home.social

#dhcp — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #dhcp, aggregated by home.social.

  1. #DHCP, #DNS, #IPv6, #TLS: Ihr seid anstrengend.

    #pihole ignoriert nach Update standardmäßig die eigene dnsmasq-Konfiguration. Alle Hosts bekommen zwei IPv6-Gateways: Router und Pi-hole. Ziemlich zufällig wirkend hängen dann Verbindungen.

    #Docker Compose-Setup mit #Coolify: Anfragen wechseln zwischen den Umgebungen, weil es kein Docker-Netz pro Umgebung gibt und per DNS-Round-Robin Anfragen zufällig an Apps verteilt werden.

    #Traefik aktualisiert Zertifikate auf Basis von 2160 Stunden Gültigkeit (änderbar mit acme.certificatesDuration). #step-ca gibt Zertifikate aus, die 24 Stunden gültig sind (änderbar über authority.claims.{max,default}TLSCertDuration). Kein Wunder, dass das ganze Setup einen Tag später nicht mehr läuft.

    Usw. usf.

  2. #DHCP, #DNS, #IPv6, #TLS: Ihr seid anstrengend.

    #pihole ignoriert nach Update standardmäßig die eigene dnsmasq-Konfiguration. Alle Hosts bekommen zwei IPv6-Gateways: Router und Pi-hole. Ziemlich zufällig wirkend hängen dann Verbindungen.

    #Docker Compose-Setup mit #Coolify: Anfragen wechseln zwischen den Umgebungen, weil es kein Docker-Netz pro Umgebung gibt und per DNS-Round-Robin Anfragen zufällig an Apps verteilt werden.

    #Traefik aktualisiert Zertifikate auf Basis von 2160 Stunden Gültigkeit (änderbar mit acme.certificatesDuration). #step-ca gibt Zertifikate aus, die 24 Stunden gültig sind (änderbar über authority.claims.{max,default}TLSCertDuration). Kein Wunder, dass das ganze Setup einen Tag später nicht mehr läuft.

    Usw. usf.

  3. How can I reset my DHCP configuration in a VM without creating a new virtual machine? #dhcp

    askubuntu.com/q/1566860/612

  4. How can I reset my DHCP configuration in a VM without creating a new virtual machine? #dhcp

    askubuntu.com/q/1566860/612

  5. How can I reset my DHCP configuration in a VM without creating a new virtual machine? #dhcp

    askubuntu.com/q/1566860/612

  6. How can I reset my DHCP configuration in a VM without creating a new virtual machine? #dhcp

    askubuntu.com/q/1566860/612

  7. How can I reset my DHCP configuration in a VM without creating a new virtual machine? #dhcp

    askubuntu.com/q/1566860/612

  8. Mood : youtube.com/shorts/o56qL2t4swA

    Doing network booting (#DHCP, #TFTP, #iPXE, #UEFI, #SecureBoot)
    I haven't reached the “Oh, that's why” so far. But very annoyed

    ipxe.org/secboot
    “The Secure Boot shim (e.g. ipxe-shim.efi or snponly-shim.efi) will automatically load the iPXE binary with the corresponding name (e.g. ipxe.efi or snponly.efi).”
    Definitely not what's happening…
    So It kept loading the wrong iPXE firmware (not the snmponly) and I kept wondering why my keyboard wasn't working :<

  9. Mood : youtube.com/shorts/o56qL2t4swA

    Doing network booting (#DHCP, #TFTP, #iPXE, #UEFI, #SecureBoot)
    I haven't reached the “Oh, that's why” so far. But very annoyed

    ipxe.org/secboot
    “The Secure Boot shim (e.g. ipxe-shim.efi or snponly-shim.efi) will automatically load the iPXE binary with the corresponding name (e.g. ipxe.efi or snponly.efi).”
    Definitely not what's happening…
    So It kept loading the wrong iPXE firmware (not the snmponly) and I kept wondering why my keyboard wasn't working :<

  10. Mood : youtube.com/shorts/o56qL2t4swA

    Doing network booting (#DHCP, #TFTP, #iPXE, #UEFI, #SecureBoot)
    I haven't reached the “Oh, that's why” so far. But very annoyed

    ipxe.org/secboot
    “The Secure Boot shim (e.g. ipxe-shim.efi or snponly-shim.efi) will automatically load the iPXE binary with the corresponding name (e.g. ipxe.efi or snponly.efi).”
    Definitely not what's happening…
    So It kept loading the wrong iPXE firmware (not the snmponly) and I kept wondering why my keyboard wasn't working :<

