| 7 Feb 2026 |
 K900 | Starting to have a design formulating in my head | 23:03:55 |
| K900 | I think | 23:03:56 |
| K900 | Step 1, RFC42 the thing | 23:04:03 |
| K900 | Step 2, services.miniupnpd.firewallIntegration or whatever, which requires filterForward and just makes it write to the nixos-fw table | 23:04:39 |
| K900 | Step 3, probably turn that on by default? | 23:04:56 |
|  zimward joined the room. | 23:18:56 |
| 9 Feb 2026 |
|  Ivan Mincik (imincik) changed their profile picture. | 06:06:05 |
|  A. (they/them) changed their display name from Amy to A. (they/them). | 18:27:00 |
|  Jules Lamur joined the room. | 19:42:45 |
|  @luizribeiro:matrix.org left the room. | 21:32:22 |
| 10 Feb 2026 |
|  Autiboy changed their profile picture. | 02:59:31 |
| Autiboy changed their profile picture. | 03:00:17 |
|  pneumatic changed their display name from ribosomerocker to pneumatic. | 10:28:51 |
|  Acid Bong joined the room. | 12:09:45 |
| Acid Bong | why does Dnsmasq service add a user and a group, but not use them? | 12:36:02 |
| Acid Bong | oh, it uses a CLI argument, got it | 12:42:28 |
 kdn | got a weird issue after setting up VLANs over ~7 different devices: when connected through AP that has VLAN 3547 some (eg: facebook works, hacker news dont) of the SSL (HTTPS) handshakes keep timing out and are retried in a loop, connecting to the same switch over ethernet works just fine
there is basically: AP (EAP773) -> zyxel switch -> mikrotik switch -> openwrt router (LAN on 3547) | 13:12:45 |
| kdn | the working/not working set of domains seem to be consistent across devices (laptop, phone etc.) | 13:13:23 |
 Molly Miller | that sounds like it could be an mtu problem | 13:14:53 |
| kdn | I don't think I have modified it anywhere, should be default 1500 all the way | 13:16:26 |
| kdn | is anything (VLANs?) in such setup chewing through MTU? | 13:16:58 |
| Molly Miller | i don't think so, i haven't ever seen similar problems when working with vlans, but tls handshakes timing out weirdly is often a symptom of mtu problems | 13:21:46 |
| Molly Miller | the sites that do and don't work, are there any patterns to those that do or those that don't? | 13:22:23 |
| Molly Miller | especially IPv4/IPv6 | 13:22:26 |
 Marcel | Otherwise you could trz to use traceroute (or tracepath) to check if there is a difference in the mtu to the target host. I always forget if traceroute or tracepath also determinates the mtu. | 13:25:12 |
| kdn | will check, I could issue pings of specific sizes to pinpoint at which connection the issue occurs? | 13:26:47 |
| Molly Miller | yes, that's an option | 13:30:16 |
| kdn | so curl -v https:// works for facebook.com, doesn't for news.ycombinator.com & nc.nazarewk.pw (my Hetzner nextcloud) | 13:32:48 |
| kdn | ping -s XXXX nc.nazarewk.pw seems to work fine between 1200 and 1700 | 13:34:56 |
| kdn | * ping -s XXXX nc.nazarewk.pw seems to work fine between 1200 and 1700 over IPv6, let's try other options | 13:35:10 |
