Share your gnu/Nix network ninja wizardry fellows.

Here you can discuss every aspect of Debian. Note: not for support requests!

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby reinob » 2019-11-06 18:13

Deb-fan wrote:Just a cool network infobit I found dorking. Have been exploring the command-line and cli tools for networking in gnu/Linux and came across the dig command ie: "dig http://www.google.com", cool thing is it shows you the IP of which dns server your system used.


Note that dig resolves DNS names, i.e. "dig www.google.com", and not URLs like "https://www.google.com".
You can also test "drill", which is simpler and focussed on DNSSEC.
reinob
 
Posts: 742
Joined: 2014-06-30 11:42

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Head_on_a_Stick » 2019-11-06 18:25

Code: Select all
networkctl status

^ That should show the configured nameservers under systemd-networkd.

And systemd-resolved can be used without it interferring with /etc/resolv.conf:
Code: Select all
empty@E485:~ $ sudo systemctl start systemd-resolved
empty@E485:~ $ resolvectl | grep 'DNS Servers'                                           
         DNS Servers: 9.9.9.9
         DNS Servers: 9.9.9.9
empty@E485:~ $
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10613
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-06 19:50

^^Thanks and thanks Head_on too. :)

Still being lazy about getting this minimal networking solution figured out for the time being. Mainly cuz I'm well, errr ... lazy and spending a bunch of time trolling various gnu/Linux forums for the heel of it. :D

@Hoas, you mentioned resolved is buggy and quirky, that it's not required for someone to still use networkd. What would you recommend as an alternative ? Directly editing resolv.conf ? This resolvconf.service systemd thingy ? Still not really up on or overly good with all this systemd type stuff. Trying but going to take awhile to grok all this junk !!!

It's a crap shoot ! Ie: I have both wicd-gtk AND systemd-networkd.service(s) running on Buster, thought someone was supposed to disable them or they'd conflict etc blahblah. Funny thing is, that Buster install blazes (ping -c 3 http://www.google on it, gives 5ms. Whereas on a very similar 32b/Stretch, it comes back as like 2003ms !?!?) However apparent speed is fairly well close on both. Depending upon network conditions. So I've disabled this, enabled that, poked at this or that file and oopsy, something stopped working until putting it back the way it was !!! Arghhhhhh !!!!!!!!

Aka: I'm in over my head, atm still just using the wicd-gtk thingy. Am hitting one of my many, tired of screwing with gnu/Linux and poking and prodding things burn-out phases.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-06 20:13

All these oddball upstream changes are really starting to grate on my nerves. Systemd, Wayland, this god forsaken polkit (policy file) pkexec and admin:/// junk. Have accepted systemd, even like the thing somewhat. Also don't want to even bother with finding hacks and work-arounds to evade the thing, Wayland = go crap in your hat. Will continue using Xorg for a longgggg time to come and polkit-etc blahblahblah. I WILL DESTROY YOU if ye continue aggravating me. The IBM/Redhat folks can kiss my <censored.>

Was just having a convo about running EOL/end of life releases over @ LM forums with various folks. Mentioned some of the how's and why's someone might do so. Tell the truth, things keep going as they are, screw it. Will just keep using EOL Debian releases and be more than happy for 10yrs or more just as things are.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Head_on_a_Stick » 2019-11-07 18:25

^ https://xkcd.com/2224/

Deb-fan wrote:@Hoas, you mentioned resolved is buggy and quirky, that it's not required for someone to still use networkd. What would you recommend as an alternative ? Directly editing resolv.conf ?

Yes, I maintain a static resolv.conf file. At the moment it has Quad9's nameservers listed 'cos I like IBM.
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10613
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-08 01:27

Thanks, lost track between all I've been poking at on 3 installs lately. Now it's down to 2, formatted/overwrote the 64bit/Stretch clone and moved the new Buster install onto it's partition. Used to be my rule of thumb = only 3 gnu/Nix os's on a system at any given time. Lately been keeping that down to 2 because I just don't want to mess with updating 3 of the things and besides they all tend to be clones and almost exactly the same according to my preferences.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-08 03:51

One more, speaking of sysctl tweaks. Gonna stash the one's I'm electing to use in /etc/sysctl.conf atm.