  11. Mood : youtube.com/shorts/o56qL2t4swA

    Doing network booting (#DHCP, #TFTP, #iPXE, #UEFI, #SecureBoot)
    I haven't reached the “Oh, that's why” so far. But very annoyed

    ipxe.org/secboot
    “The Secure Boot shim (e.g. ipxe-shim.efi or snponly-shim.efi) will automatically load the iPXE binary with the corresponding name (e.g. ipxe.efi or snponly.efi).”
    Definitely not what's happening…
    So It kept loading the wrong iPXE firmware (not the snmponly) and I kept wondering why my keyboard wasn't working :<

  12. When two Hetzner servers died at the same time

    On May 12, 2026, two of my Arch Linux + LUKS servers at Hetzner became unreachable at the same moment. Both had been running for 4+ months without issue. Both had received the same pacman -Syyu the day before, but had stayed on the old kernel until the morning the websites stopped responding. I rebooted — SSH never came back. nmap -Pn -p 22 showed filtered from anywhere. No ping. No banner. The Hetzner Robot panel insisted the hardware was fine.

    Several hours went into hypotheses that turned out to be wrong:

    • The encryptssh initcpio hook referencing a /usr/lib/initcpio/udev/11-dm-initramfs.rules file that no longer exists. Real bug, no boot impact — the initramfs rebuilds anyway.
    • PermitRootLogin no in sshd_config. Real misconfiguration, fixed it, didn’t help. A refusing sshd shows closed, not filtered.
    • Predictable interface-naming drift after the systemd 260 upgrade. Patched the .network config to match by MAC. Useful hardening; not the cause.
    • Stale GRUB stage1 + core.img in the MBR. Arch never re-runs grub-install after a grub package upgrade. Refreshed it. Still filtered.
    • Kernel 7.0.5 regression. Downgraded to 6.18.3, the kernel that had run for 4 months. Still filtered. So the kernel itself wasn’t it either.

    The clue was in the persistent journal: a single recorded boot from December 31 to May 12 10:13 UTC, and absolutely nothing after. Every reboot since the upgrade was failing before systemd-journald could flush to disk — so the failure had to be in the initramfs, before the root filesystem was even mounted.

    What it almost certainly was

    Hetzner Dedicated servers configure the initramfs network with ip=dhcp on the kernel command line. That depends on Hetzner’s DHCP server replying to whatever request format the current kernel sends. Somewhere between kernel 6.18 / iproute2 6.18 and kernel 7.0 / iproute2 7.0, the request format changed enough that Hetzner’s DHCP stopped responding. Effects:

    • Old kernel at runtime kept the interface already configured (Phase A — 32 hours of healthy operation after the package upgrade).
    • New kernel cold-boots, hits DHCP, never gets an IP, dropbear cannot listen, port 22 stays filtered.

    Hetzner’s own documentation has been quietly moving away from ip=dhcp toward static IPv4 in the kernel command line. The fix is exactly that:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/md1:cryptroot ip=A.B.C.D::GATEWAY:255.255.255.255:hostname:eth0:none"
    

    One line in /etc/default/grub, grub-mkconfig, reboot. No more dependency on Hetzner’s DHCP responding to whatever your current kernel sends.

    Why it matters for anyone running this stack

    If you run Arch on Hetzner Dedicated with full-disk encryption and remote unlock via dropbear, the ip=dhcp shipped by installimage is a latent bug. It can keep working for years and then break overnight, on every machine you have, after a routine pacman -Syyu. The static-IP version is what Hetzner now recommends and removes the entire dependency.

    Tooling

    While debugging, I turned the whole rescue / chroot / diagnose / fix workflow into a Python CLI (hal) — including hal fix static-ip, which derives the static cmdline directly from your existing systemd-networkd .network file:

    github.com/kevinveenbirkenbach/hetzner-arch-luks

    Single command, idempotent, reversible (the original /etc/default/grub is backed up to .hal-backup). If you’re on this stack, switch to static IP before the next kernel upgrade catches you.

