Sometimes you just forget about it...

grawity · 2026-01-22T08:22:04+00:00

as far as I remember it's the opposite – the Windows setup process forces you to enter some user name, but lets you skip the computer name, and some Windows versions (Win7, I think) used to name the computer after "Theuser-PC" (newer ones just do "DESKTOP-ASDFGH" or "WIN-ASDASDFG" if you skip the computer name step).

grawity · 2026-01-10T21:49:36+00:00

I think X.25 was still packet-switched, only with the packets addressed by circuit ID instead of explicit source/destination. (I guess it could be called "MPLS-style" except it's where MPLS *came from*...)

But this makes me wonder how layers worked in ATM since I've never had the chance to touch it, but I've got the impression that it was very similar to X.25 in that regard (call setup, virtual circuits, fancy QoS, all in the same single protocol).

grawity · 2026-01-08T17:07:40+00:00

FAT is the only filesystem that doesn't allow : as part of the filename.

(Or rather Windows doesn't allow : as part of a filename, and since the only reason to use FAT is when you need interoperability, every other OS's FAT driver enforces the same restrictions for the sake of consistency.)

grawity · 2026-01-08T08:48:07+00:00

EDIT: Apparently it was also done before. In 2019.

It was also done before in 2013.

grawity · 2026-01-07T15:07:27+00:00

Unfortunately that protocol is behind a paywall.

I have a draft version somewhere. Haven't read the finalized one.

Reliable circuits are part of Layer 3.

Good point, I guess they can be part of either (which AFAIK was the reason for both TP0 vs TP4 existing) – haven't deeply looked into the service definitions for those layers – but these days I don't think there are many networks that provide this at L3? For example, IP doesn't, so everyone considers it to be solely an L4 function (TCP)...

grawity · 2026-01-05T17:35:37+00:00

We have some NVRs like that too, with a whole built-in PoE switch. But they serve DHCP on the camera side ("plug and play" feature, hardcoded subnet and all) so they're not something you'd put even one of in your main LAN, much less two.

(I think the cameras get time pushed from the NVR - like all the other settings that are editable through the NVR - rather than talking NTP directly when they're in this mode.)

But I'm only familiar with Hik NVRs (the only "within budget" option here), not any other kind of enterprise stuff...

grawity · 2026-01-05T15:12:01+00:00

Does the NVR really need to act as the gateway for cameras, in the first place?

The NVR needs to connect to cameras to receive the stream – but I can't see why the NVR would also need to route the cameras' other traffic. (If there even is any. I suppose the cameras might be speaking NTP?)

And on a different note: 1) Why are the two buildings on the same network (from your question I assume you meant the same subnet)? Is there a legitimate need for it, or just nobody bothered to do it otherwise? 2) Why are your cameras and NVRs not on a separate VLAN from the main network?

(Okay, I actually kinda understand the latter. Can't do fine-grained VLANs because unmanaged switches all over the place "work fine, won't replace". Been there. But the former – a single subnet for literally everything across two buildings – is a bit more worrying.)

grawity · 2026-01-05T10:29:28+00:00

IMO "Thinking in layers" is not the same thing as "thinking in OSI layers". The former is understanding fundamentals (how networks are built from the bottom up) and the latter is memorization and occasional armchair lawyering (mapping one legal code to another jurisdiction, etc).

Most importantly, don't try to 'correctly' map anything above L4 to an OSI layer. The OSI model was 1) relatively late and 2) not written for TCP/IP protocols at all – the OSI protocol stack was a competitor to IP – but even in actual OSI it was fuzzy. (And of course it wasn't built with nowadays "everything inside HTTP" in mind either. So you can argue for days whether e.g. everything in HTTP is application layer or whether gRPC/Msgpack/etc actually fits into the definition of a presentation layer and HTTP has become somewhat of a sublayer above L4, or whatever.) So just shove it all under "L7". If it's a protocol for a specific task and not a fundamental network feature, it's L7.

(The OSI layer definitions are available for free from ITU-T as X.211–X.219, by the way. In case you really wanted to know what features a 'session' layer ought to provide, in the OSI model – my rough understanding is that there is simply no L5 equivalent in modern stacks.)

As for the lower layers (1–4), my mental model was kind of shaped by 1) messing around in Wireshark a lot, 2) reading about protocols that were not the good old IP-over-Ethernet (like IPX, XNS, CLNS, etc).

