I beg to differ. It's like a direct clone of a PC.
Have you ever looked inside one of them? It's PC hardware all the way.
Also, IIRC, the PS2 had a HDD before the XBOX, no? (Please do correct me if I'm wrong here... Wikipedia backs me up, but we all know exactly how much that is worth.)
If your machines and your "roommate"s machines are on the same subnet then traffic between them will never hit the IP stack in the router and hence can't be filtered by it.
Holy freaking crap. I never knew this. : ( (I just ran a little experiment that confirms what you're saying.)
"Double" means twice the bits of a IPv4 address. [1] So, maybe you can have 2^64 addresses in a/64? [2]
[1] Yeah, I should have been *much* more explicit in my description. : <
[2] I recall seeing a graphic that broke down the number of possible IP address assignments for each subnet size from a/128 down to a/64. I *thought* that the graphic indicated that you could have ~4 million addresses in a/64. But the programmer in me knows that you can have 2^64 combinations in 64 bits... So either: 1) I'm mis-remembering. 2) The graphic was wrong. 3) There's something going on with V6 addressing that I don't know about.
Large companies *will* *not* run an unsupported OS. Which is worse?
1) Finding a new app that replaces your old, unsupported one? 2) Running an unsupported, vulnerable OS? 3) Getting the source code to your mission critical application in the first damn place, thereby avoiding the whole mess?
[Setting up that aforementioned firewall] is not that hard providing the ISP is generous enough to give something a bit bigger than a/64 but it does mean you either have to use full blown routing protocols or manually configure a route table entry on the router nearest the internet.
Why does your ISP need to give you something bigger than a/64 to do this? Is there some reason that you can't command ip6tables to use the source address and the input or output interface to decide whether or not to drop a packet? [1] For example: (On YOUR_ROUTER)
# Assume that your subnet is 2001::/64 # Assume that your WAN port is wan0 # Assume that your LAN ports are br0 ip6tables -A INPUT -s 2001::/64 -i wan0 -J DROP
Doesn't that effectively cut off your room-mates machines from your own? What have I missed? Would you still need to muck around with routing tables?
This is no trouble for us network geeks but may be difficult for normal users.
Agreed. Right now it would be difficult for normal users. Do you think that it would be difficult for a few smart geeks to design a tool [2] that would make some of this "replace a NAT firewall" stuff easier? Does this three point solution seem technologically feasible? If we added a "Block traffic that claims to be from my network coming from the Internet" checkbox to the web-interface that inserted something like that ip6tables line into the firewall config, might that help resolve *your* "roommate" scenario?
Cheers, Simon
[1] Be aware that I've never done this myself, I've only glanced briefly at the iptables docs. I could be (and probably am) WAAAY off base here. [2] Maybe a "web page" administration interface for a router?
Heck. I don't see why we can't turn v6 *everywhere* and use DHCP and v4 for all of the DNS information.
BTW: Do you know how to set something up that'll inform a IPv6-only host of DNS servers on the local LAN? I've tried passing some magic stuff via radvd. That was a no-go. It would seem that the RFC's for that method are "experimental" and unsupported pretty much everywhere. (Please don't tell me that I *HAVE* to setup a DHCP6 server and client. : )
However, it doesn't mean what you think it means. (I think.)
IIRC, a dual stack machine has IPv4 and IPv6 addresses and routes, and can send both IPv4 and IPv6 packets. It doesn't necessarily act as a bridge between the v4 and v6 networks that it's connected to.
5: The linux kernel developers refuse to implement v6-v6 nat. They have good intentions in doing this but it will make it difficult to put one home router (home routers are very often linux based in my experiance) behind another (say because you want to isolate your machines from your housemates), especially if the ISP is a crappy one that only gives the user a/64.
Two things: 1) A/64 is equivalent to *DOUBLE* the *ENTIRE* IPv4 address space. (Now, if you're complaining about not being able to subnet a/64, then I hear ya!) 2) What's so difficult about doing this: Internet --> Housemate_Router --> WAN_Port_On_Your_Router --> Your_Machines then setting up a firewall on Your_Router that DROPs traffic going to Your_Machines with a source address from Your_Subnet and is coming in over Your_WAN_Port? Is IP6Tables [1] so terrible that you can't do this?
Mmm. My Tandy 1000TL was Y2K compliant. (I booted it sometime in February 2000 and played some ancient games. No problems whatsoever!) It was running DOS 3.something.