    #ArchLinux #bootFailure #debugging #DevOps #DHCP #Dropbear #fullDiskEncryption #GRUB #Hetzner #initramfs #kernelUpgrade #Linux #LUKS #mkinitcpio #pacman #postmortem #PythonCLI #serverOutage #sysadmin #systemdNetworkd
  13. When two Hetzner servers died at the same time

    On May 12, 2026, two of my Arch Linux + LUKS servers at Hetzner became unreachable at the same moment. Both had been running for 4+ months without issue. Both had received the same pacman -Syyu the day before, but had stayed on the old kernel until the morning the websites stopped responding. I rebooted — SSH never came back. nmap -Pn -p 22 showed filtered from anywhere. No ping. No banner. The Hetzner Robot panel insisted the hardware was fine.

    Several hours went into hypotheses that turned out to be wrong:

    • The encryptssh initcpio hook referencing a /usr/lib/initcpio/udev/11-dm-initramfs.rules file that no longer exists. Real bug, no boot impact — the initramfs rebuilds anyway.
    • PermitRootLogin no in sshd_config. Real misconfiguration, fixed it, didn’t help. A refusing sshd shows closed, not filtered.
    • Predictable interface-naming drift after the systemd 260 upgrade. Patched the .network config to match by MAC. Useful hardening; not the cause.
    • Stale GRUB stage1 + core.img in the MBR. Arch never re-runs grub-install after a grub package upgrade. Refreshed it. Still filtered.
    • Kernel 7.0.5 regression. Downgraded to 6.18.3, the kernel that had run for 4 months. Still filtered. So the kernel itself wasn’t it either.

    The clue was in the persistent journal: a single recorded boot from December 31 to May 12 10:13 UTC, and absolutely nothing after. Every reboot since the upgrade was failing before systemd-journald could flush to disk — so the failure had to be in the initramfs, before the root filesystem was even mounted.

    What it almost certainly was

    Hetzner Dedicated servers configure the initramfs network with ip=dhcp on the kernel command line. That depends on Hetzner’s DHCP server replying to whatever request format the current kernel sends. Somewhere between kernel 6.18 / iproute2 6.18 and kernel 7.0 / iproute2 7.0, the request format changed enough that Hetzner’s DHCP stopped responding. Effects:

    • Old kernel at runtime kept the interface already configured (Phase A — 32 hours of healthy operation after the package upgrade).
    • New kernel cold-boots, hits DHCP, never gets an IP, dropbear cannot listen, port 22 stays filtered.

    Hetzner’s own documentation has been quietly moving away from ip=dhcp toward static IPv4 in the kernel command line. The fix is exactly that:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/md1:cryptroot ip=A.B.C.D::GATEWAY:255.255.255.255:hostname:eth0:none"
    

    One line in /etc/default/grub, grub-mkconfig, reboot. No more dependency on Hetzner’s DHCP responding to whatever your current kernel sends.

    Why it matters for anyone running this stack

    If you run Arch on Hetzner Dedicated with full-disk encryption and remote unlock via dropbear, the ip=dhcp shipped by installimage is a latent bug. It can keep working for years and then break overnight, on every machine you have, after a routine pacman -Syyu. The static-IP version is what Hetzner now recommends and removes the entire dependency.

    Tooling

    While debugging, I turned the whole rescue / chroot / diagnose / fix workflow into a Python CLI (hal) — including hal fix static-ip, which derives the static cmdline directly from your existing systemd-networkd .network file:

    github.com/kevinveenbirkenbach/hetzner-arch-luks

    Single command, idempotent, reversible (the original /etc/default/grub is backed up to .hal-backup). If you’re on this stack, switch to static IP before the next kernel upgrade catches you.

    #ArchLinux #bootFailure #debugging #DevOps #DHCP #Dropbear #fullDiskEncryption #GRUB #Hetzner #initramfs #kernelUpgrade #Linux #LUKS #mkinitcpio #pacman #postmortem #PythonCLI #serverOutage #sysadmin #systemdNetworkd
  14. When two Hetzner servers died at the same time

    On May 12, 2026, two of my Arch Linux + LUKS servers at Hetzner became unreachable at the same moment. Both had been running for 4+ months without issue. Both had received the same pacman -Syyu the day before, but had stayed on the old kernel until the morning the websites stopped responding. I rebooted — SSH never came back. nmap -Pn -p 22 showed filtered from anywhere. No ping. No banner. The Hetzner Robot panel insisted the hardware was fine.

