2021-07-16 GnuCash IRC logs

14:06:54 <fell> jralls, in en_US "saving account" or "savings account"?
14:20:08 <warlord> fell, I have seen it both ways. I'm not sure there is a single "correct" usage.
14:22:01 *** Pegasus_RPG has joined #gnucash
14:22:04 *** David has joined #gnucash
14:23:08 <warlord> How strange.. Somehow the GnuCash win32 builder "heard" a v6 RA from my new "magic box", *through* my main gateway. I have no idea how it heard it, but somehow it acquired a v6 address on a v6 network that *doesn't exist* on its network -- only on an upstream link. How strange.
14:23:31 <jralls> fell, I've usually seen it as "savings account", but as warlord says both are acceptable.
14:23:53 <jralls> warlord, that's pretty strange.
14:24:05 <warlord> I think "savings account" is probably more "in use"
14:24:31 <jralls> fell is the flooding in western Germany affecting you?
14:24:31 <warlord> jralls, isn't it? I've got an radvdump running on my laptop and haven't seen anything broadcast.
14:25:17 <jralls> warlord, how does the new magic box work?
14:27:15 <warlord> Basically it's running a program called "EAP_Proxy" which has 3 ports, ONT, RG, and LAN, and listens on the ONT port for EAP requests and forwards them to the RG (and back). It mirrors the RG MAC on the ONT port, and then it runs a dhcp client to obtain an IP address. It also runs a private DHCP server for the RG to acquire an IP address. Apparently this is enough to make everything happy.
14:27:45 <warlord> AT&T routes my public /29 to the DHCP IP address, so all I need to do is present my /29 on the LAN port, and viola.
14:28:39 <warlord> AT&T also apparently will give me a /60 via DHCPv6-PD -- and this is where I'm getting stuck because EdgeOS does not have a way for me to take that /60 and re-delegate (e.g. a /62) to my main router.
14:29:32 <warlord> This is where I'm currently stuck. the magic box puts a /64 from that /60 onto the LAN port and advertizes it.. And *somehow* the windows box saw an RA and grabbed an address on that /64 -- even though it's a completely different network segment.
14:31:32 <warlord> Apparently I can set up a *static* dhcpv6-pd announcement from the magic box; but I don't know how to program that dynamically from the upstream -PD.
14:37:38 *** Mechtilde has joined #gnucash
14:39:15 *** derwos has joined #gnucash
14:39:44 <jralls> Is RG what used to be called a DMZ, an intermediate firewall domain that allows SYN from outside?
14:40:53 <warlord> No, RG is the AT&T Router/Gateway (e.g. "cable modem")
14:41:45 <jralls> Oh, then what's ONT?
14:54:16 <warlord> Optical Network Translator -- the box that converts Ethernet to FiberOptic
15:02:38 *** kcin1 has joined #gnucash
15:03:03 *** kcin has quit IRC
15:03:38 <jralls> Wait, you have two WAN connections?
15:04:51 <warlord> No...
15:05:06 *** kcin1 is now known as kcin
15:05:59 <warlord> It looks like this:
15:05:59 <warlord> # AT&T Upstream
15:05:59 <warlord> # ONT
15:05:59 <warlord> # |
15:05:59 <warlord> # [ Magic Box ]---LAN
15:06:00 <warlord> # |
15:06:02 <warlord> # AT&T RG (modem)
15:06:04 <warlord> #
15:06:39 <warlord> The RG WAN port is connected to the magic box. Nothing is connected to the RG LAN ports.
15:06:58 <jralls> The why have the RG at all?
15:07:00 <warlord> All my data flows from LAN to ONT through the magic box.
15:07:09 <warlord> It's required to authenticate to AT&T
15:07:17 <jralls> Ah!
15:07:21 <warlord> Without it, the magic box can't get online.
15:08:04 <warlord> Before I was doing this with network bridging and ebtables to do MAC-level DNAT/SNAT. But this way is MUCH cleaner, IMHO.
15:08:42 <warlord> no NATting at all in the magic box (except for the RG if it wants to talk to AT&T). All my data is just routed, which it can do at line speed, so I get true 1Gbps
15:08:51 <jralls> So the magic box is mostly your NAT router, but the magic part is that it passes the AT&T auth packets to the RG.
15:08:53 <warlord> (well, I've measured it more like 900-950, but good enough)
15:09:29 <Simon> "completely different network segment" in what way is it separated? I find Windows network drivers strip VLAN tags
15:10:09 <warlord> Really, it looks more like this:
15:10:10 <warlord> # AT&T Upstream
15:10:10 <warlord> # ONT
15:10:10 <warlord> # | +---[ SIP Box ]
15:10:10 <warlord> # [ Magic Box ]---+---[ Router to LAN ]--
15:10:10 <warlord> # | +---...
15:10:12 <warlord> # AT&T RG (modem)
15:10:14 <warlord> #
15:10:27 <warlord> The windows box is behind the "router to LAN"
15:11:03 <warlord> The MAGIC box does -PD and gets a /60 and assigns a /64 to the link between the Magic Box, SIP Box, and Router-to-LAN.
15:12:07 <warlord> BUT -- if it's stripping VLAN tags.... THAT could do it -- I'm using a VLAN for that switch, and the windows box is on a trunk-line so "seeing" that in the VLAN data. If windows strips VLAN tags, that would do it.
