I am adding IPv6 addresses to each of my servers. This post assumes the server is up and running FreeBSD 11.1 and you already have an IPv6 address block. This does not cover the creation of an IPv6 tunnel, such as that provided by HE.net. This assumes native IPv6. In this post, I am using the IPv6 addresses from the IPv6 Address Prefix Reserved for Documentation (i.e. 2001:DB8::/32). You should use your own […]
Adding IPv6 to an existing server Read More »
You have an old DNS server: tallboy.example.org You have a new DNS server: ns1.example.org You have a domain, example.com, for which you want to swap the old DNS server with the new DNS using nsupdate. NOTE: the domain is example.com The NS servers are in example.org (different domains). These are the commands you issue: update delete example.com. IN NS tallboy.example.org. update add example.com. 3600 IN NS ns1.example.org. send Of note, you mention the
Using nsupdate to change NS servers Read More »
Today I gave up on my attempt to allow relay via SSL certificate fingerprints. Instead, I will use sasl auth. Yesterday I wrote about my SMTP deliver test which broke when an SSL certificate was updated. Later that day, I finished writing scripts which delivered that fingerprint file to all hosts which needed it. Today, I abandoned that approach in favor of sasl. From the time I decided to use sasl to my
No more certificate fingerprints – only sasl auth instead Read More »
Let’s Encrypt is an easy way to get free SSL certificates in an automated manner. You may never have to manually do another cert renewal again. Last night, I received this email: From: Cron Daemon To: dan@langille.org Subject: Cron /usr/local/bin/cert-puller Date: Fri, 23 Feb 2018 23:57:00 +0000 (UTC) /etc/rc.conf: 3: not found /etc/rc.conf: yr: not found /etc/rc.conf: 3: not found /etc/rc.conf: yr: not found Little did I know when I tweeted about it,
Postfix suddenly starts rejecting email it had been accepting Read More »
Sometimes you just need that old version. So I installed it. FreeBSD 9.3 Sorry, but this article is light. I stopped taking notes after a bit…. We created a VM via VMware, put FreeBSD 11.1 on it, over ZFS. Then install iocage. This is what it looked like: What did it just install? This: $ zfs list -r zroot/iocage NAME USED AVAIL REFER MOUNTPOINT zroot/iocage 825M 30.2G 25K /iocage zroot/iocage/download 180M 30.2G 23K
Trying iocage to get an old version of FreeBSD Read More »
I have several old devices. Upgrading them is either impossible, they are unsupported, or I can’t be bothered upgrading the. Access is only via a dedicated VLAN within my home network. When stuck, I posted to Twitter and that led me to OpenSSH Legacy Options. This page describes what to do when OpenSSH refuses to connect with an implementation that only supports legacy algorithms. Here’s what I just tried: $ ssh pdu1 Unable
Connecting to old devices via ssh Read More »
NOTE: if you’re using something other than OSX, say, FreeBSD, then a previous blog post might be the solution you are looking for. I suggest skipping to the final paragraph before you implement any of what is below. You fire up your laptop, connect via WIFI, you get an IP address. You plug in an ethernet cable, you get an IP address. This is how things should work. It’s expected. It’s automatic. Sometimes
Assigning static IP addresses via dhcp Read More »
World, please meet tape02. It’s been around for a while, but never properly introduced. For the record:
This morning I saw this weird popup / flag when I hovered over the Spam link on webpage. The text read: What is that? I had no idea, but it was persistent. Every time I hovered the mouse over the link, that popup appeared. It would not appear in screenshots, so I resorted to the camera in my phone. After hiding the browser window, the popup also appeared on my Calendar: When I
What’s this database connection in my Google / Calendar / Desktop? Read More »
My Unifi US-16-XG switch was offline. It was still functioning correctly, but it was not in contact with the Controller. I wasn’t sure how to fix this, but this blog post shows what I now think should always work. It consists of two steps: Get the switch talking to the Controller Make the above change permanent The key point to remember: the Controller is always the voice of authority when it comes to
Disconnect UNIFI switch – US-16-XG Read More »