Posts Mentioning RSS Toggle Comment Threads | Keyboard Shortcuts

  • Jeff Forman 9:13 pm on July 25, 2010 Permalink | Reply  

    New and Shiny – Comcast IPv6 

    A few months ago Comcast began publicizing their IPv6 trials for their customers. For those who don’t have a lot of spare time, IPv6 is the next addressing system for the Internet. Currently IPv4 is the predominant addressing system, akin to a phone number. With the growing number of people using the global Internet, these numbers are bound to run out. Various predictions have put this exhaustion anywhere from tomorrow to a hundred years from now for that Internet-apocalypse to arrive. IPv6 among other things, offers a near limit-less number of addresses (2^128 for the curious).

    Comcast, loved or hated, started IPv6 trials on their own network, turning up customers on their (trial?) IPv6 network. Since IPv6 is not in widespread use today, and not all destinations on the Internet can handle v6 requests, there are several stop-gap solutions. One of them is IPv6 6RD, where RD stands for “Rapid deployment.” From my little understanding, this allows Comcast customers to encapsulate v6 traffic inside v4 packets through Comcast’s network to the IPv6-enabled destinations.

    Without further wait, this is how I did it (save the several weeks of headbanging frustration that ensued):

    Comcast provides their customers with some network addressing information:

    IPv6 prefix = 2001:55c::/32
6rd BR FQDN = 6rd.comcast.net
IPv4 prefix length = 0

    Having only a very cursory knowledge of IPv6 addressing, I stumbled my way through the configuration. The IPv6 prefix is used to determine the breadth of Comcast’s v6 network, which octets are network bits, and what bits are host bits. The BR FQDN (border router, fully qualified domain name) is the IPv4 hostname for the gateway in which my firewall will connect to reach the “v6 Internet.” IPv6 packets are encapsulated inside v4 packets, and passed through this border router for further transit.

    On to the configuration. First off, I use OpenBSD 4.7 on my firewall/router. It runs on a little embedded box, using pf as the firewall packet filter.

    First we must set some system variables via sysctl (via command line and commit to /etc/sysctl.conf):

    net.inet6.ip6.accept_rtadv=0
    net.inet6.ip6.forwarding=0

    These two variables tell your machine not to accept router advertisements (don’t act like a DHCP client accepting network configuration), and the second one tells your machine not to forward IPv6 packets. v6 unlike v4, for the most part, obviates the need for NAT. Therefore if this value were ’1′, you would be forwarding v6 traffic from the external Internet to all v6-enabled devices on your home network. Unless you really intend to open up your home network to the entire Internet, keep this value as 0 for now.

    I created a little shell script that creates the tunnel interface (gif0), and then configures the interface and default routes.

    #!/bin/sh -x
    WANIP=`ifconfig vr0 | grep -v inet6 | grep inet | awk '{print $2}'`
    HOSTRD=`host 6rd.comcast.net | awk '{print $4}'`
    V6PREFIX=`printf '%02x%02x:%02x%02x' $(echo $WANIP | tr . ' ')`
    ifconfig gif0 destroy
    ifconfig gif0 create
    ifconfig gif0 tunnel ${WANIP} ${HOSTRD}
    ifconfig gif0 inet6 2001:55c:${V6PREFIX}::1 prefixlen 32
    ifconfig gif0 up
    route -n add -inet6 default ::1 -ifp gif0

    The nasty bits are mostly in the first three variables.
    WANIP is the external IPv4 IP of my firewall
    HOSTRD is the IPv4 IP of Comcast’s IPv6 border router
    V6PREFIX: This takes WANIP and converts the IP into its hexadecimal equivalent. This is the format used in IPv6 addresses, and will make up the rest of my personal IPv6 prefix.

    Most of the script is self explanatory, and large chunks are stolen from others on the Comcast IPv6 message boards. I have set my external IPv6 tunnel interface to $prefix::1, and set the route for all IPv6 traffic to go out over the gif0 tunnel interface.

    At this point, if pf is disabled (therefore allowing all packets through to your machine), you should be able to ping6/traceroute6 to various IPv6-enabled Internet sites. These include ipv6.google.com, http://www.kame.net and ipv6.comcast.net.

