• bullseye - how to configure eth1 for LAN only ?

    From R.Wieser@3:770/3 to All on Mon Apr 24 12:48:32 2023
    Hello all,

    Using bullseye lite (terminal only) and DHCP (dhclient) I'm trying to
    configure two network interfaces, connected to different networks with their own routers.

    I would like to configure one or both of the eth? interfaces as a LAN only connection, meaning without a "default gateway" and/or DNS server adresses
    and such.

    I've found some information about what to edit in /etc/dhcp/dhclient.conf,
    but after rebooting and checking the output of "route" I still see a
    "gateway" entry for eth1.

    Does anybody know what to add/remove/change in that dhclient.conf file to
    get it to work ?

    Remark: I've also seen suggestions to just give eth1 a high metric (so the
    eth0 gateway is considered first), but that doesn't work for me as eth0
    might not be always available.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Mon Apr 24 12:25:02 2023
    On 24/04/2023 11:48, R.Wieser wrote:
    Hello all,

    Using bullseye lite (terminal only) and DHCP (dhclient) I'm trying to configure two network interfaces, connected to different networks with their own routers.

    I would like to configure one or both of the eth? interfaces as a LAN only connection, meaning without a "default gateway" and/or DNS server adresses and such.

    I've found some information about what to edit in /etc/dhcp/dhclient.conf, but after rebooting and checking the output of "route" I still see a "gateway" entry for eth1.

    Does anybody know what to add/remove/change in that dhclient.conf file to
    get it to work ?

    Remark: I've also seen suggestions to just give eth1 a high metric (so the eth0 gateway is considered first), but that doesn't work for me as eth0
    might not be always available.

    Regards,
    Rudy Wieser



    Do you use NetworkManager? Or dhclient directly? Systemd?

    This gives suggestions for both NM and dhclient: https://unix.stackexchange.com/questions/399659/how-to-avoid-dhclient-default-gateway-on-an-interface

    However systemd doesn't use dhclient.conf (I am told). See here: https://serverfault.com/questions/674731/multiple-dhcp-uplinks-how-to-ignore-dns-and-default-route-on-all-but-one
    Last answer mentions systemd.

    HIH

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Mon Apr 24 14:59:28 2023
    Chris,

    Do you use NetworkManager? Or dhclient directly? Systemd?

    I tried "nmcli" but got the response that NetworkManager wasn't running.

    I do have a /etc/dhcp/dhclient.conf file, but I'm not sure at all if its actually used (editing it doesn't seem to change anything).

    As for systemd ? It looks like it, as I have a "/etc/systemd" folder.

    So, I've got two outof three, with one maybe.

    This gives suggestions for both NM and dhclient: https://unix.stackexchange.com/questions/399659/how-to-avoid-dhclient-default-gateway-on-an-interface

    Thats one of the links I found from which I applied the "Another way: dhclient.conf" suggstion. Alas, I still got a "default gateway" on eth1.

    However systemd doesn't use dhclient.conf (I am told). See here: https://serverfault.com/questions/674731/multiple-dhcp-uplinks-how-to-ignore-dns-and-default-route-on-all-but-one

    Yep, found that one too. The second post (by Nils Toedtmann) says the same
    as your link. :-)

    Last answer mentions systemd.

    I read that too, but although I can find the "/etc/systemd/network" folder itself I simply do not have enough information to be sure what the "*.interface" name should be. Next to that I do not see, under "[DHCP]",
    any mentioning of a gateway, but to see the "lets use a high metric" hack
    that I, as mentioned, can't use. :-\

    In short, the presence of a "dhclient.conf" *and* "/etc/systemd" makes me
    quite unsure which one actually gouverns the network configuration. Hence
    my post.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Mon Apr 24 16:14:36 2023
    On 24/04/2023 13:59, R.Wieser wrote:
    Chris,

    Do you use NetworkManager? Or dhclient directly? Systemd?

    I tried "nmcli" but got the response that NetworkManager wasn't running.

    OK, no NetworkManager.


    I do have a /etc/dhcp/dhclient.conf file, but I'm not sure at all if its actually used (editing it doesn't seem to change anything).

    As for systemd ? It looks like it, as I have a "/etc/systemd" folder.

    So, I've got two outof three, with one maybe.

    This gives suggestions for both NM and dhclient:
    https://unix.stackexchange.com/questions/399659/how-to-avoid-dhclient-default-gateway-on-an-interface

    Thats one of the links I found from which I applied the "Another way: dhclient.conf" suggstion. Alas, I still got a "default gateway" on eth1.

    However systemd doesn't use dhclient.conf (I am told). See here:
    https://serverfault.com/questions/674731/multiple-dhcp-uplinks-how-to-ignore-dns-and-default-route-on-all-but-one

    Yep, found that one too. The second post (by Nils Toedtmann) says the same as your link. :-)

    Last answer mentions systemd.

    I read that too, but although I can find the "/etc/systemd/network" folder itself I simply do not have enough information to be sure what the "*.interface" name should be. Next to that I do not see, under "[DHCP]",
    any mentioning of a gateway, but to see the "lets use a high metric" hack that I, as mentioned, can't use. :-\

    In short, the presence of a "dhclient.conf" *and* "/etc/systemd" makes me quite unsure which one actually gouverns the network configuration. Hence
    my post.

    Regards,
    Rudy Wieser



    Are you sure you're using dhclient?
    What does `ps ax | grep dhc` say?

    Just looked at my 11.6 install. It uses dhcpcd

    If yours does too, try putting

    interface eth1
    nogateway

    at the end of /etc/dhcpcd.conf

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Mon Apr 24 18:34:26 2023
    Chris,

    Are you sure you're using dhclient?

    Reasonably sure : I used

    /var/log/syslog | grep -Ei 'dhcp'.

    (https://superuser.com/questions/944687/how-to-see-what-dhcp-client-does)

    to check, and had a number of lines mentioning "dhcpcd" with one of them mentioning "adding default route", showing the IP of the router servicing
    the eth1 LAN

    What does `ps ax | grep dhc` say?

    It says

    /user/sbin/dhcpcd -w -q

    Just looked at my 11.6 install. It uses dhcpcd

    Could you tell me how you checked that ?

    If yours does too, try putting

    interface eth1
    nogateway

    at the end of /etc/dhcpcd.conf

    That does seem to have done the trick. Thanks.

    It also means I have to do a bit more googeling, but now focussed on that paricular file.

    A question though : if that file is there to configure the interfaces, what than is the "/etc/dhcp/dhclient.conf" file about ? Do you know ?

    And strangely enough, I've only seen that "dhcpcd.conf" file being mentioned once,

    https://raspberrypi.stackexchange.com/questions/127497/how-to-setup-eth1-with-fixed-ip

    but must admit I skipped it as it was talking about setting a fixed IP.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Mon Apr 24 18:22:38 2023
    On 24/04/2023 17:34, R.Wieser wrote:
    Chris,

    Are you sure you're using dhclient?

    Reasonably sure : I used

    /var/log/syslog | grep -Ei 'dhcp'.

    (https://superuser.com/questions/944687/how-to-see-what-dhcp-client-does)

    to check, and had a number of lines mentioning "dhcpcd" with one of them mentioning "adding default route", showing the IP of the router servicing
    the eth1 LAN

    What does `ps ax | grep dhc` say?

    It says

    /user/sbin/dhcpcd -w -q

    that's the line from /usr/lib/systemd/system/dhcpcd.service


    Just looked at my 11.6 install. It uses dhcpcd

    Could you tell me how you checked that ?

    ps ax | grep dhc


    If yours does too, try putting

    interface eth1
    nogateway

    at the end of /etc/dhcpcd.conf

    That does seem to have done the trick. Thanks.

    It also means I have to do a bit more googeling, but now focussed on that paricular file.

    A question though : if that file is there to configure the interfaces, what than is the "/etc/dhcp/dhclient.conf" file about ? Do you know ?

    it is to configure dhclient


    And strangely enough, I've only seen that "dhcpcd.conf" file being mentioned once,

    https://raspberrypi.stackexchange.com/questions/127497/how-to-setup-eth1-with-fixed-ip

    that's coz raspbian uses dhcpcd


    but must admit I skipped it as it was talking about setting a fixed IP.

    Regards,
    Rudy Wieser




    dhclient and dhcpcd are 2 *different* methods of automatically assigning
    ip adresses. dhclient is not used by stock raspbian.

    look at /usr/lib/systemd/system/dhcpcd.service
    systemctl status dhcpcd.service


    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Mon Apr 24 20:27:02 2023
    Chris,

    A question though : if that file is there to configure the interfaces,
    what than is the "/etc/dhcp/dhclient.conf" file about ? Do you know ?

    it is to configure dhclient

    :-) That much I already assumed.

    dhclient and dhcpcd are 2 *different* methods

    Well, that explains everything. I've been focussing on and modifying an unused configuration file. No wonder nothing seemed to work. :-(

    I must say that I don't quite understand why bullseye *lite* would carry two seperate network configuration methods - one of which it doesn't even use - while not bothering to including supporting files for when someone (like me) wants to do a bit of GPIO or graphics using GCC.