    Several hours went into hypotheses that turned out to be wrong:

    • The encryptssh initcpio hook referencing a /usr/lib/initcpio/udev/11-dm-initramfs.rules file that no longer exists. Real bug, no boot impact — the initramfs rebuilds anyway.
    • PermitRootLogin no in sshd_config. Real misconfiguration, fixed it, didn’t help. A refusing sshd shows closed, not filtered.
    • Predictable interface-naming drift after the systemd 260 upgrade. Patched the .network config to match by MAC. Useful hardening; not the cause.
    • Stale GRUB stage1 + core.img in the MBR. Arch never re-runs grub-install after a grub package upgrade. Refreshed it. Still filtered.
    • Kernel 7.0.5 regression. Downgraded to 6.18.3, the kernel that had run for 4 months. Still filtered. So the kernel itself wasn’t it either.

    The clue was in the persistent journal: a single recorded boot from December 31 to May 12 10:13 UTC, and absolutely nothing after. Every reboot since the upgrade was failing before systemd-journald could flush to disk — so the failure had to be in the initramfs, before the root filesystem was even mounted.

    What it almost certainly was

    Hetzner Dedicated servers configure the initramfs network with ip=dhcp on the kernel command line. That depends on Hetzner’s DHCP server replying to whatever request format the current kernel sends. Somewhere between kernel 6.18 / iproute2 6.18 and kernel 7.0 / iproute2 7.0, the request format changed enough that Hetzner’s DHCP stopped responding. Effects:

    • Old kernel at runtime kept the interface already configured (Phase A — 32 hours of healthy operation after the package upgrade).
    • New kernel cold-boots, hits DHCP, never gets an IP, dropbear cannot listen, port 22 stays filtered.

    Hetzner’s own documentation has been quietly moving away from ip=dhcp toward static IPv4 in the kernel command line. The fix is exactly that:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/md1:cryptroot ip=A.B.C.D::GATEWAY:255.255.255.255:hostname:eth0:none"
    

    One line in /etc/default/grub, grub-mkconfig, reboot. No more dependency on Hetzner’s DHCP responding to whatever your current kernel sends.

    Why it matters for anyone running this stack

    If you run Arch on Hetzner Dedicated with full-disk encryption and remote unlock via dropbear, the ip=dhcp shipped by installimage is a latent bug. It can keep working for years and then break overnight, on every machine you have, after a routine pacman -Syyu. The static-IP version is what Hetzner now recommends and removes the entire dependency.

    Tooling

    While debugging, I turned the whole rescue / chroot / diagnose / fix workflow into a Python CLI (hal) — including hal fix static-ip, which derives the static cmdline directly from your existing systemd-networkd .network file:

    github.com/kevinveenbirkenbach/hetzner-arch-luks

    Single command, idempotent, reversible (the original /etc/default/grub is backed up to .hal-backup). If you’re on this stack, switch to static IP before the next kernel upgrade catches you.

    #ArchLinux #bootFailure #debugging #DevOps #DHCP #Dropbear #fullDiskEncryption #GRUB #Hetzner #initramfs #kernelUpgrade #Linux #LUKS #mkinitcpio #pacman #postmortem #PythonCLI #serverOutage #sysadmin #systemdNetworkd
  15. When two Hetzner servers died at the same time

    On May 12, 2026, two of my Arch Linux + LUKS servers at Hetzner became unreachable at the same moment. Both had been running for 4+ months without issue. Both had received the same pacman -Syyu the day before, but had stayed on the old kernel until the morning the websites stopped responding. I rebooted — SSH never came back. nmap -Pn -p 22 showed filtered from anywhere. No ping. No banner. The Hetzner Robot panel insisted the hardware was fine.

    Several hours went into hypotheses that turned out to be wrong:

    • The encryptssh initcpio hook referencing a /usr/lib/initcpio/udev/11-dm-initramfs.rules file that no longer exists. Real bug, no boot impact — the initramfs rebuilds anyway.
    • PermitRootLogin no in sshd_config. Real misconfiguration, fixed it, didn’t help. A refusing sshd shows closed, not filtered.
    • Predictable interface-naming drift after the systemd 260 upgrade. Patched the .network config to match by MAC. Useful hardening; not the cause.
    • Stale GRUB stage1 + core.img in the MBR. Arch never re-runs grub-install after a grub package upgrade. Refreshed it. Still filtered.
    • Kernel 7.0.5 regression. Downgraded to 6.18.3, the kernel that had run for 4 months. Still filtered. So the kernel itself wasn’t it either.

