On Wed, 26 Mar 2014, Luke S. Crawford wrote:
On 03/24/2014 06:18 PM, Owen DeLong wrote:
DHCPv6 is no less robust in my experience than DHCPv4.
ARP and ND have mostly equivalent issues.
This depends a lot on what you mean by 'robust'
Now, I have dealt with NAT, and I see IPv6 as a
On Sun, 25 Nov 2012, Ammar Salih wrote:
Thank you everyone, I appreciate your feedback and will try to summarize few
points in one email to avoid duplication .. apologies if I missed any.
This is not data that should be sent on every packet. It becomes
redundant.
1- It does not
On Tue, 25 Sep 2012, valdis.kletni...@vt.edu wrote:
On Wed, 26 Sep 2012 00:37:38 +0200, Carsten Bormann said:
The entirety of eduroam is on 802.1X (better known as WPA Enterprise).
That must be an 8-digit number of users.
If you need a list of sites, start with
Hi,
Currently the videostreaming on IPv6, might be possible with RTP,
RTMP, RTSP, HTML5, etc. - not with more intelligent Adobe Flash players
(player control, stream quality selection etc.). The most of tha cases is
the problem lies in Adobe Flash. In one hand The flash URL parsing is
broken
Hi,
Not useful for router-router link. However it is very useful for
first-hop redundancy in data center environment - if you cannot implement
VRRP for some reason.
Best Regards,
Janos Mohacsi
Head of HBONE+ project
Network Engineer, Director Network and Multimedia
NIIF/HUNGARNET,
On Wed, 25 Jan 2012, Daniel STICKNEY wrote:
I'm having trouble finding authoritative sources on the best common
practice (if there even is one) for the choice of address for an IPv6
default gateway in a production server environment (not desktops). For
example in IPv4 it is common to chose
On Thu, 26 Jan 2012, Mathias Wolkert wrote:
Hi
On 1/25/12 23:53 , Owen DeLong wrote:
[...]
Note, you can use RA for default gateway while still using static addressing.
Could you give me a little bit more on this?
It seems to me that most platforms stop listening to RAs once you give
Hi Randy
On Mon, 23 Jan 2012, Randy Carpenter wrote:
One major issue is that there is no way to associate a user's MAC (for
IPv4) with their DUID. I haven't been able to find a way to account for
this without making the user authenticate once for IPv4, and then again
for IPv6. This is
On Fri, 23 Dec 2011, Tomas Podermanski wrote:
Port security does not help in that case (same as 802.1x). Port security
is a layer 2 feature so all layer 3 attacks can be still performed. That
prevents only against source MAC address spoofing. All other attacks
like DAD DOS, NDP Exhaustion,
On Fri, 23 Dec 2011, Tomas Podermanski wrote:
It sounds good, but according to RFC 6434 ( IPv6 Node Requirements) SLAAC is
required, but DHCPv6 is only optional. So any
manufacturer of operating systems or devices do not have to support DHCPv6.
You might propose updating RFC 6434
On Fri, 23 Dec 2011, Jeff Wheeler wrote:
On Fri, Dec 23, 2011 at 4:13 PM, Mohacsi Janos moha...@niif.hu wrote:
If you can limit number of ARP/NDP entries per interfaces and you complement
RAGuard and DHCPv4 snooping your are done.
That depends on how ARP/ND gleaning works on the box
On Wed, 21 Dec 2011, Tomas Podermanski wrote:
Hi,
from my perspective the short answer for this never-ending story is:
- SLAAC/RA is totally useless, does not bring any benefit at all
and should be removed from IPv6 specs
- DHCPv6 should be extended by route options as proposed in
On Thu, 22 Dec 2011, Tomas Podermanski wrote:
Hi,
On 12/22/11 12:04 AM, Michael Sinatra wrote:
On 12/21/11 12:40, Ray Soucy wrote:
I'm afraid you're about 10 years too late for this opinion to make
much difference. ;-)
We have been running IPv6 in production for several years (2008) as
On Thu, 22 Dec 2011, Tomas Podermanski wrote:
Hi,
On 12/21/11 9:40 PM, Ray Soucy wrote:
I'm afraid you're about 10 years too late for this opinion to make
much difference. ;-)
My opinion is that there is never too late to make thinks easier to
implement and operate, specially in
On Mon, 19 Dec 2011, Owen DeLong wrote:
Different operators will have different preferences in different environments.