    And strangely enough, I've only seen that "dhcpcd.conf" file being
    mentioned
    once,

    https://raspberrypi.stackexchange.com/questions/127497/how-to-setup-eth1-with-fixed-ip

    that's coz raspbian uses dhcpcd

    I've seen post about dhcpcd dated as far back as 2011. I would have expected that my two/three day stint googeling would have popped up that name a few
    more times - Especially in relation to the RPi by people having a similar
    "how to configure the network" problem.

    Than again, how many people would want to create a "LAN only" interface ...

    look at /usr/lib/systemd/system/dhcpcd.service

    Thanks. I just did. Can't say I understand what whats in it means though. More to google I guess. :-)

    systemctl status dhcpcd.service

    Apart from recognising the the syslog entries at the bottom the same goes
    here.

    Thanks for the help and info.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Mon Apr 24 20:50:30 2023
    On 24/04/2023 19:27, R.Wieser wrote:
    Chris,

    A question though : if that file is there to configure the interfaces,
    what than is the "/etc/dhcp/dhclient.conf" file about ? Do you know ?

    it is to configure dhclient

    :-) That much I already assumed.

    dhclient and dhcpcd are 2 *different* methods

    Well, that explains everything. I've been focussing on and modifying an unused configuration file. No wonder nothing seemed to work. :-(

    I must say that I don't quite understand why bullseye *lite* would carry two seperate network configuration methods - one of which it doesn't even use - while not bothering to including supporting files for when someone (like me) wants to do a bit of GPIO or graphics using GCC.


    I haven't come across any distro that doesn't include both.
    I've always thought the lite moniker just meant no X

    And strangely enough, I've only seen that "dhcpcd.conf" file being
    mentioned
    once,

    https://raspberrypi.stackexchange.com/questions/127497/how-to-setup-eth1-with-fixed-ip

    that's coz raspbian uses dhcpcd

    I've seen post about dhcpcd dated as far back as 2011. I would have expected that my two/three day stint googeling would have popped up that name a few more times - Especially in relation to the RPi by people having a similar "how to configure the network" problem.

    Than again, how many people would want to create a "LAN only" interface ...

    I do it regularly!

    If I'd looked at my installation earlier I'd probably have twigged you
    were using dhcpcd not dhclient.


    look at /usr/lib/systemd/system/dhcpcd.service

    Thanks. I just did. Can't say I understand what whats in it means though. More to google I guess. :-)

    The Exec line says what it does - starts dhcpcd. Type say it forks and
    Restart tells it to restart if it crashes or is stopped.

    The rest of the file just sets up the environment.


    systemctl status dhcpcd.service

    Apart from recognising the the syslog entries at the bottom the same goes here.

    Thanks for the help and info.

    Regards,
    Rudy Wieser





    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Wed Apr 26 09:20:30 2023
    Chris,

    I've always thought the lite moniker just meant no X

    My own assumption went a bit further than that : minimal default installed software, less stuff running by default. Which fit me just fine, as I'm
    using it on am ancient, rather slow RPi v1. (yes, I did try to tun a
    graphical environment first. It was painfull. :-) )

    If I'd looked at my installation earlier I'd probably have twigged you
    were using dhcpcd not dhclient.

    I did see the "dhcpcd" name in the syslog, but as I didn't (yet) know about whats what I failed to recognise it for what it was ...


    A new question though (if you don't mind) : I've been trying to disable ipv6 too, and reading the man page for dhcpcd.conf I saw that I could use "ipv4only".

    I've put that just above the "interface eth1" line (assuming that it would
    than work for all interfaces), but "ifconfig" still shows ipv6 adresses for both "eth1" as well as "lo" (eth0 is disconnected). I also tried to put it under "interface eth1" and got the same result. As such I'm not at all sure what that "ipv4only" is supposed to do (if anything).

    I get the feeling (fuelled by some googeling results) that ipv6 needs to be disabled elsewhere. But although googeling for a way to do so turns up some results, I'm not at all sure if any of it applies to bullseye (most of it is old).

    Besides that, I would also would like to have some more information about (possibly) disabeling/changing DNS and other stuff dhpdcd seems to ask the
    dhcp server for* (even when DNS servers can't be reached without a default gateway).

    * I had a windows machine capture both the request as well as the response.
    The RPi asked for a lot, but got only a little ...

    In short : do you know of any source of info (website) which explains the network configuration, focussed on what is currently used by bullseye ?

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Wed Apr 26 13:07:30 2023
    On 26/04/2023 08:20, R.Wieser wrote:

    In short : do you know of any source of info (website) which explains the network configuration, focussed on what is currently used by bullseye ?

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro
    you're using.
    Even the systemd invocation used by debian and thus raspbian is just a
    straight invocation of dhcpcd.
    As previous, try the archwiki.

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to R.Wieser on Wed Apr 26 12:32:56 2023
    On 26/04/2023 08:20, R.Wieser wrote:
    Besides that, I would also would like to have some more information about (possibly) disabeling/changing DNS and other stuff dhpdcd seems to ask the dhcp server for* (even when DNS servers can't be reached without a default gateway).
    DHCP is a noddy default setup for a client machine that is connected to
    well maintained environment. If you want other than the defaults I would suggest either using static IP configuration (NO DHCP) or doing some
    work on the DHCP server - typically a router these days. Its quite hard
    to have a *partial* DHCP configuration.

    Your router may support different LAN address with different DHCP configurations, to disable default route and DNS instances.
    --
    "Socialist governments traditionally do make a financial mess. They
    always run out of other people's money. It's quite a characteristic of them"

    Margaret Thatcher

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Wed Apr 26 13:03:16 2023
    On 26/04/2023 08:20, R.Wieser wrote:

    A new question though (if you don't mind) : I've been trying to disable ipv6 too, and reading the man page for dhcpcd.conf I saw that I could use "ipv4only".


    Try:
    noipv6rs
    noipv6

    According to the BSD DHCPCD man page:

    noipv6 Don't solicit or accept IPv6 Router Advertisements and DHCPv6. noipv6rs Don't solicit or accept IPv6 Router Advertisements.

    This seems to say that noipv6 includes noipv6rs, but Archwiki says
    putting in both (in that order) works.

    Have you looked at man dhcpcd.conf?

    Arch wiki is a valuable resource e.g.
    https://wiki.archlinux.org/title/dhcpcd
    and usually better than alternatives.


    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to R.Wieser on Wed Apr 26 13:36:20 2023
    On Wed, 26 Apr 2023 09:20:30 +0200
    "R.Wieser" <address@is.invalid> wrote:

    A new question though (if you don't mind) : I've been trying to disable
    ipv6 too, and reading the man page for dhcpcd.conf I saw that I could use "ipv4only".

    I've put that just above the "interface eth1" line (assuming that it
    would than work for all interfaces), but "ifconfig" still shows ipv6
    adresses for both "eth1" as well as "lo" (eth0 is disconnected).

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::) then they don't come from DHCPCD but from IPv6 neighbour discovery and are probably quite hard to get rid of but they're
    only valid on a LAN segment so I wouldn't worry about them too much.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Chris Elvidge on Wed Apr 26 13:20:50 2023
    On 26/04/2023 13:07, Chris Elvidge wrote:
    On 26/04/2023 08:20, R.Wieser wrote:

    In short : do you know of any source of info (website) which explains the
    network configuration, focussed on what is currently used by bullseye ?

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro
    you're using.
    Even the systemd invocation used by debian and thus raspbian is just a straight invocation of dhcpcd.
    As previous, try the archwiki.

    I thought the OP was trying to set up a DHCP client, not a server?

    --
    You can get much farther with a kind word and a gun than you can with a
    kind word alone.

    Al Capone

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to The Natural Philosopher on Wed Apr 26 14:21:36 2023
    On 26/04/2023 13:20, The Natural Philosopher wrote:
    On 26/04/2023 13:07, Chris Elvidge wrote:
    On 26/04/2023 08:20, R.Wieser wrote:

    In short : do you know of any source of info (website) which explains
    the
    network configuration, focussed on what is currently used by bullseye ?

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro
    you're using.
    Even the systemd invocation used by debian and thus raspbian is just a
    straight invocation of dhcpcd.
    As previous, try the archwiki.

    I thought the OP was trying to set up a DHCP client, not a server?


    dhcpcd is client, isn't it?

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Chris Elvidge on Wed Apr 26 14:30:52 2023
    On 26/04/2023 14:21, Chris Elvidge wrote:
    On 26/04/2023 13:20, The Natural Philosopher wrote:
    On 26/04/2023 13:07, Chris Elvidge wrote:
    On 26/04/2023 08:20, R.Wieser wrote:

    In short : do you know of any source of info (website) which
    explains the
    network configuration, focussed on what is currently used by bullseye ? >>>>
    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro
    you're using.
    Even the systemd invocation used by debian and thus raspbian is just
    a straight invocation of dhcpcd.
    As previous, try the archwiki.

    I thought the OP was trying to set up a DHCP client, not a server?


    dhcpcd is client, isn't it?

