Owen,
On Apr 30, 2010, at 7:04 PM, Owen DeLong wrote:
> Ideally, in the vast majority of cases, resolv.conf is populated by dhcpv6 or
> it's successor.
:-). I haven't been following the religious war against DHCPv6 -- is it now
acceptable to get DNS information via DHCPv6? I note that MacOSX s
David Conrad wrote:
Paul,
On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
If you change ISPs, send out an RA with the new addresses, wait a bit, then
send out an RA with lifetime 0 on the old address.
Even if this works (and I know a lot of applications that use the socket() API
th
On Apr 30, 2010, at 6:26 PM, David Conrad wrote:
> Paul,
>
> On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
>> If you change ISPs, send out an RA with the new addresses, wait a bit, then
>> send out an RA with lifetime 0 on the old address.
>
> Even if this works (and I know a lot of applica
Paul,
On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
> If you change ISPs, send out an RA with the new addresses, wait a bit, then
> send out an RA with lifetime 0 on the old address.
Even if this works (and I know a lot of applications that use the socket() API
that effectively cache the add
On Thu, 29 Apr 2010 08:22:47 -0700
Bill Stewart wrote:
> On Tue, Apr 27, 2010 at 3:24 PM, Owen DeLong wrote:
> >> Here's an exercise. Wipe a PC. Put it on that cable modem with no
> >> firewall. Install XP on it. See if you can get any service packs
> >> installed before the box is infecte
David Conrad wrote:
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
I don't understand why anyone thinks NAT should be a fundamental part of the v6 internet
Perhaps the ability to change service providers without having to renumber?
Number your internal network on ULA, and put public
On Tue, Apr 27, 2010 at 3:24 PM, Owen DeLong wrote:
>> Here's an exercise. Wipe a PC. Put it on that cable modem with no
>> firewall. Install XP on it. See if you can get any service packs installed
>> before the box is infected.
> 1. Yes, I can. I simply didn't put an IPv4 address on
On Wed, 28 Apr 2010 17:04:25 -0500
Dave Pooser wrote:
> > IPv6's fundamental goal is to restore end-to-end.
>
> For some. For many, IPv6's fundamental goal is to keep doing what we've been
> doing without running out of addresses. The fact that the two camps have
> orthogonal goals is probably p
On Thu, 29 Apr 2010 10:33:02 +1000
Mark Andrews wrote:
>
> In message , David
> Conrad
> writes:
> > Mark,
> >
> > On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
> > >> Perhaps the ability to change service providers without having to =
> > renumber?
> > >=20
> > > We have that ability alre
On Wed, 28 Apr 2010 14:54:04 PDT, David Conrad said:
> On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
> > I don't understand why anyone thinks NAT should be a fundamental part
> > of the v6 internet
>
> Perhaps the ability to change service providers without having to renumber?
RFC4193 or PI a
In message , David Conrad
writes:
> Mark,
>
> On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
> >> Perhaps the ability to change service providers without having to =
> renumber?
> >=20
> > We have that ability already. Doesn't require NAT.
>
> Cool! You've figured out, e.g., how to renumber
Mark,
On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
>> Perhaps the ability to change service providers without having to renumber?
>
> We have that ability already. Doesn't require NAT.
Cool! You've figured out, e.g., how to renumber authoritative name servers
that you don't have direct co
--- On Wed, 4/28/10, Mark Smith
wrote:
>
> I'm not people are understanding or know the true reality.
> NAT broke the
> Internet's architecture, by turning IP from being a
> peer-to-peer
> protocol into a master/slave one (think mainframes and dumb
> terminals).
> Read RFC1958 if you don't under
In message <01f57362-8092-48cb-8336-15b9cc171...@virtualized.org>, David Conrad
writes:
> On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
> > I don't understand why anyone thinks NAT should be a fundamental part =
> of the v6 internet=20
>
> Perhaps the ability to change service providers with
On Wed, 2010-04-28 at 14:54 -0700, David Conrad wrote:
> On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
> > I don't understand why anyone thinks NAT should be a fundamental part of
> > the v6 internet
>
> Perhaps the ability to change service providers without having to renumber?
DHCPv6 solv
> IPv6's fundamental goal is to restore end-to-end.