Ideally, the IETF should provide complete solutions based on DHCPv6 and
on RA and let the operators decide what they want to use in their environments.
Agree. Selection
On Tue, 13 Dec 2011, IPv4 Brokers wrote:
Do you have subnets that are not in use, or only used for specific
purposes? If so, please contact us.
We are paying up-front (or escrow) for the use of networks that are not
used. The networks are used for honeypots and other research.
You do not
On Thu, 24 Nov 2011, Seth Mos wrote:
Hi,
Op 24 nov 2011, om 21:09 heeft Joel jaeggli het volgende geschreven:
On 11/21/11 14:18 , Nathan Eisenberg wrote:
Look at the number that are refusing to make generous prefix
allocations
to residential end users and limiting them to /56, /60, or
On Fri, 30 Sep 2011, Nick Hilliard wrote:
On 30/09/2011 15:45, Christopher Morrow wrote:
traceroute could certainly be handled in the fastpath.
which traceroute? icmp? udp? tcp? Traceroute is not a single protocol.
what is that limit? from a single port? from a single linecard? from
On Sat, 3 Sep 2011, Skeeve Stevens wrote:
Hey all,
I've been thinking about the impact that iCloud (by Apple) will have on
the Internet.
My guess is that 99% of consumer internet access is Asymmetrical (DSL,
Cable, wireless, etc) and iCloud when launched will 'upload' obscene
amounts
On Fri, 5 Aug 2011, Brian Mengel wrote:
In reviewing IPv6 end user allocation policies, I can find little
agreement on what prefix length is appropriate for residential end
users. /64 and /56 seem to be the favorite candidates, with /56 being
slightly preferred.
I am most curious as to why
On Mon, 8 Aug 2011, valdis.kletni...@vt.edu wrote:
On Mon, 08 Aug 2011 10:15:17 +0200, Mohacsi Janos said:
- Home users - they usually don't know what is subnet. Setting up
different subnets in their SOHO router can be difficult. Usually the
simple 1 subnet for every device is enough
On Fri, 10 Jun 2011, Leo Bicknell wrote:
In a message written on Fri, Jun 10, 2011 at 09:37:11AM -0400, Ray Soucy wrote:
You really didn't just write an entire post saying that RA is bad
because if a moron of a network engineer plugs an incorrectly
configured device into a production
On Sun, 27 Feb 2011, Ray Soucy wrote:
(I'm just waiting for Apple's lawyers to try an get names out of me...)
But yes, it does appear that Apple is addressing the issue:
8
cat /etc/ip6addrctl.conf
# default policy table based on RFC 3484.
# usage: ip6addrctl install
On Tue, 15 Feb 2011, Steven Bellovin wrote:
On Feb 15, 2011, at 10:36 54AM, William Herrin wrote:
On Tue, Feb 15, 2011 at 10:09 AM, Joe Abley jab...@hopcount.ca wrote:
On 2011-02-14, at 21:41, William Herrin wrote:
On Mon, Feb 14, 2011 at 7:24 PM, TR Shaw ts...@oitc.com wrote:
Just
On Thu, 10 Feb 2011, Ryan Rawdon wrote:
Hello NANOGers -
What considerations should be made with respect to implementing egress
filtering based on source IPv6 addresses? Things like allowing traffic
sourced from fe80::/10 in said filters for on-link communication (for the
interface that the
On Wed, 9 Feb 2011, sth...@nethelp.no wrote:
A /127 mask is still the best way to handle real point-to-point links
like SDH/SONET today, to avoid the ping-pong problem. Works fine with
Cisco and Juniper, not tried with other vendors.
