IPv6 Traffic Measurement Using Netflow

In order to measure IPv6 traffic, Netflow can be used. Generate Netflow records for both IPv4 and IPv6 traffic, and then when they arrive at your collector (e.g. nfdump+nfsen) it can filter them out and draw different graphs. Or, you can send netflow packets for IPv4 and IPv6 traffic to separate... Read more

IPv6 DNS Server Configuration (BIND)

It is presumed that your name server is already configured and functional for the IPv4 queries, hence the next steps will just focus on the additional configuration that is needed for supporting IPv6 DNS queries. Let’s see how to do that. 0. Before we begin Let’s consider, we have to... Read more

IPv6 Subnetting

Before you start it is recommended to go through the article first: IPv6 Address Representation IPv6 subnetting is similar to IPv4. However, people sometimes get confused due to the hex representation of IPv6 address. I’ll show you some examples of IPv6 subnetting and will explain why it is better to subnet... Read more

IPv6 Bogon Routes

Bogon routes or martian routes are the prefixes that should not be present in the global routing table simply because those prefixes are not really allocated to any organisation by the RIR. Like IPv4, we have a list of IPv6 bogon routes: 2001::/32 le 128: Teredo subnets 2001:db8::/32 le 128:... Read more

Enable or Disable IPv6 on Linux

Here’s how to disable IPv6 on a Red Hat-based system: Open a terminal window. Change to the root user. Issue the command sysctl -w net.ipv6.conf.all.disable_ipv6=1 sysctl -w net.ipv6.conf.default.disable_ipv6=1 To re-enable IPv6, issue the following commands: sysctl -w net.ipv6.conf.all.disable_ipv6=0 sysctl -w net.ipv6.conf.default.disable_ipv6=0   Here’s how to disable IPv6 on a Debian-based... Read more

IPv6 Address Representation

IPv6 Addressing Format IPv6 Address is ridiculously 128-bit or 16-byte long compared to the 32-bit IPv4 address. We all know that and it actually scares many of us. Good news is IPv6 is represented in hexadecimal number format whereas IPv4 is in decimal number format. Hence, each four bit in... Read more

IPv6 Public DNS Servers

Out of many, some of the public DNS servers that are available in IPv6 are listed below: Basic DNS: Google: 2001:4860:4860::8888 and 2001:4860:4860::8844 Hurricane Electric: 2001:470:20::2 Verisign: 2620:74:1b::1:1 and 2620:74:1c::2:2 Yandex: 2a02:6b8::feed:0ff and 2a02:6b8:0:1::feed:0ff Special DNS: Yandex Safe: 2a02:6b8::feed:bad and 2a02:6b8:0:1::feed:bad, which blocks “infected sites, fraudulent sites, and bots.” Yandex Family: 2a02:6b8::feed:a11 and 2a02:6b8:0:1::feed:a11, which blocks... Read more

IPv6 Addressing Plan

Before you start it is recommended to go through the article first: IPv6 Subnetting If someone asks “what’s the best way to prepare an IPv6 addressing plan?”, probably the best answer would be “it depends!”. Because there is no single best way to that. Now, when you’re playing with address plan,... Read more

Revoking a PGP key

Using the command line: I use PGP with my emails mostly to sign with digital signature. For some reasons I had to create a new PGP key and revoke my last key (0x43687201) from public key servers like pgp.mit.edu. Key revocation might be necessary for many reasons. Someone might lost... Read more

Unable to negotiate with x.x.x.x port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

The Problem I just got an updated on my macOS Sierra to version 10.12.4 (16E195). Since then, my SSH attempt gets rejected when connecting to our remote CISCO routers. Though, all were running fine before the update. Here’s the log I was getting: Awals-MacBook-Air:~ awal$ ssh awal@10.55.11.43 Unable to negotiate with 10.55.11.43... Read more