How to route IPv6 across ports in Cisco ISR

I have a Cisco ISR router with 4 ports. We own our IPv4 addresses and handle them via BGP, but my datacenter provider assigned us a IPv6 network. I’ve successfully added the IPv6 network to GigibitEthernet0/0/0 and an able to ping the upstream gateway. I’m trying to connect a computer directly to GigabitEthernet0/0/3 and assign it a IPv6 address in the range (2001:550:xx:xx::249.3/112), but that computer can’t ping the gateway at all.

I’m looking for some advice on how best to setup that 2nd port so that the IPv6 traffic can be routed over to Gi0/0/0 and ultimately to the upstream gateway.

I suspect I just need to setup a route between gi0/0/3 and gi0/0/0 but I’m not sure how to do that

My configuration:

interface GigabitEthernet0/0/0
 ip address xx.xx.xx.114 255.255.255.248
 media-type sfp
 negotiation auto
 ipv6 address 2001:550:xx:xx::249:0/112 eui-64
!
interface GigabitEthernet0/0/1
 no ip address
 media-type sfp
 negotiation auto
!
interface GigabitEthernet0/0/3
 no ip address
 negotiation auto
!
sh int GigabitEthernet0/0/3
GigabitEthernet0/0/3 is up, line protocol is up 
  Hardware is ISR4431-X-4x1GE, address is 00xx.xxx.d423 (bia xxx.428a.d423)
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive not supported 
  Full Duplex, 1000Mbps, link type is auto, media type is RJ45
  output flow-control is on, input flow-control is on
  ARP type: ARPA, ARP Timeout 04:00:00
ping 2001:550:xx:xx::249:1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:550:xx:xx::249:1, timeout is 2 seconds:
!!!!!

python – The route in Flask redirecting twice

@app.route('/customers_products/<name>',methods=('GET','POST'))
def customers_products(name):
    ##pass
        return redirect(url_for('customer_payment',name=name))
    return render_template('customers_products.html',name=name,products=products)

@app.route('/customer_payment/<name>',methods=('GET','POST'))
def customer_payment(name):
    order_numbers = (i for i in range(101,400))
    cursor = mysql.connection.cursor()
    query = 'SELECT order_no FROM order_receipts'
    cursor.execute(query)
    numbers = cursor.fetchall()

    numbers_used = ()
    for number in numbers:
        numbers_used.append(number(0))
        order_numbers.remove(number(0))

            
            
    order_num = random.randint(order_numbers(1),order_numbers(-1))
    print('Number 1:',order_num)
    print('Number 2:',order_num)

    ##pass

Output

Number 1: 168
Number 2: 168
127.0.0.1 - - (07/Apr/2021 23:14:39) "(37mGET /customer_payment/<name> HTTP/1.1(0m" 200 -
Number 1: 326
Number 2: 326
127.0.0.1 - - (07/Apr/2021 23:14:39) "(37mGET /customer_payment/<name> HTTP/1.1(0m" 200 -

I had a problem that although I only used redirect for one time then the route customer_payment redirected twice and I could not find out where is the problem that the result is not the same as I expected.

ruby – Rails: What route to let show one resource but submit to another?

I’m sketching out a data model for a Rails app that lets users submit answers to technical questions. For example, the prompt might be:

Write a SQL query to determine the number of unique visitors last week

My models would look like this:

class User < ApplicationRecord
  has_many :submissions
end

class Submission < ApplicationRecord
  belongs_to :user
  belongs_to :question
end

class Question < ApplicationRecord
  has_many :submissions
end

I’d like a user to be able to visit a page that will display:

  1. The question’s prompt
  2. The user’s previous submissions for this question
  3. A form that lets the user create a new submission for this question

How should I set up my routes given these requirements? I’m pretty lost but am thinking I could use nested resources in my routes.rb:

# not sure order matters here; I've usually seen nested routes be 
# ordered by the has many relationship.  so if A has many B and B has 
# many C, then the nesting order is A, B, C.

resources :questions do  
  resources :users do
    resources :submissions
  end
end

If I did that, a specific user submitting an answer to a specific question could be:

POST to /questions/:question_id/users/:user_id/submissions

Then my controller’s create action could look like this:

class SubmissionController < ApplicationController
  def create
    @question = Question.find(params(:question_id))
    @user = User.find(params(:user_id))
    Submission.create(params(:submission), user: current_user, question: @question)
    @submissions = Submission.where(user: @user, question: @question)
   
    redirect_to (@question, @user)
  end
end 

Is there a more RESTful / Rails-ey way to go about the above? If there’s not, does the ordering of my nested routes matter? Thanks in advance for any help you can offer!