    Thought it was the server

    dhclient is the client. But I think there are many clients now. What
    with systemd and network manager its all a muddle.


    --
    "In our post-modern world, climate science is not powerful because it is
    true: it is true because it is powerful."

    Lucas Bergkamp

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to The Natural Philosopher on Wed Apr 26 14:45:26 2023
    On 26/04/2023 14:30, The Natural Philosopher wrote:
    On 26/04/2023 14:21, Chris Elvidge wrote:
    On 26/04/2023 13:20, The Natural Philosopher wrote:
    On 26/04/2023 13:07, Chris Elvidge wrote:
    On 26/04/2023 08:20, R.Wieser wrote:

    In short : do you know of any source of info (website) which
    explains the
    network configuration, focussed on what is currently used by
    bullseye ?

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro
    you're using.
    Even the systemd invocation used by debian and thus raspbian is just
    a straight invocation of dhcpcd.
    As previous, try the archwiki.

    I thought the OP was trying to set up a DHCP client, not a server?


    dhcpcd is client, isn't it?

    Thought it was the server

    dhclient is the client. But I think there are many clients now. What
    with systemd and network manager its all a muddle.



    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See /usr/lib/systemd/system/dhcpcd.service https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to end maintenance of the ISC DHCP client and relay by the end of Q1, 2022."
    Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service says
    it is dbus based.

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to Ahem A Rivet's Shot on Wed Apr 26 17:06:34 2023
    On 26/04/2023 13:36, Ahem A Rivet's Shot wrote:
    On Wed, 26 Apr 2023 09:20:30 +0200
    "R.Wieser" <address@is.invalid> wrote:

    A new question though (if you don't mind) : I've been trying to disable
    ipv6 too, and reading the man page for dhcpcd.conf I saw that I could use
    "ipv4only".

    I've put that just above the "interface eth1" line (assuming that it
    would than work for all interfaces), but "ifconfig" still shows ipv6
    adresses for both "eth1" as well as "lo" (eth0 is disconnected).

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::) then they don't come from DHCPCD but from IPv6 neighbour discovery and are probably quite hard to get rid of but they're only valid on a LAN segment so I wouldn't worry about them too much.


    It seems there are 2 ways to totally disable ipv6 https://www.howtoraspberry.com/2020/04/disable-ipv6-on-raspberry-pi/

    1) Pi only: add 'ipv6.disable=1' to end of line in /boot/cmdline.txt

    2) Generally,
    a) if using sysctl: put a file in /etc/sysctl.d/ containing net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.default.disable_ipv6 = 1
    net.ipv6.conf.lo.disable_ipv6 = 1
    b) if not using sysctl, add
    echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
    echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
    echo 1 > /proc/sys/net/ipv6/conf/lo/disable_ipv6
    to end of (for e.g.) /etc/rc.local

    Both methods will disable all ipv6 including link-local
    NetworkManager has a "disable" option under ipV6, too.

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to Pancho on Wed Apr 26 17:57:02 2023
    On 26/04/2023 17:22, Pancho wrote:
    On 26/04/2023 14:45, Chris Elvidge wrote:

    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See
    /usr/lib/systemd/system/dhcpcd.service
    https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to
    end maintenance of the ISC DHCP client and relay by the end of Q1,
    2022." Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service
    says it is dbus based.

    Ubuntu is still using dhclient, isn't it?

    No idea.
    Does `ps ax | grep dhc` give a clue?
    Does nmcli work? -> uses NetworkManager

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Pancho@3:770/3 to Chris Elvidge on Wed Apr 26 17:22:40 2023
    On 26/04/2023 14:45, Chris Elvidge wrote:

    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See /usr/lib/systemd/system/dhcpcd.service https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to end maintenance of the ISC DHCP client and relay by the end of Q1, 2022."
    Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service says
    it is dbus based.

    Ubuntu is still using dhclient, isn't it?

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Pancho@3:770/3 to Chris Elvidge on Wed Apr 26 18:26:14 2023
    On 26/04/2023 17:57, Chris Elvidge wrote:
    On 26/04/2023 17:22, Pancho wrote:
    On 26/04/2023 14:45, Chris Elvidge wrote:

    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See
    /usr/lib/systemd/system/dhcpcd.service
    https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to
    end maintenance of the ISC DHCP client and relay by the end of Q1,
    2022." Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service
    says it is dbus based.

    Ubuntu is still using dhclient, isn't it?

    No idea.
    Does `ps ax | grep dhc` give a clue?
    Does nmcli work? -> uses NetworkManager


    Seems my Ubuntu 22.04 systems only get nmcli with the
    ubuntu-gnome-desktop package. My server versions don't have it. Both
    server and desktop still have dhclient.

    Do I need to learn nmcli, or can I bury my head in the sand and hope it
    goes away?

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Chris Elvidge on Wed Apr 26 19:14:46 2023
    On 26/04/2023 17:57, Chris Elvidge wrote:
    On 26/04/2023 17:22, Pancho wrote:
    On 26/04/2023 14:45, Chris Elvidge wrote:

    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See
    /usr/lib/systemd/system/dhcpcd.service
    https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to
    end maintenance of the ISC DHCP client and relay by the end of Q1,
    2022." Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service
    says it is dbus based.

    Ubuntu is still using dhclient, isn't it?

    No idea.
    Does `ps ax | grep dhc` give a clue?
    Does nmcli work? -> uses NetworkManager


    My Mint uses neither. There is an nm-applet.
    But dhcp is only used at boot time normally.


    --
    When plunder becomes a way of life for a group of men in a society, over
    the course of time they create for themselves a legal system that
    authorizes it and a moral code that glorifies it.

    Frédéric Bastiat

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Chris Elvidge on Wed Apr 26 19:23:52 2023
    On 26/04/2023 17:57, Chris Elvidge wrote:
    On 26/04/2023 17:22, Pancho wrote:
    On 26/04/2023 14:45, Chris Elvidge wrote:

    No. See previous. dhcpcd and dhclient are *different* dhcp clients.
    dhclient is supplied by the ISC. dhclient is not normally used by
    debian, slackware (or any other distros I use). They all use dhcpcd.
    Even the systemd implementation used in debian uses dhcpcd. See
    /usr/lib/systemd/system/dhcpcd.service
    https://www.isc.org/blogs/dhcp-client-relay-eom/ says "ISC plans to
    end maintenance of the ISC DHCP client and relay by the end of Q1,
    2022." Hence dhclient is end-of-life (IMHO).
    I don't know about NetworkManager (or nmcli), I don't use it. A quick
    look on Archwiki and /usr/lib/systemd/system/NetworkManager.service
    says it is dbus based.

    Ubuntu is still using dhclient, isn't it?

    No idea.
    Does `ps ax | grep dhc` give a clue?
    Does nmcli work? -> uses NetworkManager

    Only think that looks relevant on my rig is 'NetworkManager

    The config file seems to be

    /etc/NetworkManager/system-connections/Wired connection 1.nmconnection
    ------>
    [connection]
    id=Wired connection 1
    uuid=200b0367-8dfe-331b-b244-aa11e7de1cea
    type=ethernet
    autoconnect-priority=-999
    interface-name=eno1
    permissions=
    timestamp=1674452619

    [ethernet]
    mac-address-blacklist=

    [ipv4]
    dns-search=
    method=auto

    [ipv6]
    addr-gen-mode=stable-privacy
    dns-search=
    ip6-privacy=0
    method=auto

    [proxy]
    <-------------


    --
    Karl Marx said religion is the opium of the people.
    But Marxism is the crack cocaine.

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Jim Jackson@3:770/3 to Chris Elvidge on Wed Apr 26 18:57:26 2023
    On 2023-04-26, Chris Elvidge <chris@mshome.net> wrote:
    On 26/04/2023 13:36, Ahem A Rivet's Shot wrote:
    On Wed, 26 Apr 2023 09:20:30 +0200
    "R.Wieser" <address@is.invalid> wrote:

    A new question though (if you don't mind) : I've been trying to disable
    ipv6 too, and reading the man page for dhcpcd.conf I saw that I could use >>> "ipv4only".

    I've put that just above the "interface eth1" line (assuming that it
    would than work for all interfaces), but "ifconfig" still shows ipv6
    adresses for both "eth1" as well as "lo" (eth0 is disconnected).

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::) then they don't come from DHCPCD but from IPv6 >> neighbour discovery and are probably quite hard to get rid of but they're
    only valid on a LAN segment so I wouldn't worry about them too much.


    It seems there are 2 ways to totally disable ipv6 https://www.howtoraspberry.com/2020/04/disable-ipv6-on-raspberry-pi/

    1) Pi only: add 'ipv6.disable=1' to end of line in /boot/cmdline.txt

    Just a small quibble - while the whole /boot/cmfline.txt thing is Pi
    specific, the ipv6.disable=1 kernel parameter setting should work on all
    Linux kernels.


