Networking ========== Netplan Reference https://netplan.io/reference/ http://manpages.ubuntu.com/manpages/cosmic/man5/netplan.5.html Dnsmasq Man Pages https://linux.die.net/man/8/dnsmasq I/O and Resource Access Metrics:: #execute typical instruction 1 nanosec #fetch from L1 cache memory 0.5 nanosec #branch misprediction 5 nanosec #fetch from L2 cache memory 7 nanosec #Mutex lock/unlock 25 nanosec #fetch from main memory 100 nanosec #send 2K bytes over 1Gbps network 20,000 nanosec #read 1MB sequentially from memory 250,000 nanosec #fetch from new disk location (seek) 8,000,000 nanosec #read 1MB sequentially from disk 20,000,000 nanosec #send packet US to Europe and back 150,000,000 nanosec Linux Networking ----------------- Here we are going to be dealing with ethernet, links, virtual network interfaces, and virtual private networks, and tunnels. https://en.wikipedia.org/wiki/Iproute2 The iproute2 collection includes the tools #. arpd #. bridge #. ctstat #. dcb #. devlink #. ``ip`` show / manipulate routing, network devices, interfaces and tunnels #. lnstat #. nstat #. rdma #. routef #. rtacct #. rtmon #. rtstat #. ss #. tc #. tipc * ``ip addr`` and ``ip link`` and ``ip -s`` Address and Link Configuration * ``ip route`` for routing tables * ``ip neigh`` for Neighbors * ``ip tunnel`` for Tunnels * ``ip link set name`` rename network interface * ``ip maddr`` multicast * ``ip -s`` and ``ss`` for various network statustics * ``bridge`` Handle bridge Addresses and devices * ``lsmod`` show the status of modules in the linux kernel * ``conntrack`` netfilter connection tracking tool * ``ethtool`` settings and properties of an ethernet interface .. code-block:: bash # bring up or down a network interface sudo ifconfig wlan0 down sudo ifconfig wlan0 up Internet Protocol v4 and v6 --------------------------- .. code-block:: python # four octets ipv4 = 0xFF ** 4 print(ipv4) # eight hextets ipv6 = 0xFFFF ** 8 print(ipv6) Reserved IP Addresses for IPv4 and IPv6 https://en.wikipedia.org/wiki/Reserved_IP_addresses Private Network Address Ranges/blocks for IPv4 and IPv6: https://en.wikipedia.org/wiki/Private_network DNS -------- .. code-block:: bash # flush dns caches sudo systemd-resolve --flush-caches # restart network d sudo systemctl restart systemd-networkd systemd-resolve --status | grep 'DNS Servers' -A2 # make a dns request over dnsmasq over non standard DNS port dig @2601:181:c400:121b::feed -p 5399 uraspi.vpn # make a dns request over dnsmasq over the standard DNS port dig @2601:181:c400:121b::feed -p 53 uraspi.vpn IPv4 ---- Subnet Mask Cheatsheet: https://www.aelius.com/njh/subnet_sheet.html None-Loopback open ports and interfaces This command greps everything that might need to be allowed through the firewall ``sudo netstat -plnt | grep -E '192.168*|2601*'`` IPv6 ----- General and Special Special Address Blocks and Ranges ***************************************************** IPv6 Address Structure https://en.wikipedia.org/wiki/IPv6_address Special Purpose Addresses: https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml#iana-ipv6-special-registry-1 Global Unicast Addresses: https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml .. code-block:: bash # get IPv6 hosts ifconfig |grep inet6 # another way ip -6 addr show # http requests via explicit IPv6 addresses wget http://[2601:181:c400:121b::999]/basic.html Link Local IPv6 Addresses: ************************** .. code-block:: bash # to reach link local address we need to include the interface name of the localhost # wlp61s0 is the interface name on thinkpad # 96c6:91ff:fe1b:8e15 is the link address of nuc ping fe80::96c6:91ff:fe1b:8e15%wlp61s0 ssh fe80::96c6:91ff:fe1b:8e15%wlp61s0 #assuming your the host interface name in variable MAIN_ETHERNET # to obtain your link address for a given ethernet interface ifconfig $MAIN_ETHERNET | grep link | awk '{print $2}' # manually assign link addresses ip -6 addr add fe80::feed/64 dev eno1 # nuc ip -6 addr add fe80::face/64 dev wlp61s0 # thinkpad Listen to IPv6 Addresses in Nginx: For a specific Host ``listen [2601:181:c400:121b::999]:80;`` Wildcard IPv6 host ``listen [::]:80;`` Configure Host IPv6 static addresses in home network or private network ************************************************************************ SLAAC+Stateless DHCP Each host to assign their own IPv6 addresses, and addresses don't get leased / released Address Prefix The netmask in IPv4 language, which is usually 64, meaning 64 bit prefix. Gateway LAN Address The gateway is the routers LAN IPv6 address, probably based on its MAC address, and looks something like this: ``2601:181:C400:121B:1E3B:F3FF:FED2:6309`` Static IPV6 address Each host to assign their own static IP, and NAT is not needed in IPv6. Either Automatically (each host will ping others in the network to ensure IP is not already being used, or manually. Assuming network prefix is: ``2601:181:C400:121B`` or ``2601:181:C400:121B::/64`` A host IP can range from ``2601:181:C400:121B::1`` to ``2601:181:C400:121B:FFFF:FFFF:FFFF:FFFF``