And that is the whole fun point of it all: AICCU (or anything else) cannot fix network problems time issues or wrongly entered passwords automagically either....
Hence why it logs a message to what the problem is and EXITS. Note: it does not *crash* as what everybody seems to call a proper exit(code) call.
Restarting AICCU thus does not resolve anything unless the administrator of the host intervenes by fixing the relevant problem.
As for "Fedora fixing it", checking: http://pkgs.fedoraproject.org/... there is no "fix" there, they just added the requested "wait for ntp sync" flag to systemd which only solves one small part of the problem (no valid time yet, at which point one cannot do crypto, thus why are you connecting to online services at all?).
Without functional network connectivity it still won't start though, and that makes sense as there is nothing to connect to and thus it cannot do anything, hence it properly logs a message (that clearly nobody reads, because why would one read log messages) and then exits.
Note that systemd/Redhat folks are not the only ones who do not seem to understand the real problem here and think they can magically "fix" things while the host itself is not the problem (eg no network connectivity, broken connectivity, broken time setting, broken timezone setting, wrong password etc etc etc).
Instead of shoving a list of addresses into a DNS server (dnsmasq) in this case, it would be better to use RPZ (http://en.wikipedia.org/wiki/Response_policy_zone)....
Next to that:
> Open the file with sudo nano/etc/resolv.conf and replace the contents with the following: > nameserver 192.168.42.49 > nameserver 8.8.8.8 > nameserver 4.4.4.4
192.168.42.49 = apparently the address of the fake webserver (would be great if they configured that somewhere before making test queries....) 8.8.8.8 = Google Public DNS, no ads maybe but running all your DNS queries through Google is not helping much now does it. 4.4.4.4 = is not a valid DNS server, likely they meant 8.8.4.4 which is the secondary Google Public DNS address.
If you have a DNSmasq anyway, just let it recurse and play caching resolver, much better idea.
> iface wlan0 inet static > address 192.168.42.1 > netmask 255.255.255.0 > post-up ip addr add dev wlan0 192.168.42.49/24
One just has to wonder which IP the box will be using for outgoing queries, depends a lot on the kernel.... Now if that was 192.168.42.49/32 the.1 would always be chosen, but as a/24 magical things will happen
Etoomanypitholes and lots of people will be bitten.
Oh and yes, theoretically this extends the Internet in the same way that various other protocols do, eg 6lowpan etc. And yes, as it is store-and-forward it looks an awful lot like SMTP.
There are actually only few out of the 30.000+ people who signed up with a proper essay, and the ones that did always earn quite a few extra credits for when they actually do write something more than just "I need IPv6".
If you where not able to get a SixXS account you likely just did not read the text on the signup page, most likely then proceeded by providing garbage details which is definitely not accepted and any such request simply gets rejected.
But if you are unable or willing to read the signup page, most likely you won't get IPv6 working either as you'll be doing all kinds of things that will break the configuration, thus reading is essential.
We (SixXS) have tried to make it as easy as possible by bringing AICCU into the world and working together with various vendors though so that they support IPv6 tunnels out of the box, but even then some problems need reading for a bit to get them resolved. Thus if you can't read at signup you likely won't pass for the rest either.
sixxs dont require a linkedin account (or something changed since i created mine and several friends accounts)
Indeed SixXS never required a LinkedIn/XING/etc account.
Those links where only requested at the time so that one would get extra credits (ISK) donated to the person when they signed up, they got the credits because they proved a little bit more that they where real (as we, that is SixXS, could check the trust-graph in those websites) and more importantly as the people who did that actually read the signup page, which is something a lot of people clearly do not do even with colorful indicators.
This solved a small catch-22 with people who got flashy new IPv6 enabled routers (read: AVM Fritz!Box at the time) and thus for whom a tunnel alone was not enough. As since the beginning of 2012 the new sixxsd v4 software was deployed, this was not needed anymore as one then automatically has a routed/64 next to the tunnel space.
It's good that Planetary Annihlation will have support for modding and Linux:) So give them your voice and some of your cash by funding them on Kickstarter and then next year we'll all happily be destroying planets!
That way AAAA lookups are always performed and also preferred. Though it still depends on the application if it actually uses getaddrinfo() at all and does not resort addresses itself, which some applications do and some others do not.
> Let me easily set priority of v4 vs. v6.
With Lion Apple has implemented a variant (quite unrelated to the IETF drafts) of Happy Eyeballs in their systems. As such, depending on previous connection history, latency and other factors you might get IPv4 or IPv6 connections at random. And nope, there is no knob at all to turn off that behavior. Right back at you.
(oh and yes, I have a Mac too, which is why it kinda annoys me, but if you just slow down IPv4 a bit on the outbound router you always get IPv6 as the Mac thinks that IPv4 is "slower" than IPv6... still a knob would be useful, yes, bug reported a long time ago)
Banning people from IPv6 service for forking their connectivity software seems quite abusive to me.
You mean relicensing SixXS software (AICCU) under a more restrictive license? Yes, that is indeed quite abusive, be happy that the copyright enforcers are not coming down your neck for that.
It is great to make websites with all kinds of 'facts' but without actually showing both sides of a story and including all the details, they are not facts and they are effectively just biased statements from a pissed off person.
To quote slimjim8094:
aside from people who were pissed that they got cut off for abuse.
As that is what those "true stories" are about, nothing else.
Dear anonymous poster, please move along or get an account with your real name and details instead of just posting fact-less and out of context inflammatory remarks. Kthx!
> And it's no coincidence that half of abusive SixXS is half-run by a Google employee.