    2) Generally,
    a) if using sysctl: put a file in /etc/sysctl.d/ containing net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.default.disable_ipv6 = 1
    net.ipv6.conf.lo.disable_ipv6 = 1
    b) if not using sysctl, add
    echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
    echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
    echo 1 > /proc/sys/net/ipv6/conf/lo/disable_ipv6
    to end of (for e.g.) /etc/rc.local

    Both methods will disable all ipv6 including link-local
    NetworkManager has a "disable" option under ipV6, too.


    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to The Natural Philosopher on Wed Apr 26 20:00:52 2023
    On Wed, 26 Apr 2023 19:14:46 +0100
    The Natural Philosopher <tnp@invalid.invalid> wrote:

    But dhcp is only used at boot time normally.

    Either dhclient or dhcpcd should persist so that it can renew the
    lease when the time comes - try a ps -elf | grep dhclient or pgrep -lf dhclient.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Wed Apr 26 23:17:26 2023
    Ahem A Rivet's Shot,

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::) then they don't come from DHCPCD but from IPv6 neighbour discovery and are probably quite hard to get rid of but they're only valid on a LAN segment so I wouldn't worry about them too much.

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::)

    it (eth1) is.

    then they don't come from DHCPCD but from IPv6 neighbour discovery and are probably quite hard to get rid

    So every of those "noipv6" and "ipv4only" things in (man) dhcpcd.config are fake ? They actually don't do squat ? That would perhaps have been a good april
    first joke, but not on any other day. :-(

    of but they're only valid on a LAN segment so I wouldn't worry about them
    too much.

    :-) All computers on my LAN (and probably yours too) have local ipv4
    adresses, but they can still connect to other computers all over the world.

    The thing is that that I have multiple computers on my lan, and I don't want
    to discover that one of them is using ipv6 - which I do not use and as such have very little knowledge of - as a weakpoint to gain access to others.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Wed Apr 26 22:52:54 2023
    Chris,

    A new question though (if you don't mind) : I've been trying to disable
    ipv6
    too, and reading the man page for dhcpcd.conf I saw that I could use
    "ipv4only".

    Try:
    noipv6rs
    noipv6

    I tried both seperatily and together (even though the latter seems to includ the former), but ifconfig still shows ipv6 adresses. :-\

    Have you looked at man dhcpcd.conf?

    Thats pretty much the first thing I did after your suggestion to edit that file. Its where I got that "ipv4only" thingy from (which doesn't work as
    I imagine it would).

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro you're using.

    I've got to take your word for that, as I do not (yet) posess that
    knowledge - which is why I mentioned what my starting point is, so we would
    be on the same page. Thank you for mentioning it.

    It seems there are 2 ways to totally disable ipv6

    And thanks for those. I think I found those myself too, but didn't
    actually
    read them as it /looked like/ dhcpcd.conf had the means to gouvern them (and assumed a similar problem as in regard to dhclient - looking at the wrong thing)

    But a bit of a bummer : I was assuming that I could disable it for one interface, but keep it enabled for another.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to Jim Jackson on Wed Apr 26 21:26:48 2023
    On 26/04/2023 19:57, Jim Jackson wrote:


    1) Pi only: add 'ipv6.disable=1' to end of line in /boot/cmdline.txt

    Just a small quibble - while the whole /boot/cmfline.txt thing is Pi specific, the ipv6.disable=1 kernel parameter setting should work on all Linux kernels.


    Could be, no real reason to try it.

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to R.Wieser on Thu Apr 27 02:32:46 2023
    On Wed, 26 Apr 2023 23:17:27 +0200
    "R.Wieser" <address@is.invalid> wrote:

    So every of those "noipv6" and "ipv4only" things in (man) dhcpcd.config
    are fake ? They actually don't do squat ? That would perhaps have been
    a good april

    Not at all, they control whether or not dhcpcd issues public IPv6 addresses. You get link local addresses without dhcpcd or anything other
    than an IPv6 capable kernel.

    The link local addresses that are provided by the kernel are
    nothing more than a standard wrapper around the MAC and they really are
    only valid on the LAN segment (same as the MAC) they cannot cross any kind
    of router internal or external, unlike IPv4 private addresses which are by convention not permitted to cross routers into the 'public internet' and
    have been known to cross boundary routers in both directions.

    I'm not sure it's possible to NAT IPv6 link local addresses, you'd certainly have to work at it, by default there's no kind of NAT used for
    IPv6 the addresses are either link local or public.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Thu Apr 27 09:35:44 2023
    Chris,

    a) if using sysctl: put a file in /etc/sysctl.d/ containing net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.default.disable_ipv6 = 1
    net.ipv6.conf.lo.disable_ipv6 = 1

    I've applied all three, and after rebooting looking at ifconfig I do not see any ipv6 any more. Thank you.

    One question though : The latter two entries seem to be subsets of the first one. Is there something I'm missing or is this just a case of wearing a
    belt /and/ suspenders ?

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Thu Apr 27 09:25:24 2023
    Ahem,

    So every of those "noipv6" and "ipv4only" things in (man) dhcpcd.config
    are fake ? They actually don't do squat ? That would perhaps have been
    a good april

    Not at all, they control whether or not dhcpcd issues public IPv6
    addresses. You get link local addresses without dhcpcd or anything other
    than an IPv6 capable kernel.

    I realized only later that what you mention in that the last line could be
    the case.

    Do you happen to know if its possible and if so how to configure ipv6 to
    /not/ to generate such a "link local address" and only expose an address if provided thru dhcp (so it functions the same way ipv4 works and its a per interface thing) ?

    unlike IPv4 private addresses which are by convention not permitted
    to cross routers into the 'public internet'

    :-) Just send the request to the "default gateway" machine and it does some NAT magic to get the request done using a "IPv4 private address" on the internet regardless.

    and have been known to cross boundary routers in both directions.

    Sort of. /Some/ "IPv4 private addresses" may go one way, /others/ may go
    the other way. Which ones is under control of and has to be configured per router.

    I'm not sure it's possible to NAT IPv6 link local addresses, you'd
    certainly have to work at it,

    Do you know What would be the difference between ipv4 and ipv6 that would
    make it especially hard to do for the latter ?

    by default there's no kind of NAT used for IPv6 the addresses are
    either link local or public.

    Thats just because there are way more ipv6 IPs available than we currently
    can use, and NAT-ing hem would (look to) be a bit silly - an exercise in futility.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to R.Wieser on Thu Apr 27 09:47:24 2023
    On Thu, 27 Apr 2023 09:25:25 +0200
    "R.Wieser" <address@is.invalid> wrote:

    Do you happen to know if its possible and if so how to configure ipv6 to /not/ to generate such a "link local address" and only expose an address
    if provided thru dhcp (so it functions the same way ipv4 works and its a
    per interface thing) ?

    It is not DHCPv6 uses the link local addresses for communication. They're rather fundamental.

    Sort of. /Some/ "IPv4 private addresses" may go one way, /others/ may go
    the other way. Which ones is under control of and has to be configured
    per router.

    Quite it's by convention and if the router misbehaves the 'private' addresses leak. Whereas the link local addresses are protocol level and
    their behaviour is built into the IPv6 stack.

    I'm not sure it's possible to NAT IPv6 link local addresses, you'd certainly have to work at it,

    Do you know What would be the difference between ipv4 and ipv6 that would make it especially hard to do for the latter ?

    The Ipv6 NAT protocol definition :)

    by default there's no kind of NAT used for IPv6 the addresses are
    either link local or public.

    Thats just because there are way more ipv6 IPs available than we
    currently can use, and NAT-ing hem would (look to) be a bit silly - an exercise in futility.

    I rather think there are more than we will ever be able to use. If
    I turn on IPv6 from my ISP I get a /56 block all to myself, or Hurricane Electric will give me a /48 and a /64 over a free tunnel. By contrast I had
    to pay for the use of a *single* static IPv4 address.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to R.Wieser on Thu Apr 27 09:50:42 2023
    On 26/04/2023 22:17, R.Wieser wrote:
    Ahem A Rivet's Shot,

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::) then they don't come from DHCPCD but from IPv6 >> neighbour discovery and are probably quite hard to get rid of but they're
    only valid on a LAN segment so I wouldn't worry about them too much.

    What sort of ipv6 addresses ? If it is only link local ipv6
    addresses (starting fe80::)

    it (eth1) is.

    then they don't come from DHCPCD but from IPv6 neighbour discovery and are >> probably quite hard to get rid

    So every of those "noipv6" and "ipv4only" things in (man) dhcpcd.config are fake ? They actually don't do squat ? That would perhaps have been a good april
    first joke, but not on any other day. :-(

    It is not even sure where Raspian picks up its config files from. These
    may belong to obsolete software 'left in place' because no one dared
    touch it and the thing works now anyway.

    of but they're only valid on a LAN segment so I wouldn't worry about them
    too much.

    :-) All computers on my LAN (and probably yours too) have local ipv4 adresses, but they can still connect to other computers all over the world.

    The thing is that that I have multiple computers on my lan, and I don't want to discover that one of them is using ipv6 - which I do not use and as such have very little knowledge of - as a weakpoint to gain access to others.