For some. For many, IPv6's fundamental goal is to keep doing what we've been
doing without running out of addresses. The fact that the two camps have
orthogonal goals is probably part of the reason the rate of growth on IPv6
is so slow.
--
Dave
On Wed, Apr 28, 2010 at 6:54 PM, David Conrad wrote:
> On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
> > I don't understand why anyone thinks NAT should be a fundamental part of
> the v6 internet
>
> Perhaps the ability to change service providers without having to renumber?
>
Couldn't we us
On Apr 28, 2010, at 2:38 PM, Carl Rosevear wrote:
> I don't understand why anyone thinks NAT should be a fundamental part of the
> v6 internet
Perhaps the ability to change service providers without having to renumber?
Regards,
-drc
I'm not normally one to respond to NANOG messages with opinions but...
Yeah, NAT broke the internet. Yes you can engineer around it. There is NO
reason to hold onto NAT as a standard. With v6 we have the opportunity to do it
right (or at least semi-right) from the beginning, lets not choos
On Wed, 28 Apr 2010 08:44:41 -0700
Matthew Kaufman wrote:
> Mark Smith wrote:
> > On Tue, 27 Apr 2010 14:29:50 -0400
> > Dave Israel wrote:
> >
> >
> >> On 4/27/2010 1:36 PM, Andy Davidson wrote:
> >>
> >>> On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
> >>>
> >>>
Mark Smith wrote:
On Tue, 27 Apr 2010 14:29:50 -0400
Dave Israel wrote:
On 4/27/2010 1:36 PM, Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
On Tue, 27 Apr 2010 14:29:50 -0400
Dave Israel wrote:
> On 4/27/2010 1:36 PM, Andy Davidson wrote:
> > On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
> >
> >>> Did you use Yahoo IM, AIM, or Skype?
> >>>
> >> Yes, yes, and yes. Works fine.
> >>
> > What about every
On Wed, 2010-04-28 at 02:13 -0400, Steve Bertrand wrote:
> > I would see UPNP as being a security risk and prone to denial of
> > service attacks when you have torrent clients attempting to grab
> every
+1
apologies if I've said this here before - UPNP = unstoppable Peek and
Poke
Gord
On 2010.04.28 00:04, Josh Hoppes wrote:
> I'll preface this that I'm more of an end user then a network
> administrator, but I do feel I have a good enough understanding of the
> protocols and
> network administration to submit my two cents.
You are always welcome to do so.
> The issue I see with
On Tue, Apr 27, 2010, Matthew Kaufman wrote:
> >Fortunately, the IPv6 address space is so large and sparse, that
> >scanning it would be quite a feat, even if a random outside attacker
> >already knew for a fact that a certain /64 probably contains a
> >vulnerable host.
> All I need to do i
I'll preface this that I'm more of an end user then a network
administrator, but I do feel I have a good enough understanding of the
protocols and
network administration to submit my two cents.
The issue I see with this level of NAT, is the fact that I don't
expect that UPNP be implemented at that
James Hess wrote:
Fortunately, the IPv6 address space is so large and sparse, that
scanning it would be quite a feat, even if a random outside attacker
already knew for a fact that a certain /64 probably contains a
vulnerable host.
All I need to do is run a popular web site on the IPv6 I
Owen DeLong wrote:
On Apr 27, 2010, at 11:49 AM, Matthew Kaufman wrote:
Owen DeLong wrote:
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Y
In message , Jon Lewis
writes:
> Both my kids run Win2k (to support old software that doesn't run
> well/at all post-2k). I doubt that's all that unusual.
Then they won't have IPv6 and hence are irrelevent to the discussion
about IPv6 NAT.
As for built in firewalls, even my brother printer a
On Tue, Apr 27, 2010 at 4:25 PM, Jon Lewis wrote:
> breaks. i.e. they'll know its broken. When they change the default policy
> on the firewall to Accept/Allow all, everything will still work...until all
> their machines are infected with enough stuff to break them.
The same is true with IPv4 +
On Apr 27, 2010, at 2:25 PM, Jon Lewis wrote:
> On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
>
>> That site will manage to chucklehead their config whether or not it's NAT'ed.
>
> True...but when they do it and all their important stuff is in 192.168.0/24,
> you still can't reach it...an
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
That site will manage to chucklehead their config whether or not it's NAT'ed.
