Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Rob Townley wrote: On Mon, Aug 11, 2008 at 11:15 PM, Robert Moskowitz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work ___ CentOS mailing list CentOS@centos.org mailto:CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos DNS can be real slow when IPv6 is enabled. For instance the following firefox delta would speed up firefox on IPv4 connections. Maybe you need to turn it on? You may have already found this, but it helped when I had the same problem. In firefox type in about:config, filter for 'ipv6' you should have an entry for network.dns.disableIPv6 right click on it and 'toggle' it to a true value, restart firefox and see if it helps. Um, as the original poster, I WANT IPv6. Not make IPv4 lookups faster by ignoring records. Further testing has IPv6 working just fine. Thing is when I enable the HIP API intercepts, FIrefox does not work. Like they are doing something 'non-standard' with the regualr TCP socket API so that HIP can't slide in there. I tried disabling a number of options, thinking it might be some security setting, but if it is, I have not found it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Wed, Aug 27, 2008 at 8:24 AM, Robert Moskowitz [EMAIL PROTECTED]wrote: Rob Townley wrote: On Mon, Aug 11, 2008 at 11:15 PM, Robert Moskowitz [EMAIL PROTECTED]mailto: [EMAIL PROTECTED] wrote: Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work ___ CentOS mailing list CentOS@centos.org mailto:CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos DNS can be real slow when IPv6 is enabled. For instance the following firefox delta would speed up firefox on IPv4 connections. Maybe you need to turn it on? You may have already found this, but it helped when I had the same problem. In firefox type in about:config, filter for 'ipv6' you should have an entry for network.dns.disableIPv6 right click on it and 'toggle' it to a true value, restart firefox and see if it helps. Um, as the original poster, I WANT IPv6. Not make IPv4 lookups faster by ignoring records. Further testing has IPv6 working just fine. Thing is when I enable the HIP API intercepts, FIrefox does not work. Like they are doing something 'non-standard' with the regualr TCP socket API so that HIP can't slide in there. I tried disabling a number of options, thinking it might be some security setting, but if it is, I have not found it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Yep, i fully understood you wanted IPv6. i just thought you might want to verify what settings you have for Firefox -- making sure Firefox has turned on IPv6 dns. Just curious, what is the motivation for the HIP api stuff, it is not there by default is it? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
HIP - was Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Rob Townley wrote: On Wed, Aug 27, 2008 at 8:24 AM, Robert Moskowitz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Um, as the original poster, I WANT IPv6. Not make IPv4 lookups faster by ignoring records. Further testing has IPv6 working just fine. Thing is when I enable the HIP API intercepts, FIrefox does not work. Like they are doing something 'non-standard' with the regualr TCP socket API so that HIP can't slide in there. I tried disabling a number of options, thinking it might be some security setting, but if it is, I have not found it. Yep, i fully understood you wanted IPv6. i just thought you might want to verify what settings you have for Firefox -- making sure Firefox has turned on IPv6 dns. Default was on. Just curious, what is the motivation for the HIP api stuff, it is not there by default is it? read the RFCs on HIP: 4423 and 5201-5206. 4423 provides the justification of HIP and its architecture. I created HIP almost 10 years ago, shortly after (as IPsec co-chair) got the IPsec RFCs out. HIP is much more than an alternative keying protocol for ESP (compared to IKE). It directly addresses secure mobility. HIP **IS** an important change to the TCP/IP architecture; this has been part of its slow advancement. As such it has its own 'native' API: http://www.ietf.org/internet-drafts/draft-ietf-hip-native-api-05.txt. I can go into more about HIP if you wish. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: HIP - was Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Wed, Aug 27, 2008 at 9:50 PM, Robert Moskowitz [EMAIL PROTECTED]wrote: Rob Townley wrote: On Wed, Aug 27, 2008 at 8:24 AM, Robert Moskowitz [EMAIL PROTECTED]mailto: [EMAIL PROTECTED] wrote: Um, as the original poster, I WANT IPv6. Not make IPv4 lookups faster by ignoring records. Further testing has IPv6 working just fine. Thing is when I enable the HIP API intercepts, FIrefox does not work. Like they are doing something 'non-standard' with the regualr TCP socket API so that HIP can't slide in there. I tried disabling a number of options, thinking it might be some security setting, but if it is, I have not found it. Yep, i fully understood you wanted IPv6. i just thought you might want to verify what settings you have for Firefox -- making sure Firefox has turned on IPv6 dns. Default was on. Just curious, what is the motivation for the HIP api stuff, it is not there by default is it? read the RFCs on HIP: 4423 and 5201-5206. 4423 provides the justification of HIP and its architecture. I created HIP almost 10 years ago, shortly after (as IPsec co-chair) got the IPsec RFCs out. HIP is much more than an alternative keying protocol for ESP (compared to IKE). It directly addresses secure mobility. HIP **IS** an important change to the TCP/IP architecture; this has been part of its slow advancement. As such it has its own 'native' API: http://www.ietf.org/internet-drafts/draft-ietf-hip-native-api-05.txt. I can go into more about HIP if you wish. