Blogs

This short document describes how to get OpenRoaming working on MikroTik devices. It contains both the Web / GUI instructions, as well as CLI instructions. It is expected that the reader has at least a minimum amount of Mikrotik knowledge. Prerequisites A Mikrotik device with: working Internet connectivity wireless A RADIUS proxy with RadSec support. I use radsecproxy because it Just Works. MikroTik Configuration Step 1 - Login This should be fairly self explanatory - you need to connect to the device and login....

There has recently been some concerns expressed around new TLDs colliding with file extensions. While I’m the first to raise concerns around collisions, I think that this particular ship has sailed. As an example, the DEC VAX and CP/M used .COM as a file extension. This was then carried over into MS-DOS (and Windows) - a good example of this being command.com. While this confusion was briefly abused, but mitigations were quickly put in place....

Overview I’ve recently seen a number of instances where a Juniper router will simply not forward packets correctly, often onto a “LAN” (Ethernet with lots of hosts). Looking at the routing table seems to show that everything is fine, and pinging the host from the router works, but transit traffic appears to just disappear into a black hole. This can be really annoying and hard to debug. These are my quick notes on troubleshooting and fixing this....

Causes of DNS information hiding One of the recurring discussions in the ICANN NCAP (Name Collision Analysis Project) is what relevant information about the global DNS namespace can be extracted from the root servers. Increasingly the DNS hides information, both to improve end user privacy as well as to increase performance and reliably. QNAME Minimization Aggressive NSEC LocalRoot Caching Local Authoritative Summary Disclaimer Todo QNAME Minimization DNS Query Name Minimisation to Improve Privacy (originally published in 2016), only sends the minimum required part of the query name to the authoritative servers....