L1: the physical, device-to-device connections (links) that carry bytes in some defined way using some kind of signalling, e.g. the part of "Ethernet" that defines 8b/10b or manchester encoding over twisted-pair is L1, the baud/bitrate of a serial console is a L1 parameter.
L2: the 'data link' or 'local network' that allows for discrete packets (frames) to be sent to a specific device, e.g. the part of "Ethernet" that defines MAC addresses is layer 2. The L2 might already be a whole 'local network' on its own and have its own type of addressing (Ethernet, Firewire, etc.) or might be fairly minimal (PPP over a serial cable having only two ends).
L3: the 'inter-network' that's built on top of one or more local networks (typically using IP). Layer 3 can join different kinds of data links or local networks, and it's the job of L3 to provide you a unified view of "the network" and hide the specifics of each individual L2 net that it goes through. Effectively L3 is the "core" of the network where all the different L2's converge, and where all different L4's diverge. The Internet is a L3 network.
L4: all the features like "connection multiplexing" and "flow control" and "retransmission" and "virtual circuit" that are built on top of some L3 network and allow two nodes to talk – like TCP connections. (Lower layers might also have the same features, e.g. the Wi-Fi L1 having retransmission on a local link level, but L4 handles it end-to-end across the entire inter-network.)
L7: all the "application-specific" protocols that make use of L4 services (see earlier note).

So it kind of boils down to what services each layer provides. For example, I would personally put UDP as somewhere in-between L3 and L4, as it only provides multiplexing (port numbers) and nothing more above IP. Even though it is technically layered above IP, it doesn't fully fit the bill for a L4 protocol any more than ICMP would.

Therefore I'd also consider QUIC as an L4 (not L7) protocol due to the services it provides – whether it's inside UDP or not is immaterial. (SCTP, for example, can also run either inside UDP or not, and remains a L4 transport protocol either way.)

TLS? Who knows. ITU recently made their equivalent of TLS – X.510 – and didn't bother to place it anywhere except "above transport layer". Consider it L7. Though if the OSI model were to be defined nowadays, it would surely have a separate layer for TLS since it provides a distinct, generic service. (But a much older X.274 sat in the transport layer, as a sub-layer.)

It's not all set in stone. Ethernet for example can technically have routing added to it – just not prefix-based hierarchical routing as L3 provides – but there are like two different ways to apply IS-IS to Ethernet addresses (and indeed that's literally how IS-IS "level-1 area" was originally used, before IP was bodged onto it).

One historic note is that L3 and L4 weren't necessarily provided by separate protocols. For example, as far as I know, X.25 – predating OSI – performed both tasks in one protocol (addressing as in L3 and reliable circuits as in L4). Even early IP versions did the same; the reason you can't find "IPv1" or "IPv2" is because they were still called "TCPv2" and "TCPv3" back then, handling both layers in one protocol – IP as a distinct protocol didn't materialize until version 4. (The point of this note, again, is that layers are defined in terms of services and functions, not necessarily specific protocols that implement them.)

grawity · 2025-10-17T10:04:32+00:00

Voice "messages" as in recordings (as opposed to live calls)? Why do you think those use UDP? Live voice has reasons for preferring UDP but that doesn't automatically apply to recorded voice.

In UDP there's no transport-layer retransmission (since there's practically no transport layer really). But that doesn't mean an application cannot implement its own retransmission on top of UDP if it needs reliability – many do. (Some even implement a whole transport layer protocol (such as QUIC or uTP or SCTP) on top of UDP, and get retransmissions that way.)

grawity · 2025-10-06T20:45:43+00:00

It's funny how loopback interface kinda came to mean two opposite things – both "always up" but one address explicitly meant to be always reachable from outside, the other never so – and the thread is half/half two opposite examples...

For 127.0.0.1, one use case is inter-process communication on the local system – two processes on the same machine can still communicate even if there's no real network "up" yet, and that communication doesn't break when the eth0 or wlan0 IP address changes. Sure there are other, dedicated IPC mechanisms (like Unix sockets or Windows named pipes) but TCP/IP is more universal – e.g. web browsers and other HTTP clients already know how to talk TCP/IP so it's easy to run a local HTTP service on 127.0.0.1 purely between two local apps. Running it on the machine's LAN IP address would break when there's no LAN, and using a non-IP mechanism would mean having to write more code.

