On Thu, 29 Apr 2010 08:22:47 -0700
Bill Stewart nonobvi...@gmail.com wrote:
On Tue, Apr 27, 2010 at 3:24 PM, Owen DeLong o...@delong.com wrote:
Here's an exercise. Wipe a PC. Put it on that cable modem with no
firewall. Install XP on it. See if you can get any service packs
installed
Paul,
On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
If you change ISPs, send out an RA with the new addresses, wait a bit, then
send out an RA with lifetime 0 on the old address.
Even if this works (and I know a lot of applications that use the socket() API
that effectively cache the
On Apr 30, 2010, at 6:26 PM, David Conrad wrote:
Paul,
On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
If you change ISPs, send out an RA with the new addresses, wait a bit, then
send out an RA with lifetime 0 on the old address.
Even if this works (and I know a lot of applications
David Conrad wrote:
Paul,
On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
If you change ISPs, send out an RA with the new addresses, wait a bit, then
send out an RA with lifetime 0 on the old address.
Even if this works (and I know a lot of applications that use the socket() API
Owen,
On Apr 30, 2010, at 7:04 PM, Owen DeLong wrote:
Ideally, in the vast majority of cases, resolv.conf is populated by dhcpv6 or
it's successor.
:-). I haven't been following the religious war against DHCPv6 -- is it now
acceptable to get DNS information via DHCPv6? I note that MacOSX
On Thu, 29 Apr 2010 10:33:02 +1000
Mark Andrews ma...@isc.org wrote:
In message a3f2ff6f-afe3-4ed1-ad33-5b6277249...@virtualized.org, David
Conrad
writes:
Mark,
On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
Perhaps the ability to change service providers without having to =
On Wed, 28 Apr 2010 17:04:25 -0500
Dave Pooser dave.na...@alfordmedia.com wrote:
IPv6's fundamental goal is to restore end-to-end.
For some. For many, IPv6's fundamental goal is to keep doing what we've been
doing without running out of addresses. The fact that the two camps have
On Tue, Apr 27, 2010 at 3:24 PM, Owen DeLong o...@delong.com wrote:
Here's an exercise. Wipe a PC. Put it on that cable modem with no
firewall. Install XP on it. See if you can get any service packs installed
before the box is infected.
1. Yes, I can. I simply didn't put an IPv4
David Conrad wrote:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part of the v6 internet
Perhaps the ability to change service providers without having to renumber?
Number your internal network on ULA, and put
On 2010.04.28 00:04, Josh Hoppes wrote:
I'll preface this that I'm more of an end user then a network
administrator, but I do feel I have a good enough understanding of the
protocols and
network administration to submit my two cents.
You are always welcome to do so.
The issue I see with
On Wed, 2010-04-28 at 02:13 -0400, Steve Bertrand wrote:
I would see UPNP as being a security risk and prone to denial of
service attacks when you have torrent clients attempting to grab
every
+1
apologies if I've said this here before - UPNP = unstoppable Peek and
Poke
Gord
On Tue, 27 Apr 2010 14:29:50 -0400
Dave Israel da...@otd.com wrote:
On 4/27/2010 1:36 PM, Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other
Mark Smith wrote:
On Tue, 27 Apr 2010 14:29:50 -0400
Dave Israel da...@otd.com wrote:
On 4/27/2010 1:36 PM, Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works
On Wed, 28 Apr 2010 08:44:41 -0700
Matthew Kaufman matt...@matthew.at wrote:
Mark Smith wrote:
On Tue, 27 Apr 2010 14:29:50 -0400
Dave Israel da...@otd.com wrote:
On 4/27/2010 1:36 PM, Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
I'm not normally one to respond to NANOG messages with opinions but...
Yeah, NAT broke the internet. Yes you can engineer around it. There is NO
reason to hold onto NAT as a standard. With v6 we have the opportunity to do it
right (or at least semi-right) from the beginning, lets not
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part of the
v6 internet
Perhaps the ability to change service providers without having to renumber?
Regards,
-drc
On Wed, Apr 28, 2010 at 6:54 PM, David Conrad d...@virtualized.org wrote:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part of
the v6 internet
Perhaps the ability to change service providers without having to renumber?
IPv6's fundamental goal is to restore end-to-end.
For some. For many, IPv6's fundamental goal is to keep doing what we've been
doing without running out of addresses. The fact that the two camps have
orthogonal goals is probably part of the reason the rate of growth on IPv6
is so slow.
--
Dave
On Wed, 2010-04-28 at 14:54 -0700, David Conrad wrote:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part of
the v6 internet
Perhaps the ability to change service providers without having to renumber?
DHCPv6 solves
In message 01f57362-8092-48cb-8336-15b9cc171...@virtualized.org, David Conrad
writes:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part =
of the v6 internet=20
Perhaps the ability to change service providers without
--- On Wed, 4/28/10, Mark Smith
na...@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org wrote:
I'm not people are understanding or know the true reality.
NAT broke the
Internet's architecture, by turning IP from being a
peer-to-peer
protocol into a master/slave one (think mainframes and
Mark,
On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
Perhaps the ability to change service providers without having to renumber?
We have that ability already. Doesn't require NAT.
Cool! You've figured out, e.g., how to renumber authoritative name servers
that you don't have direct
In message a3f2ff6f-afe3-4ed1-ad33-5b6277249...@virtualized.org, David Conrad
writes:
Mark,
On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
Perhaps the ability to change service providers without having to =
renumber?
