In the world of BSD conferendes, BSDCan 2026 https://bsdcan.org is next, on June 17-20 in Ottawa, Canada.

Read more about the BSD conferences in "What is BSD? Come to a conference to find out!" https://nxdomain.no/~peter/what_is_bsd_come_to_a_conference_to_find_out.html #netbsd #openbsd #freebsd #conference #freesoftware #libresoftware #development #networking #sysadmin

Can anyone recommend a decent 2 port PCI network card?

Not PCIe or PCI-X!!!!

Bonus if its compatible with #NetBSD and has 1Gb ports

#Networking #oldcomputing

#IPv6 test as as German Telefonica roaming customer in the Belgian "Orange" network: [insert sad face here]

#networking #orange

Why IPv6 is the only way forward

https://ankshilp.in/posts/for-the-love-of-internet/

#HackerNews #IPv6 #Future #Internet #Technology #Networking #Innovation

#NetMCR (https://www.netmcr.uk/) is on again this Thursday (9th) in #Manchester.

There will be 2 talks:

* Ross Moya, ‘BNG evolution at a fast growing altnet’:

A deep dive into how we scaled our BNG deployments to support rapid subscriber growth and the features and improvements we picked up along the way.

* Thomas Mangin, ‘Ze: What ExaBGP should always have been’:

We’re very delighted to have Thomas back again to speak about BGP, and this time he’s back with a new and improved project. There will be BGP, there will be Go, and there will be some judicious use of new-fangled programming methods.

Go and chat with some nice people, have some weird 🍻, and if you're hungry, 🍔 and 🍟!

#Networking #MeetUp

OpenSSH 10.3/10.3p1 released! https://undeadly.org/cgi?action=article;sid=20260407084719 #openbsd #openssh #ssh #security #cryptography #networking

Y'all I was at Chelsea flea yesterday and was swept up in a tsunami of nostalgia. These lil blue mfers used to crush embedded Linux, they carried me through my networking labs

WRT54G leggo

#networking #linux

Alt...

An old Linksys router that used to be a household name

New Patches Allow Building Linux IPv6-Only, Option to Deprecate "Legacy" IPv4

https://www.phoronix.com/news/Linux-IPv6-IPv4-Legacy-Knobs

#HackerNews #Linux #Patches #IPv6 #IPv4 #Networking #Technology

Building a Mostly IPv6 Only Home Network

https://varunpriolkar.com/2026/03/building-a-mostly-ipv6-only-home-network/

#HackerNews #Building #a #Mostly #IPv6 #Only #Home #Network #IPv6 #HomeNetwork #TechTrends #Networking #FutureOfInternet

At #RSAC2026? Missing good coffee?

Drop by Tailscale’s Peer-to-Pour Cafe at Sextant Coffee Roasters, just steps from Moscone, for free coffee, sweet treats, custom swag, keycap fidgets, and chats with the team. Open Tues Mar 24, 8:00-5:00 and Wed Mar 25, 8:00-4:30 for badge holders. Plus: demos, expo swag, raffles, and more all week.

https://tailscale.com/rsac26/?utm_source=Mastodon&utm_medium=owned-social&utm_campaign=rsac-2026

#RSAC #RSAC2026 #Cybersecurity #ZeroTrust #Networking #Tailscale

Running a FreeBSD server with two independent uplinks?

My latest deep dive covers how to mix a physical provider and a BGP tunnel to serve NAT'd, routed, and pure public jail traffic on a single bridge.

We break down Dual-FIB policy routing and show you how to use PF's rtable and reply-to directives to fix asymmetric routing and keep traffic strictly separated.

Policy routing done right: https://blog.hofstede.it/dual-fib-policy-routing-on-freebsd-two-upstreams-one-server-zero-confusion/

#FreeBSD #BGP #Jails #SysAdmin #networking #routing

Any Wireguard gurus out there?

Is the following possible?

I have a network behind two firewalls with the outer firewall being on CGNAT.

I can create a WG tunnel via a VPS outside the CGNAT (random VPS on public Internet) to allow hosts on the network inside of the second firewall to expose TCP ports like an adhoc web server or whatever.

This seems to work fine. I can curl a page inside the firewalls by connecting to the public VPS on the configured port for the tunnel.

I've tried to get a Wireguard VPN connection to work over this tunnel.

That is, a client outside the CGNAT firewall tries to create a VPN connection on the inside the second firewall.

Trying to do this by creating a Wireguard VPN connection through an existing Wireguard tunnel.

Both firewalls are OPNSense, remote client can be anything but am trying a Win 11 VM currently.

I still need to spend more time working on it but I'm really not getting anywhere and was wondering...

Is this even possible?

Anyone done this?

Perhaps there is a different/better approach I should try?

👂 👂 All ears. 👂 👂

#Wireguard #Networking #VPN

Good morning!
Tonight it is #NetMCR (https://www.netmcr.uk/) again in #Manchester.
Join them for a #Networking #MeetUp at the Northern Monk (https://www.northernmonk.com/pages/manchester) from 7pm.

