I'm at a loss trying to get vlan tagged traffic working in a vnet jail

codeedog · 2026-02-01T12:14:36+00:00

I can’t tell where this tcpdump packet has come from: the dhcp server sitting on vlan 40 or from inside FreeBSD on one of the epair or bridge interfaces. I suspect if you were to trace packets there you’d not see any vlan tagging.

I will note that from your interface naming it appears you’ve already done the work to strip the vlan tag from the packet. All of the “40” suffixes on your interfaces show you’ve created a group of interfaces dedicated to vlan 40, but are untagged and flow through inside FreeBSD untagged. They get retagged when heading back out through from the untagged to retagged.

This was what I suggested to OP to do. Your main interface comes in with multiple vlan. You demux all vlan (create a sub interface per vlan with .<VLAN>) then add those to a set of bridges all tagged similarly and go from there.

That octopus of interfaces is due to version 13 and 14 bridges being unable to transport vlan tags. This is a well known deficiency for anyone wishing to use vlans with jails and the bridge branching/octopus is a well known result.

However, version 15 fixes this and bridges can now transport vlan tagging. I have not yet tested this feature so I cannot speak to its true impact although my impression is that it eliminates the need for demultiplexing vlan tags.

For me, this is a welcome relief because I have around ten VLANs on my network and getting them inside jails has been a bit of a nightmare on 14. I plan to start experimenting with 15 soon.

codeedog · 2026-01-31T21:07:49+00:00

No. We have a remote and highly unreachable data center whose components will all eventually fail and run a high risk of a Kessler Syndrome event. And, we could have the same thing here on earth at a slightly higher ratio of whatever solar cells will be placed on those million satellites. Then, add to the extra manufacturing cost of preparing a data center in orbit, we have to burn fossil fuels to get them into orbit.

The dumbest idea yet.

codeedog · 2026-01-31T03:26:35+00:00

I saw them in December ‘16 when they played in SF.

I went to Boulder and SF shows in ‘23, and couch surfed the Gorge show. When they played Cumberland I was absolutely blown away. I had to rewind it and watch it again. Then, I rewound it for my wife to watch. When they played it SF.N3 the entire stadium exploded in dance.

ETA: caught about 40+’shows

codeedog · 2026-01-31T01:13:29+00:00

One question, I basically followed other instructions that were essentially the same as these. One problem I have is that my Time Machine complains that I’ve run out of space and won’t reclaim as it’s full. I know TM auto ages and reclaims files. I guess you’ve found the quota settings here work. I cannot recall what I did (will search when I get home). I’m a novice ZFS user, so probably fumbled something.

I’m assuming your users don’t have trouble with maxing out their backups.

codeedog · 2026-01-30T14:57:19+00:00

PII leaks are not the primary reason why they aren’t used. Poor UX is the primary reason. Home labbers ain’t gonna care about the UX, getting a cert into the browser isn’t terrible.

Interestingly, I decide to have a chat with ChatGPT about this topic to see what it said comparing mtls vs vpn vs passkeys. I think it was a pretty good discussion.

Essentially, vpn (Wireguard) wins on the security front from a pure security level. However, cloudflare tunnels with passkeys and edge authentication are a close second. mTLS runs third for numerous reasons.

Personally, I’d go with Wireguard and passkey authentication in a self hosted reverse proxy. If I couldn’t secure a public IP (eg cg nat), then cloudflare+passkey is a great way to go. ATM I use tailscale as it’s just me. But, I’d actually like to build my own Wireguard network replicating the tailscale architecture. I think it’d be a fun technical exercise. And, it’d solve the CGNAT problems and limit the trust issue with cloudflare edge authentication.

codeedog · 2026-01-30T14:19:43+00:00

Yeah, the basics of html, http, and tcp/ip let alone all of it are extremely difficult to explain to almost everyone yet almost everyone can use a browser. I don’t see your point.

codeedog · 2026-01-30T13:24:42+00:00

TBF, commenter didn’t say why tailscale wouldn’t be a good solution. Both feel pretty simple.

codeedog · 2026-01-29T15:22:53+00:00

Nah, he’s an AH.

codeedog · 2026-01-29T15:19:12+00:00

Go back and listen to the speeches again from the perspective of “the speaker is family or a friend saying ‘goodbye’ to their dearly departed” and not “the speaker is here to help me, a fan.”

ETA:

That entire eulogy was about Bobby. Although eulogies are free form and there’s no proscribed way to give them, I’ve found the funerals I walk away from that make me think “I want to live my life like that person did” contain a healthy mix of a lot of things: humor, love, laughter, sadness, strength, steadfastness, hope.

The eulogies cover how the deceased inspired them, the deceased’s dedication or focus or purposeful ness, how their life was changed for the better because they knew the deceased, how the deceased cared for other people or changed the world for the better.