I know it's immature, but I can't wait for some new hire
On Wed, 2 Feb 2011, Tony Finch wrote:
On Wed, 2 Feb 2011, Iljitsch van Beijnum wrote:
Example: if you give administrators the option of putting a router
address in a DHCP option, they will do so and some fraction of the time,
this will be the wrong address and things don't work. If you let
. If your
router gets IPv4 via DHCP). As written PPPoE with IPv6 is not supported.
Regards,
Janos Mohacsi
Owen
On Jan 26, 2011, at 12:01 AM, Mohacsi Janos wrote:
On Wed, 26 Jan 2011, Franck Martin wrote:
What about an Airport Extreme? It has a wan interface that does
On Wed, 26 Jan 2011, Franck Martin wrote:
What about an Airport Extreme? It has a wan interface that does PPPOE
The IPv6 feature seems working, with 6to4 or static tunnels and a basic IPv6
firewall.
Yes it is. I already reported to Marco.
On Thu, 13 Jan 2011, Owen DeLong wrote:
Most people do not know about the multi-homing feature designed into
IPv6. Most people who do, seem to agree that it may not see enough
practical use to have meaningful impact on routing table growth, which
will no longer be kept in check by a limited
Dear Jeff,
In my opinion the real challenges already in IPv6 networks the
following: SPAM and attacking over IPv6; DoS; track back hosts with
privacy enhanced addresses.
Do you have some methods in your mind to resolve ARP/ND overflow
problem? I think limiting mac address per port on
Dear Iljitsh,
Do you plan to put /28 into the DFZ routing table? You thought
about routing table capacity of the today's routers.., I think prefix
length around /22 is accepted, but blindly accepting any /24 prefix is not
a reality today. What about the stability of the routing table without
On Tue, 28 Sep 2010, Venkatesh Sriram wrote:
While I have used MD5 with OSPFv2, I never used authentication with
OSPFv3 since IPsec is (a) not available on all platforms (or/and
requires a special license) and (b) requires too much of coordination
with other folks to bring it up. I know
On Thu, 12 Aug 2010, Simon Perreault wrote:
On 2010-08-12 08:32, Leland Vandervort wrote:
I'm looking at server load balancing for IPv6 and specifically need
DSR (direct server return). Additionally, I need to support both TCP
and UDP.
This is easily done with OpenBSD. See here for
Hi,
What is your method to discover who cannot connect to your
webserver?
Regards,
Janos Mohacsi
Head of HBONE+ project
Network Engineer, Deputy Director of Network Planning and Projects
NIIF/HUNGARNET, HUNGARY
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882
On Fri,
On Fri, 23 Apr 2010, Matthew Ford wrote:
On 23 Apr 2010, at 09:00, Franck Martin wrote:
Go get an airport express, install it get your Internet then click ipv6 enable
box and that's it. Seriously!
Hmm. Then why did I just replace my airport and my ISP to get functioning IPv6?
Hint:
On Thu, 22 Apr 2010, William Herrin wrote:
On Wed, Apr 21, 2010 at 11:31 PM, Owen DeLong o...@delong.com wrote:
On Apr 21, 2010, at 3:26 PM, Roger Marquis wrote:
William Herrin wrote:
Not to take issue with either statement in particular, but I think there
needs to be some consideration
On Mon, 19 Apr 2010, Leen Besselink wrote:
I actually think the razor thin margins make it less likely.
If I'm not mistaken, one of the reasons firmware updates are not
available from a number of vendors/products, is because the small
boxes don't have enough ROM and/or RAM.
The ROM is
On Mon, 19 Apr 2010, Bill Bogstad wrote:
On Mon, Apr 19, 2010 at 12:10 PM, Frank Bulk - iName.com
frnk...@iname.com wrote:
Don't forget the home gateway aspect -- it's a huge gaping hole in the IPv6
deployment strategy for ISPs. And don't talk to me about Apple's Airport
Extreme. ISPs
Dear all,
I think there is some discussion and work at IETF to define
solutions.
http://datatracker.ietf.org/doc/draft-dec-dhcpv6-route-option/
or
http://tools.ietf.org/id/draft-droms-dhc-dhcpv6-default-router-00.txt
Describe valid engineering reqs to have a drafted at IETF, and you
Hi,
Have a look at www.6deploy.org. There is an online quick intro +
all the training modules are available in PDF. And there are number of
workshops organised around the world with hands-on trainings.