How to route all outbound TCP to localhost:8080 with pfctl?

I’m looking for an updated (Big Sur) MacOS alternative for this iptables command:

linux iptables

sudo sysctl net.ipv4.ip_forward=1

sudo iptables -t nat -I PREROUTING -p tcp --dport 55 -j REDIRECT --to-port 8080

E.g. allow port forwarding, and forward all tcp traffic destined to port 55 to a tcp proxy listening at 127.0.0.1:8080

Trying to accomplish the same, I got to the following on Mac:

mac pfctl

sudo sysctl -w net.inet.ip.forwarding=1

echo "rdr pass inet proto tcp from any to any port 55 -> 127.0.0.1 port 8080" | sudo pfctl -ef -

This however doesn’t work, and instead clogs the packets in a way that they never reach my proxy.

Any help appreciated.

How to send response from some other route without changing the url

I have a route called /node-info . I want to return response from some other route when this route is called. I cannot redirect to other route from here.

shipping – If I were to ship a package betwen India and US which would be most efficient route?

Ever since the ‘Ever given’ epsiode happened, I found myself thinking that I know next to nothing about shipping. So I tried to find out how commercial shipping works between the two countries. Now what I got were websites of DHL and Fedex and while each of them have a quote it doesn’t necessarily tells you how things work. In both websites, many of the terms are pretty vague, for instance, it is anywhere between 8-15 days. I searched around a bit more and got to know that most such big ships do port-to-port rather than doing A-B as that is most profitable. I am sure there are probably some routes which would be more favorable than others. Does anybody have any idea of what possible routes and how much distance they would have cover. To take a concrete example, we have Ever given https://en.wikipedia.org/wiki/Ever_Given , now it seems that the ship moves at 22.8 knots or 42 kmph which is comparable to Indian Railways. It also shared that it carries something like 20k containers with probably bigger containers at the bottom and smaller containers at the top. It would be great if somebody shared some hypothetical or actual routes that they know that shipping companies take to travel to and fro. Here I am looking for only time and distance between ports. I do know in an actual scenario, one would also have to take into account inland transportation which actually adds its own complexity in both countries, I am discounting or removing that fully.

Looking forward to some sort of answer.

linux – How to route between VPN endpoints dynamically

I have the following setup:

OpenVPN endpoint 01  --|
                       |-- Server 01 --> Internet
OpenVPN endpoint 02  --|

Clients can choose to log in via either OpenVPN endpoint 01 or OpenVPN endpoint 02.

How can we make Server 01 automatically know where to route packets from the internet towards VPN endpoint?

I thought of ARP would solve it, but as clients are getting the same IP on both OpenVPN endpoints on a tunnel interface, there is no ARP between client and Server 01.

What is the right way to configure such setup?

We are running Linux servers.

regex – Register GET REST API route with multiple parameters

I’m trying to register a GET REST API route with multiple parameters with the following code:

register_rest_route( 'myplugin/v1', '/posts/?number=(?P<number>(d)+)&amp;offset=(?P<offset>(d)+)&amp;total=(?P<total>(d)+)', array(
    'methods'             => 'GET',
    'callback'            => 'my_rest_function',
    'permission_callback' => '__return_true',
    'args'                => array(
        'number' => array(
            'validate_callback' => function( $param, $request, $key ) {
                return is_numeric( $param );
            }
        ),
        'offset' => array(
            'validate_callback' => function( $param, $request, $key ) {
                return is_numeric( $param );
            }
        ),
        'total' => array(
            'validate_callback' => function( $param, $request, $key ) {
                return is_numeric( $param );
            }
        ),
    ),
) );

But, when I call it using for example:

https://example.com/wp-json/myplugin/v1/posts/?number=3&offset=0&total=3

I’m getting a No route was found matching the URL and request method. error.