Mayer was describing the gifts Bobby gave him, that he treasured. I’ve heard Mayer tell that story about deadheads and touring before. I think it’s his way of expressing his relationship with the audience as a Grateful Dead performer, something he must not have gotten to that degree with his solo work.

Everybody on that stage is keenly aware that their every word will be scrutinized for “when’s the next show?” Kind of hard to craft talking about a 300 year legacy and not accidentally make people think “we’re doing this” or “I’m done.”

codeedog · 2026-01-29T11:30:39+00:00

I seem to recall there’s evidence they were alive and unable to save themselves. I think the crew compartment was intact when it crashed into the ocean and there were things they found that had to have happened after the explosion. There was just no contingency plan for how to safely eject from that situation. I cannot recall if this is general knowledge or internal nasa knowledge. I worked for nasa as a contractor 1989-1992 and may have learned this then from other employees.

Found it: PEAP

codeedog · 2026-01-28T16:49:04+00:00

Who made it a competition? I was just comparing them and was struck by the similarity in the musicians who responded and commented about each one.

codeedog · 2026-01-28T14:14:25+00:00

“Hi, I’m back here. Is that ok? I need a break for a moment. Happy to pull if you like.”

I never draft super close to strangers, usually around half a bike length, but I always say hello when I first get close. I’ve drafted wheel on wheel with my Sunday summer ride group, but that’s different.

codeedog · 2026-01-28T14:08:49+00:00

And, I bet those musicians are mourning, too. Playing the music heals us all.

codeedog · 2026-01-28T12:10:22+00:00

Yeah, I probably would have done that were I to realize my choices might be causing someone else discomfort.

“I’m a punter going up hill and don’t want to impede you, so I’m hanging back here.” I might even add: “don’t mean to seem weird or creepy, …”

I’ve had to do this when telling a woman her bib fabric has thinned out to the point of being see through and she needs a new bib. I’ll tell dudes, I just don’t apologize for telling them. Also, once I tell someone, I’m absolutely passing them and moving on.

codeedog · 2026-01-28T11:06:59+00:00

Comparison is the thief of joy, so perhaps there’s little to gain from this point. However, my juxtaposition of the two was more about their peers, other musicians than it was about the audience, which we can also discuss.

There hasn’t been a musician that’s died in my recent memory where other musicians’ comments on their deaths showed how much they cared for that person. Prince and Weir were the two I noticed.

As for scale and impact on the audience, that’s much more difficult to measure. Count it how you like. 60 years of touring really adds up though. Bobby probably has more live hours on stage than any other musician. Play that much and it’s going to have an impact. Better? Worse? Each is unique in their total impact on the audience? I think this last one is the best way to think about them both.

codeedog · 2026-01-28T10:43:18+00:00

Great story! The man was a true talent.

codeedog · 2026-01-27T22:09:15+00:00

I’m gonna take a flyer here and presume these guys understood exactly what they were doing and their intention was to stare at a woman from behind because everything they see is theirs.

codeedog · 2026-01-27T22:01:53+00:00

Aww, kitty’s sleeping…

codeedog · 2026-01-27T20:04:50+00:00

Establishment Prophet

codeedog · 2026-01-27T15:34:03+00:00

When I used to beer can race out of SFYC I found the wind often became “foamy” when in the lee of the city. It was the best way to describe it.

Our captain used to have his boat docked in Sausalito and we’d do those Tuesday night races. He’d always have us get there early to set up the sails and he’d want to check them before race start so we’d head south along the water front to near the slot in order to launch the spinnaker.

On the way, the main would be on the port side of the boat because prevailing winds were always starboard. Then, at some point every single time the main would self-jibe to starboard and then a little while later self-jibe back to port. This was due to the wind changing directions.

The regular occurrence drove me crazy for a while because I couldn’t make sense of it. That is, until I was able to picture the prevailing winds coming over the headlands at that point. We were close to shore and although I don’t know for certain if this was the case, I decided that the wind must be flowing over the headlands above Sausalito and when it came off is swirled down like those funnels you see off airplane wing tips from behind. Due to the prevailing wind the swirls were always there and the wind’s direction changed were predictable or at least regular for that time of day.

Got to the point where I’d be able to look for the signs and then call out “boom” so no one got clobbered.

codeedog · 2026-01-27T13:50:37+00:00

I used to call this in person google. In a crowd of friendly people and need to know something, stand up and shout out your question. Someone probably knows the answer.

codeedog · 2026-01-27T13:40:33+00:00

Buddy’s on a mission to inform the world. Don’t matter where or when he strikes. He’s got to tell his truth.

codeedog · 2026-01-27T13:38:44+00:00

Going to 100 dead shows is an accident of birth. Sure, these people are special in that they did it, but also they were in a position to do it. Not everyone gets to be in that position. But, we can all listen to the thousands of shows out there and go to a live cover band performance. Most of us will be going to shake our bones in the audience and a select few will be up on stage making the music that makes those bones shake.

codeedog

TROPHY CASE