suddenly in-kernel communication between lxc containers gets erratic

we’re using LXC containers to host multiple workloads on the same physical servers. e.g. few instances of database servers running side-by-side. once in a while we end up with strange situation where tcp connections between containers running on the same physical server get torn down abruptly. in our case – this manifested e.g. by those …

Continue reading ‘suddenly in-kernel communication between lxc containers gets erratic’ »

black hole, somewhere in the internet, swallowing UDP packets

UDP packets sent from specific source port, with public source IP address do not reach specific destination port of the public destination IP address. changing any of the parameters [ usually source port ] – fixes the issue. i’ve observed this phenomenon multiple times for long-running OpenVPN and Wireguard VPNs encapsulating encrypted traffic in UDP …

Continue reading ‘black hole, somewhere in the internet, swallowing UDP packets’ »

bridging lan segments across untrusted links

we’ve run out of the office space in one of the locations. in short term it was not possible to find a suitable and large enough place to rent so we had to split and relocate some of the staff to another building few kilometers away. it’s possible that we’ll shuffle people and servers between …

Continue reading ‘bridging lan segments across untrusted links’ »

openvpn point-to-point server listening both on v4 and v6

at work i have openvpn between OVH dedicated server and our datacenter. due to varying bandwidth we sometimes use udp over ipv6 and sometimes over ipv4 as an encapsulation method. whenever we did the switch we always had to reconfigure both ends of the tunnel. it turns out that with recent openvpns and kernels it’s …

Continue reading ‘openvpn point-to-point server listening both on v4 and v6’ »

OVH, failover IPs, IPv6, VMs

at work we rent a dedicated server from OVH; except unexplained openvpn throttling all is working pretty well for the price we pay. besides primary IPv4 address OVH can provide few additional ‘failover’ IPv4 addresses and /64 IPv6 subnet. in our setup some of IPv4s and IPv6s are routed to a KVM VM. below – …

Continue reading ‘OVH, failover IPs, IPv6, VMs’ »

openvpn throttled from ovh’s bhs datacenter?

for work we rent a dedicated server from OVH. it’s been 5 months now and i’m pretty satisfied with the service provided. at the initial stage we’ve bumped into a problem that was never really solved; i cannot be even 100% sure if it’s OVH’s fault. UDP-based OpenVPN connection established from OVH’s BHS datacenter to …

Continue reading ‘openvpn throttled from ovh’s bhs datacenter?’ »