    The clue was in the persistent journal: a single recorded boot from December 31 to May 12 10:13 UTC, and absolutely nothing after. Every reboot since the upgrade was failing before systemd-journald could flush to disk — so the failure had to be in the initramfs, before the root filesystem was even mounted.

    What it almost certainly was

    Hetzner Dedicated servers configure the initramfs network with ip=dhcp on the kernel command line. That depends on Hetzner’s DHCP server replying to whatever request format the current kernel sends. Somewhere between kernel 6.18 / iproute2 6.18 and kernel 7.0 / iproute2 7.0, the request format changed enough that Hetzner’s DHCP stopped responding. Effects:

    • Old kernel at runtime kept the interface already configured (Phase A — 32 hours of healthy operation after the package upgrade).
    • New kernel cold-boots, hits DHCP, never gets an IP, dropbear cannot listen, port 22 stays filtered.

    Hetzner’s own documentation has been quietly moving away from ip=dhcp toward static IPv4 in the kernel command line. The fix is exactly that:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/md1:cryptroot ip=A.B.C.D::GATEWAY:255.255.255.255:hostname:eth0:none"
    

    One line in /etc/default/grub, grub-mkconfig, reboot. No more dependency on Hetzner’s DHCP responding to whatever your current kernel sends.

    Why it matters for anyone running this stack

    If you run Arch on Hetzner Dedicated with full-disk encryption and remote unlock via dropbear, the ip=dhcp shipped by installimage is a latent bug. It can keep working for years and then break overnight, on every machine you have, after a routine pacman -Syyu. The static-IP version is what Hetzner now recommends and removes the entire dependency.

    Tooling

    While debugging, I turned the whole rescue / chroot / diagnose / fix workflow into a Python CLI (hal) — including hal fix static-ip, which derives the static cmdline directly from your existing systemd-networkd .network file:

    github.com/kevinveenbirkenbach/hetzner-arch-luks

    Single command, idempotent, reversible (the original /etc/default/grub is backed up to .hal-backup). If you’re on this stack, switch to static IP before the next kernel upgrade catches you.

    #ArchLinux #bootFailure #debugging #DevOps #DHCP #Dropbear #fullDiskEncryption #GRUB #Hetzner #initramfs #kernelUpgrade #Linux #LUKS #mkinitcpio #pacman #postmortem #PythonCLI #serverOutage #sysadmin #systemdNetworkd
  16. When two Hetzner servers died at the same time

    On May 12, 2026, two of my Arch Linux + LUKS servers at Hetzner became unreachable at the same moment. Both had been running for 4+ months without issue. Both had received the same pacman -Syyu the day before, but had stayed on the old kernel until the morning the websites stopped responding. I rebooted — SSH never came back. nmap -Pn -p 22 showed filtered from anywhere. No ping. No banner. The Hetzner Robot panel insisted the hardware was fine.

    Several hours went into hypotheses that turned out to be wrong:

    • The encryptssh initcpio hook referencing a /usr/lib/initcpio/udev/11-dm-initramfs.rules file that no longer exists. Real bug, no boot impact — the initramfs rebuilds anyway.
    • PermitRootLogin no in sshd_config. Real misconfiguration, fixed it, didn’t help. A refusing sshd shows closed, not filtered.
    • Predictable interface-naming drift after the systemd 260 upgrade. Patched the .network config to match by MAC. Useful hardening; not the cause.
    • Stale GRUB stage1 + core.img in the MBR. Arch never re-runs grub-install after a grub package upgrade. Refreshed it. Still filtered.
    • Kernel 7.0.5 regression. Downgraded to 6.18.3, the kernel that had run for 4 months. Still filtered. So the kernel itself wasn’t it either.

    The clue was in the persistent journal: a single recorded boot from December 31 to May 12 10:13 UTC, and absolutely nothing after. Every reboot since the upgrade was failing before systemd-journald could flush to disk — so the failure had to be in the initramfs, before the root filesystem was even mounted.

