Twitter
Home Blog Page 458

Calculating IPv6 Subnets in Linux

By
Carla Schroder
-

We’re going to look at some IPv6 calculators, sipcalc and subnetcalc, and some tricks for subnetting without breaking our brains. Let’s start with reviewing IPv6 address types. There are three types: unicast, multicast, and anycast.

IPv6 Unicast

The unicast address is a single address identifying a single interface. In other words, what we usually think of as our host address. There are three types of unicast addresses:

  • Global unicast are unique publicly routable addresses. These are controlled by the Internet Assigned Numbers Authority (IANA), just like IPv4 addresses. These are the address blocks you get from your Internet service provider. These are in the 2000::/3 range, minus a few exceptions listed in the table at the above link.
  • Link-local addresses use the fe80::/10 address block and are similar to the private address classes in IPv4 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Some major differences are link-local addresses are not routable, but are confined to a single network segment. They are automatically derived from the MAC address of the network interface; this is not a guarantee that all of them are unique, but your odds are pretty good that they are. The IPv6 protocol requires that every network interface is automatically assigned a link-local address.
  • Special addresses are loopback addresses, IPv4-address mapped spaces, and 6-to-4 addresses for crossing from an IPv4 network to an IPv6 network.

Multicast

Multicast in IPv6 is similar to the old IPv4 broadcast: a packet sent to a multicast address is delivered to every interface in a group. The IPv6 difference is that only hosts who are members of the multicast group receive the multicast packets, rather than all reachable hosts. IPv6 multicast is routable, and routers will not forward multicast packets unless there are members of the multicast groups to forward the packets to. Remember IPv4 broadcast storms? They’re much less likely to occur with IPv6. Multicast relies on UDP rather than TCP, so it is used for multimedia streaming, such as efficiently streaming the video feed from a single IP camera to multiple hosts. See IPv6 Multicast Address Space Registry for complete information.

Anycast

An anycast address is a single unicast address assigned to multiple nodes, and packets are received by the first available node. It is a cool mechanism to provide both load-balancing and automatic failover without a lot of hassle. There is no special anycast addressing scheme; all you do is assign the same address to multiple nodes. The root name servers use anycast addressing.

IPv6 Subnet Calculators

What I really really want is an IPv6 equivalent for ipcalc, which calculates multiple IPv4 subnets with ease. I have not found one.

There are other helpful tools for IPv6. ipv6calc performs all manner of useful queries and address manipulation. It does not include a subnet calculator, but it does tell you the subnet and host portions of an address:

$ ipv6calc -qi 2001:0db8:0000:0055:0000:0000:0000:0100
Address type: unicast, global-unicast, productive, iid, iid-local
Registry for address: reserved(RFC3849#4)
Address type has SLA: 0055
Interface identifier: 0000:0000:0000:0100

SLA stands for Site Level Aggregation, which means subnet. If you change 0055 to 0056 then you have a new subnet. The interface identifier is the portion that identifies a single network interface. Think of an IPv6 address as having three parts: the network address, which is the same for every node on your network, and the subnet and host addresses, which you control. (Network nerds use all kinds of cool terminology to say these things, but I prefer the simplified version.)

|---network---|  |subnet|  |---------host-------|
2001:0db8:0000    :0055     :0000:0000:0000:0100

IPv6 addresses are in hexadecimal, which is the 16 characters 0-9 and a-f. So, within the subnet and host blocks, you can use any numbers from 0000 to ffff. So even if you count on your fingers this isn’t too hard to figure out.

Having calculators helps check your work. (Free tip to documentation writers and anyone who wants to be helpful: examples of both correct and incorrect output are fabulously useful.) There are two IPv6 calculators that I use. subnetcalc is actively maintained, while sipcalc is not, though the maintainers accept patches and bugfixes. They work similarly, and present information in slightly different ways. Sometimes all you need is a different viewpoint.

Let’s say your ISP gives you 2001:db8:abcd::0/64. How many addresses is that?