    Regards,
    Rudy Wieser


    I shouldn't worry. IPv6 like so many other great ideas invented by
    bright eyed bushy tailed ComputerScientists™, doesn't really work, and probably never will.

    The reality is that there are 32 bits of IPV4 address and 32 bits of
    port addresses within that. More than enough

    And 99% of all the worlds devices sit happily behind NAT routers.
    Like most of TCP/IP, NAT is a kludge invented to MakeStuffWork, is ugly, properly offends ComputerScientists™, but is robust enough to DoTheJob.

    --
    Those who want slavery should have the grace to name it by its proper
    name. They must face the full meaning of that which they are advocating
    or condoning; the full, exact, specific meaning of collectivism, of its
    logical implications, of the principles upon which it is based, and of
    the ultimate consequences to which these principles will lead. They must
    face it, then decide whether this is what they want or not.

    Ayn Rand.

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Ahem A Rivet's Shot on Thu Apr 27 09:40:40 2023
    On 26/04/2023 20:00, Ahem A Rivet's Shot wrote:
    On Wed, 26 Apr 2023 19:14:46 +0100
    The Natural Philosopher <tnp@invalid.invalid> wrote:

    But dhcp is only used at boot time normally.

    Either dhclient or dhcpcd should persist so that it can renew the
    lease when the time comes - try a ps -elf | grep dhclient or pgrep -lf dhclient.

    Nope.
    xxx@juliet:~/Desktop$ ps -elf | grep dhclient
    0 S xxx 232070 232062 0 80 0 - 2259 pipe_w 09:27 pts/0
    00:00:00 grep --color=auto dhclient
    xxx@juliet:~/Desktop$ pgrep -lf dhclient
    xxx@juliet:~/Desktop$

    Nada.
    What does persist its network stuff

    $ ps -elf | grep net
    1 I root 34 2 0 60 -20 - 0 - Apr19 ?
    00:00:00 [netns]
    4 S root 604 1 0 80 0 - 9996 - Apr19 ?
    00:00:00 /usr/bin/python3 /usr/bin/networkd-dispatcher
    --run-startup-triggers
    0 S xxx 95676 1938 0 80 0 - 97033 poll_s Apr22 ?
    00:00:00 /usr/libexec/gvfsd-network --spawner :1.7 /org/gtk/gvfs/exec_spaw/5

    I conclude that in later versions of Mint desktop systems neither
    dhclient nor dhcpd are used.

    I have found the layer upon layer of obsolete and obsolescent networking
    files to be a total pain to deal with.

    And indeed even though my server is set to static IP address via
    network manager it also has a ghost IP address assigned by DHCP. This
    responds to pings and shows up on the router dhcp tables, but is
    otherwise completely unused for anything

    I have concluded that like so much software, Mint/Ubuntu/Debian is being overwhelmed by the dreaded weed Creeping Featurism and and has been
    debugged only insofar as to work for 'normal' situations, and underneath
    is a BFM. A Bloody Fucking Mess, that like postscript and X windows has
    been stabilised by the general principle of 'buggering around till it
    sorta works'.



    --
    “The ultimate result of shielding men from the effects of folly is to
    fill the world with fools.”

    Herbert Spencer

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to R.Wieser on Thu Apr 27 09:43:34 2023
    On 26/04/2023 21:52, R.Wieser wrote:
    Chris,

    A new question though (if you don't mind) : I've been trying to disable
    ipv6
    too, and reading the man page for dhcpcd.conf I saw that I could use
    "ipv4only".

    Try:
    noipv6rs
    noipv6

    I tried both seperatily and together (even though the latter seems to includ the former), but ifconfig still shows ipv6 adresses. :-\

    Have you looked at man dhcpcd.conf?

    Thats pretty much the first thing I did after your suggestion to edit that file. Its where I got that "ipv4only" thingy from (which doesn't work as
    I imagine it would).

    Don't get too hung up on the raspbian/bullseye focus.
    dhcpcd configuration is dhcpcd configuration no matter which distro you're >> using.

    I've got to take your word for that, as I do not (yet) posess that
    knowledge - which is why I mentioned what my starting point is, so we would be on the same page. Thank you for mentioning it.

    It seems there are 2 ways to totally disable ipv6

    And thanks for those. I think I found those myself too, but didn't
    actually
    read them as it /looked like/ dhcpcd.conf had the means to gouvern them (and assumed a similar problem as in regard to dhclient - looking at the wrong thing)

    But a bit of a bummer : I was assuming that I could disable it for one interface, but keep it enabled for another.

    Regards,
    Rudy Wieser


    Unless you want to probe the dark slough of everyone else's hackery, I strongly suggest that you give DHCP the old heave-ho on that interface
    and go static.

    DHCP is there to solve a problem you don't have.
    Don't fight it. Or its myrmidons. Cut the Gordian knot and shoot it in
    the head.



    --
    Canada is all right really, though not for the whole weekend.

    "Saki"

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Martin Gregorie on Thu Apr 27 10:47:54 2023
    On 27/04/2023 10:36, Martin Gregorie wrote:
    On Thu, 27 Apr 2023 09:40:40 +0100, The Natural Philosopher wrote:

    I have concluded that like so much software, Mint/Ubuntu/Debian is being
    overwhelmed by the dreaded weed Creeping Featurism and and has been
    debugged only insofar as to work for 'normal' situations, and underneath
    is a BFM. A Bloody Fucking Mess, that like postscript and X windows has
    been stabilised by the general principle of 'buggering around till it
    sorta works'.

    Its also worth remembering that your LAN's firewall router may well have a DHCP router buried in its innards and if this device suffers from bit rot
    in the EPROM that holds its firmware and configuration parameters, then
    you can get some unpleasant network problems, particularly a problem for those of us still limited to ADSL connections;

    **cough** D-Link DSL-320B **cough**

    The only source of replacement ADSL routers now appears to be eBay:


    Really?

    Yeah, My well hated router was not D-link. That did well till lightning
    popped its front end, but Netgear. I have one of those serving as a wifi
    access point, it needs rebooting now and again. It also got unreliable
    after a heavy storm

    Consumer routers are mostly utter crap. I have a Draytek now, and it all actually works.

    Its got ADSL but Ive migrated to fibre, and id does ethernet WAN as well
    (like cable)


    --
    Gun Control: The law that ensures that only criminals have guns.

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Martin Gregorie@3:770/3 to The Natural Philosopher on Thu Apr 27 09:36:12 2023
    On Thu, 27 Apr 2023 09:40:40 +0100, The Natural Philosopher wrote:

    I have concluded that like so much software, Mint/Ubuntu/Debian is being overwhelmed by the dreaded weed Creeping Featurism and and has been
    debugged only insofar as to work for 'normal' situations, and underneath
    is a BFM. A Bloody Fucking Mess, that like postscript and X windows has
    been stabilised by the general principle of 'buggering around till it
    sorta works'.

    Its also worth remembering that your LAN's firewall router may well have a
    DHCP router buried in its innards and if this device suffers from bit rot
    in the EPROM that holds its firmware and configuration parameters, then
    you can get some unpleasant network problems, particularly a problem for
    those of us still limited to ADSL connections;

    **cough** D-Link DSL-320B **cough**

    The only source of replacement ADSL routers now appears to be eBay:


    --

    Martin | martin at
    Gregorie | gregorie dot org

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Thu Apr 27 12:02:52 2023
    Ahem,

    It is not DHCPv6 uses the link local addresses for
    communication.

    I'm still not grasping the distinction between an ipv6 and ipv4 "local
    address" I'm afraid.

    They're rather fundamental.

    I've just disabled ipv6 on my RPi and have not noticed anything failing.
    IOW, they can't be /that/ fundamental.

    If you mean they are fundamental in regard to communication between
    computers on the same lan segment, than thats exactly what I want to limit - especially as I have no idea what services have ipv6 ports open.

    Whereas the link local addresses are protocol level and
    their behaviour is built into the IPv6 stack

    I don't quite get that I'm afraid : If data send and received using such a
    link local address can be read by software connecting to the ipv6 stack,
    what than stops a router to do with as it pleases ?

    Or, said otherwise : if the ipv6 stack somehow internally blocks data send using such a link local address how would a router - or even a standard
    'puter - be able to use that local link address to begin with ?

    Thats just because there are way more ipv6 IPs available than we
    currently can use, and NAT-ing hem would (look to) be a bit silly - an
    exercise in futility.

    I rather think there are more than we will ever be able to use.

    :-) Thats what I tried to convey.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Andy Burns on Thu Apr 27 12:19:16 2023
    On 27/04/2023 11:56, Andy Burns wrote:
    The Natural Philosopher wrote:

    The reality is that there are 32 bits of IPV4 address and 32 bits of
    port addresses within that.

    16 bits of ports  ...


    Ah. Brain fade. Yes

    --
    "Anyone who believes that the laws of physics are mere social
    conventions is invited to try transgressing those conventions from the
    windows of my apartment. (I live on the twenty-first floor.) "

    Alan Sokal

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Jan Panteltje@3:770/3 to Philosopher on Thu Apr 27 10:58:20 2023
    On a sunny day (Thu, 27 Apr 2023 09:40:40 +0100) it happened The Natural Philosopher <tnp@invalid.invalid> wrote in <u2dce8$1r7v6$1@dont-email.me>:

    I conclude that in later versions of Mint desktop systems neither
    dhclient nor dhcpd are used.

