Profile cover photo
Profile photo
Thomas Berger
113 followers -
Chaos is what we are all made from
Chaos is what we are all made from

113 followers
About
Thomas's posts

Post has attachment
We analyzed a strange behavior with IPv6 on our loadbalanced Reverse-Proxy cluster the last days. Today we found, that there seems to be a major issue within the Linux kernel. The ICMPv6 packages have a incorrect checksum after NATing. We use IPVS to balance between our nodes. The corrupted ICMPv6 packages does not reach the cluster nodes at all, resulting in unstable network communication if the client uses some smaller MTU then 1500.

There was a discussion on netfilter-devel about this back in 2015: http://marc.info/?l=netfilter-devel&m=144434231825617&w=4

But it looks like nothing happend after this. At least the current code does not contain any fixes.

I wonder what +Linus Torvalds thinks about such a huge problem in the #linux kernel.
Photo

Post has shared content
Die GDL streikt für uns alle. Die Groko will das Streikrecht einschränken. Heute Lokführer, morgen Erzieher ... übermorgen DU


#GDL #CDU #SPD #GroKo #Streikrecht #gdlstreik #Bahn #EVG #Grundrecht #Streik #Lokführer #Lokführerstreik #Weselsky #Bahnstreik #Weltnetz #Bananenrepublik  
Photo

Post has shared content
I'm building the #amlogic    #linux   kernel right now. And i have never ever seen so much grab in any kernel fork.

Dependencies for kernel options are broken, disable one module the whole kernel does not build because of unresolved symbols. 

Also, i see a bunch of warnings like uninitialized usage or unused variables.

A deeper look into the code and i found at least one missing boundary check on external provided input ... 

I like the +hardkernel odroid devices, but the #amlogic  patchset is bullshit ... 

I'm building the #amlogic    #linux   kernel right now. And i have never ever seen so much grab in any kernel fork.

Dependencies for kernel options are broken, disable one module the whole kernel does not build because of unresolved symbols. 

Also, i see a bunch of warnings like uninitialized usage or unused variables.

A deeper look into the code and i found at least one missing boundary check on external provided input ... 

I like the +hardkernel odroid devices, but the #amlogic  patchset is bullshit ... 

#debian  does not have any stable cluster management in Jessie. #pacemaker   was dropped because dependencies are not satisified, and #heartbeat   is deprecated and unmaintained for years.

And all that because #debian  Jessie has a 4 year old libqb and didn't want to upgrade it before the freeze. As jessie should be release in 5 days, be prepared sysadmins. This release will break your clusters!

Post has shared content

Post has shared content
†††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† †††††††††† 

Post has shared content
"A man is not dead while his name is still spoken." (Going Postal)
Darum: GNU Terry Pratchett! Mehr Infos hier: www.gnuterrypratchett.com

Natürlich haben wir die Nachricht auch in den X-Clacks-Overhead von heise.de eingebaut, damit Sir Terry virtuell weiterlebt. (vza)

P.S.: Clacks ist quasi der Scheibenwelt-Vorvorvorläufer des Internet.
Photo

Post has attachment
Wait while more posts are being loaded