True...but when they do it and all their important stuff is in
192.168.0/24, you still can't reach it...and if they break NAT, at least
their internet breaks. i.e
On Tue, 27 Apr 2010 14:54:07 EDT, Jon Lewis said:
> I think you forget where most networking is done. Monitoring? You mean
> something beyond walking down the hall to the network closet and seeing
> all the blinking lights are flashing really fast?
That site will manage to chucklehead their c
On Apr 27, 2010, at 11:49 AM, Matthew Kaufman wrote:
> Owen DeLong wrote:
>> On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
>>
>>
>>> Andy Davidson wrote:
>>>
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
>> Did you use Yahoo IM, AIM, or Skype?
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
At least with NAT, if someone really screws up the config, the "inside"
stuff is all typically on non-publicly-routed IPs, so the worst likely to
happen is they lose internet, but at least the internet can't directly
reach them.
You *do* reali
Owen DeLong wrote:
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every o
On Tue, 27 Apr 2010 14:37:08 EDT, Jon Lewis said:
> Maybe we want end-to-end to break.
>
> Firewalls can trivially be misconfigured such that they're little more
> than routers, fully exposing all the hosts behind them to everything bad
> the internet has to offer (hackers, malware looking to s
On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
> Andy Davidson wrote:
>> On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
>>
Did you use Yahoo IM, AIM, or Skype?
>>> Yes, yes, and yes. Works fine.
>>>
>>
>> What about every other service/protocol that
On Tue, 27 Apr 2010 valdis.kletni...@vt.edu wrote:
The difference is that if a protocol wants to be end-to-end, I can fix a
firewall to not break it. You don't have that option with a NAT.
Maybe we want end-to-end to break.
Firewalls can trivially be misconfigured such that they're little mo
On 4/27/2010 1:36 PM, Andy Davidson wrote:
> On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
>
>>> Did you use Yahoo IM, AIM, or Skype?
>>>
>> Yes, yes, and yes. Works fine.
>>
> What about every other service/protocol that users use today,
> and might be invented t
On Tue, 27 Apr 2010 10:48:54 PDT, Matthew Kaufman said:
> Anyone inventing a new service/protocol that doesn't work with NAT isn't
> planning on success.
Only true in the IPv4 world. IPv6 will hopefully be different.
> > The answer to these questions isn't a good one for users, so
> > as the c
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do & will they all work with
NAT ?
Some do, some don't. My observation is that in practice the stuff that
people do on consume
On 27/04/2010 18:48, Matthew Kaufman wrote:
> Anyone inventing a new service/protocol that doesn't work with NAT isn't
> planning on success.
You mean, like multisession bgp over tls?
Nick,
just sayin'
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do & will they all work wit
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
>> Did you use Yahoo IM, AIM, or Skype?
> Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today,
and might be invented tomorrow ? Do & will they all work with
NAT ?
Do many others work as wel
"John R. Levine" writes:
>> Did you run any services?
>
> Of course not, it's consumer DSL. I run services on my server which is
> somewhere else and tunnel in via ssh which, of course, works fine
> through NAT.
Take a look at all those small SOHO storage boxes. They all offer web
and FTP servi
On Tue, 20 Apr 2010 18:38:33 +0200 (CEST)
Mikael Abrahamsson wrote:
> On Tue, 20 Apr 2010, John R. Levine wrote:
>
> > Skype video chat, all the time, works fine. Don't remember about file
> > transfer.
>
> Whenever I am behind NAT and talk to someone else who is behind NAT skype
> seems to
On 4/20/10 6:38 PM, Mikael Abrahamsson wrote:
On Tue, 20 Apr 2010, John R. Levine wrote:
Skype video chat, all the time, works fine. Don't remember about
file transfer.
Whenever I am behind NAT and talk to someone else who is behind NAT
skype seems to lower the quality, my guess it's beca
On Tue, 20 Apr 2010, John R. Levine wrote:
Skype video chat, all the time, works fine. Don't remember about file
transfer.
Whenever I am behind NAT and talk to someone else who is behind NAT skype
seems to lower the quality, my guess it's because it now bounces traffic
via another non-NATed
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
Did you use any of those for
Video Chat and/or to transfer files?
Skype video chat, all the time, works fine. Don't remember about file
transfer.
Did you do any peer to peer filesharing?
Yeah, I got the latest Freebs
50 matches
Mail list logo