15:12:10 <warlord> F U Windows.
15:12:47 <warlord> Simon, yeah, that's a VLAN (in my main switch) between the MB, SB, and RtL.
15:15:18 <Simon> sometimes installing the manufacturer's driver helps
15:15:58 <Simon> or checking the configuration options for the network card
15:21:13 <warlord> Windows is in a VM..
15:21:30 <warlord> But ignoring VLAN tags? That's .... really not kind.
15:23:37 <warlord> But, that explains why windows did that. *sigh*
15:23:56 <warlord> Thanks, Simon !!!
15:24:36 <warlord> Maybe I should swap VLAN off to a dedicated switch instead of a VLAN. Seriously, one would think a VLAN would be secure. LOL.
15:28:37 <Simon> well it's definitely not secure unless the switch can restrict which ports get that traffic
15:29:05 <Simon> it becomes painful to have to continually reconfigure every new Window device so that it ignores VLANs so I stopped using them
15:29:38 <Simon> if it's in a VM I think you could bridge it to a network device that only gets untagged traffic
15:29:45 <Simon> or at least filter it out
15:32:41 <warlord> The switch can restrict it. I just didn't configure that, thinking everything would ignore it. Silly me.
16:39:18 <warlord> jralls, I suppose next time you log into the win32 builder you can reconfigure it to ignore VLANs.
16:43:46 <jralls> warlord, I don't find useful instructions for ignore or disable vlan on win10, just instructions for configuring them.
17:00:26 <warlord> Simon?
17:10:22 <Simon> ?
17:17:14 <warlord> How would jralls reconfigure win-10 to get it to ignore VLAN tags?
17:32:02 <Simon> You want it to ignore the tags or ignore the tagged traffic? The former is a driver bug so no idea and the latter requires either finding a network adapter setting for the VLAN and/or upgrading the driver
17:32:32 * Simon goes to bed
17:40:21 <fell> jralls, I had all windows open on this warm days with normal summer rain, but on the low mountain ranges from 60 km East down to Luxembourg in SSW it was catastrophic. Later the flood will go down river Maas/Meuse and several tributaries of Rhine.
17:42:18 <fell> Sorry I don't know how to put the water on the server for your wildfires. ;-)
17:42:28 <jralls> fell, the news reports say Belgium is getting hit pretty hard so I guess the flood has already gone downriver.
17:44:00 <jralls> Yeah, it would be great if you could send us a couple million hectare-meters, and not just for firefighting.
17:45:38 <jralls> I dunno if hectare-meters is a real measurement. Here we use acre-feet to measure things like reservoir capacity and hectare-meter is the illogical conversion to metric.
17:46:31 <fell> The highest point of Belgium is high moor Haute Fagne/Hohes Venn. It's usually closed at this time because of fire danger, but this year it got already in the spring more than enough water, And now it goes directly ito the rivers.
17:46:49 <jralls> warlord, sounds like the VLAN setting is what you get with the VM server.
17:54:29 <fell> Hect[o-]ar means 100x100m it's common as agricutural area dimension.
17:56:02 <fell> In my youth 4 Morgen/Tagwerk = 1Ha has been common.
17:57:17 <fell> The rain was ~200 l/qm
18:01:15 <jralls> Yes, acre is the usual measure of agricultural land, roughly 2/5 Ha.
18:01:37 <fell> The endangered Steinbach dam holds only 1,06 Mio. m³
18:04:54 <fell> Others hold 200 Mio. m³
18:14:40 <jralls> 200 is medium sized around here. https://en.wikipedia.org/wiki/List_of_largest_reservoirs_of_California
18:16:45 <warlord> jralls, yeah, sounds like I might need to do it on the network side. Either that or physically separate the LAN. UGGH.
18:17:01 <jralls> The smallest one on that list, Calaveras, is a couple of km from me.
18:17:09 <warlord> OR turn off SLAAC. That's another option! Nothing on that LAN needs to get an address...
18:17:18 <jralls> warlord, What's SLAAC?
18:17:35 <jralls> Something to do with the Church of the Subgenius?
18:17:55 <warlord> ipv6 auto configuration
18:18:07 <warlord> that's the router announcement that windows saw.
18:19:05 <jralls> If your lan doesn't use v6 there's no point in the overhead, never mind the pain.
18:23:37 <warlord> Well, that link between the magic box and the RtL does not require v6... So I turned that off (for now).
19:33:13 <fell> There is already a bigger flood reported for central Europe: https://en.wikipedia.org/wiki/St._Mary_Magdalene%27s_flood
20:14:35 <thechitowncubs> Hi, please build Bitcoin infrastructure into GnuCash
20:15:24 <thechitowncubs> Immediately
20:23:11 <fell> thechitowncubs, we are searching for someone who implements different namespaces in currency. Are you volunteering?
20:23:39 <thechitowncubs> I will be funding teams to patch all sorts of bugs on Gnu and Gnu Code, yes
21:02:31 <warlord> thechitowncubs, you willing to pay us $250,000 to get the feature done "immediately"?
22:16:41 <thechitowncubs> yes
22:16:56 <thechitowncubs> Give me 10 days