    I have found the layer upon layer of obsolete and obsolescent networking >files to be a total pain to deal with.

    And indeed even though my server is set to static IP address via
    network manager it also has a ghost IP address assigned by DHCP. This >responds to pings and shows up on the router dhcp tables, but is
    otherwise completely unused for anything

    I have concluded that like so much software, Mint/Ubuntu/Debian is being >overwhelmed by the dreaded weed Creeping Featurism and and has been
    debugged only insofar as to work for 'normal' situations, and underneath
    is a BFM. A Bloody Fucking Mess, that like postscript and X windows has
    been stabilised by the general principle of 'buggering around till it
    sorta works'.

    I agree.
    Thing changed by tinkerers who did not even understand the original intention of the code.

    In my other rapi4 4 GB I have killed dhc.. at startup,
    and then run my own script setting the interfaces on the LAN.
    All fixed IP addresses
    Uptime 54 days now it says... no problems.

    On this one I am posting from, a Pi4 8 GB, dhWCd or whatever still runs. raspberrypi: ~ # uname -a
    Linux raspberrypi 5.15.32-v7l+ #1538 SMP Thu Mar 31 19:39:41 BST 2022 armv7l GNU/Linux

    But I still run my own config scripts after it started,
    this one has a 4G USB stick plugged in and also functions as route for or example my laptop.

    That whole RatHead dbus shit should be outlawed.
    So stupid, to start Apache webserver was (Slackware):
    apachectl start

    now it is, on my raspi 4 8 GB:
    service apache2 start

    WHY?

    And the same for user interfaces, does google gets its programmers from <insert low IQ group here>?
    Ever more memory needed, even for simple text things..., annoying interfaces... People need gigabytes to do the simplest things, were I can often do the same in a few kB (yes KB)...

    Now I know many 'merricans cannot read or write, so mouse clicking at a mouse picture expects them so catch a mouse... ?
    But really, command line is faster here, especially when running zsh as shell.


    Script to start net connection and config the Pi as router: /usr/local/sbin/start_4g_router

    #!/usr//bin/bash
    iptables -F
    route add -net 192.168.0.0/16 dev eth0
    echo 1 >/proc/sys/net/ipv4/ip_forward
    iptables -t nat -A POSTROUTING ! -d 192.168.0.0/16 -o eth1 -j SNAT --to-source 192.168.8.100
    sleep 1
    ifconfig eth0 down
    sleep 1
    ifconfig eth0 192.168.178.1 up
    sleep 1
    vnstat -i eth1 -s
    # default is set to 192.168.8.1, that blocks rt.com, this uses 8.8.8.8 an 8.8.4.4
    cp /etc/resolv.conf.GOOGLE /etc/resolv.conf
    sleep 1


    Script to turn internet connection on or off:
    /usr/local/sbin/set_4g

    #!/usr/bin/bash
    if [ "$1" == "off" ]
    then
    ifconfig eth1 down
    elif [ "$1" == "on" ]
    then
    ifconfig eth1 up
    cp /etc/resolv.conf.GOOGLE /etc/resolv.conf
    else
    echo "Usage: set_4g on | off"
    fi

    Damn it, moon landing used only kilobytes, now they crash (Japan) with gigabytes on board..
    https://panteltje.nl/panteltje/quadcopter/index.html
    can drop things too:
    https://panteltje.nl/panteltje/quadcopter/drop.html

    Keep It Simple!!
    Moon landing game I played in the seventies on what was it, a Commodore Pet?
    https://en.m.wikipedia.org/wiki/Commodore_PET
    When the moon landings happened I was working in the TV head control room in my country to pass it on to the people.
    Lots of tubes there in those days, hundreds... few transistors ... Had to fix it too if the system (and it did on a regular basis) failed.
    But always was 'online'.
    Kids, cellphones., wait for the next high altitude nuke, or big solar storm NOTHING will work.
    OK :-)
    2024 I think.

    Society over the hill, climate idiots, brainwashed people that believe the CO2 snake oil sales pitch.
    Climate change is caused by changes in the earth orbit and sun:
    http://old.world-mysteries.com/alignments/mpl_al3b.htm

    Society is 'over the hill'
    like in medieval times witch-hunts now it is hunts for CO2 emitters.
    Mass hysteria
    We NEED a global war to get back to normal
    Radiation is not so bad, still alive after inhaling some Chernobyl fallout here many years ago.
    The airco filters where I worked had to be replaced because those were 'hot'. Wars are part of evolution,...
    And US REALLY needs those to sell more weapons, so they keep asking ..
    Better save your raspi in a metal box,
    although I had some transistors in a metal box and those died anyways next to my 250 W or so transmitter
    So your mileage may vary

    Wars, one ant heap against the other, the best one wins, evolution.

    Wonder how long it will take before kids can buy a 'make your own dino' kit at Walmart or on ebay from China ..
    And then legislation forbidding it after some school playground got messed up by those dinos.
    Killing life, followed by creating life as a hobby, all sort of new interesting species.

    Not even mentioning AI getting to work and design it for you, THAT is easy. Ooops text file, you will need to learn to write and read.
    Oh no, wait, voice input...
    AI make me a wild wild dino.

    ?
    /

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Andy Burns@3:770/3 to The Natural Philosopher on Thu Apr 27 11:56:48 2023
    The Natural Philosopher wrote:

    The reality is that there are 32 bits of IPV4 address and 32 bits of
    port addresses within that.

    16 bits of ports ...

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to The Natural Philosopher on Thu Apr 27 12:57:26 2023
    On 27/04/2023 09:50, The Natural Philosopher wrote:
    It is not even sure where Raspian picks up its config files from. These
    may belong to obsolete software 'left in place' because no one dared
    touch it and the thing works now anyway.

    Raspbian uses systemd for configuration.

    As stock, it will use whatever service is specified in
    /usr/lib/systemd/system/ (previous versions may use /lib/systemd/system/)

    On mine it is dhcpcd.service with ExecStart=/usr/sbin/dhcpcd -b -q
    To me, that means configuration is done in /etc/dhcpcd.conf

    Another possibility is NetworkManager.service, configuration in /etc/NetworkManager/*

    One I've never seen is dhclient.service which would have configuration
    in /etc/dhclient/dhclient.conf

    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Martin Gregorie@3:770/3 to The Natural Philosopher on Thu Apr 27 12:07:56 2023
    On Thu, 27 Apr 2023 10:47:54 +0100, The Natural Philosopher wrote:

    Really?

    Yes, really. The DSL320B I've used for years currently has several
    problems:

    - its screwing with the fourth term of the IP address,which causes pinging
    other hosts on my LAN to fail - this seems to be corrupting the 4th term
    of a fixed IP address

    - my DSL320B can currently connect to the outside world from either of the
    two hosts on my LAN, but neither host can talk to the other one.
    AFAIK there's no problem with my CAT5/6 switch

    - the DSL320B should be configurable via http or telnet, but neither
    Firefox nor Lynx shows any ability to access the DSL320B via an http
    connection. If I point telnet at it, it accepts the default user name,
    'admin', but doesn't accept the password, which also defaults to 'admin'.

    - I got a replacement off eBay, because I couldn't find a retailer with
    any in stock and its even worse. It won't even accept the default user
    name. and can't be pinged.

    - The DSL320B manual says you can reset a DSL320B by poking a 'biro'
    into a 'reset' hole, but this is a lie: the hole is both too small and
    too deeply inset for any biro I've seen to work.

    However it should be resettable if you push a toothpick, some 1mm alloy
    tube or a shaved down matchstick into the small (1.5mm) 'reset' hole
    until you hear the switch click while holding the power switch down and
    keeping it pressed 10-15 seconds, but this failed to reset either of the
    DSL320Bs.

    Consumer routers are mostly utter crap. I have a Draytek now, and it all actually works.

    Its got ADSL but Ive migrated to fibre, and id does ethernet WAN as well (like cable)

    My problem is that there currently is no fibre available where I live: its
    ADSL or nothing at present as I'm not keen on WiFi.

    I'm currently on the Zen waiting list until fibre connectivity gets
    installed (I'm not holding my breath for this) but am about to see if they
    Zen can take over my current ADSL link anyway, by installing a Fritz box,
    which is what they apparently use as the fibre terminator, but for use as
    an ADSL terminator in the meantime.


    --

    Martin | martin at
    Gregorie | gregorie dot org

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Chris Elvidge@3:770/3 to R.Wieser on Thu Apr 27 12:35:26 2023
    On 27/04/2023 08:35, R.Wieser wrote:
    Chris,

    a) if using sysctl: put a file in /etc/sysctl.d/ containing
    net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.default.disable_ipv6 = 1
    net.ipv6.conf.lo.disable_ipv6 = 1

    I've applied all three, and after rebooting looking at ifconfig I do not see any ipv6 any more. Thank you.