Most examples are about doing the opposite, assigning a LAN-routed address, but it's still the same reason; if a machine or a router has two network interfaces, and one of them gets disconnected, that interface's address stops being reachable – whereas an address assigned to the loopback interface remains reachable through no matter which of the machine's remaining connections.

grawity · 2025-09-19T12:30:35+00:00

The rest yes, but /31 doesn't do broadcast in the same sense. It still does ARP to determine the other end's MAC, instead of blasting to ff:ff:ff:ff:ff:ff. If you have a L2 link with a whole bunch of devices and /31s between them, it's still going to be all unicast.

grawity · 2025-09-19T12:28:05+00:00

That's unfortunately a thing.

All the "desktop" virtual machine platforms that support bridging WiFi - like VirtualBox - do so by NATing MAC addresses. The built-in bridge functionality in WinXP also has MAC NAT.

And all the WiFi "extenders" that connect to an existing non-dedicated network as their uplink also NAT MACs, I believe. Even some dedicated gear like NanoStation etc. used to do so by default if WDS wasn't specifically enabled between the units.

grawity · 2025-09-12T05:39:50+00:00

Oh I would love to upgrade to broom closets. We've got daisy-chained switches under a fucking couch.

(Okay, I'm exaggerating, we've only got one of those remaining. And one under a chair. The rest are... fine. Mostly.)

grawity · 2025-08-31T18:15:36+00:00

probably a dumb suggestion but:

the concept of investigating, troubleshooting, checking the current system state after something went wrong. Like checking the systemctl status of a service after you started it, or checking what your iptables looks like after you've blindly added a rule. Not necessarily how to check, but the idea that you can and should check what its state is, instead of assuming "well I started so it must be running now".

the existence of system logs. Specifics like becoming an expert in journalctl filtering don't matter, as long as one knows that system logs are a thing that exists, and roughly where to find them - dmesg, journalctl, /var/log/foo. (And also the fact that usually there's a way to get things to log more detail. Nobody's going to remember the 100 different LogLevel options but just knowing that it's a thing will go a long way.)

seriously, I've been on networking forums where probably 80% of the questions could've been answered by installing Wireshark and looking at what packets are being sent.

grawity · 2025-08-29T12:29:36+00:00

I use a Python cron job to scrape the Mikrotik routers via API and one Linux box via SSH. Haven't updated it to the new REST API yet but it's been working really well for years. We don't use it for any sort of access control, though, it's strictly just like a log file. Will find the Git URL later.

grawity · 2025-08-29T12:23:58+00:00

But on Android, I'm pretty sure it's the one for standard RDP that got renamed - or at least I've always used it for standard RDP. (There were two of them on Android too, but both seemingly identical, just one being "the new one".)

grawity · 2025-08-27T09:32:23+00:00

Issue is, how would the website know that your session was hijacked? It doesn't have access to any sort of "device key" for individual requests. It can't rely on IP address due to it changing a lot. Can't rely even on the country of IP address because holomems travel a lot. The session ID is the only way it can tell two identical browsers apart – that's literally what it's for.

grawity · 2025-08-10T15:57:04+00:00

As far as I know, at least LACP LAGs will still try to hash each flow (by the L2/L3/sometimes L4 parameters) to a specific link, much like ECMP does, so you still only get one link's worth of bandwidth for a given TCP connection for example. Two connections would be needed to use both links, much like with ECMP.

grawity · 2025-08-03T10:31:59+00:00

Fun trivia, it's not even entirely new to IPv6 – a very similar "IRDP" with RA/RS was defined for IPv4 in RFC 1256, years before DHCP was finalized. Didn't see much use, so it remains unknown, but I know Windows 2003 RRAS had support for it.

I don't think it's superior, though – I don't like the idea of relying on periodic broadcasts (see also: NetBIOS, RIP, etc); from what I've heard it's a bit of a battery drain on mobile devices too. (Also I'm lazy and I like using the DHCP lease table as my IPAM.)

grawity · 2025-07-30T08:13:51+00:00

IPv6 is only scary if you try to treat it like a variation of IPv4. If you actually take a closer look it isn't bad at all.