Standard Disclaimer, do not ignorantly apply these w/o doing your research and due diligence. These are those I'm electing, for my current situation. Also noticed that some of the default values set in Buster for them are different from Stretch. These are what's set in a Stretch OS and have not fiddled overmuch with this in Buster yet. Etc blahblahblah. No warranty, express or implied ... at your own risk, blahblahblah. :D

Code: Select all
# Lowering swappiness
vm.swappiness=10
# Cache pressure
vm.vfs_cache_pressure=50
# Other vm tweaks. dirty_ratio was 20% and dirty_background_ratio was 10, I cut these 1/2 10/5% instead.
vm.dirty_ratio =10
vm.dirty_background_ratio=5
# Min amount of RAM to keep unoccupied for apps-etc use, default on 4gb-sys was 41mbs(value is in KB's)and 2x default here.
vm.min_free_kbytes=83968
# Disable slow start for idle connections.
net.ipv4.tcp_slow_start_after_idle=0
# Enable tcp fast open, changed from the default of 1.
net.ipv4.tcp_fastopen = 3
## Here's where you choose congestion control algo. Veno is supposedly designed for lossy wireless connections.
net.ipv4.tcp_congestion_control=veno
## This would enable the BBR congestion algo, # the above if you do.
#net.core.default_qdisc = fq
#net.ipv4.tcp_congestion_control = bbr
# This detects dead TCP connections after 60secs, keepalive timeout kinda thing.
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 6


Discuss ? If anyone would like to share on the topic of sysctl fiddling, things you've found effective in a given scenario or situation ... please do.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-08 04:50

More pointlessness: Went ahead and enabled the BBR congestion control algo and does in fact seem to provide a boost. Though having little real control over my current AP, leaves any real quality testing out of the question and thought there was more to it than a couple lines in /etc/sysctl.conf also. Oh well, certainly is no slower,(than Veno and believe due to my current network situation, Veno was in fact somewhat better than Cubic) seems faster even having done this 1/2 effort. Again which am sure I did in the past. Though at that time BBR wasn't even available in stock kernels. Vaguely remember enabling it while custom compiling one of the things.

Don't remember, clearly wasn't a smashing success or I'd have been using it default for years now. Though at that time could very easily have been user-error, PEBCAK issues involved. :) Does anyone want to test and dork with this ? It's easy enough to put back and undo, with no problemo's possibly being involved.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-08 17:20

Okay ... finally got around to attempt # 3 and SUCCESS !!! :D

Here's what I did ... Based on this guys Arch gnu/Linux thread, which helped clarify for me. Kept going hmmmm, looks like a couple friggin files is all that's needed. Yet still face planted twice nonetheless. Btw ... also just for the record, it's all Head_on's fault. :P He's knows I'm daft and he could've been more helpful. On second thought, think that link makes it fairly clear what steps are involved. Clearly if you aren't using wicd-gtk etc. Then you'd disable whatever you are using to manage networks with the "systemctl" command.

Also, I skipped bothering with enabling the systemd-resolved.service, thus also skipped symlinking /etc/resolv.conf to it's version of resolv.conf. Thanks Head_on for the heads up on it being quirky. I do have the resolvconf.service running and edited the following file /etc/resolvconf/resolv.conf.d/head as root/sudo etc. What this file does is add whichever dns servers or whatever you put into it at the top of the /etc/resolv.conf file it generates. Here's the contents I added by way of example. These are the google public dns servers addresses.

options timeout:1
nameserver 8.8.8.8
nameserver 8.8.4.4


The options timeout:1 thing is something else snatched from the blessed Archwiki and it supposedly makes the OS fallback to the next dns server listed really quickly if the first one on the list doesn't work. Ok ... that's a wrap folks, in my case I just went ahead and purged wicd-gtk and "sudo apt autoremove" to get rid of any packages assoc with it hanging around on my system. That's a wrap, time to update score board yet again.

Networkd = 2, Deb-fan = 1 (That's all I needed ya fecker, he who laughs last, laughs hardest !!!!) GAME OVER ... I WIN ! :D
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-09 07:38

Just stashing this here cuz it's funny and interesting, thus for your and my (later) review. Looks all technically correct and we've all been in such situations occasionally. When needed to get something done but whatever was forbidden by an overly anal network admin. Someone can get a cheapy low-end VPS for all of a few bucks a month and thus greatly expand on the cool shenanighans that person can engage in online. :D
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-09 14:36

Yep, more rambling about wifi networking from command-line. Still mucking through all the different cmds and utils for this. Don't really like what I've settled on for scanning and showing details of available AP's the old lappy detects. So far have cleared /sbin/iw, /sbin/iwlist and /sbin/iwconfig in a file in sudoers.d which allows them to be run by my user without password and added aliases for them in my users ~/.bash_aliases file.

scan="sudo iw dev name-of-wifi-interface scan |grep SSID"
Gives me a list of all avail AP's detected SSID's/names.
wifi-info="sudo iwlist name-of-wifi-interface scan"
Shows more detail about them, such as type of encryption/sec being used, blahblahblah.
ck-conn="sudo iwconfig"
Which just shows the current state of an ongoing connection(if any and if not will make that plain, such as a disconnect.)Let's me know what the wireless interface is connected to and shows some info about the AP-etc.