    # traceroute6 ipv6.google.com
traceroute6: Warning: ipv6.l.google.com has multiple addresses; using 2001:4860:800f::63
traceroute6 to ipv6.l.google.com (2001:4860:800f::63) from 2001:55c:MY:PREFIX::1, 64 hops max, 12 byte packets
1  2001:55c:MY:PREFIX::1  21.491 ms  19.103 ms  22.759 ms
2  2001:558:e0:52::1  20.734 ms  19.227 ms  16.623 ms
3  2001:558:e0:24::1  17.903 ms  18.821 ms  19.193 ms
4  te-0-3-0-4-cr01.newyork.ny.ibone.comcast.net  21.704 ms  23.512 ms  24.715 ms
5  pos-1-12-0-0-cr01.mclean.va.ibone.comcast.net  27.821 ms  41.616 ms  31.4 ms
6  pos-0-3-0-0-pe01.ashburn.va.ibone.comcast.net  25.451 ms  34.823 ms  25.43 ms
7  2001:558:0:f749::2  29.801 ms  39.119 ms  33.211 ms
8  Vlan22.icore1.AEQ-Ashburn.ipv6.as6453.net  34.592 ms  36.29 ms  33.039 ms
9  pr61.iad07.net.google.com  34.766 ms  34.493 ms  39.389 ms
10  2001:4860::1:0:9ff  34.941 ms  35.911 ms  32.12 ms
11  2001:4860:0:1::149  37.298 ms 2001:4860:0:1::14b  48.993 ms 2001:4860:0:1::149  37.446 ms
12  iad04s01-in-x63.1e100.net  36.593 ms  31.367 ms  33.089 ms

    This post only involves getting your gateway machine speaking IPv6. I have been able to wire up the rest of my internal LAN using rtadvd, and allow them IPv6 access. There are a lot more pieces here, including rtadvd and packet filtering that I don’t quite fully understand yet how they all interact, and will require another post.

     

  • Jeff Forman 8:35 am on May 21, 2010 Permalink | Reply  

    Google Wave as an online notepad? 

    Months ago when Google Wave was the new hotness on the block, and everyone and their Internet-connected Mother was trying to get an account, I mostly scoffed at the technology. At the time I felt it was a cross between IRC, a rich real-time Wiki, and some crazy new “look what we can do Web 2.0″ type application. I poked around the various incarnations it took through the preview, but mostly forgot about it months ago.

    Then today I was talking with a friend who mentioned that Google Apps users can now get their own Waves for their domain. Google Apps, for those who aren’t into all the Google Kool-Aid, is hosted email/calendaring/contacts/documents for a domain or organization. I must imagine their target demographic is business users, but I use it for my own personal domain, as do many others.

    But back to Google Wave. I was trying to think of a use case for Google Wave for my domain, since previously I had pretty much written it off as some useless toy. After being in a meeting at work where all I wanted was an online notepad where I could add notes, edit them later, and then email out to my team, Google Wave came back to the front of my mind.

    At work we use Zimbra for our email/calendaring, and while it has a tasks list and briefcase area for writing documents saved in the Zimbra ecosystem, it doesn’t quite cover all the bases. There is no way to tell revisions, so I can’t tell when I edited a piece of the document, and exactly what I modified. While Zimbra does have briefcase documents, it feels like a hacked together solution that does not integrate well. When working with a document, Zimbra decides to open said document in a screen-maximized window, dominating other windows. Why not stick that document into another Zimbra tab?

    Comparing the functionality to Google Wave, I wish I could email a wave. I understand that a Wave might contain animated Youtube videos, or other rich content, but even a static-PDF would suffice. Currently all that is provided is the ability to email a link to your particular wave.

    Having only used it for a day or so right now, it has proved pretty helpful, along with having the speed and reliability of other Google products.

    You might be asking “what is the difference for this use case, between Google Wave and Google Documents?”  For me personally, Wave comes across as much more train-of-thought, whereas a Doc feels more like a formalized document. What do you guys think? Are there use cases for Google Wave other than the obvious?

     

  • Jeff Forman 10:12 am on April 8, 2010 Permalink | Reply  

    Today is brought to you by:
    find . -mtime +14 -exec rm -rfv {} \;

     

  • Jeff Forman 2:07 pm on March 26, 2010 Permalink | Reply  

    Sprinkling an ‘or’ on your regex 

    Had some fun today getting this working. If you need to do a boolean ‘or’ comparison inside a regex with python, this is how I did it:
    if (re.match(r”([0-9]{6}|[0-9]{8})$”, mydate)):

    In this case, I was trying to either match a date string using 8 digits, YYYYMMDD, or 6 digits, YYMMDD.

     

    • Steve Laniel 9:42 am on March 27, 2010 Permalink | Reply

      A few things:

      1) That’s not just Python. That’s essentially all regular expressions. It’s called “alternation,” if you’re curious. Look in the man page for grep(1).
      2) The shorter and better way to say [0-9] is “\d”. So your regex could be shortened to
      “\d{6}|\d{7}”.
      3) The “character classes” (things like “[0-9]” or “[A-Za-z]“) are actually just more-concise ways of expressing alternation. So, for instance, “[0-9]” is identical to “0|1|2|3|…|8|9″.
      4) You may already know that if you were looking for 6, 7, or 8 digits, you could use “\d{6,8}”.

  • Jeff Forman 11:57 am on September 29, 2009 Permalink | Reply
    Tags: linode, twitter, wordpress   

    Is this thing on? 

    Testing out the new wordpress install on the new webhost. Does it make it to twitter….

     

Older Posts →

c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
esc
cancel