk to watch… A thing or two to think about in the current internet when remembering the year Pakistan hijacked YouTube.