Talks will include:

* *Sam Cater, 'CHERI - Bolstering security by baking it into silicon'*:

A quick run-down of what the CHERI Alliance is and how it came to be, what the technology does, how it's being utilised today with wins & losses. There will be some use-cases demonstrated and a little spin on how that's useful to Sam's employer.

* *Christian Farrow, 'From networked clocks to TikTok: atomic timekeeping makes its retro return!'*:

Our resident Time Lord is back once again with a neat run down on atomic timekeeping. Arcane mysteries or run-of-the-mill devices? Come find out!

*You?*:

Feel free to come and speak to us if you've something to speak about, on the evening or ahead of time!

Hopefully see you there for some 🍻 , 🍔, 🍟 and ℹ️ 😀

Part 3 of my hobby AS series is up: connecting my AS201379 to LocIX Düsseldorf via a dedicated FreeBSD edge router.

Covers route server peering, IPv6-in-IPv6 GIF tunnels, PF on a shared peering LAN, and iBGP back to the core.

https://blog.hofstede.it/running-your-own-as-joining-an-ixp-with-a-third-edge-router/

#FreeBSD #BGP #Networking #IXP #IPv6

Fascinating potential successor to BGP

https://www.theregister.com/2026/03/17/switzerland_bgp_alternative/

#Networking #BGP

There's no way to do both SLAAC GUAs plus ULAs using DHCPv6 is there?

I need all the machines to have ULA for Wireguard reasons but I don't want to give up the GUAs.

#Networking #IPv6

A favorite of mine. It came around years ago on the Twitter website. I've long lost who to credit.

Thanks to detective work by those more talented than I, it appears to belong to "Ally M Hennessy", used in one of her workshops…

#networking #career #life #advice #meme

Alt...

HELLO. MY NAME IS INIGO MONTOYA. YOU KILLED MY FATHER. PREPARE TO DIE. INIGO’S GUIDE TO NETWORKING SUCCESS 1. POLITE GREETING 2. NAME 3. RELEVANT PERSONAL LINK 4. MANAGE EXPECTATIONS Princess Bride (the movie) themed meme. Inigo is a Spaniard - long black hair, black mustache, black eyebrows - classic fantasy swashbuckler dress.

PF queues break the 4 Gbps barrier https://www.undeadly.org/cgi?action=article;sid=20260319125859 #openbsd #pf #queues #packetfilter #trafficshaping #4gigbarrier #morebandwidth #fasterpackets #networking

Happy PF tutorial at #asiabsdcon 2026 day to all who celebrate!

https://2026.asiabsdcon.org/entry/talk/ZUQPMV/

Slides are available as https://nxdomain.no/~peter/pf_fullday.pdf

#freebsd #openbsd #pf #networking #packetfilter

Huh. The router can't connect to addresses on the other side of BGP, but everything else can connect to the BGP addresses just fine. Traceroutes are....strange....

This is probably not a good sign.... I should poke at it more tonight probably something with route reflection ?

#HomeLab #Networking

As a female professional, I am passionate about fostering deep, meaningful connections and pursuing collaborative synergies with other women in my field. 🏳️‍🌈✨ #Networking #WomenInLeadership #AuthenticConnections

Site 2 Site Wireguard AllowedIPs question.

IPv4 both sites are private address ranges with no overlap, so to do split tunnel I just configure the client AllowedIPs to match the server's untunneled LAN range. Easy enough.

However for IPv6 everything has GUA addresses thanks to prefix delegation. Thing is, the ISP won't guarantee my prefix. So how do I guard against prefix changes... Or do I just have to update the client config then?

#Networking #Wireguard

How is everyone doing IPAM for home networks and different sites?

I'm specifically looking at the following:

- ULA for Site2Site VPN - thinking of sticking with one /48 ULA and doing sequential /64s. Or should I just say fuck it and do a different /48 for each?
- IPv4 subnets. Current site is set up with 192.168.1.0/24 and then I went down from 198.168.255.0/24 for VPN ranges. Do I do move the VPN ranges to be sequential on the original site and then what, have a gap and start the new site at 192.168.100.0? I have seen some clever solutions about encoding latitude+longitude into the bits to ensure no clashes, of course I'm not ever going to scale like that but...

Hrm...

#Networking #HomeLab

Finally up to breaking the home network (notwork eheh) as promised while partner is away.

Some scuffles with passwords and IPv6 so far but tethering looks to be working dual stack so both WiFi networks and routers are UP and *both* have internet. Which means no having to look stuff up on my phone or swap networks to get back to the router admin. Incredible luxury tbh

A break and then on to wireguard

#Networking

The Book of PF, 4th Edition: It's Here, It's Real https://nxdomain.no/~peter/its_real_its_here.html - now that I have physical copies, I'll bring some to the upcoming conferences such as #asiabsdcon #bsdcan #eurobsdcon #freebsd #openbsd #pf #packetfilter #networking #networktrickery #freesoftware #libresoftware #bookofpf @EuroBSDCon @nostarch

#NetMCR (https://www.netmcr.uk/) is on again this Thursday (12th) in #Manchester.

