Overloading outbound traffic from multiple machines onto a single IP address (what you call port address translation) *is* NAT, if only because most of the vendors appropriated the name from that other kind of address translator that was hardly ever used and few even remember (RFC 1631).
PAT was never really a correct name for it anyway; that was a cisco-ism. What we call NAT today derived primarily from the stateful transparent proxies of the mid-90's and as the word "stateful" implies, it remains as much a proxy as a translator.
Having worked for as a software developer for comScore, a major web metrics company, I can tell with absolute certainty that the concerns about anonymity and IPv6 stateless autoconfiguration are neither paranoid nor ignorant. Privacy extensions (RFC 3041) help but they create a problem inside the large enterprise where the sysadmin wants to track his users while denying Internet-based entities the ability to do the same.
NAT tends to fail closed. Merely stateful firewalls tend to fail open. For security purposes, failing closed is the desirable result.
"Fail" generally means "Oops, I fat-fingered the config." In both cases, that oops tends to move the firewall towards being a plain router. In the NAT case, a plain router causes all communication to fail while in the merely stateful firewall case, a plain router causes all communication to succeed.
You'll notice because a few of your websites will break or become difficult to access. When you try to figure out why, you'll realize that you're trying to connect to them with IPv6 but either they have their IPv6 misconfigured or there's a v6 network problem between here and there.
Because v6 takes priority over v4, your software will attempt to use it as soon as it's configured on both ends, regardless of whether it's truly ready.
1. You're vulnerable to being sued simply for looking at someone cross-eyed. Anecdotes notwithstanding, you're not particularly more vulnerable just because you entered a contest.
2. Using your invention without paying you is an unreasonable fear. They may not offer you the 50% stake in the company that you think your invention deserves, but unless you're antisocial, in some other way unreasonable or too disinterested to introduce yourself to the managers of the relevant team, the fact that they want to employ your invention within their product is generally a good enough reason to offer you employment. If you can come up with an execute one good idea, you can do it again. If you can do it twice you can do it 10 times. And if you can keep coming up with an executing good ideas then you're worth far more as an employee than your single contest idea was alone.
It might look like confirmation of the myth if you read only two of the four paragraphs. The rest of it was:
In our proposal, we agreed that the best first step is for wireless providers to be fully transparent with users about how network traffic is managed to avoid congestion, or prioritized for certain applications and content. Our proposal also asks the Federal government to monitor and report regularly on the state of the wireless broadband market. Importantly, Congress would always have the ability to step in and impose new safeguards on wireless broadband providers to protect consumers' interests.
It's also important to keep in mind that the future of wireless broadband increasingly will be found in the advanced, 4th generation (4G) networks now being constructed. Verizon will begin rolling out its 4G network this fall under openness license conditions that Google helped persuade the FCC to adopt. Clearwire is already providing 4G service in some markets, operating under a unique wholesale/openness business model. So consumers across the country are beginning to experience open Internet wireless platforms, which we hope will be enhanced and encouraged by our transparency proposal.
Let me translate that for you: "Our past efforts have opened a door towards network neutrality on wireless networks. The meaningful competition that remains in wireless service has done the same. We think it reasonable to see where those doors lead before asking Congress to force additional action. This is unlike wireline Internet where the unregulated trend has ended competition and is moving further from network neutrality."
Keep them as cool as Dells? That's not hard. Dell's drive bays are notoriously bad. Some of the ones from 4 and 5 years ago are much more poorly designed than the Supermicro cage.
HP/Compaq had a good cooling design with the U320 drives. Sadly they've demoted themselves to mediocre with the SAS/SATA drives.
The thermaltake bay converters with the 120cm fan, on the other hand, do a great job keeping the drives nice and cool.
Figure 5 on page 6 shows drives running at temperatures over 35 degrees exhibiting distinctly higher failure rates after year 2. So if you plan to retire your drives after 24 months, then you're probably OK at 38 degrees.
