Network

IPv6 Privacy Extensions in Fedora 20

IPv6 Privacy Extensions in Fedora 20

Previously I blogged about Enabling IPv6 Privacy Extensions in Fedora 18. Unfortunately in Fedora 20, the Network Manager has a bug in it that means that the setting is not used. Thankfully there has been an issue logged already and a fixed Network Manager can be installed from the testing repo, heres how: sudo yum update --enablerepo=updates-testing NetworkManager Now restart, and when you run ifconfig, you should see an additional randomly generated IPv6 address.
Fedora 19 Gnome 3 OpenVPN default route bug workaround

Fedora 19 Gnome 3 OpenVPN default route bug workaround

In Fedora 19 and Gnome 3 there is a rather annoying bug when using OpenVPN, the 'Use this connection only for resources on its network' tick box does not remained ticked, and causes the default route to be updated to point through the OpenVPN tunnel. In some situations (mine) I do not want the default route to go down the OpenVPN tunnel, and so this was a problem. Luckily there is a simple workaround until it gets fixed, open the relevant file for your VPN connection, for example /etc/NetworkManager/system-connections/Work.
Enabling IPv6 Privacy Extensions on Fedora 18

Enabling IPv6 Privacy Extensions on Fedora 18

When using IPv6 on client computers (i.e not servers) it is common to use automatic address configuration (know as SLAAC). This means you do not have to statically assign every device with an IP address. Unfortunately the default way that many IPv6 stacks operate is to use your network card's MAC address as the basis of your global IPv6 address. This has the (sometimes) undesirable effect of giving your machine an automatically configured static IPv6 address.
TCP PAWS extension breaks RIPE WHOIS lookups when behind NAT

TCP PAWS extension breaks RIPE WHOIS lookups when behind NAT

For the last few weeks I have been encountering a strange problem with making IP WHOIS queries against the RIPE database, which covers all European IPs.

I first encountered the problem during a routine server upgrade and reboot. Suddenly some of our software that we run on these servers started producing errors saying that WHOIS lookups could not be performed.