September 2011 – The ongoing struggle

Contents

September 4th 2011
Early hours of September 5th 2011
Early morning of September 5th 2011
Late morning of September 5th 2011
Evening of September 5th 2011
Early hours of September 6th 2011
September 11th 2011

September 4th 2011 ^

I cut my left index finger somehow. Slightly painful, but it was only a little cut so I thought no more.

Early hours of September 5th 2011 ^

I noticed that my finger was swollen, and its knuckle also. It was slightly more painful to bend my finger.

Early morning of September 5th 2011 ^

I noticed that there was a red line between my swollen knuckle and my wrist, following the line of the tendon. It was hot and tender to the touch.

Late morning of September 5th 2011 ^

I noticed that the red line had now gone past my wrist and was snaking its way up my arm. It was very warm to the touch. I started to get a bit worried about it. It varied over time in how angry it looked; the picture on the right was taken when it wasn’t very visible.

We had a grocery order arriving between 1pm and 3pm and I hadn’t had any sleep, so I decided to get some sleep and see what it looked like after the order had arrived.

The order arrived near 3pm. The red line on my arm had faded to almost invisibility. Unless you were looking for it you probably wouldn’t have spotted it. My finger wasn’t so sore any more either. I decided there was no need to worry about it.

Evening of September 5th 2011 ^

We had dinner and started to watch a movie. My arm got more and more uncomfortable, the red line was showing more than ever, and I noticed that it was now just starting to go above my elbow.

At this point I decided that I did actually want to see a medical professional. Having recently seen what happened with Maria’s foot I had a bit of the fear.

We made our way to Ashford Hospital NHS walk-in centre, which is a short bus ride away. It’s open until 10pm seven days a week, with last consult at 9.30pm. We arrived at about 8.20pm and I described my situation, only to be told that they were not seeing anyone else that evening. I was given the choice of out of hours GP or accident and emergency.

I called the out of hours GP number. A callcentre operative took my details and a doctor phoned me back within about 15 minutes. He said that I should have someone look at my arm, and arranged an appointment with a doctor based at West Middlesex hospital. It was the last available appointment, 9.30pm, and I wasn’t sure we could get there in time. I knew there was also an A&E at West Middlesex though, so I figured that if we missed the appointment then I would just go to the A&E there anyway.

One £20 cab journey to Isleworth later, we arrived at West Middlesex hospital at about 9.27pm and I was seen by a doctor.

She immediately said that I had an infection which was travelling under my skin, with the red line being cellulitis. She said that it was good that I hadn’t delayed seeking medical attention any further, because if the infection reached the lymph nodes in my arm pit then I would likely need intravenous antibiotics as opposed to the oral antibiotics she prescribed me (500mg flucloxacillin four times a day, 500mg penicillin four times a day).

Early hours of September 6th 2011 ^

My hand was by now even more swollen and finger near the wound very painful to the touch. Even resting my hand on a pillow was painful. My whole arm was stiff and slightly painful to move, with some pains around half way between elbow and arm pit. I couldn’t sleep.

The red line of cellulitis seemed to have faded away, however. It was still too soon to tell if this was due to the antibiotics (of which I had only taken 500mg of each thus far) doing their stuff, or just a coincidence.

September 11th 2011 ^

There’s only 24 hours of medication left now. Pretty much since the 7th things got better very quickly with only my finger remaining sore.

Right now the skin all around the area that was infected has flaked off and shiny new skin is underneath. Thanks modern medicine! I like not dying of septicaemia.

By default, a Linux host on an IPv6 network will listen for and solicit router advertisements in order to choose an IPv6 address for itself and to set up its default route. This is referred to as stateless address autoconfiguration (SLAAC).

If you don’t want a host to automatically configure an address and route then you could disable this behaviour by writing “0” to /proc/sys/net/ipv6/conf/*/accept_ra.

Additionally, if the Linux host considers itself to be a router then it will ignore all router advertisements.

In this context, what makes the difference between router or not are the settings of the /proc/sys/net/ipv6/conf/*/forwarding files (or the net.ipv6.conf.*.forwarding sysctl). If you turn your host into a router by setting one of those to “1”, you may find that your host removes any IPv6 address and default route it learnt via SLAAC.

There is a valid argument that a router should not be autoconfiguring itself, and should have its addresses and routes configured statically. Linux has IP forwarding features for a reason though, and sometimes you want to forward packets with a Linux box while still enjoying autoconfiguration. In my case I have some hosts running virtual machines, with IPv6 prefixes routed to the virtual machines. I’d still like the hosts to learn their default route via SLAAC.

It’s taken me a long time to work out how to do this. It isn’t well-documented.

Firstly, if you have a kernel version of 2.6.37 or higher then your answer is to set accept_ra to “2”. From ip-sysctl.txt:

accept_ra – BOOLEAN

Accept Router Advertisements; autoconfigure using them.

Possible values are:

0 Do not accept Router Advertisements.

1 Accept Router Advertisements if forwarding is disabled.

2 Overrule forwarding behaviour. Accept Router Advertisements even if forwarding is enabled.

Functional default:

enabled if local forwarding is disabled.

disabled if local forwarding is enabled.

This appears to be a type of boolean that I wasn’t previously familiar with – one that has three different values.

If you don’t have kernel version 2.6.37 though, like say, everyone running the current Debian stable (2.6.32), this will not work. Helpfully, it also doesn’t give you any sort of error when you set accept_ra to “2”. It just sets it and continues silently ignoring router advertisements.

Fortunately Bjørn Mork posted about a workaround for earlier kernels which I would likely have never discovered otherwise. You just have to disable forwarding for the interface that your router advertisements will come in on, e.g.:

# echo 0 > /proc/sys/net/ipv6/conf/eth0/forwarding

Apparently as long as /proc/sys/net/ipv6/conf/all/forwarding is still set to “1” then forwarding will still be enabled. Obviously.

Additionally there are some extremely unintuitive interactions between “default” and “all” settings you may set in /etc/sysctl.conf and pre-existing interfaces. So there is a race condition on boot between IPv6 interfaces coming up and sysctl configuration being parsed. martin f krafft posted about this, and on Debian recommends setting desired sysctls in pre-up headers of the relevant iface stanza in /etc/network/interfaces, e.g.:

iface eth0 inet6 static
    address 2001:0db8:10c0:d0c5::1
    netmask 64
# Enable forwarding
    pre-up echo 1 > /proc/sys/net/ipv6/conf/default/forwarding
    pre-up echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
# But disable forwarding on THIS interface so we still get RAs
    pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/forwarding
    pre-up echo 1 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
    pre-up echo 1 > /proc/sys/net/ipv6/conf/all/accept_ra
    pre-up echo 1 > /proc/sys/net/ipv6/conf/default/accept_ra

You will now have forwarding and SLAAC.

M	T	W	T	F	S	S
« Aug				Nov »
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

The ongoing struggle

I'll get there one day.

Month: September 2011

Infected Finger Incident