- Best Current Operational Practice for Operators: IPv6 prefix assignment for end-users - persistent vs non-persistent, and what size to choose
- draft-palet-v6ops-p2p-from-customer-prefix-01: Using /64 from Customer Prefix for the Inter-Router Link
- Jool: an Open Source SIIT and NAT64 for Linux
- Understanding IPv6 – 7 Part Series - from Networking with FISH - "This has been a very popular series for people completely new to IPv6 and still working to wrap their head around it all. I wrote this blog series I wish had been out there when I was new to IPv6. I hope you enjoy it tons."
- Small / Home Office network IPv6 wish list - n this post, I’d like to focus on efforts to bring greater IPv6 support to Small Office / Home Office (SOHO) routers, which differ from standard home routers as they need to accommodate broader functionality. My hope is that router manufacturers will incorporate these features to improve IPv6 support.
Saturday, December 23. 2017
IPv6
A Fast & Secure Tunnel Based On KCP with N:M Multiplexing
kcptun: wan accelerator, congestion handler, ...
Debian Installer / Preseed
DebianInstaller jump page to many related details.
Open Stack Training Labs Example extracts:
#------------------------------------------------------------------------------- ### Clock and time zone setup # Controls whether or not the hardware clock is set to UTC. d-i clock-setup/utc boolean true d-i time/zone string Etc/UTC #------------------------------------------------------------------------------- ### Package selection tasksel tasksel/first minimal # Individual additional packages to install d-i pkgsel/include string openssh-server dkms localepurge #------------------------------------------------------------------------------- # Whether to upgrade packages after debootstrap. # Allowed values: none, safe-upgrade, full-upgrade d-i pkgsel/upgrade select none # Policy for applying updates. May be "none" (no automatic updates), # "unattended-upgrades" (install security updates automatically), or # "landscape" (manage system with Landscape). d-i pkgsel/update-policy select none # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Use the following option to add additional boot parameters for the # installed system (if supported by the bootloader installer). # Note: options passed to the installer will be added automatically. # With Ubuntu 12.04 LTS, modesetting may result in a blank console d-i debian-installer/add-kernel-opts string vga=0x301 nomodeset #------------------------------------------------------------------------------- #### Advanced options ### Running custom commands during the installation # d-i preseeding is inherently not secure. Nothing in the installer checks # for attempts at buffer overflows or other exploits of the values of a # preconfiguration file like this one. Only use preconfiguration files from # trusted locations! # This command is run just before the install finishes, but when there is # still a usable /target directory. You can chroot to /target and use it # directly, or use the apt-install and in-target commands to easily install # packages and run commands in the target system. d-i preseed/late_command string echo "DIR=/home/osbash/.ssh; mkdir \$DIR; wget -O \$DIR/authorized_keys https://git.openstack.org/cgit/openstack/training-labs/plain/labs/osbash/lib/osbash-ssh-keys/osbash_key.pub ; chmod 700 \$DIR; chmod 400 \$DIR/authorized_keys; chown -R osbash:osbash \$DIR; echo 'osbash ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers; echo 'Defaults:osbash !requiretty' >> /etc/sudoers;" | chroot /target /bin/bash;
packer-templates/httpdir/preseed/ubuntu1404.preseed extracts:
# No language support packages. d-i pkgsel/install-language-support boolean false # Customizations d-i preseed/late_command string \ in-target sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/g' /etc/ssh/sshd_config in-target sed -i 's|errors=remount-ro|errors=remount-ro,noatime|g' /etc/fstab ; \ in-target sed -i 's|ntp.ubuntu.com|ntp.pcextreme.nl|g' /etc/ntp.conf ; \ in-target sed -i '2i 000.*' /etc/resolvconf/interface-order ; \ in-target echo i6300esb >> /etc/modules
From information exchanged in Debian bug #875858, some notes:
>So, as an accommodation, a flag in the preseed mechanism to enable/disable would be helpful. >But would need to be exposed in maybe the expert mode menus, which I think was already mentioned. You mean something like: Template: pkgsel/update-policy Type: select Default: unattended-upgrades Choices-C: none, unattended-upgrades __Choices: No automatic updates, Install security updates automatically _Description: Updates management on this system: Applying updates on a frequent basis is an important part of keeping the system secure. . By default, security updates are automatically installed by the unattended-upgrades package. Alternatively, you can opt-out from this system and apply updates manually using standard package management tools. pkgsel/update-policy=none thus seem the perfect preseed choice for your use case.
Use the 'pkgsel' package to find the extracts (the package indicates to not install on a running system):
I got the template extract....from the package source itself: (pkgsel package, here).
Use codesearch.debian.net to find template files and their values:
As a trivial lookup, sources.debian.net will show all the template files in Debian: https://codesearch.debian.net/search?q=Template%3A+path%3Adebian%2F.*.template but it's a large set in just sid: ("761 files grepped (4453 results)")...
Or use apt-extracttemplates to look for templates:
apt-extracttemplates is a useful utility in apt-utils. For a set of udebs apt-extracttemplates -t $PWD *.udeb will extract any templates files in the udebs. rm *.config.* deletes unneeded files. All that is needed for a "dictionary" is to tidy up the templates files. Perhaps https://wiki.debian.org/DebianInstaller/Preseed#Preseeding_and_the_installer.27s_debconf_templates helps?
Someone's start at template centralization:
it is unfinished, incomplete and unmaintained, but in 2016 I tried to create a single page centralising templates. https://lists.debian.org/debian-boot/2016/09/msg00075.html Anybody is welcome to extend or replace that work
Notes on TFTP netboot assistant locations. I havn't used this, but is worthy of further investigation:
Right now, '$TFTP_ROOT/debian-installer/' is used to set up and serve the netboot-images. If you also serve preseedings from the canonical location '$TFTP_ROOT/d-i/', you have a slightly confusing setup. The plan is to use 'd-i/n-a/' for di-netboot-assistant, to have all installer stuff within the common '$TFTP_ROOT/d-i/' directory.
A follow up email provides the following useful related entries to this request:
2018/01/28
- Debian Installer PreSeed
- Simple-CDDHowto a limited, though relatively easy to use tool to create a customized DebianInstaller CD.
2018/02/22 -- More Reference Materials:
- Stretch Example preseed.txt - I am looking at "#d-i finish-install/keep-consoles boolean true".
- Chap 5.3 - Boot Parameters - Preseed
- DebianInstaller NetbootAssistant - provides a tool to simplify the preparation of files for TFTP net booting
- PXEBootInstall - Installing Debian using network booting (links to previous page)
- Running Debian Installer - part of Debian Installer Internals manual
- preseed/stretch-sw-raid1.cfg - preseed example for software raid, via github
- debian-installer-9-netboot-amd64 - Debian-installer network boot images for amd64
- Using a custom kernel with the Ubuntu Installer - discusses preseeding and building/modifying a custom netboot installer, with a reference to Debian's documentation on modify/custom kernel.
To reduce the size of an install, one possible setting, but may be counter-productive if too much is not installed:
### Base system installation # Configure APT to not install recommended packages by default. Use of this # option can result in an incomplete system and should only be used by very # experienced users. d-i base-installer/install-recommends boolean false