It seems to me that most Slashdot IPv6 commenters forget that you can have a dual-stack machine. I'm posting from one right now!
This doesn't have to be an all-or-nothing proposition. *RIGHT NOW* (as in TODAY!) you can use IPv4 DHCP to get your DNS information and (maybe) an internet-facing IP address, then your ISP could setup a V6 route advertising daemon that'll give you an internet-facing V6 address.
MS may not always be the technially best solution, but they are always the most reliable solution. If there are problems, they will address those problems.
Would you please back up this statement with personal anecdotes? In your anecdotes, please mention the following:
1) What problem or problems were you having? 2) Which MS-backed product were affected? 3) What did MS do to address your problems?
I'm genuinely interested in your answers. I work in a rather strange software shop, and I'd like to believe that my experience with MSFT software is atypical.
If everyone NATs (like most already do) the routing tables get exponentially more complex, and they don't NEED to be.
How does NAT complicate the routing tables across the internet?
Consider this situation:
Internet --> Router --> Network A --> NAT --> Network B
Doesn't the routing table only get more complex for the NAT on the boundary of Network A and Network B? It's my understanding that all that Network A sees is a single host attached to Network B. (Please do correct me if anything I've said is incorrect.)
Slashdot Mirror
I subscribe to alterslash for a reason.
You should check it out. It makes /. tolerable again!
Please pardon the lazyness.
Is there a video of this talk somewhere? I would like to see it.
Cheers!
You think that *that* is a fair price?
I'd be willing to be that governments who are "considering Linux" get a *much* sweeter per-seat deal.
Microsoft copycat with the Xbox?
Yeah it's likea direct clone of... nothing...
I beg to differ.
It's like a direct clone of a PC.
Have you ever looked inside one of them?
It's PC hardware all the way.
Also, IIRC, the PS2 had a HDD before the XBOX, no?
(Please do correct me if I'm wrong here... Wikipedia backs me up, but we all know exactly how much that is worth.)
by Free the Cowards (1280296) on Friday October 17, @07:47PM (#25420193)
Eponysterical!
That kinda sounds like the US Patent system.
but the manufacturers will value them less - because they can make more of them with the same value of resources - so the price will go down.
You think so, do ya?
The Internet bandwidth market teaches us that corporations will lie, cheat, and steal to increase their profits.
Heh.
Almost 0 legacy Windows programs run on Windows on the Alpha. What's your point?
If your machines and your "roommate"s machines are on the same subnet then traffic between them will never hit the IP stack in the router and hence can't be filtered by it.
Holy freaking crap. I never knew this. : (
(I just ran a little experiment that confirms what you're saying.)
"Double" means twice the bits of a IPv4 address. [1] So, maybe you can have 2^64 addresses in a /64? [2]
[1] Yeah, I should have been *much* more explicit in my description. : <
[2] I recall seeing a graphic that broke down the number of possible IP address assignments for each subnet size from a /128 down to a /64. I *thought* that the graphic indicated that you could have ~4 million addresses in a /64. But the programmer in me knows that you can have 2^64 combinations in 64 bits... So either:
1) I'm mis-remembering.
2) The graphic was wrong.
3) There's something going on with V6 addressing that I don't know about.
Pardon?
I'm not sure of what you're trying to say.
Funny.
System Shock 2 doesn't run correctly on Vista.
Neither does Black & White.
You are also making some big assumptions.
Large companies *will* *not* run an unsupported OS.
Which is worse?
1) Finding a new app that replaces your old, unsupported one?
2) Running an unsupported, vulnerable OS?
3) Getting the source code to your mission critical application in the first damn place, thereby avoiding the whole mess?
[Setting up that aforementioned firewall] is not that hard providing the ISP is generous enough to give something a bit bigger than a /64 but it does mean you either have to use full blown routing protocols or manually configure a route table entry on the router nearest the internet.
Why does your ISP need to give you something bigger than a /64 to do this? Is there some reason that you can't command ip6tables to use the source address and the input or output interface to decide whether or not to drop a packet? [1] For example: (On YOUR_ROUTER)
# Assume that your subnet is 2001::/64
# Assume that your WAN port is wan0
# Assume that your LAN ports are br0
ip6tables -A INPUT -s 2001::/64 -i wan0 -J DROP
Doesn't that effectively cut off your room-mates machines from your own? What have I missed?
Would you still need to muck around with routing tables?