    What it almost certainly was

    Hetzner Dedicated servers configure the initramfs network with ip=dhcp on the kernel command line. That depends on Hetzner’s DHCP server replying to whatever request format the current kernel sends. Somewhere between kernel 6.18 / iproute2 6.18 and kernel 7.0 / iproute2 7.0, the request format changed enough that Hetzner’s DHCP stopped responding. Effects:

    • Old kernel at runtime kept the interface already configured (Phase A — 32 hours of healthy operation after the package upgrade).
    • New kernel cold-boots, hits DHCP, never gets an IP, dropbear cannot listen, port 22 stays filtered.

    Hetzner’s own documentation has been quietly moving away from ip=dhcp toward static IPv4 in the kernel command line. The fix is exactly that:

    GRUB_CMDLINE_LINUX="cryptdevice=/dev/md1:cryptroot ip=A.B.C.D::GATEWAY:255.255.255.255:hostname:eth0:none"
    

    One line in /etc/default/grub, grub-mkconfig, reboot. No more dependency on Hetzner’s DHCP responding to whatever your current kernel sends.

    Why it matters for anyone running this stack

    If you run Arch on Hetzner Dedicated with full-disk encryption and remote unlock via dropbear, the ip=dhcp shipped by installimage is a latent bug. It can keep working for years and then break overnight, on every machine you have, after a routine pacman -Syyu. The static-IP version is what Hetzner now recommends and removes the entire dependency.

    Tooling

    While debugging, I turned the whole rescue / chroot / diagnose / fix workflow into a Python CLI (hal) — including hal fix static-ip, which derives the static cmdline directly from your existing systemd-networkd .network file:

    github.com/kevinveenbirkenbach/hetzner-arch-luks

    Single command, idempotent, reversible (the original /etc/default/grub is backed up to .hal-backup). If you’re on this stack, switch to static IP before the next kernel upgrade catches you.

    #ArchLinux #bootFailure #debugging #DevOps #DHCP #Dropbear #fullDiskEncryption #GRUB #Hetzner #initramfs #kernelUpgrade #Linux #LUKS #mkinitcpio #pacman #postmortem #PythonCLI #serverOutage #sysadmin #systemdNetworkd
  17. Découvrez comment sécuriser et optimiser votre infrastructure réseau avec DNSSEC, DHCP haute disponibilité et IPv6. Un guide complet pour les techniciens : info.estoreab.com/infrastructu #DNSSEC #DHCP #IPv6 #Réseau #Technologie

    info.estoreab.com/infrastructu

  18. So it turns out #FreeBSD via #PXE only uses #TFTP for the initial boot but expects `/boot/lua/loader.lua` to be loaded via #NFS, the root of which it expects to get via #DHCP but #dnsmasq won't supply this when in proxy mode.

    Joy.

  19. So it turns out #FreeBSD via #PXE only uses #TFTP for the initial boot but expects `/boot/lua/loader.lua` to be loaded via #NFS, the root of which it expects to get via #DHCP but #dnsmasq won't supply this when in proxy mode.

    Joy.

  20. So it turns out #FreeBSD via #PXE only uses #TFTP for the initial boot but expects `/boot/lua/loader.lua` to be loaded via #NFS, the root of which it expects to get via #DHCP but #dnsmasq won't supply this when in proxy mode.

    Joy.

  21. So it turns out #FreeBSD via #PXE only uses #TFTP for the initial boot but expects `/boot/lua/loader.lua` to be loaded via #NFS, the root of which it expects to get via #DHCP but #dnsmasq won't supply this when in proxy mode.

    Joy.

  22. So it turns out via only uses for the initial boot but expects `/boot/lua/loader.lua` to be loaded via , the root of which it expects to get via but won't supply this when in proxy mode.

    Joy.

  23. At home, on most common network which are statefull #dhcp,

    You usually get an #ipv4 based on your hardware MAC address, this ensures constancy across device reboot, dual boot (and distro hoping 🙈)

    But #ipv6 do not care about the hardware, it will look for a DUID (small string) at /etc/dhcp/duid.

    You can persist this file into your dots for your ipv6 address to survive across OS changes.

    #linux #archlinux

  24. At home, on most common network which are statefull #dhcp,

    You usually get an #ipv4 based on your hardware MAC address, this ensures constancy across device reboot, dual boot (and distro hoping 🙈)

    But #ipv6 do not care about the hardware, it will look for a DUID (small string) at /etc/dhcp/duid.

    You can persist this file into your dots for your ipv6 address to survive across OS changes.