    One question though : The latter two entries seem to be subsets of the first one. Is there something I'm missing or is this just a case of wearing a
    belt /and/ suspenders ?

    Regards,
    Rudy Wieser



    Agreed, they do seem to be subsets. I don't know why.
    But further investigation shows that commenting out (or removing) the
    above 3 lines and putting just
    net.ipv6.conf.eth1.disable_ipv6 = 1
    will disable ipv6 on only that interface (eth1)
    Note that you must have the interface name correct for it to work.


    --
    Chris Elvidge
    England

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to R.Wieser on Thu Apr 27 13:18:22 2023
    On Thu, 27 Apr 2023 12:02:52 +0200
    "R.Wieser" <address@is.invalid> wrote:

    Ahem,

    It is not DHCPv6 uses the link local addresses for
    communication.

    I'm still not grasping the distinction between an ipv6 and ipv4 "local address" I'm afraid.

    IPv6 link local addresses are local to the LAN segment (they
    cannot be used for forwarding enforced by the stack), generated
    automatically on the host with a duplicate address detection phase and used
    for DHCPv6 communication to provide public addresses, router information
    etc.

    IPv4 private addresses are local to the LAN, they can and are used
    for forwarding across routers on a LAN but should not be routed across the public internet. It is only firewall configuration in routers that prevents this.

    They're rather fundamental.

    I've just disabled ipv6 on my RPi and have not noticed anything failing.
    IOW, they can't be /that/ fundamental.

    fundamental to IPv6, it won't work without them.

    Whereas the link local addresses are protocol level and
    their behaviour is built into the IPv6 stack

    I don't quite get that I'm afraid : If data send and received using such
    a link local address can be read by software connecting to the ipv6
    stack, what than stops a router to do with as it pleases ?

    The definition of the IPv6 protocol. Yes you could hack the
    protocol stack to do anything you like but as long as you have a compliant
    IPv6 stack then the link local address will never be used as a source
    address unless the target is another link local address and packets with
    link local addresses (either target or source) will never be forwarded they have to go direct or not at all.

    Or, said otherwise : if the ipv6 stack somehow internally blocks data
    send using such a link local address how would a router - or even a

    It doesn't block sending it blocks forwarding - for a packet to
    leave a machine with link local addresses it has to originate on that
    machine, if it arrives for forwarding it will be dropped. IOW the only link local target address a host accepts is the one on the interface the packet arrived at.

    standard 'puter - be able to use that local link address to begin with ?

    The link local address can be used between hosts on the same LAN segment so for example it is very common for the link local address of a
    router to be used as the default route by every host using that router.
    This address will remain unchanged (and advertised via DHCPv6) no matter
    what changes are made to the routed networks.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Thu Apr 27 15:01:36 2023
    Chris,

    But further investigation shows that commenting out (or removing)
    the above 3 lines and putting just
    net.ipv6.conf.eth1.disable_ipv6 = 1
    will disable ipv6 on only that interface (eth1)

    Now you say that I remember having seen that been mentioned before. Didn't focus on it though, as I thought dhcpcd.conf would rule those settings. :-\

    Hmmmm... I wonder if I can use a

    net.ipv6.conf.all.disable_ipv6 = 1
    net.ipv6.conf.eth1.disable_ipv6 = 0

    sequence to disable all /but for/ a specific interface ...

    <testing>

    Yup, seems to work. Nice.

    Note that you must have the interface name correct for it to work.

    Are you sure about that ? I cannot just make up a word, put it there have
    the setting applied to the interface I was thinking of ? Bummer ... :-)

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Martin Gregorie on Thu Apr 27 15:04:58 2023
    On 27/04/2023 13:07, Martin Gregorie wrote:
    My problem is that there currently is no fibre available where I live: its ADSL or nothing at present as I'm not keen on WiFi.

    I have a pretty good Cisco (Linksys rebadged) SOHO ADSL router
    Its even got PSTN ports for voip.

    Needs a wall wart as I pinched that for the Netgear.

    Runs warm in use, but never fails.
    If you are in the UK I'll post it



    --
    “The ultimate result of shielding men from the effects of folly is to
    fill the world with fools.”

    Herbert Spencer

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Thu Apr 27 15:24:50 2023
    Ahem,

    I've just disabled ipv6 on my RPi and have not noticed anything
    failing. IOW, they can't be /that/ fundamental.

    fundamental to IPv6, it won't work without them.

    My brain balks about something thats "fundamental to IPv6", but is not an /internal/ IP (like 127.x.x.x) is. One of my pet peeves with Windows is
    that certain open ports facing the LAN cannot be closed (no way to do it)
    and terminating the service that opens them cannot be done as the service is also used for the internal working of the OS (using a 127.x.x.x IP).

    but as long as you have a compliant IPv6 stack then the link local
    address will never be used as a source address unless the target is
    another link local address

    And thats an explanation I can understand : both the source and target must
    be "link local addresses" to be able to make it thru the ipv6 stack. Obvious when you are aware of it (as with so many things). Thank you.

    standard 'puter - be able to use that local link address to begin
    with ?

    The link local address can be used between hosts on the same LAN
    segment

    :) That was not quite what I ment.

    I was trying to wrap my head around how an "link local address" datapacket could come outof the ipv6 stack in a 'puter, but not outof the same in a router. Your "source and target must be of the same kind" explained it.

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to The Natural Philosopher on Thu Apr 27 15:10:36 2023
    On 27/04/2023 15:04, The Natural Philosopher wrote:
    On 27/04/2023 13:07, Martin Gregorie wrote:
    My problem is that there currently is no fibre available where I live:
    its
    ADSL or nothing at present as I'm not keen on WiFi.

    I have a pretty good Cisco (Linksys rebadged) SOHO ADSL router
    Its even got PSTN ports for voip.

    Needs a wall wart as I pinched that for the Netgear.

    Runs warm in use, but never fails.
    If you are in the UK I'll post it



    Oh. I can still buy ADSL routers without WiFi in the UK

    https://www.broadbandbuyer.com/products/25841-draytek-v2832-k/

    Very very good router, that.

    --
    “But what a weak barrier is truth when it stands in the way of an hypothesis!”

    Mary Wollstonecraft

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Ahem A Rivet's Shot@3:770/3 to R.Wieser on Thu Apr 27 20:35:32 2023
    On Thu, 27 Apr 2023 15:24:50 +0200
    "R.Wieser" <address@is.invalid> wrote:

    My brain balks about something thats "fundamental to IPv6", but is not an /internal/ IP (like 127.x.x.x) is.

    It sort of is internal - to the LAN not the machine, rather like
    MAC addresses, the main use is to enable unicast addressing to be used for almost everything and minimise the use of broadcast addressing. It's all
    about scalability really - making it easy to manage a LAN with tens of thousands of hosts (horrible thought!).

    Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
    NAT and DHCP would be a nightmare in that environment.

    --
    Steve O'Hara-Smith
    Odds and Ends at http://www.sohara.org/

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Pancho@3:770/3 to The Natural Philosopher on Thu Apr 27 21:39:20 2023
    On 4/27/23 15:10, The Natural Philosopher wrote:
    On 27/04/2023 15:04, The Natural Philosopher wrote:
    On 27/04/2023 13:07, Martin Gregorie wrote:
    My problem is that there currently is no fibre available where I
    live: its
    ADSL or nothing at present as I'm not keen on WiFi.

    I have a pretty good Cisco (Linksys rebadged) SOHO ADSL router
    Its even got PSTN ports for voip.

    Needs a wall wart as I pinched that for the Netgear.

    Runs warm in use, but never fails.
    If you are in the UK I'll post it



    Oh. I can still buy ADSL routers without WiFi in the UK

    https://www.broadbandbuyer.com/products/25841-draytek-v2832-k/

    Very very good router, that.


    I use pfSense on NUC type PC circa 2016, before that I used tomato
    firmware on a cheap router, both very good.

    I wouldn't recommend a bespoke router, unless you wanted everything in
    one box modem/router/wifi.

    For Wifi the modern mesh systems are very good at roaming in a big
    house, very cheap. I have 4 access points or whatever they are called,
    dropped wifi is a thing of the past.

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Martin Gregorie@3:770/3 to All on Thu Apr 27 22:19:56 2023
    On Thu, 27 Apr 2023 12:07:57 -0000 (UTC), Martin Gregorie wrote:

    Sorry about the slow reply: I'm bringing up a new server (current AMD
    silicon, solid state storage) damn quick, and sort of lost track of the
    time. The problem it that I was almost too late on making the swap,
    because the last backup has a bit of minor file damage: just enoughto make
    life mire 'interesting' than I wanted. The old dual Athlon box totally
    shat on the update I ran after the backup and I thought that the backup
    had survived untouched, but it had just enough damage to be annoying.

    That aside, Fedora 37 loaded easily, apart fom a bu=it of nonsense from
    Brave (crashed immdiately, but today's upgrade fixes that) and the latest Evolution is pretty much a mess on the new box and I've still to migrate PostgreSQL to v 14. On the other hand, Java is up an running without
    problems, most of my C stuff looks to be OK and Apache is doing its thing pretty well apart from geany needing a reinstall: not yet diagnosed.

