Luke Patrick Buraglio

In keeping with tradition, Luke decided to make a grand entrance after much drama at 0627 on December 30, 2008, weighing in at a svelte 6lb 10.7oz and 21″ in length. Both Luke and his strong, resilient mother are doing exceptionally well. There have been a lot of friends and family swinging by to visit, with more to come.

Luke Buraglio Sleeping
Luke Buraglio Sleeping

Keep track of updates at his little corner of the web.

Glad to be here!! See you soon!

System sending mail on submission port over ssl

I have a few cron jobs that run on my home mac machines and I like to get the notifications generated from the MAILTO parameter. Well, a while ago (I believe after the comcast acquisition of insightbb), this stopped working. I did a little debugging and it is my belief that port 25 is being blocked outbound from the comcast network. Many people speculatethis, and as a network engineer I think it is actually a good idea. First, port 25 isn’t *really* the port that you should be using for host to mail relay. I was always taught that the submission port was best practice per RFC 2476 . In practice, many folks don’t use this port simply because since as far back as I can remember documentation has always pointed end users at port 25.
So, long story short, something I wanted to do for a long time was to set up a special account under my google apps that can be used to relay and record this data, as well as be used for things like an email wild card for my domain.
I was about to embark on hacking up the postfix installs then I came across this macosxhints article.
It’s a very handy walk through of doing exactly what I wanted to do, relay mail on port 587, over ssl through my ISP to an externally hosted email account.
Very handy.

IPv6, Vmware Fusion, Wireless

I’ve been revisiting IPv6 a lot again lately, and one thing I wanted to do was to get my home network back running IPv6 again after having it off for a while. IPv6 isn’t that hard to understand, configure, route or use, it’s just different and I need to know it well for my job so this is a good excuse to play around and re-read some of the books I bought years ago on the subject.
Since my lovely provider, Comcast, has no plan to deploy v6 yet I turned to one of the several IPv6 Tunnel Brokers. I had used the Hurricane Electric Tunnel Broker service a lot when first pawing at v6 years ago, and my tunnel info was still there.
OK, Tunnel up. Reverse DNS delegated and working. Router Advertisements flying all over the network and modified EUI-64 addresses all looking good.

# ifconfig
lo0: flags=8049 mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
vic0: flags=8843
mtu 1500
lladdr 00:0c:29:38:49:eb
groups: egress
media: Ethernet autoselect
status: active
inet6 fe80::20c:29ff:fe38:49eb%vic0 prefixlen 64 scopeid 0x1
inet6 2001:470:1f07:447:20c:29ff:fe38:49eb prefixlen 64 pltime 604786 vltime 2591986
inet 192.168.209.11 netmask 0xffffffc0 broadcast 192.168.209.63

inet6 2001:470:1f07:447:20c:29ff:fe38:49eb prefixlen 64 pltime 604786 vltime 2591986 being the important string in there.

…..Flash back like 12 months. In an effort to be a little more conscious of money as well as environment, and out of good old fashioned cheapness, I took down my nice rack of servers, powered them all off, saved up my pennies and got a really nice 24″ iMac, packed to the hilt with RAM and disk with the idea of using one of my copies of vmware fusion to run my FreeBSD, OpenBSD and pfSense stuff on.

OK, time for the fun…..geting some v6 stuff to work through my network, over wireless, using vmware fusion with the gust OS in bridge mode….uuuumm, nope.
Hmmmm, why could this be? It’s just a network interface, right? Wrong. After troubleshooting this for a while and seeing nothing in packet dumps from anything outside of the box I decided to hit up my the smartest place I know to look, Google (yes, I used http://ipv6.google.com).
Low and behold, I found this post.

Apparently wireless interfaces are a problem, and as so tersely stated more than once in that thread “VMware policy is to not comment on unannounced products, features, or timelines”.
Crud. Well, I’m running vmware fusion 1.1.4 still….maybe I’ll see if it’s supported in 2.0, but not tonight. That would make life too easy so I’m not counting on it.

[ad]