* Note: The above cmd is also great for getting the name of your wireless interface folks.

Not really thrilled with clearing all these handy utils with no password for my user needed but ah, not the end of the world and will find better ways to deal with this. Other than this whining, very happy with networkd + wpa_supplicant, connection blazes along great and yep, is in fact super light compared to what any gui/Net-manager would be. The Buster install is fairly well complete, mucho fast, very stable and light as da feather. Sucker is now weighing in at 149mbs-ram @ boot idle.

Misc add: There's also wavemon available in the repo's, launched in terminal just typing "wavemon" will show the current state of a connection and some stats about it. Just gonna keep adding and dorking with this subject I guess. This looks fairly good in terms of what I'm searching for, wpa_cli fellows ... FTW !!! Still some spit n polish but getting there. We don need no stinkin network gui's !

Suggestions welcome though. Always. :)
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-10 16:33

Misc add, thought this is neato. Snatched from a Gentoo resource on wpa_cli. It's used in the wpa_supplicant.conf file to connect to any open wireless AP/hotspot a system detects.

Code: Select all
        network={
        key_mgmt=NONE
        priority=-999
}


Anyone interested in the entire webpg just google that above. Surely it'll be included in the first few results. Did have much relevant info on this junk. Also not going to just add that sucker as is to my /etc/wpa_supplicant/wpa_supplicant.conf file. Only noting it cause it's cool and when I come back here, to troll old posts ... will remind me of it too. :) Wpa_cli and assoc cmds does seem like just the thing to make adding access pts on the go fairly convenient for peeps. With little time, pain or having to reload services blahblah.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-10 19:40

Sorry me again, gotta do it. I sometimes wonder how much of the content of da blessed Archwiki is copy/pasted from Gentoo's docs ? Properly cyber-snobberized o course, so that darn near nobody can easily understand it. Not even the people who copied + pasted + rewrote the thing. When they later return to look it over themselves. :D

They're like .... you put the who's whatnit, into the discombobulators ... but not before enabling the whapist .... Whaaaa ??? Hey honestly, just keeping it real, shrugs.
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Deb-fan » 2019-11-11 00:21

Wanted to post that, looks to be a good overview of CCA's = congestion control algo's, specifically BBR and yeppers it's going to matter whether desktop or server regardless. The algo in use on a given system is going to measure and decide how much data is sent and how to react to network congestion and changes ... period, thus play it's role in total throughput. Noted getting really good speed with bbr, though actually think Veno in fact does slightly better. BBR is meant for a wider range of networking scenario's, whereas Veno is supposedly specifically meant to handle wireless connections. So does make sense. Again ... really kind of annoying that atm find myself unable to do worthwhile tests but oh well, it's hard to beat free highspeed wifi. So I'll deal for time being. :D Bottomline, won't know till I've got more control of the network used. So dang close it's ridiculous anyway. During times with low congestion, either blazes even in this crappy connection situation. Considering am only getting between 60-70% signal strength and (40 out of 70) for link quality.

Conclusions w/o solid and repeatable testing:
Veno vs BBR on wireless = probably Veno by some margin.
BBR vs Cubic on wireless/wired = BBR winning by as yet an unknown margin. Would bet by a decent one though. In particular wired connections. :D


Ps, dang fellow nixers, come on. Many of you are in a position to test this out, so ? Let's do this thing, it takes all of 20secs to change algo's. Describe connection type (wifi/wired etc), algo's used for comparison, basic methodology involved etc ?
Deb-fan
 
Posts: 445
Joined: 2012-08-14 12:27

Re: Share your gnu/Nix network ninja wizardry fellows.

Postby Head_on_a_Stick » 2019-11-11 12:41

Deb-fan wrote:Wanted to post that, looks to be a good overview of CCA's = congestion control algo's, specifically BBR and yeppers it's going to matter whether desktop or server regardless.

No, it isn't.

Read the article again, slowly this time. It is talking about outgoing traffic rather than incoming so it would only help other people take data off your computer. The algorithm will not improve your browsing or download speed at all and if you don't believe me then use https://packages.debian.org/buster/speedtest-cli to provide some proof before posting back.

And anyway the algorithm only comes into play with multi-gigabit connections, which I doubt you have.
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10613
Joined: 2014-06-01 17:46
Location: /dev/chair

PreviousNext

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 5 guests

fashionable