Best Regards,
Janos Mohacsi
Head of HBONE+ project
Network Engineer, Deputy Director of
On Mon, 14 Dec 2009, Owen DeLong wrote:
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
wishful thinking.
you're likely to still have a stateful firewall and in the consumer space
someone is likely to want to punch holes in
On Sat, 12 Dec 2009, Alexandru Petrescu wrote:
Frank Bulk a écrit :
I think they're (all) listed here:
http://www.getipv6.info/index.php/Broadband_CPE
And from an operators perspective (not manufacturer):
Free ISP ADSL (and fiber) operator in France does IPv6 natively to the end
user
On Fri, 11 Dec 2009, Roger Marquis wrote:
Joe Greco wrote:
Everyone knows a NAT gateway isn't really a firewall, except more or less
accidentally. There's no good way to provide a hardware firewall in an
average residential environment that is not a disaster waiting to happen.
Gotta love
On Fri, 4 Dec 2009, Jorge Amodio wrote:
I guess Cisco's 800's are out of the Consumer Grade price range, but
any comments
about v6 support on them and how they compare with other options.
Just looking for feedback about good options for sort remote/branch/home office.
Some 800's are
On Thu, 3 Dec 2009, Mark Newton wrote:
On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
You're correct, out of the box there aren't many. The first couple that come
to mind are the Apple Airport Express and Airport Extreme, but I don't believe
Linksys/Netgear/etc. have support out of the
On Thu, 3 Dec 2009, Matthew Moyle-Croft wrote:
Mohacsi Janos wrote:
According to Apple the latest Apple Airport Extreme does support DHCPv6
prefix delegation and native IPv6 uplink not only 6to4.
Airports don't support DHCPv6 PD yet. I'm led to believe that they may in
the future
On Sat, 14 Nov 2009, Jack Kohn wrote:
Hi,
Interesting discussion on the utility of Authentication Header (AH) in
IPSecME WG.
http://www.ietf.org/mail-archive/web/ipsec/current/msg05026.html
Post explaining that AH even though protecting the source and
destination IP addresses is really
On Tue, 27 Oct 2009, Nathan Ward wrote:
On 27/10/2009, at 12:11 AM, Paul Stewart wrote:
We ran RT for a while but every time a new update came out on CentOS it
broke the installation (perl mods), making it a pain to keep running.
Bugzilla we haven't tried nor the JIRA. I'll take a look...
On Thu, 22 Oct 2009, bmann...@vacation.karoshi.com wrote:
On Thu, Oct 22, 2009 at 09:20:11PM +1100, Karl Auer wrote:
On Thu, 2009-10-22 at 11:40 +0200, Iljitsch van Beijnum wrote:
If, on the other hand, the REAL desire is to have a DHCP server break
the tie in the selection between several
On Sun, 18 Oct 2009, Mark Smith wrote:
On Sun, 18 Oct 2009 09:03:12 +0100
Andy Davidson a...@nosignal.org wrote:
On 18 Oct 2009, at 01:55, Ray Soucy wrote:
The only solution that lets us expand our roll out IPv6 to the edge
without major changes to the production IPv4 network seems to
On Sun, 30 Aug 2009, Randy Bush wrote:
If your 95th percentile utilization is at 80% capacity, it's time to
start planning the upgrade.
s/80/60/
the normal snmp and other averaging methods *really* miss the bursts.
Agreed. Internet traffic is very burtsy. If you care your customer
On Mon, 20 Jul 2009, Alex H. Ryu wrote:
Because of nowadays network scalability demands, Cisco is preparing ASR
14000 series to replace this one, I think. ^^
Basically ASR 14000 is downgrade version of CRS-1, but I consider it is
still developing or beta product.