$ subnetcalc 2001:db8:abcd::0/64
Address       = 2001:db8:abcd::
                   2001 = 00100000 00000001
                   0db8 = 00001101 10111000
                   abcd = 10101011 11001101
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
Network       = 2001:db8:abcd:: / 64
Netmask       = ffff:ffff:ffff:ffff::
Wildcard Mask = ::ffff:ffff:ffff:ffff
Hosts Bits    = 64
Max. Hosts    = 18446744073709551616   (2^64 - 1)
Host Range    = { 2001:db8:abcd::1 - 2001:db8:abcd:0:ffff:ffff:ffff:ffff }
Properties    =
   - 2001:db8:abcd:: is a NETWORK address
[...]

18,446,744,073,709,551,616 addresses is probably enough. The Wildcard Mask shows the bits that define your host addresses. But maybe you want to divide this up a bit. There are 128 bits in an IPv6 address (8 quads x 16 bits), so let’s plug that into subnetcalc and see what happens:

$ subnetcalc 2001:db8:abcd::0/128
[...]
Network       = 2001:db8:abcd:: / 128
Netmask       = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Wildcard Mask = ::
Hosts Bits    = 0
Max. Hosts    = 0   (2^0 - 1)
Host Range    = { 2001:db8:abcd::1 - 2001:db8:abcd:: }

Zero hosts? That doesn’t sound good. sipcalc shows the same thing in a different way:

$ sipcalc 2001:db8:abcd::0/128
-[ipv6 : 2001:db8:abcd::0/128] - 0

[IPV6 INFO]
Expanded Address        - 2001:0db8:abcd:0000:0000:0000:0000:0000
Compressed address      - 2001:db8:abcd::
Subnet prefix (masked)  - 2001:db8:abcd:0:0:0:0:0/128
Address ID (masked)     - 0:0:0:0:0:0:0:0/128
Prefix address          - ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Prefix length           - 128
Address type            - Aggregatable Global Unicast Addresses
Network range           - 2001:0db8:abcd:0000:0000:0000:0000:0000 -
                          2001:0db8:abcd:0000:0000:0000:0000:0000

So we want something between /64 and /128.

$ subnetcalc 2001:db8:abcd::0/86 -n
Address       = 2001:db8:abcd::
                   2001 = 00100000 00000001
                   0db8 = 00001101 10111000
                   abcd = 10101011 11001101
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
Network       = 2001:db8:abcd:: / 86
Netmask       = ffff:ffff:ffff:ffff:ffff:fc00::
Wildcard Mask = ::3ff:ffff:ffff
Hosts Bits    = 42
Max. Hosts    = 4398046511103   (2^42 - 1)
Host Range    = { 2001:db8:abcd::1 - 2001:db8:abcd::3ff:ffff:ffff }
Properties    =
   - 2001:db8:abcd:: is a NETWORK address

The -n option disables DNS lookups. We’re getting closer:

$ subnetcalc 2001:db8:abcd::0/120 -n
Address       = 2001:db8:abcd::
                   2001 = 00100000 00000001
                   0db8 = 00001101 10111000
                   abcd = 10101011 11001101
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
                   0000 = 00000000 00000000
Network       = 2001:db8:abcd:: / 120
Netmask       = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00
Wildcard Mask = ::ff
Hosts Bits    = 8
Max. Hosts    = 255   (2^8 - 1)
Host Range    = { 2001:db8:abcd::1 - 2001:db8:abcd::ff }
Properties    =
   - 2001:db8:abcd:: is a NETWORK address

255 hosts works for me. So, while this isn’t quite as easy as ipcalc spelling out multiple subnets at once, it’s still useful. You might want to copy the Range blocks/IPv6 table and keep it close as a handy reference. It prints out the complete 2000::/3 range in a nice table, and also explains the math.

Next week, we’ll learn about networking in KVM, and using virtual machines to quickly and easily test various networking scenarios.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

Linus Torvalds Announces the Sixth Release Candidate of Linux Kernel 4.14 LTS

By
Softpedia
-

With a one-day delay, the sixth Release Candidate (RC) of the upcoming Linux 4.14 LTS kernel arrived for public testers, announced by Linus Torvalds himself.

The delay happened because Linus Torvalds had some Internet problems, and this made the Linux kernel 4.14 RC6 milestone a bit bigger than expected. This translates to the fact that it’s no longer clear if the next long-term supported kernel series will arrive on time, on November 5, 2017, or if it will get delayed with one week.