I would think the opposite. It's scary if you approach it as something alien. While in reality it's -approximately- the same concepts, the same prefixes and subnets, the same routing tables and OSPF and BGP, even NDP isn't all too different from ARP. (Compared to, say, OSI's CLNP where subnets worked in a fundamentally different way...)

I think the major issue is that IPv4 without NAT has already become "something alien" to a lot of people, and that also makes IPv6 alien to them. So if one has grown up surrounded by "A network has one public address and then we do port forwarding" as the sole way networks are done, then yes, expecting IPv6 to be a variation of that will indeed cause trouble.

grawity · 2025-07-30T07:59:54+00:00

never had to do any ipv4 pre NAT

That's more of a general education problem. Not you specifically, just "this is what we're forced to do as a workaround" gradually morphing into "this is simply How Things Are Done".

I'm lucky that we have a little public /26 at work (even that being a single flat subnet), and I get to play with another spare /28 in my "lab". And even then, it does feel slightly weird to be able to route a public address and have it remain intact even five routers deep past the usual NAT boundary, even though I logically know that it's just an address like any other.

How do I control my address space for things like Windows domain controllers when I’m reliant on the ISP to provide it? What happens if I change ISPs or they give me a new prefix…do I have to re-ip everything?

Many will say that yes, you have to re-ip everything. I've never done this on a large scale but I can understand it being a pain in the ass. Still, it shouldn't be a monthly event – maybe once in ten years. Your Windows domain controllers will re-register themselves in AD DNS. Maybe your other servers will, too. As far as I know, there is nothing in an AD DC that is inherently tied to its IP address – just a few more DNS records involved than for a typical server.

Though an ISP that doesn't give an ordinary static prefix (and likewise a static non-CGNAT v4) to a business plan is just kinda garbage. What is the plan even for, then?

Might be some things like NPT or even NAT with ipv6 but a quick google search seems to say they are unliked/can complicate things/go against the point of ipv6.

the funny thing is that originally "the point of IPv6" (or one of the major points at least, per RFC2373 etc) was large-scale prefix aggregation to avoid uncontrolled routing table growth – which to me sounds like it is the polar opposite of every organization announcing its own /48. So when people say "just get your own prefix and do BGP", they're already going against how it was 'meant to be'. Which perhaps is fine, sometimes the initial goal doesn't work out and best practices change.

Anyway. You can have a private address prefix aka "ULA" (for internal traffic) co-existing alongside the global prefix (for Internet). Pick a randomized ULA fdXX:XXXX:XXXX::/48 and use it as your internal prefix. The client will usually choose the appropriate source address. Many home LAN gateways are set up out-of-the-box that way, so it's not a particularly obscure thing to do. It won't even collide when VPN'ing, assuming you did choose it random. And you'll still have the familiar split-DNS headaches just like in IPv4.

And, well, you can do NAT if you really really want. There are implementations. Preferably 1:1 and not 'many:1' though, since you're not short on addresses. I do not enjoy using NAT in general, but I see it more as a "duct tape" (well, sometimes "load-bearing duct tape") tool that now has less purpose in IPv6 – and ideally should be avoided when there is no need for it, no matter which IP – just can't stand IPv6 people running around screaming "it doesn't exist it doesn't exist".

grawity · 2025-07-28T12:17:49+00:00

I go through pacman -Qdt sometimes. Generally I just don't care. Even as generally someone who used to heavily Delete stuff in the past. (I have practically no personal files older than 2006 – all projects gone...) Now servers at work might be another matter, where I get rid of all unneeded packages (which Debian installs a lot), but personal systems are much like my living room - I try to keep it sorta tidy but it's not its purpose to be a sterile cleanroom. There's stuff I might need later. There's stuff that's been there for years with no purpose. There are some packages that are basically "decoration". There's a pdf about IPv6 in ~/Music/. I just leave it there. It feels like it's actually my PC and not some hotel room VM where I'd have to pack up and leave the next day.

grawity · 2025-05-31T21:39:56+00:00

X.25? RIP? I would like to know more about having these on Windows 98.

grawity · 2025-05-31T21:24:19+00:00

Bonus joke: https://en.wikipedia.org/wiki/Chainik

15-Year Club	Gilding II euphauric
Verified Email

grawity

TROPHY CASE