This is no trouble for us network geeks but may be difficult for normal users.
Agreed. Right now it would be difficult for normal users.
Do you think that it would be difficult for a few smart geeks to design a tool [2] that would make some of this "replace a NAT firewall" stuff easier? Does this three point solution seem technologically feasible?
If we added a "Block traffic that claims to be from my network coming from the Internet" checkbox to the web-interface that inserted something like that ip6tables line into the firewall config, might that help resolve *your* "roommate" scenario?
Cheers,
Simon
[1] Be aware that I've never done this myself, I've only glanced briefly at the iptables docs. I could be (and probably am) WAAAY off base here.
[2] Maybe a "web page" administration interface for a router?
Mm. Yeah. /. to go V6 for MONTHS! wtf.
I've been waiting for
Heck. I don't see why we can't turn v6 *everywhere* and use DHCP and v4 for all of the DNS information.
BTW: Do you know how to set something up that'll inform a IPv6-only host of DNS servers on the local LAN? I've tried passing some magic stuff via radvd. That was a no-go. It would seem that the RFC's for that method are "experimental" and unsupported pretty much everywhere.
(Please don't tell me that I *HAVE* to setup a DHCP6 server and client. : )
THANK YOU for mentioning "dual stack".
However, it doesn't mean what you think it means. (I think.)
IIRC, a dual stack machine has IPv4 and IPv6 addresses and routes, and can send both IPv4 and IPv6 packets. It doesn't necessarily act as a bridge between the v4 and v6 networks that it's connected to.
(Correct me if I'm wrong here.)
5: The linux kernel developers refuse to implement v6-v6 nat. They have good intentions in doing this but it will make it difficult to put one home router (home routers are very often linux based in my experiance) behind another (say because you want to isolate your machines from your housemates), especially if the ISP is a crappy one that only gives the user a /64.
Two things: /64 is equivalent to *DOUBLE* the *ENTIRE* IPv4 address space. (Now, if you're complaining about not being able to subnet a /64, then I hear ya!)
1) A
2) What's so difficult about doing this:
Internet --> Housemate_Router --> WAN_Port_On_Your_Router --> Your_Machines
then setting up a firewall on Your_Router that DROPs traffic going to Your_Machines with a source address from Your_Subnet and is coming in over Your_WAN_Port? Is IP6Tables [1] so terrible that you can't do this?
[1] Or whatever it's called...
Mmm. My Tandy 1000TL was Y2K compliant. (I booted it sometime in February 2000 and played some ancient games. No problems whatsoever!)
It was running DOS 3.something.
It seems to me that most Slashdot IPv6 commenters forget that you can have a dual-stack machine. I'm posting from one right now!
This doesn't have to be an all-or-nothing proposition. *RIGHT NOW* (as in TODAY!) you can use IPv4 DHCP to get your DNS information and (maybe) an internet-facing IP address, then your ISP could setup a V6 route advertising daemon that'll give you an internet-facing V6 address.
As more people deploy IPv6 and learn the best ways to do it, others will follow.
What different about deploying v6? Large scale network deployments is something that I know *nothing* about... I'd like to get educated.
MS may not always be the technially best solution, but they are always the most reliable solution. If there are problems, they will address those problems.
Would you please back up this statement with personal anecdotes? In your anecdotes, please mention the following:
1) What problem or problems were you having?
2) Which MS-backed product were affected?
3) What did MS do to address your problems?
I'm genuinely interested in your answers. I work in a rather strange software shop, and I'd like to believe that my experience with MSFT software is atypical.
If everyone NATs (like most already do) the routing tables get exponentially more complex, and they don't NEED to be.
How does NAT complicate the routing tables across the internet?
Consider this situation:
Internet --> Router --> Network A --> NAT --> Network B
Doesn't the routing table only get more complex for the NAT on the boundary of Network A and Network B? It's my understanding that all that Network A sees is a single host attached to Network B. (Please do correct me if anything I've said is incorrect.)
Yeah but the few non-geek apps that are affected have already got those workarrounds in place, tested and being used by large numbers of users
http://www.sinsofasolarempire.com/faqs.aspx
Look for:
"Q: The game is telling me that I may not be able to host the game. What do I need to configure?"
Is a video game a "geek app" or a "non-geek app"?
Comcast is running nothing but IPv6 on their "network monitoring and management" network.
What, exactly do you think it would cost them to turn on v6 for their "internet distribution" network?