Messages

I have for many many years ran 100% asic based soho hardware for home fw.

What exactly? Most SOHO products ship a more or less current and more or less competently hacked together Linux system. E.g. Fritzbox, which are exceptionally good at updates at least.

Ich habe das auch namentlich als PPPOEVLAN zugewiesen, das ist aber m.W. nicht notwendig.

Ist richtig, muss man nicht. Ich mache das z.B. nicht.

Du solltest WAN auf pppoe0 zuordnen.

The core team? No.

First step: log in to the Maxmind or IPinfo portal where you registered to set up your (assumed) free account, then check with their tools, where they locate that address.

Your end systems won't use an ULA if IPv4 is also available. The "happy eyeballs" algorithm prioritizes:

- IPv6 GUA if present
- IPv4 if present
- IPv6 ULA if present

So dual stack hosts never use ULA if the destination is reachable via IPv4, too.

@meyergru If you run your own local Elastiflow instance you can enrich the data with Maxmind's GeoIP info by configuring the flow collector like so:

Code Select Expand

EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_GEOIP_ENABLE: "true"
EF_PROCESSOR_ENRICH_IPADDR_MAXMIND_ASN_PATH: /etc/elastiflow/maxmind/GeoLite2-ASN.mmdb

As you can see the configuration points to the full path to the database file. The setup of acquiring that file and regular updates is completely outside of Elastiflow and in my case handled by the geoipupdate package on Ubuntu.

Question is: does IPinfo use the same file format and can I replace the Maxmind database with the IPinfo one?

If not, are there tools to convert?

I don't understand why you bring in IP66 - I don't even know what that is ;-)

Kind regards,
Patrick

No, that was sort of the point. 🙂 AGH cannot use the file downloaded by the plugin, but if you run AGH on OPNsense and like to integrate Q-Feeds, they will give you a second key for AGH to use.

Perfectly possible, I run that at home. Open a ticket with Q-Feeds support to get a second API key for use in AGH.

AGH does need an upstream server, though. So if you don't want to run Unbound as a recursive server, you need to cofigure your ISP, 1.1.1.1, or whatever you prefer. I use Unbound.

Hi!

Thanks for joining in the discussion. I use IPinfo with OPNsense, already.

Is the file format identical to Maxmind, so I can use it with software officially only supporting the latter? Like Elastiflow? Just point it at your files instead?

Thanks!
Patrick

Looks good as do your rules. I'd bring the big tools - packet trace/tcpdump.

OK, I implied duplicate in the same broadcast domain.

What's in your "AllowedIPs" on the client side?

I must be the only one here who's seen many dupe macs on laptops and pc's.

I'm a network engineer for more than three decades and I have never seen a single duplicate MAC address. 🤷�♂️

Apologies for the lack of precision in my phrasing.
The discussion centered on server reachability; a server requires a unique address in order to be located. Therefore, my clarifying question does not pertain to clients, but rather to servers!

Then how does "I use an Apple Mac" come into play here? You are running public services on Mac OS?