Read more at Softpedia

Running Linux on a Chromebook

By
TechSpot
-

Although Chrome OS is competent at handling web-based workloads, by design it’s light on features compared to a full desktop operating system, which is presumably where many of its users are coming from. Fortunately, if you’re on Google’s operating system and wish it was a little more flexible, it’s possible to install a fully functional copy of Linux on many Chrome devices.

Options range from running a Live USB drive outside of Chrome OS to installing a firmware mod for a traditional dual-boot configuration. And of course, you can also overwrite Google’s OS in favor of Linux. However, these routes are less practical than simply running Linux in the background of Chrome OS on a separate USB drive/SD card, which is what we’ll be focusing on here.

Read more at TechSpot

But I Don’t Know What a Container Is

By
OpenSource.com
-

What, then, is a container? Well, I come from a virtualization—hypervisor and virtual machine (VM)—background, and, in my mind, containers are both very much like and very much unlike VMs. I realize that this may not sound very helpful, but let me explain.

How is a container like a VM?

The main way in which a container is like a VM is that it’s a unit of execution. You bundle something up—an image—which you can then run on a suitably equipped host platform. Like a VM, it’s a workload on a host, and like a VM, it runs at the mercy of that host. Beyond providing workloads with the resources they need to do their job (CPU cycles, networking, storage access, etc.), the host has a couple of jobs that it needs to do:

  1. Protect workloads from each other, and make sure that a malicious, compromised, or poorly written workload cannot affect the operation of any others.
  2. Protect itself (the host) from workloads, and make sure that a malicious, compromised, or poorly written workload cannot affect the operation of the host.

Read more at OpenSource.com

Should You Open Source Your Product? That’s the Wrong Question

By
Medium Blog
-

I often get called in to help companies make decisions about their open source strategy. They want to release key parts of their software as open source, but they need some help figuring out the best way to make it happen. I always ask them the same question:

Why? Why are you planning to open any of your code?

They rarely have a good answer. They’ve already decided that this is the right decision, because a board member, founder, or customer has said it’s necessary, and they are just trying to figure out how to do it. But it’s impossible to build a strategy to accomplish your goals if you’re unsure what they are.

Read more at Medium

Kubernetes: A Pod’s Life

By
OpenShift Blog
-

As you might have guessed, the title of this blog is a reference to the 1998 Pixar movie A Bug’s Life and indeed, there are many parallels between a worker ant and a pod in Kubernetes. In the following, we’ll have a closer look at the entire pod lifecycle here from a practitioners point-of-view, including ways how you can influence the start-up and shut-down behavior and good practices around application health-checking.

No matter if you create a pod manually or, preferably through a supervisor such as a deployment, a daemon set or a stateful set, the pod can be in one of the following phases:

  • Pending: The API Server has created a pod resource and stored it in etcd, but the pod has not been scheduled yet, nor have container images been pulled from the registry.

Read more at OpenShift

Platform-as-a-Service: The Key to Running a Continuous Deployment Pipeline

By
The New Stack
-

“As developers, we want to be spending time creating and pushing features, we do not want to have to worry about platforms and talking to operations. [It’s all about] getting feedback and getting those features in the hands of users,” he said.

“We want to deploy apps down a pipeline [and we] need PaaS to build a platform to deploy microservices,” he said. “The only way to effectively manage high-risk platforms is continuous deployment.”

Reasons Not to Build Your Own PaaS

Dodd offered a lot of excuses that teams make up to build their own PaaS that, in the end, really slow down business and that tie releases to the few “superheroes” on a team. All this collapses as soon as there are changes on your team or infrastructure. Building your own customized PaaS creates the following challenges:

Read more at The New Stack

Linux Laptops Get a Boost from Hacker Board Projects

By
Eric Brown
-

Recently, Linux desktop usage has grown from 2.14 percent to 3.23 percent according to NetMarketShare. Much of this increase appears to have come from Linux-based Chromebooks, which are likely undercounted due in part to their widespread use in schools.

Yet, there are signs of Linux desktop life beyond Google’s Chrome OS, which exists in a somewhat parallel universe to mainstream Linux. Ubuntu, for example, continues to expand into the mainstream, although at a grindingly slow pace. As with Chrome OS, most of the action is happening in lower end laptops, often emerging from hacker board projects. The newly shipping Olimex Teres-A64 and upcoming Reform laptop, for example, are based on open hardware and software. Two of the most popular new low-end Linux laptops — the newly revised Pi-top and Kano products — are hackable Raspberry Pi based kits aimed primarily at education.