I wish they'd separated 15-30 degrees into 15-20, 20-25 and 25-30 groupings. The data confirms that running drives too cold is almost as bad as running them too hot but it doesn't offer any hints as to exactly where the problem spikes.
I've used your supermicro 5-drive cages before. They're the best of the bunch. The front air intakes are quite respectable compared to most 5-drive cages. But even they are crammed too close and there aren't enough holes in the backplane to let the fan drag enough air through the cage.
More drives = faster raid. And that's before considering that 2.5" drives have an inherently faster seek time than 3.5" drives simply because of the smaller circumference of the platter.
The five-drive cases suck rocks when it comes to cooling. There isn't enough space between drives to move the air. Thermaltake's 4-drive converter actually keeps the drives cool, improving their life span.
At one point there was an allegation that Childs had sabotaged the system to the extent that there were no backups from which any particular device's configuration could be recovered and the devices were configured such that they wouldn't operate correctly without reprogramming following a reboot. Did anything ever come of that claim?
It ain't that vague. You look at what has come before. You expect more or less the same thing to continue.
They've regulated the the gas company, the power company, the phone company, the railroads, the airlines, the truckers and so on, to force a certain brand of fairness upon them. All without compensating them for accepting that regulation.
The Internet carriers, especially the ones who consume public right-of-ways for their cable and who essentially want to double-bill for each packet charging both sender and receiver, those guys will escape the precedent? With the law surrounding eminent domain? Don't bet on it.
It's a cute theory but if it were true then the Federal government would lack the authority to regulate virtually all business activity from, "You can't tell me I can't build a trash dump here" to "You can't tell me I'm not allowed to sell this grade-B beef as hamburgers." The Feds obviously don't lack that authority (at least where it pertains to interstate commerce), hence the theory is wrong.
90% of such cases are resolved by the receipt of a proper demand letter. It's easy to say "no" to someone in person. Even easier on the phone or over email. But when saying no means you have to ask a lawyer what your risks are and maybe go to court, unreasonable answers have a tendency to become less unreasonable.
And if you get a default judgment, there's lots of much more fun stuff you can do than just picket them. Did you know if they don't promptly pay you can go ask the judge to place a lien on their assets? That's when the sheriff goes in and places a bright tag on some piece of equipment in the store which says it's a criminal offense to move or tamper with the equipment pending resolution of the claim. And then you show up with the sheriff asking to see the item to confirm it's still there.:)
Another good avenue is filing a complaint with the better business bureau. Same deal: saying "no" to you is easy but leaving an unresolved complaint open with the BBB is harder.
Then apparently I found one. In two decades of work I've only suffered two six-month jobs in which any incompetence in the organization had a major impact on my work. Only one of those involved a specific individual I considered incompetent. Even then I considered him a talented guy. He was just too much of hard head, so while he made many good decisions he couldn't be persuaded to backtrack on critical bad ones.
Not questioning your mad skillz but it would probably have been cheaper and easier to send a certified mail demanding the refund in 7 days with a copy of the filled out (but unsigned) small-claims warrant in debt form.
What does it say about Zenna Atkins' supervisors if she thinks students should learn to live with incompetent bosses instead of the smart move: finding employment outside the reach of the incompetents.
The classic example was Eli Whitney's cotton gin. It was a brilliant invention that revolutionized the production of cotton but a financial failure: the farmers all pirated the design and built their own rather than pay his exorbitant price.
Slashdot Mirror
since you don't know what you're talking about...
Memorize these three words: NAT fails closed.
You'll hear them, or a variant, every time you make such an arrogant claim to someone skilled at network security.
Really? How do I configure IPv6 NAT on my Linux firewall?
Overloading outbound traffic from multiple machines onto a single IP address (what you call port address translation) *is* NAT, if only because most of the vendors appropriated the name from that other kind of address translator that was hardly ever used and few even remember (RFC 1631).
PAT was never really a correct name for it anyway; that was a cisco-ism. What we call NAT today derived primarily from the stateful transparent proxies of the mid-90's and as the word "stateful" implies, it remains as much a proxy as a translator.