As far as I know Cisco
On Mon, 4 May 2009, Ricky Beam wrote:
On Mon, 04 May 2009 17:03:31 -0400, Bill Stewart nonobvi...@gmail.com
wrote:
When I came back, I found this ugly EUI-64 thing instead,
so not only was autoconfiguration much uglier,
but you needed a /56 instead of a /64 if you were going to subnet.
Does
Hi,
Our summmarized experiences can be found here:
https://puck.nether.net/pipermail/cisco-nsp/2009-March/059409.html
Janos Mohacsi
Network Engineer, Research Associate, Head of Network Planning and Projects
NIIF/HUNGARNET, HUNGARY
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00
On Thu, 19 Feb 2009, Christopher Morrow wrote:
That is not what the decision said. The point was that the DHCP WG was not
going to decide for you what was necessary or appropriate to carry forward.
Rather than add baggage that nobody actually uses, there is nothing until
someone says 'I
On Tue, 17 Feb 2009, Carl Rosevear wrote:
So, I understand the main concepts behind IPv6. Most of my peers understand.
We all have a detailed understanding of most things IPv4. I have Googled and
read RFCs about IPv6 for HOURS. That said, to quickly try to minimize people
thinking I
On Mon, 9 Feb 2009, Ricky Beam wrote:
On Sat, 07 Feb 2009 14:31:57 -0500, Stephen Sprunk step...@sprunk.org
wrote:
Non-NAT firewalls do have some appeal, because they don't need to mangle
the packets, just passively observe them and open pinholes when
appropriate.
This is exactly the same
On Mon, 9 Feb 2009, Andy Davidson wrote:
On Thu, Feb 05, 2009 at 07:19:37PM -0500, Robert D. Scott wrote:
Wii should not even consider developing a cool new protocol for the Wii
that is not NAT compliant via V4 or V6. And if they do, we should elect a
NANOG regular to go POSTAL and handle
On Wed, 4 Feb 2009, Roger Marquis wrote:
Perhaps what we need is an IPv6 NAT FAQ? I'm suspect many junior network
engineers will be interested in the rational behind statements like:
* NAT disadvantage #1: it costs a lot of money to do NAT (compared to what
it saves consumers, ILECs, or
On Wed, 26 Nov 2008, Mark Andrews wrote:
Mark Andrews writes:
In message [EMAIL PROTECTED], Niels Bakker writes:
* [EMAIL PROTECTED] (Tony Hain) [Wed 26 Nov 2008, 01:03 CET]:
In any case, content providers can avoid the confusion if they simply put
u
p
a local 6to4 router alongside
On Thu, 20 Nov 2008, Nathan Ward wrote:
On 20/11/2008, at 4:06 AM, Florian Weimer wrote:
* Michael Sinatra:
And it just reinforces the fear that people have against putting
records in DNS for their publicly-accessible resources, especially
www.
Won't current Windows clients work
On Fri, 31 Oct 2008, HRH Sven Olaf Prinz von CyberBunker-Kamphuis MP wrote:
ever heard of the concept open market
ipv4 address space delegations will just move from the rirs to places like
ebay, problem solved.
Are you willing to pay premium to get global IPv4 address? Are you willing
On Sun, 12 Oct 2008, Stephen Sprunk wrote:
Mikael Abrahamsson wrote:
This brings up an interesting question, should we stop announcing our 6to4
relays outside of Europe? Is there consensus in the business how this
should be done? I have heard opinions both ways.
I can understand why some
On Fri, 10 Oct 2008, Lee, Steven (NSG Malaysia) wrote:
Hi all, I have a customer who has a MPLS network for E/// Media Gateway
(MGW) NB-AMR VoIP traffic. The packet size for the NB-AMR traffic is
fixed size 110 bytes. During the high load period, it can reaches
450Kpps on a STM-1 link. The
On Tue, 29 Jul 2008, Steven M. Bellovin wrote:
On Tue, 29 Jul 2008 15:56:19 +0200
Colin Alston [EMAIL PROTECTED] wrote:
DNS uses UDP.
Ahh yes of course..
Why does it use UDP? :P
In this situation, UDP uses one query packet and one reply. TCP uses 3
to set up the connection, a query,
66 matches
Mail list logo