kif.rocks ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.

Serverstatistik:

152
aktive Profile

okay it wasn't DNS, the whole thing broke which lead to DNS not being reachable

@ruhrscholz DNS is gonna break anyway, so might as well just go all-in on "load-bearing dnsmasq" and put your feet up!

@crablab I don't even know what's wrong, but rebooting everything has made things worse

@ruhrscholz :(
What did you reboot? If it's a name resolution issue and you've just flushed the cache...

@crablab Local router and virtual remote router. Doesn't seem to be DNS though as I can't reach anything when going through the tunnel anymore

@ruhrscholz Oh dear, that sounds worse. I have less experience than you here! I'm interested in what the issue turns out to be though

@crablab I have no clue what I'm doing as well. IPv4 works again, the virtual cloud router had for some reason dropped all the iptables/nftables rules, including the IPv4 NAT. As for IPv6 it's probably the same issue, just have to figure out the rules I set earlier

@crablab So, iptables loads rules at boot, including the ones for the WireGuard interface. But it seems to discard them, as the WireGuard interface doesn't exist yet at that point during boot.

@crablab Oh fun, it's a completely different issue for IPv6 and they both just happened at the same time, probably because at some point I got a new prefix

@crablab Everything works now and I'm 40% sure it was just RouterOS being RouterOS

@crablab At least I can go to sleep now and sorry for spamming your notifications 😅 You are a good rubber ducky!

@ruhrscholz Haha thank you! It definitely works 🦆
It's late but I'll read through the other posts tomorrow when I have more brain power - have a good night! 🙏

@ruhrscholz If it's dropped all the tables, how do you get remote access without a management interface? 👀

@crablab the VPS is publicly reachable by default via port 22, the iptables rules are only there for NATing the outgoing IPv4 traffic

@ruhrscholz Ah okay - I didn't realise it had a public IP 😅

@crablab it’s the VPS where all tracing gets routed through so I don’t leak my home IP that easily ;)

@ruhrscholz
It probably didn't run on the unbreakable enterprise kernel™ ☝️

@davebloggt to this day I’m wondering whether the UEK is just snake oil