On the high end, meanwhile, Purism is pushing the limits of open software with its Librem laptops, although the hardware is still closed. Finally, traditional Linux laptop dealers like System76 and ZaReason are now selling Linux-equipped laptops with the latest Intel 8th Generation “Coffee Lake” processors (see farther below).

Olimex Teres-A64

Earlier this month, Bulgaria-based Olimex, which is known for its community backed OLinuXino SBCs, launched an open source Teres-A64 laptop kit for 240 Euros ($284). The 11.6-inch laptop runs Ubuntu Mate on the same quad-core, Cortex-A53 Allwinner A64 used by the A64-OLinuXino SBC.

The highly modular Teres-A64, which also includes removable keyboard, I/O, and touchpad boards, features open schematics and CAD files so developers can customize add-on boards and other features. The laptop ships with 2GB RAM, 16GB eMMC, and a microSD slot. There’s a 1366 x 768-pixel eDP LCD, a full keyboard, mini-HDMI and USB ports, and a 9500mAh battery. There’s no Ethernet, but you get WiFi and Bluetooth.

MNT Reform project

The MNT Reform project, which was recently revealed by Liliputing, aims to build a similarly modular and open source laptop kit, in this case built on the NXP i.MX6. The i.MX6, which is underpowered, but well supported with open source software, was also used by the fully open source Novena laptop. The Novena was a hit on Crowd Supply back in 2014, but the last update, posted Jan. 2016, indicated the project was still struggling to fill its original orders.

The Reform project appears to have learned one lesson from Novena by making a simpler device. Still, this is a more advanced design than the Teres-A64, adding SATA, USB 3.0, and mini-PCIe expansion, among other extras. Like the Teres-A64, it has a modular design, letting you exchange the screen or remove the keyboard to swap boards.

The prototype’s mainboard, which supports up to 4GB of RAM, is built on the TinyRex Ultra module from Slovakia-based Fedeval. The TinyRex is not open source, but the developers are considering moving to Fedeval’s similarly i.MX6-based, but fully open OpenRex SBC, or expanding to the faster i.MX8.

The Reform integrates a Commodore 64 like clicky keyboard and old-school trackball. There’s a netbook-like 10-inch HD screen, a 120GB SATA SSD, and a 3,000 mAh battery. All these specs may change by the time the laptop goes on sale for $600 to $950. Meanwhile, the developers are attempting to include as many open source drivers and omit as many proprietary blobs as possible.

Raspberry Pi laptops: Pi-top and Kano

Not surprisingly, the Raspberry Pi has been the foundation for many Linux-based laptop projects. The two most popular commercial products are the Pi-top and Kano, both of which have been revised in recent weeks.

The $320 Pi-top upgrades the circa-2014, 13.3-inch laptop with a faster, Raspberry Pi 3 mainboard, a 14-inch HD screen, and a more modular design. The Pi-top has a slide-off keyboard that reveals a new cooling unit for the Pi and a DIY hacking space with a magnetic sliding rail. The kit includes a breadboard, motion sensor, LEDs, and a microphone.

The Pi-top exposes 10/100 Ethernet, 3x USB 2.0, and audio and power connections, and you can access the other RPi interfaces when the bay is open. Most of the hardware is not open source, but there’s an 8GB microSD card loaded with the Raspbian based Pi-topOS Polaris. The stack includes a Pi-topCoder Python environment, as well as Scratch and a coding game. Other software includes the Chromium browser, LibraOffice, and Minecraft Pi Edition.

The Pi-top competes with Kano’s educational-focused, Raspberry Pi 3 based Kano Computer Kit, although Kano is aiming at a younger audience. You can’t build a complete laptop, but the revised, $250 “Complete” kit adds a keyboard and detached 10.1-inch screen to the kit to give you something similar. You also get battery pack, USB hub, and a Debian based Kano OS augmented with educational software and a visual programming interface.