Having worked for as a software developer for comScore, a major web metrics company, I can tell with absolute certainty that the concerns about anonymity and IPv6 stateless autoconfiguration are neither paranoid nor ignorant. Privacy extensions (RFC 3041) help but they create a problem inside the large enterprise where the sysadmin wants to track his users while denying Internet-based entities the ability to do the same.
FC00::/7 is Unique Local Addresses (ULA), IPv6's version of RFC1918, aka 192.168.0.0.
fe80:: is link local.
NAT tends to fail closed. Merely stateful firewalls tend to fail open. For security purposes, failing closed is the desirable result.
"Fail" generally means "Oops, I fat-fingered the config." In both cases, that oops tends to move the firewall towards being a plain router. In the NAT case, a plain router causes all communication to fail while in the merely stateful firewall case, a plain router causes all communication to succeed.
There's some distance to travel between "it can be done" and "I can buy a product at Walmart which does it."
You'll notice because a few of your websites will break or become difficult to access. When you try to figure out why, you'll realize that you're trying to connect to them with IPv6 but either they have their IPv6 misconfigured or there's a v6 network problem between here and there.
Because v6 takes priority over v4, your software will attempt to use it as soon as it's configured on both ends, regardless of whether it's truly ready.
Two comments:
1. You're vulnerable to being sued simply for looking at someone cross-eyed. Anecdotes notwithstanding, you're not particularly more vulnerable just because you entered a contest.
2. Using your invention without paying you is an unreasonable fear. They may not offer you the 50% stake in the company that you think your invention deserves, but unless you're antisocial, in some other way unreasonable or too disinterested to introduce yourself to the managers of the relevant team, the fact that they want to employ your invention within their product is generally a good enough reason to offer you employment. If you can come up with an execute one good idea, you can do it again. If you can do it twice you can do it 10 times. And if you can keep coming up with an executing good ideas then you're worth far more as an employee than your single contest idea was alone.
It might look like confirmation of the myth if you read only two of the four paragraphs. The rest of it was:
In our proposal, we agreed that the best first step is for wireless providers to be fully transparent with users about how network traffic is managed to avoid congestion, or prioritized for certain applications and content. Our proposal also asks the Federal government to monitor and report regularly on the state of the wireless broadband market. Importantly, Congress would always have the ability to step in and impose new safeguards on wireless broadband providers to protect consumers' interests.
It's also important to keep in mind that the future of wireless broadband increasingly will be found in the advanced, 4th generation (4G) networks now being constructed. Verizon will begin rolling out its 4G network this fall under openness license conditions that Google helped persuade the FCC to adopt. Clearwire is already providing 4G service in some markets, operating under a unique wholesale/openness business model. So consumers across the country are beginning to experience open Internet wireless platforms, which we hope will be enhanced and encouraged by our transparency proposal.
Let me translate that for you: "Our past efforts have opened a door towards network neutrality on wireless networks. The meaningful competition that remains in wireless service has done the same. We think it reasonable to see where those doors lead before asking Congress to force additional action. This is unlike wireline Internet where the unregulated trend has ended competition and is moving further from network neutrality."
I agree.
I've lost a lot of drives to poorly designed Dell server cases that didn't keep the drives cool enough. A lot of drives.
Apologies wrt Thermaltake. I meant to say: http://www.coolermaster.com/product.php?product_id=2542
Keep them as cool as Dells? That's not hard. Dell's drive bays are notoriously bad. Some of the ones from 4 and 5 years ago are much more poorly designed than the Supermicro cage.
HP/Compaq had a good cooling design with the U320 drives. Sadly they've demoted themselves to mediocre with the SAS/SATA drives.
The thermaltake bay converters with the 120cm fan, on the other hand, do a great job keeping the drives nice and cool.