The talk will be by Mark Tearle, titled:

‘It is a disaster! Reacting to the Unexpected’*

Mark has flown across the world, avoiding flight disruptions, to present an interactive talk about disasters that befall networks, data centres and telecommunications infrastructure across the globe. A curated set of incidents will be discussed and the question posed - how would you or your organisation respond?

Go and chat with some nice people, have some weird 🍻, and if you're hungry, 🍔 and 🍟!

#Networking #MeetUp

RE: https://mastodon.social/@pitrh/116182418029757504

Again for the Monday morning (CET) crowd -

There's a new book out for your #networking, #openbsd, #freebsd cravings:

Justine Smithies boosted

Peter N. M. Hansteen » 🌐 2026-03-06 / 2026-03-06
@pitrh@mastodon.social

The Book of PF, 4th Edition: It's Here, It's Real https://nxdomain.no/~peter/its_real_its_here.html #openbsd #freebsd #pf #packetfilter #networking #firewall #networktrickery #security #freesoftware #libresoftware @nostarch

Partner is away next week - and you know what that means....

I can break the home network without getting in trouble

#Networking #HomeLab

The Book of PF, 4th Edition Spotted in the Wild https://undeadly.org/cgi?action=article;sid=20260306131150 #openbsd #freebsd #pf #packetfilter #networking #security #networktrickery #freesoftware #libresoftware

The Book of PF, 4th Edition: It's Here, It's Real https://nxdomain.no/~peter/its_real_its_here.html #openbsd #freebsd #pf #packetfilter #networking #firewall #networktrickery #security #freesoftware #libresoftware @nostarch

New Blog Post!

https://blog.transitory.social/posts/2026-02-05-protonvpn-exit-via-egress-gateway-policy

(No AIs were inconvenienced in the writing of this post.

@homelab@fedigroups.social

#Homelab #SelfHosted #Kubernetes #Networking

Glad to see progress in securing internet routing.

https://blog.cloudflare.com/aspa-secure-internet/?utm_source=tldrdevops/

#networking

Conferences - #asiabsdcon is only a couple of weeks away, the call for papers for #eurobsdcon starts tomorrow, and #BSDCan is on for June.

Read more via "What is BSD? Come to a conference to find out!" https://nxdomain.no/~peter/what_is_bsd_come_to_a_conference_to_find_out.html #openbsd #netbsd #freebsd #freesoftware #development #networking #security

Finally, the ISP has removed CGNAT and gave me a public IP address for the GSM service.

Now the failover setup is complete, and with #docker driven #cloudflare updater "favonia/cloudflare-ddns", all is in place.

#Unifi5GMaxOutdoor #ISP #Unifi #selfhosting #selfhosted #homelab #networking

@mikrotik have a Fediverse account. And not only that- they even have their own instance! :o

https://mikrotik.social/@mikrotik

#mikrotik #router #switch #networking

Yes, You Too Can Be An Evil Network Overlord - On The Cheap With OpenBSD, pflow And nfsen https://nxdomain.no/~peter/yes_you_too_can_be_an_evil_network_verlord.html

A story about network metadata and #openbsd, originally from 2014, good for reprising. See The Book of PF for more #nfsen #netflow #pflow #monitoring #networking #security #pf #packetfilter #bookofPF @nostarch

Any chance that someone might have spare RIPE ATLAS credits?

I currently do some experiments with the IPv6 routing of my AS201379 and being able to do measurements on Atlas would be sooooo helpful right now.

#fedihelp #ripe #ripencc #ripeatlas #ipv6 #networking

From FediGarden I extracted a few servers to make new accounts at

no confirmation mail sent by

https://mastodon.cipherbliss.com
https://elekk.xyz

@FediGarden

#FediVerse #Social #SocialMedia #account #registration #error #networking #programming #OpenSource #configuration #annoying

Spent way too long getting HTTP/3 working on FreeBSD with nginx, so I wrote it all up.

The highlights: stock OpenSSL silently breaks QUIC at the HTTP/3 framing layer (the TLS handshake succeeds, so openssl s_client lies to you). eBPF worker routing doesn't exist on FreeBSD. And if nginx is in a jail with IPv4 NAT, a pass rule for UDP 443 is useless without a matching rdr.

New post: https://blog.hofstede.it/http3-on-freebsd-getting-quic-working-with-nginx-in-a-bastille-jail/

#FreeBSD #nginx #HTTP3 #QUIC #Networking

16 hours in, we're at ~125K IPs, so we're keeping the rate of around 2 attempts per second. I'm still waiting for recommendations on tools that would allow me to wade through this huge collection of IPs to get statistics on who they belong to, if there's an actual botnet in it (inclusive of residential addresses taken over by it) and/or which datacenters are involved. Any #recommendations? #askFedi #fediHelp #networking

One day I'll understand enough to separate the router from the gateway.... Today is not that day.

Probably not the year, either.

#Networking #NotWorking

A proper rain shower today and whole last night. Testing #Unifi5GMaxOutdoor IP67 rating ;)

#ISP #Unifi #selfhosting #selfhosted #homelab #networking