    My DSL320B ADSL' walwart has a 3.7mm OD coax plug that delivers 12v @
    0.5A, so iF that's suitable for your ADSL router I'd be very happy to have
    it, always assuming enough of its documentation to make it configurable
    has survived.

    Thanks for the unexpected offer!

    On Thu, 27 Apr 2023 10:47:54 +0100, The Natural Philosopher wrote:

    Really?

    Yes, really. The DSL320B I've used for years currently has several
    problems:

    - its screwing with the fourth term of the IP address,which causes
    pinging
    other hosts on my LAN to fail - this seems to be corrupting the 4th
    term of a fixed IP address

    - my DSL320B can currently connect to the outside world from either of
    the
    two hosts on my LAN, but neither host can talk to the other one.
    AFAIK there's no problem with my CAT5/6 switch

    - the DSL320B should be configurable via http or telnet, but neither
    Firefox nor Lynx shows any ability to access the DSL320B via an http
    connection. If I point telnet at it, it accepts the default user name,
    'admin', but doesn't accept the password, which also defaults to
    'admin'.

    - I got a replacement off eBay, because I couldn't find a retailer with
    any in stock and its even worse. It won't even accept the default user
    name. and can't be pinged.

    - The DSL320B manual says you can reset a DSL320B by poking a 'biro'
    into a 'reset' hole, but this is a lie: the hole is both too small
    and too deeply inset for any biro I've seen to work.

    However it should be resettable if you push a toothpick, some 1mm
    alloy tube or a shaved down matchstick into the small (1.5mm) 'reset'
    hole until you hear the switch click while holding the power switch
    down and keeping it pressed 10-15 seconds, but this failed to reset
    either of the DSL320Bs.

    Consumer routers are mostly utter crap. I have a Draytek now, and it
    all actually works.

    Its got ADSL but Ive migrated to fibre, and id does ethernet WAN as
    well (like cable)

    My problem is that there currently is no fibre available where I live:
    its ADSL or nothing at present as I'm not keen on WiFi.

    I'm currently on the Zen waiting list until fibre connectivity gets
    installed (I'm not holding my breath for this) but am about to see if
    they Zen can take over my current ADSL link anyway, by installing a
    Fritz box, which is what they apparently use as the fibre terminator,
    but for use as an ADSL terminator in the meantime.


    --

    Martin | martin at
    Gregorie | gregorie dot org

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From R.Wieser@3:770/3 to All on Fri Apr 28 08:44:14 2023
    Ahem,

    It sort of is internal - to the LAN not the machine

    Thats the thing : I do *not* want my machine to just talk to other machines
    (on the same lan or not) - at least not without my explicit say-so.

    I regard it as a weakspot, to be exploited when one of those machines on the LAN gets taken over by malware (and tries to find a way into other
    machines).

    It's all about scalability really - making it easy to manage a LAN
    with tens of thousands of hosts (horrible thought!).

    All I can think about when I read that is of companies who had to shut down
    and had to do a major cleanup because one person got its computer infected
    and than it spread from there. :-\

    Regards,
    Rudy Wieser

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Ahem A Rivet's Shot on Fri Apr 28 10:39:12 2023
    On 27/04/2023 20:35, Ahem A Rivet's Shot wrote:
    On Thu, 27 Apr 2023 15:24:50 +0200
    "R.Wieser" <address@is.invalid> wrote:

    My brain balks about something thats "fundamental to IPv6", but is not an
    /internal/ IP (like 127.x.x.x) is.

    It sort of is internal - to the LAN not the machine, rather like
    MAC addresses, the main use is to enable unicast addressing to be used for almost everything and minimise the use of broadcast addressing. It's all about scalability really - making it easy to manage a LAN with tens of thousands of hosts (horrible thought!).

    Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
    NAT and DHCP would be a nightmare in that environment.

    Ah you sure? At some level my cellphone sits behind a massive NAT when contacting IPV4 hosts

    --
    How fortunate for governments that the people they administer don't think.

    Adolf Hitler

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From Martin Gregorie@3:770/3 to R.Wieser on Fri Apr 28 10:09:34 2023
    On Fri, 28 Apr 2023 08:44:15 +0200, R.Wieser wrote:

    Ahem,

    It sort of is internal - to the LAN not the machine

    Thats the thing : I do *not* want my machine to just talk to other
    machines (on the same lan or not) - at least not without my explicit
    say-so.

    I regard it as a weakspot, to be exploited when one of those machines on
    the LAN gets taken over by malware (and tries to find a way into other machines).

    It's all about scalability really - making it easy to manage a LAN with
    tens of thousands of hosts (horrible thought!).

    All I can think about when I read that is of companies who had to shut
    down and had to do a major cleanup because one person got its computer infected and than it spread from there. :-\

    My solution there has always been to run a firewall on every machine on my
    LAN so that only the ports used by the software your computers use to talk amongst themselves are open: this means that only ssh (22), smtp (25), http(80), sftp(115), nntp(119) ntp(123), rsync(873) and maybe ftp(21) and
    SAMBA (if you have Windows boxes on your LAN) are likely to be open, but
    its worth looking at /etc/services as a reminder of what the various ports
    are used for.

    Then make a similar (and smaller) list of the ports you're willing to open
    in your LAN firewall to accept incoming traffic.

    Note that these incoming ports do not need to be open if you always open connections FROM your systems TO external servers: IOW you can use a
    webreader such as Firefox without opening port 80 and you can send and
    receive mail without opening port 25 if you run a mail server on your LAN
    and use, say, getmail to collect incoming mail from your mailbox on your
    ISP.

    So, call me paranoid, but I don't have any firewall ports open to the
    wider internet: I use getmail, run as a cron job every 10 minutes to
    retrieve incoming mail and pass it to a local Postfix server for
    distribution to laptops etc. The public copies of my websites are hosted
    by my ISP: I maintain identical master copies locally and update the
    public versions by exporting new and updated pages to the hosting site by
    using gftp.


    --

    Martin | martin at
    Gregorie | gregorie dot org

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From The Natural Philosopher@3:770/3 to Martin Gregorie on Fri Apr 28 11:11:30 2023
    On 27/04/2023 23:19, Martin Gregorie wrote:
    On Thu, 27 Apr 2023 12:07:57 -0000 (UTC), Martin Gregorie wrote:

    Sorry about the slow reply: I'm bringing up a new server (current AMD silicon, solid state storage) damn quick, and sort of lost track of the
    time. The problem it that I was almost too late on making the swap,
    because the last backup has a bit of minor file damage: just enoughto make life mire 'interesting' than I wanted. The old dual Athlon box totally
    shat on the update I ran after the backup and I thought that the backup
    had survived untouched, but it had just enough damage to be annoying.

    That aside, Fedora 37 loaded easily, apart fom a bu=it of nonsense from
    Brave (crashed immdiately, but today's upgrade fixes that) and the latest Evolution is pretty much a mess on the new box and I've still to migrate PostgreSQL to v 14. On the other hand, Java is up an running without problems, most of my C stuff looks to be OK and Apache is doing its thing pretty well apart from geany needing a reinstall: not yet diagnosed.

    My DSL320B ADSL' walwart has a 3.7mm OD coax plug that delivers 12v @
    0.5A, so iF that's suitable for your ADSL router I'd be very happy to have it, always assuming enough of its documentation to make it configurable
    has survived.

    Thanks for the unexpected offer!

    Mmm. Its a Cisco 527W . I have full PDF docs. They are online anywhere.

    https://www.manualslib.com/products/Cisco-Small-Business-Pro-Srp527w-3526294.html

    It has two VOIP sockets in it that will connect to SIPGATE for sure

    If you don't want wifi you can turn it off.

    It is actually a seriously reliable router for ADSL .

    The input thingie is coaxial and says 12VDC on it
    OD looks like 5 or 6 mm

    Oh. I checked. The Netgear POS has a Netgear PSU so I initiated a
    rummage through the cable box which elicited another PSU that seems to
    power the Cisco up. I think it is the one it always had. I lost track
    of the Cisco during the divorce.

    Um you can email me at webmaster at gridwatch.org.uk

    I'll then switch to a more used email address.

    And I can post it to you.

    --
    “Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong remedies.”
    ― Groucho Marx

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
  • From scott@alfter.diespammersdie.us@3:770/3 to Ahem A Rivet's Shot on Wed May 3 17:37:00 2023
    Ahem A Rivet's Shot <steveo@eircom.net> wrote:
    Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
    NAT and DHCP would be a nightmare in that environment.

    CGNAT is pretty common on those to provide IPv4 connectivity. Mine
    currently has an address in the 10.x.x.x range, as well as an IPv6 address.

    --
    _/_
    / v \ Scott Alfter (remove the obvious to send mail)
    (IIGS( https://alfter.us/ Top-posting!
    \_^_/ >What's the most annoying thing on Usenet?

    --- SoupGate-Win32 v1.05
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)