    #linux #archlinux

  25. At home, on most common network which are statefull #dhcp,

    You usually get an #ipv4 based on your hardware MAC address, this ensures constancy across device reboot, dual boot (and distro hoping 🙈)

    But #ipv6 do not care about the hardware, it will look for a DUID (small string) at /etc/dhcp/duid.

    You can persist this file into your dots for your ipv6 address to survive across OS changes.

    #linux #archlinux

  26. At home, on most common network which are statefull #dhcp,

    You usually get an #ipv4 based on your hardware MAC address, this ensures constancy across device reboot, dual boot (and distro hoping 🙈)

    But #ipv6 do not care about the hardware, it will look for a DUID (small string) at /etc/dhcp/duid.

    You can persist this file into your dots for your ipv6 address to survive across OS changes.

    #linux #archlinux

  27. At home, on most common network which are statefull #dhcp,

    You usually get an #ipv4 based on your hardware MAC address, this ensures constancy across device reboot, dual boot (and distro hoping 🙈)

    But #ipv6 do not care about the hardware, it will look for a DUID (small string) at /etc/dhcp/duid.

    You can persist this file into your dots for your ipv6 address to survive across OS changes.

    #linux #archlinux

  28. ECI N3: Exploiting and securing communication on the Internet

    Pabellón Cero + Infinito, Ciudad Universitaria, Buenos Aires, Argentina, lunes, 27 de julio, 18:00 GMT-3

    Profesor

    Vladimír Veselý

    @[email protected]

    Turno

    Noche (18:00 a 21:00)

    Idioma

    Inglés

    Descripción

    During the course, participants will learn about the basic principles of computer communication security. We will explain how authentication, confidentiality and integrity are achieved using various cryptographic techniques (e.g. MD5, SHA, AES and RSA). Next, participants will learn how to communicate securely on the web, send emails and connect to WiFi networks. Furthermore, we will demonstrate the security vulnerabilities in these scenarios using freely available hacking tools.

    Programa del curso

    * Monday: Computer Networking and Security 101
    * Tuesday: TLS/SSL and exploiting HTTP
    * Wednesday: Exploiting DNS and SMTP
    * Thursday: Exploiting DHCP and Wi-Fi
    * Friday: Exploiting Wi-Fi and conducting MitM

    cartelera.inexactas.ar/event/e

  29. ECI N3: Exploiting and securing communication on the Internet

    Pabellón Cero + Infinito, Ciudad Universitaria, Buenos Aires, Argentina, lunes, 27 de julio, 18:00 GMT-3

    Profesor

    Vladimír Veselý

    @[email protected]

    Turno

    Noche (18:00 a 21:00)

    Idioma

    Inglés

    Descripción

    During the course, participants will learn about the basic principles of computer communication security. We will explain how authentication, confidentiality and integrity are achieved using various cryptographic techniques (e.g. MD5, SHA, AES and RSA). Next, participants will learn how to communicate securely on the web, send emails and connect to WiFi networks. Furthermore, we will demonstrate the security vulnerabilities in these scenarios using freely available hacking tools.

    Programa del curso

    * Monday: Computer Networking and Security 101
    * Tuesday: TLS/SSL and exploiting HTTP
    * Wednesday: Exploiting DNS and SMTP
    * Thursday: Exploiting DHCP and Wi-Fi
    * Friday: Exploiting Wi-Fi and conducting MitM

    cartelera.inexactas.ar/event/e

  30. You want the #dhcp to yield the same #ipv4 everytime -> ensure your MAC address is fixed.

    For the #dhcp to yield the same #ipv6-> ensure /var/lib/dhcpcd/duid
    contains a fixed user-defined duid-uuid.

  31. You want the #dhcp to yield the same #ipv4 everytime -> ensure your MAC address is fixed.

    For the #dhcp to yield the same #ipv6-> ensure /var/lib/dhcpcd/duid
    contains a fixed user-defined duid-uuid.

  32. You want the #dhcp to yield the same #ipv4 everytime -> ensure your MAC address is fixed.

    For the #dhcp to yield the same #ipv6-> ensure /var/lib/dhcpcd/duid
    contains a fixed user-defined duid-uuid.

  33. You want the #dhcp to yield the same #ipv4 everytime -> ensure your MAC address is fixed.

    For the #dhcp to yield the same #ipv6-> ensure /var/lib/dhcpcd/duid
    contains a fixed user-defined duid-uuid.

