Overview of VPN providers that support IPv6

Me

2021-11-05 15:11

Finding commercial VPN providers that provide actual real IPv6 support (and not just "leak protection" aka a blackhole route) is pretty hard so I decided to write down the ones I know about. The amount of information present depends on the provider's documentation and whether I have tested them myself.

Setting up Smokeping in a systemd-nspawn container

Me

2021-06-11 11:48

Smokeping is a nifty tool that continuously performs network measurements (such as ICMP ping tests) and graphs the results in a web interface. It can help you assess performance and detect issues in not only your own but also upstream networks.

Fully unprivileged VMs with User Mode Linux (UML) and SLIRP User Networking

Me

2021-05-09 11:36

A few months ago I wanted to test something that involved OpenVPN on an old, small VPS I rented.

The VPS runs on OpenVZ, which shares a kernel with the host and comes with one important constraint:
TUN/TAP support needs to be manually enabled, which on this VPS it was not.

Maybe run a VM instead? Nope, KVM is not available.

At this point it would've been easier to give up or temporarily rent another VPS, but I really wanted to run the test on this particular one.

Dealing with glibc faccessat2 breakage under systemd-nspawn

Me

2021-02-16 19:21

Backstory

A few months ago I stumbled upon this report on Red Hat's bugzilla.

The gist of it is that glibc began to make use of the new faccessat2 syscall, which when running under older systemd-nspawn is filtered to return EPERM. This misdirects glibc into assuming a file or folder cannot be accessed, when in reality nspawn just doesn't know the syscall.

A fix was submitted to systemd [1] but it turned out this didn't only affect nspawn, but also needed to be fixed in various container runtimes and related software [2] [3] [4] [5]. Hacking around it in glibc [6] or the kernel [7] was proposed, with both (rightfully) rejected immediately.

I pondered what an awful bug that was and was glad I didn't have to deal with this mess.

Running Windows 10 for ARM64 in a QEMU virtual machine

Me

2020-08-06 13:35

Since the development stages of Windows 10, Microsoft has been releasing a version of Windows that runs on 64-bit ARM (AArch64) based CPUs. Despite some hardware shipping with Windows 10 ARM [1] [2] [3] this port has received little attention and you can barely find programs that run on it.

Naturally, I wanted to try this out to see if it worked. And it turned out it does!

Installing the Debian X32 port on a VM or real machine

Me

2020-07-25 23:01

X32 is an ABI for Linux that uses the x86-64 instruction set but 32-bit longs and pointers (this is called ILP32), thereby limiting the memory for a single process to 4 GiB. Compared to amd64 it offers significant memory savings and unlike plain i386 it can make use of all registers and extensions also available to 64-bit code.

Debian has an X32 port since 2013 but installing it isn't quite straightforward.

To follow this guide you'll need:

A Debian netinst CD for the amd64 architecture: https://www.debian.org/CD/netinst/
A computer or VM with x86-64 compatible CPU
An internet connection on the machine you are installing

Virtualizing Raspbian (or any ARM/Linux distro) headless using QEMU

Me

2020-03-16 21:52

For testing or development it can be very useful to have a distribution that usually runs on an embedded ARM board such as the Raspberry Pi run right on your machine (that isn't ARM) using a virtual machine.

Opening a shell inside non-systemd nspawn containers

Me

2020-02-13 13:31

If you try to open shell inside a container that runs e.g. Alpine Linux using machinectl, the following not very descriptive error will appear:

# machinectl shell vpn
Failed to get shell PTY: Protocol error

QEMU Configuration & Usage

Me

2020-02-03 22:23

Here I collect some QEMU options I have found useful beyond the basics.