Wed Feb 17 08:39:51 EST 2016 Slept from about eleven to seven-thirty. High of thirty with scattered flurries. Goals: Work: - Tripwire on more boxes (or an alternative to tripwire?) Done. Changed to OSSEC. I like OSSEC. https://paulgorman.org/technical/ossec.txt - Incident response plan Not much. Interesting: http://www.atlasobscura.com/articles/17th-century-female-spies-smuggled-information-through-eggs-and-artichokes Twenty minute walk at lunch. It's really pleasant when the sun's out. Saw another (the same?) downy (hairy?) woodpecker again. Same location. Probably attracted to the suet feeder in someone's nearby garden. Home: - Work on static site generator A little. Worked a few things out on paper. - Read more of The Victorian Internet Forgot my phone at work. Questions: - What's up with the new htop "native" for BSD? htop originally gathered process data from /proc (which is linux-only). FreeBSD got it to run using linprocfs (an emulation layer). Now, htop cleanly separates its data gathering and data display halves, and has added platform-specific sub-directories to its source tree. FreeBSD, OpenBSD, and Mac OS X now have official support. - How does IPv6 mtu path discovery work compared to IPv4? https://en.wikipedia.org/wiki/Path_MTU_Discovery Whereas IPv4 originally intended mtu path discovery to be used by routers (though in practice it gets handled by endpoint), IPv6 explicitly lets endpoints handle it. I don't see how end-to-end 9000 bytes packets is working for Altair with outside traffic, unless most of their remote users happen to only traverse networks that support jumbo frames (Comcast?). https://business.comcast.com/ethernet/products/network-services-technical-specifications "1.7 Maximum Frame Size. The service supports a Maximum Transmission Unit (MTU) packet size of 1600 bytes to support untagged or 802.1Q tagged packet sizes. Jumbo Frame sizes can be supported on an Individual Case Basis (ICB)." More interesting (half-)recollections from Altair talk: - More than 1000 ports on their LAN for about 250 local users - I think he said all those ports are 2 Gb - Manage everything with Ansible - Dual-stack IPv4 and IPv6 (no version natting) - They have a virtualized copy of their entire network stack, and a test suite for changes - Their internet connection is 2 Gb - Most of their traffic is 9000B big packets - A whole rack of Juniper switches can be made to appear/be controlled as one big switch