In DHCP servers you can configure IP address reservations, meaning that you statically configure the IP addresses that you want the specific DHCP clients to get. This is sometimes desirable when you know your devices and want to ensure that their DHCP-assigned IP addresses won’t change, because of, you know, reasons. (Printers may or may […]
NetBox Plugins to Present External Data
I have worked with NetBox for over five years now, and NetBox plugins feature has existed since version 2.8 in April 2020, but it was only recently that I got a need to start leveraging plugins to extend the NetBox functionalities. Most of the publicly available plugins work with Django model-based data that is saved […]
Commanding Devices with Tmux
Let’s go right away to the question: How do I enter commands on two devices at the same time? One of the possible answers is: With tmux. My usual workflow to connect to the end devices is from a Linux host that has tmux installed. The situation can look for example like this: Before being […]
Datetimes with Timezones in Python
First, let’s show how the commonly-used plain datetime.datetime.now() gets the local time but does not have a timezone: >>> import datetime >>> now = datetime.datetime.now() >>> type(now) <class ‘datetime.datetime’> >>> now datetime.datetime(2024, 2, 17, 12, 47, 40, 34210) >>> print(now) 2024-02-17 12:47:40.034210 >>> now.tzinfo is None True >>> Let’s add timezone to it, using the […]
Manpages for systemd
Because I seem to frequently search for these manpages: systemd versions in Debian Linux:
Compressed Data Between PowerShell and Python
I have built an application that transfers JSON data between remote PowerShell and Python components using Amazon SQS (Simple Queue Service). The size of the data is usually quite small, fitting nicely into the 256 KiB message size limit of SQS, letting me avoid complex multi-message handling or temporary S3 objects. In specific cases, however, […]
IKEv2 AES-256-GCM and SHA-384, what?
What has this SHA-384 to do with AES-256-GCM? I thought GCM contained integrity checks already, so why is SHA-384 there anyway? With AES-CBC (= non-GCM) in IKEv2 phase 1, you have to use an authentication (hashing) algorithm that ensures the integrity of the data exchange. Nowadays the common ones are SHA-256, SHA-384 and SHA-512. So, […]
DHCPv6 Relay
Following my earlier post about introduction to DHCPv6, let’s see how DHCPv6 relaying works in practice. In VLAN 60 there is the DHCPv6 client but no DHCPv6 server. The subnet-attached router is configured as DHCPv6 relay, using the DHCPv6 server address from VLAN 41. The components in this setup are: I’ll capture the traffic on […]
Configuring Hourly Log Rotation with Logrotate and Rsyslog
Logrotate runs daily by default on Debian Linux. It is scheduled to run at 00:00:00 with systemd: markku@logtest:~$ systemctl list-timers NEXT LEFT LAST PASSED UNIT ACTIVATES Mon 2023-11-20 00:00:00 EET 2h 20min left Sun 2023-11-19 00:00:17 EET 21h ago logrotate.timer logrotate.service … When you want logrotate to rotate files hourly, you need two changes: For […]
Introduction to DHCPv6
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) is just that: a protocol that can be used for host configuration, defined in RFC 8415. In this post I will introduce some basics of the protocol. DHCPv6 protocol A DHCPv6 message for client-server conversation consists of message type (1 byte), transaction ID (3 bytes) and variable number […]