When you are a new customer, a hosting- or DSL-/cable-customer, you will probably be assigned an IPv6 address only and maybe an IPv4-address, but the last one will just be from the 'private range'. It will suck, it will be some kind of NAT or load-balancer for hosting.
You will be using a transition system to talk to all those IPv4-only users and servers and it's going to be slower.
If you are an 'old user' which already has an IPv4-address, you will noticed more and more things won't work as well when talking to systems who have only a transitioning system and a IPv6-address.
But you can add IPv6 to your systems and it will get better.
1. a firewall with default policy: closed 2. and most important thing you forgot: most infections and breaches come from the browser/mail/other application, not the network.
I've been looking for a piece of software to run on the gateway which just records IPv6-MAC-address combinations, so things can be checked later when privacy extensions have been used.
I think you should be able to do some 1 to 1 translation with mangle, but the default kernel, I think, does not have NAT.
It's especially the Application (specific) Layer Gateway's (like you need for FTP) you would still be missing.
No sane 'manufacturer' or developer has found a reason to have NAT though, some customers who do not understand the technology still seem to want it anyway.
Who said you can't backup your data encrypted at a friends home.
Who said you can't just have more than one plug in your home ?
Eben also suggested we use more wireless, so if you have a DSL or cable at home and the connection dies, you would just automatically use the wireless of your neighbour.
The idea is to have a small box, which does not use a lot of power. Which you can use to securely communicate with your friends in a distributed fashion, without someone else having the logs they can analyze and sell to companies, like Facebook is doing.
A small server which is simple to use, easy to update (most people shouldn't need to admin their own box) and backup. It will hold your data, and possible your friends (you keep my backup, I keep yours, encrypted ofcourse, think: duplicity ).
I don't know what it is like in the rest of the world, but in the Netherlands more than 50% is leased. So they are all sold after 3 years by the lease-company.
that's all nice when it works, but when it fails it makes it hard to fix without going to the dealer. And the car dealer likes that, they can ask you for money each time.
The distributed filesystem Ceph adopted btrfs for it's storage. I think this could be really important for Linux servers Ceph keeps the data online, btrfs makes sure the checksums still match.
1. They are special, that's what I mentioned. They actually were able to skip one full round of server upgrades
2. they don't use cassandra for production, it's mostly mysql & memcached, the use cassandra just for analyzing 'logfiles'. They use cassandra to analyze and predict what people are or will do, this is for the ad-revenue.
There are a lot more developers working on btrfs then just the Oracle developer(s), that is the big difference. I think the one or few btrfs developers working at Oracle might even leave Oracle if they stop with supporting btrfs.
Slashdot Mirror
It was more like:
1. First they ignoe you
2. then you quote Gandhi
and so on...
Of the few IPv6-enabled consumer end-user devices (DSL-modems, etc.) non of them have support for NAT.
They do have a statefull firewall though. Which protects them just as good and allows for opening up certain parts when needed.
Privacy can be achieved by turning on the privacy extensions (default in Windows I believe).
Only problem I think exists there is no such thing as universal plug & play for IPv6.
This is why there will be some products that will have support for IPv6 NAT, but there will be few and thus they will probably be expensive.
Let's just agree to disagree. :-)
NAT is to much like security through obscurity, it should not be necessary as a security layer.
It will be a little bit different from that.
When you are a new customer, a hosting- or DSL-/cable-customer, you will probably be assigned an IPv6 address only and maybe an IPv4-address, but the last one will just be from the 'private range'. It will suck, it will be some kind of NAT or load-balancer for hosting.
You will be using a transition system to talk to all those IPv4-only users and servers and it's going to be slower.
If you are an 'old user' which already has an IPv4-address, you will noticed more and more things won't work as well when talking to systems who have only a transitioning system and a IPv6-address.
But you can add IPv6 to your systems and it will get better.
A large, maybe largest part, of the problem is the cable-/dsl-modem.
IPv4 is a bit like oil, we'll never really run out, it will just get (a lot) more expensive.
1. a firewall with default policy: closed
2. and most important thing you forgot: most infections and breaches come from the browser/mail/other application, not the network.
I've been looking for a piece of software to run on the gateway which just records IPv6-MAC-address combinations, so things can be checked later when privacy extensions have been used.
I think you should be able to do some 1 to 1 translation with mangle, but the default kernel, I think, does not have NAT.
It's especially the Application (specific) Layer Gateway's (like you need for FTP) you would still be missing.
No sane 'manufacturer' or developer has found a reason to have NAT though, some customers who do not understand the technology still seem to want it anyway.
Who said you can't use more then one OpenID ?
Who said you can't backup your data encrypted at a friends home.
Who said you can't just have more than one plug in your home ?
Eben also suggested we use more wireless, so if you have a DSL or cable at home and the connection dies, you would just automatically use the wireless of your neighbour.
I think he also things it should be open source and possible everything should be encrypted.
That might be, but there are many small electrical devices and when they fail, only the dealer has the right part.
But if something mechanical fails, you do it yourself or you can ask your brother, father, son to help you fix it and in many cases they can.
It's like open source and closed source software.
The idea is to have a small box, which does not use a lot of power. Which you can use to securely communicate with your friends in a distributed fashion, without someone else having the logs they can analyze and sell to companies, like Facebook is doing.
A small server which is simple to use, easy to update (most people shouldn't need to admin their own box) and backup. It will hold your data, and possible your friends (you keep my backup, I keep yours, encrypted ofcourse, think: duplicity ).
I don't know what it is like in the rest of the world, but in the Netherlands more than 50% is leased. So they are all sold after 3 years by the lease-company.
that's all nice when it works, but when it fails it makes it hard to fix without going to the dealer. And the car dealer likes that, they can ask you for money each time.
Also, criminals will go for the easiest targets (within the same pricerange/how easy it is to sell).
So these things only help. if you stay ahead of the curve.
The distributed filesystem Ceph adopted btrfs for it's storage. I think this could be really important for Linux servers Ceph keeps the data online, btrfs makes sure the checksums still match.
With OpenSolaris, it wasn't using the GPL everywhere.
With Google/Java/Oracle, the code Google was mostly using wasn't based on what Oracle is using so it isn't covered by the same GPL.
1. They are special, that's what I mentioned. They actually were able to skip one full round of server upgrades
2. they don't use cassandra for production, it's mostly mysql & memcached, the use cassandra just for analyzing 'logfiles'. They use cassandra to analyze and predict what people are or will do, this is for the ad-revenue.
3. many websites already use memcached
The problem ofcourse is, while it wasn't intentional, it does contain the code. :-)
http://www.osnews.com/story/23670/Chromium_Sends_Data_to_Google_Turns_Out_It_s_a_Regression
Hint, you don't need to read any comments if you get first post. :-)
Could you also add Ceph to your wishlist ?
http://ceph.newdream.net/
thank you. :-)
That sounds like Nexenta, Debian/Ubuntu apt/get with OpenSolaris kernel/zfs filesystem.
There are a lot more developers working on btrfs then just the Oracle developer(s), that is the big difference. I think the one or few btrfs developers working at Oracle might even leave Oracle if they stop with supporting btrfs.