mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,4 Tsd.
aktive Profile

#ipv4

7 Beiträge6 Beteiligte0 Beiträge heute

Moin zusammen!
Heute mal eine Fachfrage an die Linuxspezialisten hier im Fediverse.

Vor nicht allzu langer Zeit haben wir unser Heimnetz etwas umgestellt. Aufgrund der Geräteanzahl und "schöneren" Adressen haben wir nun folgende Konfiguration (Ziffern geändert), derzeit noch mit der Routerdomain "fritz.box". Grundsätzlich funktioniert auch alles, wobei ich grundsätzlich mit DHCP arbeite und die IPs vom Router (fest) verteilen lasse:

Subnetz: 192.168.0.0/23
Netzmaske: 255.255.254.0
Gateway: 192.168.1.1
DNS (Pihole): 192.168.1.254 - alternativ habe ich aber auch 8.8.8.8 & Co getestet

Wenn ich jetzt bei VMs/LXCs das DHCP ausschalte und eine statische IP-Konfiguration eingebe, klappt gefühlt gar nix mehr. Innerhalb des Heimnetzes sind die IPs weiterhin erreichbar und reagieren z.B. auf ein Ping ...
Aber nach draußen passiert gar nix. Pings z.B. an google.de schlagen fehl, die Linux-Repositories sind nicht erreichbar, allgmein klappt keine DNS-Auflösung. Egal was ich konfiguriere.

Das Kuriose:
Schalte ich DHCP wieder ein und gebe vom Router aus die identische Konfiguration vor, dann klappt alles ohne jegliche Probleme.

Hintergedanke:
Ich möchte (zunächst testweise) einen Samba-Server als AD/LDAP Controller aufsetzen, da wäre ja eine statische IP schon besser.

Suchergebnisse bei Google führten bisher leider zu nichts ...
Hat irgendjemand eine Idee, wo ich noch so schauen könnte?!

#Linux#Debian12#IPv4
Antwortete im Thread

@landley @pmevzek @jschauma @ryanc @0xabad1dea @ripencc mostly because addresses get reused (Dynamic IPs were always the norm for consumers!) and because big block allocations get sold off and deallocated.

  • The fact that the #US #DoD has multiple /8 blocks hoarded that ain't even publicly routed is the most extreme example: The have enough static IPv4's to assign every past and current servicemember and every military vehicle one and would still have enough to spare.

  • In fact they have enough static #IPv4's to give everyone in the USA one and would still have propably more to spare than the entire rest of #NATO & #ANZUS / #14Eyes' #MILINTEL have combined.

Instead we have a giant cottage industry that deals with the artificial scarcity of IPv4's like digital real estate brokers, collecting value-removing fees for every transfer they can make which is explicitly rewarding #GAFAMs like #Apple that got a /8 early on and are now propping up their corporate valuation because that address block alone is propably worth a billion if not more.

en.wikipedia.orgList of assigned /8 IPv4 address blocks - Wikipedia
Antwortete im Thread

@landley @pmevzek @jschauma @ryanc @0xabad1dea And that is espechally baffling considering that #APNIC as #RIR ran out of #IPv4|s first.

Cuz people telling me "Oh, just use HEnet's Tunnelbroker"" never experienced the shitshow that is #Geoblocking and #GDPR-#Noncompliance with #Malvertising to slap their faces!

  • Cuz believe me, I tried, but since some idiots decided to #GeoIP entire #ASN|s and not #IP - #Allocations the PoP in FRA (FFM actually) will get me mislocated to the #USA!
Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@pmevzek@framapiaf.org @landley@mstdn.jp @jschauma@mstdn.social @ryanc@infosec.exchange @0xabad1dea@infosec.exchange no, it's just absurd to skip #64bit... I'd not be pissed if #IPv6 was widely available. - I can't even get a /64 but my ISP is happy to give me /28 subnets of IPv4...
#geoip#asn#ip

If, like me, you've ever been annoyed at people just saying to grep the output of ifconfig for inet, and the likes, to get the assigned IP address of a network interface.

I got annoyed one time too many.

Have a *proper* solution.

May or may not also work on for example the *BSDs, but should definitely work on any modern typical-userland Linux.

michael.kjorling.se/blog/2025/

Michael Kjörling · Getting the IP address of a network interface, on Linux
#Linux#BlogPost#blog
Antwortete im Thread

Also ich hatte noch nie Probleme mit #IPv6.

Die Probleme gehen immer nur von den IPv6-Verweigerern aus, die meinen, der restlichen Welt irgendein veraltetes Legacyprotokoll aufzwingen zu müssen, bei dem seit 30 Jahren Konsens ist, dass es verschwinden soll.

@emaechler #ipv4

Antwortete im Thread

@troed @dalai @foone The problem will be that one will have to reimplement the "#API" as #api0 from scratch by running inspectors in browsers all the time...

  • Remember: The platforms that run these are hostile to the very idea of said phat client.

It'll necessitate all api 0 calls to come from the same #IPv4 and/or #IPv6 as the end-user and hide itself with a fake #UserAgent to prevent countermeasures like #RateLimiting and #blocking.

digipres.clubFoone🏳️‍⚧️ (@foone@digipres.club)The basic philosophy of adversarial automation is that the software/website is the enemy.
Antwortete im Thread

@drscriptt Naive question: WHEN does the average #Internet #user ever open up a webpage with an #IP address instead of a #domain or even #FQDN?

  • Seriously, the only cases I saw were either some old, non-public - facing server in some B2B/API setting or a test that #httpd / #ngnix / #ssh / … function properly on like a #VPS and that the #DNS hasn't been updated (yet!) to include said host / FQDN in the records, and even then it's bad cuz you'd rather want to use it's FQDN instead because with #IPv4 shortages on one hand and tools like #Portainer on the other, one should not use an #IPaddress as addressing method because #WAF / #Proxies used to "#MUX" / "#NAT" services under one IP address or #IPv6 block may need that distinction by being queried for a specific FQDN...

The Idea if !SSL / #TLD for #IPaddresses makes me feel like Jeff Goldblum!

Antwortete im Thread

@niklas @mattgrayyes worse even if one doesn't setup an account just to watch videos!

Then one cannot disable that shite which solely selects the used language based off vibes, which is really annoying when one has different #GeoIP "localizations" depending on whetger #IPv4, #IPv6 and whether one is on #Mobile or at home or at work!

Really makes me angry af!

Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)Inhaltswarnung: Frustration, venting, bad mene.

Yes, The Book of PF, 4th Edition Is Coming Soon nxdomain.no/~peter/yes_the_boo

Long rumored and eagerly anticipated by some, the fourth edition of The Book of PF is now available for preorder nostarch.com/book-of-pf-4th-ed #openbsd #pf #packetfilter #freebsd #networking #security #tcpip #ipv6 #ipv4 #bookofpf

... and of course somebody had to ask, "when can we expect a fifth edition", to which the answer was "let's get this one out the door first"

That said, watch this space for further announcements!

nxdomain.noYes, The Book of PF, 4th Edition Is Coming Soon