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos So HIP isn't in any distribution by default or is it? How does one know? Would it make sense to include HIP in a Wireless Access Point firmware or a RADIUS type machine? Looks interesting, will have to keep it in mind for wlan sec. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: HIP - was Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Rob Townley wrote: On Wed, Aug 27, 2008 at 9:50 PM, Robert Moskowitz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Rob Townley wrote: On Wed, Aug 27, 2008 at 8:24 AM, Robert Moskowitz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Um, as the original poster, I WANT IPv6. Not make IPv4 lookups faster by ignoring records. Further testing has IPv6 working just fine. Thing is when I enable the HIP API intercepts, FIrefox does not work. Like they are doing something 'non-standard' with the regualr TCP socket API so that HIP can't slide in there. I tried disabling a number of options, thinking it might be some security setting, but if it is, I have not found it. Yep, i fully understood you wanted IPv6. i just thought you might want to verify what settings you have for Firefox -- making sure Firefox has turned on IPv6 dns. Default was on. Just curious, what is the motivation for the HIP api stuff, it is not there by default is it? read the RFCs on HIP: 4423 and 5201-5206. 4423 provides the justification of HIP and its architecture. I created HIP almost 10 years ago, shortly after (as IPsec co-chair) got the IPsec RFCs out. HIP is much more than an alternative keying protocol for ESP (compared to IKE). It directly addresses secure mobility. HIP **IS** an important change to the TCP/IP architecture; this has been part of its slow advancement. As such it has its own 'native' API: http://www.ietf.org/internet-drafts/draft-ietf-hip-native-api-05.txt. I can go into more about HIP if you wish. So HIP isn't in any distribution by default or is it? No, but Ericsson just released there FreeBSD implementation: http://www.hip4inter.net/download/download.php And Boeing has their Vista and I think NetBSD code base. HIPL is available for FC8 and Ubuntu and I think Suse. I saw it running on the Nokia N810 when I was in Helsinki earlier this month. How does one know? Our goal is to move HIP from Experimental to Standards track in the IETF at the November session. From there it may well be that HIP could be in Centos 6.0. But that is a long shot. Would it make sense to include HIP in a Wireless Access Point firmware or a RADIUS type machine? As a better security protocol to run RADIUS through between the AP and the Radius server? YES! Looks interesting, will have to keep it in mind for wlan sec. Just remember that it is NOT a tunneling keying protocol. It runs ESP in Transport mode, even if you are using BEET ESP mode. You can run a tunneling protocol within it. I am working on that HIP is NOT a VPN alternative. It is really host-to-host security. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Mon, Aug 11, 2008 at 11:15 PM, Robert Moskowitz [EMAIL PROTECTED]wrote: Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos DNS can be real slow when IPv6 is enabled. For instance the following firefox delta would speed up firefox on IPv4 connections. Maybe you need to turn it on? Mr Scsi to Omaha show details Aug 25 (2 days ago) Reply You may have already found this, but it helped when I had the same problem. In firefox type in about:config, filter for 'ipv6' you should have an entry for network.dns.disableIPv6 right click on it and 'toggle' it to a true value, restart firefox and see if it helps. On Mon, Aug 25, 2008 at 12:59 AM, DYNATRON tech [EMAIL PROTECTED] wrote: ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. my home network is 100% ipv6 and firefox works fine :D ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Tue, 2008-08-12 at 00:15 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work perhaps apache doesn't know how to handle that name (presuming that you have a colon to make it a valid URL). does netstat show that apache is listening on ipv6 address? Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
On Tue, 2008-08-12 at 00:15 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 23:28 -0400, Robert Moskowitz wrote: Craig White wrote: On Mon, 2008-08-11 at 21:11 -0400, Robert Moskowitz wrote: I am doing some testing and it almost seems as if Firefox 3.0.1 that comes with Centos 5.2 is NOT working with IPv6. Anyone know for sure? I am getting weird hang behaviours and other just not working things. more likely a DNS issue Name is coded in /etc/hosts Of course the fqdn I am using does NOT follow 'standard' TLDs, but it should NOT be masking that, or would that be a 'security' feature? I have no clue what you are talking about being coded in /etc/hosts... you can check DNS if it returns ipV6 addresses for hosts or if there are snags/delays in trying to resolve names from command line p3490.htt is in my /etc/hosts file as something like: 2701:24:2:1:0:1:2:3 p3490.htt I can 'ping6 -n p3490.htt' But putting a url of http//p3490.htt does not work do you have a line in /etc/hosts like... ::1 localhost6.localdomain6 localhost6 and if so, can you connect to http://localhost6 Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos