?
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic(Just another NetBSD/notebook using, kernel hacking, security guy
.
But, see draft-richardson-dhc-auth-sig0-00.txt
My problem is that my Debian box with Linus kernel frequently does *not*
install a default route from the RS given out by my NetBSD router.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman
requirements for manual configuration.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic(Just another Debian
the
Marc 6bone and receive replies using 6to4? I understand that The
Marc routes will be asymmetric.
I've done it.
Watch ingress filtering though.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see
multiple networks, and my NetBSD boxes did fine with it.
(in particular, I had multiple ones when transitioning from one 6to4
address to another). That's when I learnt how bad the Linux source
address selection is.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls
space, is that you get to own it.
You then use the tunnel for 2001:
(in my case, I listen to BGP from Hurricane...)
People's data coming back to you follow 6to4 traffic, and so follow
ipv4, and thus tend to get places fast.
- --
] Michael Richardson Xelerance Corporation
connectivity.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/www.xelerance.com/training/ |device driver[
]I'm a dad: http
the IPv4 network.
Yes, that's right.
If you can't get native IPv6, 6to4 is better than tunnels.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr
job in the US and nowadays also European
Jeroen region: http://www.occaid.org.
Jeroen If you just need connectivity, and you are in Europe you are
Jeroen of course also welcome to check SixXS: http://www.sixxs.net
Thanks for the pointers.
- --
] Michael Richardson
.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/www.xelerance.com/training/ |device driver[
]I'm a dad: http://www.sandelman.ca
with them and be done with it.
True, getting a static v4 can be hard --- IPsec can easily help there,
but that is introducing yet another tunnel. My suggestion is always to
seek another ISP that will give you a static IP.
- --
] Michael Richardson Xelerance Corporation, Ottawa
is done by the DHCP server, which has a trust
relationship with the owner of the IP address range it is handing out.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http
replicate
the model. If we are using RS/RA, then we have to find a way for the RS
to have a trust relationship with the owner of the reverse zone. That
part is easy --- the question is how does the RS even know about the new
clients?
- --
] Michael Richardson Xelerance Corporation, Ottawa
sincerely hope the IETF multi6 WG
eventually proposes significant changes, but there are not at this point
any difference to the transport layer between them.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training
(live) CD on a system and see if it does
better. I have much better luck with IPv6 on *BSD, alas.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http
to manually configure all my Linux boxes now, so I only give
them one address... so maybe my memory is wrong.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED
happy.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic(Just another Debian GNU/Linux using
. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic(Just another Debian GNU/Linux using, kernel hacking, security guy); [
-BEGIN PGP SIGNATURE-
Version: GnuPG
ISACC: http://www.isacc.ca/
The ISACC IPv6 Task Group will reconvene via teleconference as
follows:
Date: 21 July 2009
Time: 13:30h - 14:30h EDT
Dial-in number: +1-613-954-9003 , Passcode: 352654#
If you intend to dial in, please ensure you RSVP , if you have not done
.
If it is being done automatically, I'm not sure what to suggest.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device
of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video http://www.youtube.com/watch?v=kzx1ycLXQSE
of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video http://www.youtube.com/watch?v=kzx1ycLXQSE
then sign
of this now.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video http
is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video http://www.youtube.com/watch?v=kzx1ycLXQSE
! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video http://www.youtube.com/watch?v=kzx1ycLXQSE
then sign the petition
end-to-end integrity, we have IPsec, and you can even
usefully use AH thanks to the lack of NAT.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http
, and I want to know about them all.
(vs IPv4, with VRRP/CARP or old-school RIP or OSPF...)
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http
the essid is changed?
Should NetworkManager be doing this?
I'm running squeeze, with 2.6.32-bpo.5-686. (because I got here upgrade
From lenny+backports)
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa
, so it's possible I'm missing some element.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto
to work seems like a nice thing to retain.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto
that work?
I think that you just want autoconfig to work well enough so that if you
install a new machine in the rack, it can autoconfig up an address
easily, and you can finish the install via ssh :-)
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael
What I've wanted is for avahi-daemon to do dynamic DNS updates into forward
and reverse based upon what it sees on the network. Or have radvd do this.
--
To UNSUBSCRIBE, email to debian-ipv6-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
need showmount and friends to work as well, because I used autofs.
Can someone point me to a plan that I can contribute to?
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[
] m
)
I'd prefer if the member devices of a bridge had their link-local
addresses removed by the kernel when they get added to the bridge.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect
Andrew == Andrew Shadura bugzi...@tut.by writes:
Andrew On Wed, 06 Jun 2012 11:04:04 -0400 Michael Richardson
Andrew m...@sandelman.ca wrote:
Miredo is almost always more reliable.
Andrew I don't agree. It's more reliable in that meaning that in
Andrew works regardless
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
--
To UNSUBSCRIBE, email to debian-ipv6
can't comment.
Should NetworkManager and the interfaces file always bring up both IPv4
or IPv6 whenever possible or is it just one or the other?
both.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
; there isn't a way to do this automatically... yet.
See MIF/HOMENET problem statements.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca
answer?
Am 11/23/2014 01:06 AM, schrieb Michael Richardson:
Jan Lühr f...@jluehr.de wrote:
Consider three Debian servers (A,R1,R2) and two networks.
A is connected to both networks using different NICs.
R1 is a router in network 1, while R2 is a router in network 2
WG has done work to make this work when you have multiple
uplinks, and multiple routers with-in the "home", and do this in a zerotouch
way.
There are many opportunities to contribute to this effort.
--
] Never tell me the odds! | ipv6 mesh networks [
] Mich
cal process
involved.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
signature.asc
Description: PGP signature
| ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works| network architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
signature.asc
Description: PGP signature
Dheeraj Kandula wrote:
> *Why?*
> This is to avoid DOS attacks using RAs from being bombarded onto a linux
> machine.
Well, you might be able to rate limit them with ip6tables/nftables, but I see
no point in only listening to the first X of them. You might as well just
disable them
44 matches
Mail list logo
