Using Peering Manager for Automated Configuration on VyOS Peering Manager is an open-source BGP session management solution including Peeringdb synchronization for automating session management. Peering Manager is able to automatically generate the BGP configuration for various vendors, however VyOS was not yet documented. I created the template below as an example to automatically generate the sessions for VyOS,
monitoring Zabbix and Globalping - Free Global Monitoring Many companies use services to monitor their website or network from various locations around the world. While these services are nice, it also costs quite a bit of money depending on the interval and measurements. Since we were already using Zabbix for other purposes, I did some research to use
VyOS - 100Gbit BGP - Part 2 In the previous blog I did a test between two Vyos hosts, indirectly connected to each other with two switches. It was amazing how easily Vyos could achieve these speeds with just a few minor tweaks. However, this only tests a small part of the entire stack. In this blog
networking Featured VyOS - 100Gbit BGP - Part 1 I have been using VyOS as a routing platform for various networks and projects for a long time with great success. With speeds between 1-40Gbit, I have been able to rely on VyOS to date. However, this is the first time that these speeds are insufficient and we have to
VyOS 10gbe throughput optimization Disable offloading, enable ntuple ethtool -K eth1 rx on tx on sg on tso off gso off gro off lro off ntuple on rxhash on ethtool -K eth3 rx on tx on sg on tso off gso off gro off lro off ntuple on rxhash on Configure MAX RPS flow
Adblocking Lua generator for the PowerDNS Recursor Download all wanted block lists and place them as TXT in the same directory as the following script. You can find lots of them on firebog.net. #!/bin/bash # Output Lua script file LUA_SCRIPT="all-domains-pdns-recursor-script.lua" echo "return{" > "$LUA_SCRIPT" # Download all blocklists as .txt from https://firebog.net
linux Unifi Controller 8 - Synology NAS Installing the Unifi Network Application via Docker is super easy and saves the purchase of a new cloud key or controller. Create a new docker network with the macvlan driver, in my case bond2 is the interface i want to link it to: sudo docker network create -d macvlan --subnet=
Correcting timezone in Docker Container # no effect: root@container:/# cat /etc/timezone Europe/Amsterdam root@container:/# dpkg-reconfigure tzdata Current default time zone: 'Etc/UTC' Local time is now: Mon Nov 6 16:40:04 UTC 2023. Universal Time is now: Mon Nov 6 16:40:04 UTC 2023. # solution: root@container:/# TZ=Europe/Amsterdam root@
PowerDNS cheat sheet Create a new zone pdnsutil create-zone bontekoe.technology Add a DNS record pdnsutil add-record bontekoe.technology @ NS ns1.bontekoe.technology pdnsutil add-record bontekoe.technology @ NS ns2.bontekoe.technology Add a first record pdnsutil add-record bontekoe.technology test A 192.168.1.2 Check for errors pdnsutil check-all-zones Sync zone to
linux Network Monitoring – Traps vs. Polling As a network administrator, I have been (partly) responsible for the monitoring of network infrastructures or even entire companies for many customers. For some companies I have even completely redesigned it. Many companies currently use tools such as Nagios, Solarwinds or a similar package. These tools are ( at least, in
linux Featured Sign git commits with SSH keys OpenSSH 8.0 or newer is required and Git 2.34.0. If no key exists yet, it can be created; ssh-keygen -t ed25519 Today, the RSA is the most widely used public-key algorithm for SSH key. But compared to Ed25519, it's slower and even considered not safe if it's
tcpdump tcpdump cheat sheet tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. ##TCP FLAGS## Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere)
Enable NTP Server in Windows 2019 The Windows Time service uses the Network Time Protocol (NTP) to help synchronize time across a network. It's as easy as 3 commands using powershell: Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\w32time\TimeProviders\NtpServer" -Name "Enabled" -Value 1 Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\services\W32Time\Config" -Name "AnnounceFlags" -Value 5
BGP Route-Leak causes a significant shift in European internet traffic to Chinese Backbone network A series of unfortunate configuration mistakes? Last Thursday, June 6, 2019 at 12:00 a.m. Dutch time, a two-hour outage began at various customers. Both business customers for fiber optic internet as well as private internet connections. At first, the extent of the disruption was not yet completely clear.
CGN: Carrier Grade NAT Every network engineer with some experience knows RFC1918 address space from the top of their head. So no need to explain that almost every office, home user and some datacenter networks are using IP’s from this RFC. So far, so good. But, what if you have a large network
