Problem Statement and Proposed solution I use Apple HomeKit as my smart home platform of choice. Its not perfect and doesn’t have nearly the ecosystem that Alexa does but I like it and it compliments the fact that I use mostly Apple devices in the rest of my network. I don’t do anything all that complicated because I rent so there is a limit to the amount of smarts I can integrate. One feature I…
TL;DR – The sysdig utility can help you find the process sending ARP requests. I recently ran into a problem with my “core” server. Its a trusty little Ubuntu 22.04.1 box that wears a lot of hats. In order to combine all of the functions it requires it has some more exotic network setups such as client VPNs, policy based routing, IPv6 an multiple wired and wireless interfaces. Linux is incredibly powerful but sometimes getting…
Three is the magic number In parts 1 and 2 we discussed IPv6 addressing, and connection basics then configured a Fortigate to grab a DHCPv6 PD prefix and distribute it with SLAAC to clients on the inside network. In this episode I will go over the Fortigate firewall and security policy configuration to get your IPv6 traffic out to the Internet. The illusion of control In part 1 I discussed how router advertisements are sent…
How did we get here? In part 1 of this series I covered some basics about how IPv6 addresses are distributed. In summary we use DHCPv6 PD to find out from an ISP what prefix should be placed on our clients. After that a combination of SLAAC and DHCPv6 result in one (or more) IP address and DNS server combo that gives a client IPv6 connectivity. As mentioned in the first article I have Verizon…
Background I’ve been an IT infrastructure engineer for more than 20 years. Cut my teeth in the early days of campus L3 switching. I was lucky enough to have one of my first jobs at a public educational institution that owned a PI Class-B. Those were heady days. Like so many others out there, I looked at IPv6 as something I could hopefully avoid until retirement. The inability to reel off an entire IP subnetting…