network tips

disable ipv6

in kernel module (requires reboot)

edit /etc/default/grub and add ipv6.disable=1 in line GRUB_CMDLINE_LINUX

/etc/default/grub

GRUB_TIMEOUT=5
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rhgb quiet"
GRUB_DISABLE_RECOVERY="true"

regenerate a GRUB configuration file and overwrite existing one

grub2-mkconfig -o /boot/grub2/grub.cfg

restart system and verify no line inet6 in ip addr show command output

shutdown -r now

using sysctl settings (no reboot required)

append below lines in /etc/sysctl.conf

/etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

to make the settings affective, execute

sysctl -p

::: note make sure the file /etc/ssh/sshd_config contains the line AddressFamily inet to avoid breaking SSH Xforwarding if you are using the sysctl method :::

add the AddressFamily line to sshd_config :

/etc/ssh/sshd_config

AddressFamily inet

restart sshd for changes to get get effect

systemctl restart sshd

use a different ip address on a curl command

to use 127.0.0.1 instead the real ip address of docs.rda.run

curl --resolve docs.rda.run:443:127.0.0.1 https://docs.rda.run

download ssl certificate

echo quit | openssl s_client -servername docs.rda.run -connect docs.rda.run:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > site-cert.pem

to use this cert

curl

curl --cacert site-cert.pem https://docs.rda.run

wget

wget --ca-certificate=site-cert.pem https://docs.rda.run

verify network throughput between two servers

on server 01

iperf3 -s

on server 02

upload speed, Mbits/sec

iperf3 -f m -c <IP_SERVER_01> | grep sender | awk -F " " '{print $7}'

download speed, Mbits/sec

iperf3 -f m -c <IP_SERVER_01> -R | grep sender | awk -F " " '{print $7}'

running iperf3 as a service

/etc/systemd/system/iperf3.service

[Unit]
Description=iperf3 server
After=syslog.target network.target

[Service]
ExecStart=/usr/bin/iperf3 -s
Restart=always
RuntimeMaxSec=3600
User=iperf

[Install]
WantedBy=multi-user.target
DefaultInstance=5201

sudo adduser --system --no-create-home -s /sbin/nologin iperf
sudo systemctl daemon-reload
sudo systemctl start iperf3

list all ipv4 address of a network

nmap -sn 172.17.3.0/24 | grep -B 1 'Host is up' | grep -oE '[[:digit:]]{1,}\.[[:digit:]]{1,}\.[[:digit:]]{1,}\.[[:digit:]]{1,}'

telnet with timeout

# echo quit | timeout --signal=9 3 telnet [HOST] [PORT]
$ echo quit | timeout --signal=9 3 telnet rda.run 6969
Trying 172.217.28.14...
Killed

using curl to calculate website load time

curl -o /dev/null -s -w %{time_total}\\n https://rda.run
0,536215 # Resposta (em segundos)

you can get some other infos too.

curl -o /dev/null -s -w {time_connect}:%{time_starttransfer}:%{time_total}\\n https://rda.run
# connection time : transfer start : total time in seconds
0,035299:0,151648:0,157692

port redirect on windows 10

use powershell as admin:

netsh interface portproxy add v4tov4 listenport=80 listenaddress=127.0.0.1 connectport=80 connectaddress=192.168.99.100

to test if the rule was applied:

netsh interface portproxy show all

to remove the rule:

netsh interface portproxy delete v4tov4 listenport=80 listenaddress=127.0.0.1

resume a curl download

curl -C - -o partial-file.bin 'www.example.com/caminho/do/partial-file.bin'

limit syncthing to only use local network

• Actions → Settings → Connections: uncheck Enable NAT traversal, Global Discovery, Enable Relaying and Local Discovery
• Actions → Advanced → Devices: limit the allowed networks to your network only. 192.168.178.0/24, for example
• Remote Devices → device name → edit → Advanced → Addresses: set tcp://192.168.178.xx:22000, for example
• Actions → Advanced → Options: uncheck Announce LAN Addresses and Crash Reporting Enabled