=20
We have that ability already. Doesn't require NAT.
Cool!
On Wed, 28 Apr 2010 14:54:04 PDT, David Conrad said:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part
of the v6 internet
Perhaps the ability to change service providers without having to renumber?
RFC4193 or PI address
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do will they all work with
NAT ?
Do many others work as well
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do will they all work
On 27/04/2010 18:48, Matthew Kaufman wrote:
Anyone inventing a new service/protocol that doesn't work with NAT isn't
planning on success.
You mean, like multisession bgp over tls?
Nick,
just sayin'
On Tue, 27 Apr 2010 10:48:54 PDT, Matthew Kaufman said:
Anyone inventing a new service/protocol that doesn't work with NAT isn't
planning on success.
Only true in the IPv4 world. IPv6 will hopefully be different.
The answer to these questions isn't a good one for users, so
as the
On 4/27/2010 1:36 PM, Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
The difference is that if a protocol wants to be end-to-end, I can fix a
firewall to not break it. You don't have that option with a NAT.
Maybe we want end-to-end to break.
Firewalls can trivially be misconfigured such that they're little
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today, and
On Tue, 27 Apr 2010 14:37:08 EDT, Jon Lewis said:
Maybe we want end-to-end to break.
Firewalls can trivially be misconfigured such that they're little more
than routers, fully exposing all the hosts behind them to everything bad
the internet has to offer (hackers, malware looking to
Owen DeLong wrote:
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
At least with NAT, if someone really screws up the config, the inside
stuff is all typically on non-publicly-routed IPs, so the worst likely to
happen is they lose internet, but at least the internet can't directly
reach them.
You *do*
On Apr 27, 2010, at 11:49 AM, Matthew Kaufman wrote:
Owen DeLong wrote:
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes,
On Tue, 27 Apr 2010 14:54:07 EDT, Jon Lewis said:
I think you forget where most networking is done. Monitoring? You mean
something beyond walking down the hall to the network closet and seeing
all the blinking lights are flashing really fast?
That site will manage to chucklehead their
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
That site will manage to chucklehead their config whether or not it's NAT'ed.
True...but when they do it and all their important stuff is in
192.168.0/24, you still can't reach it...and if they break NAT, at least
their internet breaks.
On Apr 27, 2010, at 2:25 PM, Jon Lewis wrote:
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
That site will manage to chucklehead their config whether or not it's NAT'ed.
True...but when they do it and all their important stuff is in 192.168.0/24,
you still can't reach it...and if
On Tue, Apr 27, 2010 at 4:25 PM, Jon Lewis jle...@lewis.org wrote:
breaks. i.e. they'll know its broken. When they change the default policy
on the firewall to Accept/Allow all, everything will still work...until all
their machines are infected with enough stuff to break them.
The same is
In message pine.lnx.4.61.1004271718210.5...@soloth.lewis.org, Jon Lewis
writes:
Both my kids run Win2k (to support old software that doesn't run
well/at all post-2k). I doubt that's all that unusual.
Then they won't have IPv6 and hence are irrelevent to the discussion
about IPv6 NAT.
As
Owen DeLong wrote:
On Apr 27, 2010, at 11:49 AM, Matthew Kaufman wrote:
Owen DeLong wrote:
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use
James Hess wrote:
Fortunately, the IPv6 address space is so large and sparse, that
scanning it would be quite a feat, even if a random outside attacker
already knew for a fact that a certain /64 probably contains a
vulnerable host.
All I need to do is run a popular web site on the IPv6
I'll preface this that I'm more of an end user then a network
administrator, but I do feel I have a good enough understanding of the
protocols and
network administration to submit my two cents.
The issue I see with this level of NAT, is the fact that I don't
expect that UPNP be implemented at
On Tue, Apr 27, 2010, Matthew Kaufman wrote:
Fortunately, the IPv6 address space is so large and sparse, that
scanning it would be quite a feat, even if a random outside attacker
already knew for a fact that a certain /64 probably contains a
vulnerable host.
All I need to do is run a
John R. Levine jo...@iecc.com writes:
Did you run any services?
Of course not, it's consumer DSL. I run services on my server which is
somewhere else and tunnel in via ssh which, of course, works fine
through NAT.
Take a look at all those small SOHO storage boxes. They all offer web
and
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
Did you use any of those for
Video Chat and/or to transfer files?
Skype video chat, all the time, works fine. Don't remember about file
transfer.
Did you do any peer to peer filesharing?
Yeah, I got the latest
On Tue, 20 Apr 2010, John R. Levine wrote:
Skype video chat, all the time, works fine. Don't remember about file
transfer.
Whenever I am behind NAT and talk to someone else who is behind NAT skype
seems to lower the quality, my guess it's because it now bounces traffic
via another
On 4/20/10 6:38 PM, Mikael Abrahamsson wrote:
On Tue, 20 Apr 2010, John R. Levine wrote:
Skype video chat, all the time, works fine. Don't remember about
file transfer.
Whenever I am behind NAT and talk to someone else who is behind NAT
skype seems to lower the quality, my guess it's
On Tue, 20 Apr 2010 18:38:33 +0200 (CEST)
Mikael Abrahamsson swm...@swm.pp.se wrote:
On Tue, 20 Apr 2010, John R. Levine wrote:
Skype video chat, all the time, works fine. Don't remember about file
transfer.
Whenever I am behind NAT and talk to someone else who is behind NAT skype
49 matches
Mail list logo