  34. You want the #dhcp to yield the same #ipv4 everytime -> ensure your MAC address is fixed.

    For the #dhcp to yield the same #ipv6-> ensure /var/lib/dhcpcd/duid
    contains a fixed user-defined duid-uuid.

  35. DNS-Hijacking durch Forest Blizzard: Wie Heimrouter zur Spionageinfrastruktur werden

    Microsoft Threat Intelligence identifizierte dabei über 200 betroffene Organisationen sowie rund 5.000 kompromittierte Endgeräte – und warnt, dass die eigentliche Unternehmensinfrastruktur dabei gar nicht direkt angegriffen werden muss.

    all-about-security.de/dns-hija

    #soho #DNS #dnssecurity #router #DHCP

  36. Joah... was macht man so am Oster-Wochenende???

    Na klar: Das eigene lokale Netzwerk komplett umbauen von Flat LAN mit Fritz!Box und Pihole, auf ein ausgewachsenes Business Netzwerk mit:

    Fritz!Box nur noch als Modem, OPNsense (als Firewall, Kea DHCP, Unbound DNS), vier TP-Link EAP225 als Access Points mit drei WLANs, ein TP-Link TL-SG1016DE Smart Switch mit nun insgesamt 5 VLANs, Omada Software Controller zur Verwaltung der EAP225.

    Alle IoT Geräte die den Homeassistant bedienen in einem eigenen VLAN, Gäste WLAN, IoT WLAN, etc... pp... 😛

    Man hat ja sonst nix zu tun.......

    #opnsense #netzwerk #network #vlan #homeassistant #iot #pihole #keadhcp #dhcp #omada #tplink

  37. Joah... was macht man so am Oster-Wochenende???

    Na klar: Das eigene lokale Netzwerk komplett umbauen von Flat LAN mit Fritz!Box und Pihole, auf ein ausgewachsenes Business Netzwerk mit:

    Fritz!Box nur noch als Modem, OPNsense (als Firewall, Kea DHCP, Unbound DNS), vier TP-Link EAP225 als Access Points mit drei WLANs, ein TP-Link TL-SG1016DE Smart Switch mit nun insgesamt 5 VLANs, Omada Software Controller zur Verwaltung der EAP225.

    Alle IoT Geräte die den Homeassistant bedienen in einem eigenen VLAN, Gäste WLAN, IoT WLAN, etc... pp... 😛

    Man hat ja sonst nix zu tun.......

    #opnsense #netzwerk #network #vlan #homeassistant #iot #pihole #keadhcp #dhcp #omada #tplink

  38. Joah... was macht man so am Oster-Wochenende???

    Na klar: Das eigene lokale Netzwerk komplett umbauen von Flat LAN mit Fritz!Box und Pihole, auf ein ausgewachsenes Business Netzwerk mit:

    Fritz!Box nur noch als Modem, OPNsense (als Firewall, Kea DHCP, Unbound DNS), vier TP-Link EAP225 als Access Points mit drei WLANs, ein TP-Link TL-SG1016DE Smart Switch mit nun insgesamt 5 VLANs, Omada Software Controller zur Verwaltung der EAP225.

    Alle IoT Geräte die den Homeassistant bedienen in einem eigenen VLAN, Gäste WLAN, IoT WLAN, etc... pp... 😛

    Man hat ja sonst nix zu tun.......

    #opnsense #netzwerk #network #vlan #homeassistant #iot #pihole #keadhcp #dhcp #omada #tplink

  39. Joah... was macht man so am Oster-Wochenende???

    Na klar: Das eigene lokale Netzwerk komplett umbauen von Flat LAN mit Fritz!Box und Pihole, auf ein ausgewachsenes Business Netzwerk mit:

    Fritz!Box nur noch als Modem, OPNsense (als Firewall, Kea DHCP, Unbound DNS), vier TP-Link EAP225 als Access Points mit drei WLANs, ein TP-Link TL-SG1016DE Smart Switch mit nun insgesamt 5 VLANs, Omada Software Controller zur Verwaltung der EAP225.

    Alle IoT Geräte die den Homeassistant bedienen in einem eigenen VLAN, Gäste WLAN, IoT WLAN, etc... pp... 😛

    Man hat ja sonst nix zu tun.......

    #opnsense #netzwerk #network #vlan #homeassistant #iot #pihole #keadhcp #dhcp #omada #tplink