What am I doing wrong?

proxy – How can I route usb modem packets with squid

I have two usb modems connected to a linux machine, both connections are made through wvdial and are working, I verified they work with:
curl https://api.myip.com/ --interface pppx and ping www.google.com -I pppx

Below are the responses to some commands that help show my config.

# ifconfig | grep -eppp(0-1) -A 1
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.120.178.170  netmask 255.255.255.255  destination 10.64.64.64
--
ppp1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.114.188.103  netmask 255.255.255.255  destination 10.64.64.65

# ip rule

0:  from all lookup local 
32764:  from 10.114.188.103 lookup ppp1 
32765:  from 10.120.178.170 lookup ppp0 
32766:  from all lookup main 
32767:  from all lookup default 

# ip route
default via 192.168.12.1 dev wlan0 proto dhcp src 192.168.12.150 metric 303 mtu 1500 
10.64.64.64 dev ppp0 proto kernel scope link src 10.120.178.170 
10.64.64.65 dev ppp1 proto kernel scope link src 10.114.188.103 
169.254.0.0/16 dev wwan0 scope link src 169.254.169.80 metric 242 
169.254.0.0/16 dev wwan1 scope link src 169.254.110.247 metric 244 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
192.168.12.0/24 dev wlan0 proto dhcp scope link src 192.168.12.150 metric 303 mtu 1500 

I am trying to have packets routed through one of these two usb modems depending on which squid port is used, for that purpose I’m using localport acl with tcp_outgoing_port, like this:

http_port 3130
http_port 3131
acl thirdport  localport 3130
acl forthport  localport 3131
tcp_outgoing_address 10.114.188.103 thirdport
tcp_outgoing_address 10.120.178.170 forthport

the full squid.conf:

acl localnet src 192.168.12.0/24    # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager 
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128

http_port 3130
http_port 3131


acl thirdport  localport 3130
acl forthport  localport 3131

tcp_outgoing_address 10.114.188.103 thirdport
tcp_outgoing_address 10.120.178.170 forthport

coredump_dir /var/spool/squid
refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|?) 0 0%  0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .       0   20% 4320
via off
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all

The problem is that when I connect to port 3030 (ppp1 interface) it works without problem but when I try port 3031 (ppp0 interface) it doesn’t work and I get the following output in /var/log/squid/access.log

1615513848.373 239749 192.168.12.145 NONE/503 0 CONNECT api.twitter.com:443 - HIER_NONE/- -
1615513848.373 239442 192.168.12.145 NONE/503 0 CONNECT api.twitter.com:443 - HIER_NONE/- -
1615513867.431   1232 192.168.12.145 TCP_MISS/204 183 GET http://connectivitycheck.gstatic.com/generate_204 - HIER_DIRECT/172.217.171.227 -
1615513874.402 119994 192.168.12.145 NONE/503 0 CONNECT api.myip.com:443 - HIER_NONE/- -
1615513886.416 120303 192.168.12.145 NONE/503 0 CONNECT api.myip.com:443 - HIER_NONE/- -

Am I doing something wrong here? Are there some steps to do to get more information about the problem in question?

networking – Malformed POST Route URL (Forgetting Router Group)

One of my routes, /new-payment (this happens with all new routes) gets stuck on a redirect. My site goes from the URL http://localhost:8081/auth/new_payment_get to http://localhost:8081/new-payment, it’s missing /auth after the port and before the route (it should be redirected to http://localhost:8081/auth/new_payment_get). The POST route (http://localhost:8081/auth/new-payment) is supposed to be invoked when the user presses “submit” on a form on the “new_payment_get.html” page. Now it looks like http://localhost:8081/new_payment (it’s supposed to be: http://localhost:8081/auth/new_payment_get.). The POST request registers on the server.