Profile

Cover photo
Thomas Berger
Works at 1&1 Internet
115 followers|42,507 views
AboutPostsPhotosYouTube

Stream

Thomas Berger

Shared publicly  - 
 
We analyzed a strange behavior with IPv6 on our loadbalanced Reverse-Proxy cluster the last days. Today we found, that there seems to be a major issue within the Linux kernel. The ICMPv6 packages have a incorrect checksum after NATing. We use IPVS to balance between our nodes. The corrupted ICMPv6 packages does not reach the cluster nodes at all, resulting in unstable network communication if the client uses some smaller MTU then 1500.

There was a discussion on netfilter-devel about this back in 2015: http://marc.info/?l=netfilter-devel&m=144434231825617&w=4

But it looks like nothing happend after this. At least the current code does not contain any fixes.

I wonder what +Linus Torvalds thinks about such a huge problem in the #linux kernel.
1
Add a comment...

Thomas Berger

General Discussion  - 
 
 
I'm building the #amlogic    #linux   kernel right now. And i have never ever seen so much grab in any kernel fork.

Dependencies for kernel options are broken, disable one module the whole kernel does not build because of unresolved symbols. 

Also, i see a bunch of warnings like uninitialized usage or unused variables.

A deeper look into the code and i found at least one missing boundary check on external provided input ... 

I like the +hardkernel odroid devices, but the #amlogic  patchset is bullshit ... 
View original post
3
Add a comment...
 
#debian  does not have any stable cluster management in Jessie. #pacemaker   was dropped because dependencies are not satisified, and #heartbeat   is deprecated and unmaintained for years.

And all that because #debian  Jessie has a 4 year old libqb and didn't want to upgrade it before the freeze. As jessie should be release in 5 days, be prepared sysadmins. This release will break your clusters!
4
Add a comment...

Thomas Berger

Shared publicly  - 
 
 
†††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† 
 ·  Translate
Wieder sind Hunderte Flüchtlinge im Mittelmeer ertrunken, die EU gerät in Bedrängnis. Hilfsorganisationen fordern endlich Konsequenzen, damit sich eine solche Tragödie nicht wiederholt.
74 comments on original post
1
Add a comment...

Thomas Berger

Shared publicly  - 
 
 
"A man is not dead while his name is still spoken." (Going Postal)
Darum: GNU Terry Pratchett! Mehr Infos hier: www.gnuterrypratchett.com

Natürlich haben wir die Nachricht auch in den X-Clacks-Overhead von heise.de eingebaut, damit Sir Terry virtuell weiterlebt. (vza)

P.S.: Clacks ist quasi der Scheibenwelt-Vorvorvorläufer des Internet.
 ·  Translate
5 comments on original post
1
Add a comment...

Thomas Berger

Shared publicly  - 
 
Am 12. März 2015 ist Terry Pratchett, der Autor der Scheibenwelt-Romane, gestorben. Er war wohl einer der größten Schreiber unserer Zeit. Die BundesIT ehrt Terry Pratchett auf eine ganz besondere Art: In den Scheibenwelt Romanen gibt es eine Technologie, die unserem Internet relativ nahe kommt: Clacks. Wenn Clacks-Operatoren sterben werden ihre Namen auf Ewig im sogenannten "Clacks Overhead ...
1
Add a comment...

Thomas Berger

Shared publicly  - 
 
 
Die GDL streikt für uns alle. Die Groko will das Streikrecht einschränken. Heute Lokführer, morgen Erzieher ... übermorgen DU


#GDL #CDU #SPD #GroKo #Streikrecht #gdlstreik #Bahn #EVG #Grundrecht #Streik #Lokführer #Lokführerstreik #Weselsky #Bahnstreik #Weltnetz #Bananenrepublik  
 ·  Translate
63 comments on original post
2
Add a comment...

Thomas Berger

Shared publicly  - 
 
I'm building the #amlogic    #linux   kernel right now. And i have never ever seen so much grab in any kernel fork.

Dependencies for kernel options are broken, disable one module the whole kernel does not build because of unresolved symbols. 

Also, i see a bunch of warnings like uninitialized usage or unused variables.

A deeper look into the code and i found at least one missing boundary check on external provided input ... 

I like the +hardkernel odroid devices, but the #amlogic  patchset is bullshit ... 
1
1
Add a comment...
Story
Tagline
Chaos is what we are all made from
Basic Information
Gender
Male
Work
Employment
  • 1&1 Internet
    PostgreSQL DBA, 2015 - present
  • Boreus Rechenzentrum GmbH
    Administrator, 2015