You mean on this report: http://static.googleusercontent.com/external_content/untrusted_dlcp/labs.google.com/en/us/papers/disk_failures.pdf
Figure 5 on page 6 shows drives running at temperatures over 35 degrees exhibiting distinctly higher failure rates after year 2. So if you plan to retire your drives after 24 months, then you're probably OK at 38 degrees.
I wish they'd separated 15-30 degrees into 15-20, 20-25 and 25-30 groupings. The data confirms that running drives too cold is almost as bad as running them too hot but it doesn't offer any hints as to exactly where the problem spikes.
I've used your supermicro 5-drive cages before. They're the best of the bunch. The front air intakes are quite respectable compared to most 5-drive cages. But even they are crammed too close and there aren't enough holes in the backplane to let the fan drag enough air through the cage.
More drives = faster raid. And that's before considering that 2.5" drives have an inherently faster seek time than 3.5" drives simply because of the smaller circumference of the platter.
The five-drive cases suck rocks when it comes to cooling. There isn't enough space between drives to move the air. Thermaltake's 4-drive converter actually keeps the drives cool, improving their life span.
At one point there was an allegation that Childs had sabotaged the system to the extent that there were no backups from which any particular device's configuration could be recovered and the devices were configured such that they wouldn't operate correctly without reprogramming following a reboot. Did anything ever come of that claim?
It ain't that vague. You look at what has come before. You expect more or less the same thing to continue.
They've regulated the the gas company, the power company, the phone company, the railroads, the airlines, the truckers and so on, to force a certain brand of fairness upon them. All without compensating them for accepting that regulation.
The Internet carriers, especially the ones who consume public right-of-ways for their cable and who essentially want to double-bill for each packet charging both sender and receiver, those guys will escape the precedent? With the law surrounding eminent domain? Don't bet on it.
It's a cute theory but if it were true then the Federal government would lack the authority to regulate virtually all business activity from, "You can't tell me I can't build a trash dump here" to "You can't tell me I'm not allowed to sell this grade-B beef as hamburgers." The Feds obviously don't lack that authority (at least where it pertains to interstate commerce), hence the theory is wrong.
Google say: http://www.expertlaw.com/library/real_estate/eminent_domain.html#5
That works great if you paid by credit card and too many months haven't passed.
90% of such cases are resolved by the receipt of a proper demand letter. It's easy to say "no" to someone in person. Even easier on the phone or over email. But when saying no means you have to ask a lawyer what your risks are and maybe go to court, unreasonable answers have a tendency to become less unreasonable.
And if you get a default judgment, there's lots of much more fun stuff you can do than just picket them. Did you know if they don't promptly pay you can go ask the judge to place a lien on their assets? That's when the sheriff goes in and places a bright tag on some piece of equipment in the store which says it's a criminal offense to move or tamper with the equipment pending resolution of the claim. And then you show up with the sheriff asking to see the item to confirm it's still there. :)
Another good avenue is filing a complaint with the better business bureau. Same deal: saying "no" to you is easy but leaving an unresolved complaint open with the BBB is harder.
Then apparently I found one. In two decades of work I've only suffered two six-month jobs in which any incompetence in the organization had a major impact on my work. Only one of those involved a specific individual I considered incompetent. Even then I considered him a talented guy. He was just too much of hard head, so while he made many good decisions he couldn't be persuaded to backtrack on critical bad ones.
Not questioning your mad skillz but it would probably have been cheaper and easier to send a certified mail demanding the refund in 7 days with a copy of the filled out (but unsigned) small-claims warrant in debt form.
http://www.courts.state.va.us/forms/district/dc402.pdf
What does it say about Zenna Atkins' supervisors if she thinks students should learn to live with incompetent bosses instead of the smart move: finding employment outside the reach of the incompetents.
The classic example was Eli Whitney's cotton gin. It was a brilliant invention that revolutionized the production of cotton but a financial failure: the farmers all pirated the design and built their own rather than pay his exorbitant price.
http://inventors.about.com/od/cstartinventions/a/cotton_gin.htm