Librem 13 and 15

Before Purism successfully crowdfunded its Linux-based Librem 5 smartphone, and gained Nextcloud as a cloud partner, the company launched a highly regarded, Linux-driven Librem line of laptops. As with the phone, these are not fully open source products, but the Librem 11, 13, and 15 models are equipped with the same open PureOS Linux distro, and offer security and privacy controls which are generally attractive to the FOSS set.

The currently shipping models are the $1,399 and up Librem 13 and $1,599 and up Librem 15, which run on Intel’s dual-core, up to 3.1GHz Core i7-6500U “Skylake” processor. The CPU offers a relatively low 15W TDP, giving the laptops a claimed 7 to 9 hours of battery life.

The laptops ship with up to 16GB of DDR4, as well as SATA and M.2 slots for HDDs and SSDs. A second M.2 slot provides 802.11n WiFi. To add Ethernet, you need to use up one of the up to 5x (Librem 15) or 3x (Librem 13) USB ports. There’s also an HDMI port, 720p camera, and audio I/O.

Like the Librem phone, there are hardware kill switches, in this case for WiFi, mic, and camera. Purism has also avoided using proprietary chips that could be used for spying.

Linux laptops move to Coffee Lake

Most Linux desktop users buy bare-bones laptops from major vendors and install their own Linux, or dual-boot or erase Windows. For an easier installation, however, you can buy x86-based systems with pre-installed Ubuntu from Dell, and increasingly from other major vendors like Acer, Asus, and Lenovo. Meanwhile, System76, ZaReason, and other smaller resellers have long offered more customized Linux laptops.

Until fairly recently, Linux buyers had to wait for many months to get the latest Intel chips, but now you can get them when the Windows models come out. System76, for example, is now selling the 14.1-inch Lemur and 13-inch Galago Pro with the latest 8th Gen Kaby Lake Refresh chips, also known as “Coffee Lake.” ZaReason has introduced a 14-inch UltraLap 5440, and Dell is expected to release a Linux-driven Coffee Lake laptop soon.

Coffee Lake is yet another 14nm chip like Broadwell, Skylake, and Kaby Lake, with relatively modest performance and power efficiency improvements. However, the U-series chips used in the new laptops offer slightly faster quad- instead of dual-core designs with the same price and 15W TDP, giving you greater performance and power efficiency when running hyperthread-intensive applications. 

The System76 and ZaReason laptops run Ubuntu on either 7th Gen chips or the up to 4GHz Coffee Lake generation Core i7-8550U. The i7-8550U adds $179 to the cost of the Lemur, or $928 in an otherwise minimal configuration, and $219 to the cost of the Galago Pro, or $1,178. The ZaReason UltraLap 5440 goes for $998 with the $198 i7-8550U option. 

The ability to buy laptops with the latest Intel CPUs certainly adds to the allure of high-end Linux laptops. Yet, as with Chrome OS, most of the growth will likely come in lower-cost laptops, in many cases based on community backed boards. Their modular, and in some cases, open source, nature not only appeals to hackers, but also to those looking to extend the life of their laptops with the latest technology.

2017 Linux Kernel Report Highlights Developers’ Roles and Accelerating Pace of Change

By
The Linux Foundation
-

Roughly 15,600 developers from more than 1,400 companies have contributed to the Linux kernel since 2005, when the adoption of Git made detailed tracking possible, according to the 2017 Linux Kernel Development Report released at the Linux Kernel Summit in Prague.

This report — co-authored by Jonathan Corbet, Linux kernel developer and editor of LWN.net, and Greg Kroah-Hartman, Linux kernel maintainer and Linux Foundation fellow — illustrates the kernel development process and highlights the work of some of the dedicated developers who are creating the largest collaborative project in the history of computing.

Read more at The Linux Foundation

Linux Foundation Creates a Framework for Sharing Open Data

By
Linux.com Editorial Staff
-

The Linux Foundation wants to open up the use of data in much the same way it has helped make open-source software a technology force to be reckoned with.

Announced at the Open Source Summit in Prague Monday, the new Community Data License Agreement is designed to cover the use of nonproprietary data, Linux Foundation Director Jim Zemlin said. Although proprietary data sets owned by the likes of Google Inc., Facebook Inc. and other large internet and cloud companies gives them a large advantage in new analytics and artificial intelligence application, open data sets could start to level the playing field.

Read more at SiliconAngle

1...457458459...10,742Page 458 of 10,742