What you mean with "abusive" here is the "half" that cuts people off when they abuse the service. That "half" would be me, not the "half" that you try to implicate. There are actually even websites dedicated to this about it which only name me. The other "half" is a true voice of reason, so don't say bad things about him that have no backing at all.
Thus really the 'co-incidence' seems to be merely in the fact that you are an anonymous poster, who likely was abusive him/her/itself, got cut off yourself and likely that is why he/she/it cannot even post on slashdot with a real account as here you also got kicked out already.
It makes sense for several years already, as a lot of "firewalls" (eg, that nice Great Chinese Firewall) and various other such country-wide blockades to the Internet, do not have a single bit of understanding of IPv6, and as long as they remain that way, IPv6 will work like a charm......
Next to the other thing for home users: everything becomes accessible, instead of having to get IPv4 addresses from your home ISP (which generally they won't do, but indeed there are cases where they do), or getting a private server outside in a network, which is not home. For years already: set up an IPv6 tunnel, get a prefix, use it from anywhere.
As that thing does not even seem to fly and people always like to see movies, check: http://ng.uavp.ch/ for a huge amount of information about NG-UAVP's (Next Generation Universal Areal Video Platform) of course all open source hard and software.
To make sure that no other packages like eg base-files suddenly start adding these kind of packages you might want to add to/etc/apt/preferences or prolly better a file like/etc/apt/preferences.d/dontwant something like:
This will block two annoying packages that don't belong on most servers.
avahi, because you don't need to announce everywhere when your server is located somewhere in a DC (indeed it might be handy in a local network, but it stops being useful when you don't have multicast routing and/or have a routed network)
canonical-census, because Ubuntu does not need to know what your server is doing.
Of course other packages can be blocked in a similar way from being auto-added by apt. (unfortunately a dpkg 'hold' does not work).
Another way is to make a fake empty package, then the depends are satisfied, in the above case you might have packages which refuse to install because the package can't be found. Do make sure with 'apt-cache policy' to see if you don't have other apt-prefs at a prio of 1001 (or higher if that is possible) otherwise they might still get there.
I am also wondering when Ubuntu/Redhat and other such commercial "Linux" companies start being nice to all the people who actually do the hard work and start acknowledging that those people are what they are selling/supporting/consulting on and earning money with.
There are thus ONLY 60 IPv6 allocations in the African region, if you then follow the link, you will find the following nice thing: "Thus 19 (33.33%) networks are currently correctly announced." As there barely is no Internet in Africa, (especially when looking at ASNs, and remember that a lot of US ASN's are used in Africa) yes you might reach 22%.
Wow, yes that is a lot compared to the rest of the world: AFRINIC - 19 (33.33%) LACNIC - 37 (32.17%) APNIC - 223 (45.70%) ARIN - 239 (34.00%) RIPE - 548 (49.02%)
Europe wins again!:)
Statistics again show how easily things can be misunderstood and interpreted in various ways.
IPv4 = 192.0.2.2 (IANA TEST-NET;)
Thus:
2002::::/48 or in hex:
2002:c000:0202::/48 compresss that a bit:
2002:c000:202::/48
Now, IPv6 has 128 bits, minus the 48, leaves you with 80 bits for yourself which is the default site delegation, we use a/64 on each link, thus you can have 65535 networks you meant ?:)
a/48 is also 80bits - 32bits (IPv4) -> 48 = 2^48 = 281474976710656 bigger as the IPv4 space in terms of single IP addresses;)
But.... 6to4 looks good, it won't be as long as there are no relays close to you and there are only few of those. See The 6to4 list or check your traceroutes to the anycast address...
Can anyone say Zebra? Which is not maintained actively (make that at all) anymore because the main 'developer' is working on a commercial variation called ZebOS.
But fortunately after almost a year of quarrelling we now have the PJ fork called Quagga or mirrored at quagga.ch. So long for official GNU projects;)
In IPv6 one can use the following address syntax to communicate with IPv4 hosts:::ffff:192.168.1.2
Note that some application somewhere, probably an ALG will need to translate that IPv6 packet into an IPv4 packet though as the IPv4 only host doesn't know how to deal with IPv6. Yup that is somewhat a NAT or more a proxy.
The IPv6-only host will simply have a route to the IPv4 address space with the NAT/proxy/ALG translating it.
The transition path between IPv4 and IPv6 will take a lot of time because there are loads of applications using IPv4 and that will stay that way at least the coming 20 years or so. It will not be a flag day it will go transient.
Slashdot Mirror
And that is the whole fun point of it all: AICCU (or anything else) cannot fix network problems time issues or wrongly entered passwords automagically either....
Hence why it logs a message to what the problem is and EXITS. Note: it does not *crash* as what everybody seems to call a proper exit(code) call.
Restarting AICCU thus does not resolve anything unless the administrator of the host intervenes by fixing the relevant problem.
As for "Fedora fixing it", checking: http://pkgs.fedoraproject.org/... there is no "fix" there, they just added the requested "wait for ntp sync" flag to systemd which only solves one small part of the problem (no valid time yet, at which point one cannot do crypto, thus why are you connecting to online services at all?).
Without functional network connectivity it still won't start though, and that makes sense as there is nothing to connect to and thus it cannot do anything, hence it properly logs a message (that clearly nobody reads, because why would one read log messages) and then exits.
Note that systemd/Redhat folks are not the only ones who do not seem to understand the real problem here and think they can magically "fix" things while the host itself is not the problem (eg no network connectivity, broken connectivity, broken time setting, broken timezone setting, wrong password etc etc etc).
See also:
https://www.sixxs.net/news/201...
Nitrox is used so that you can dive longer....
What about Circle of 6:
http://www.circleof6app.com/
http://appsagainstabuse.challengepost.com/submissions/4900-circle-of-6
Can we change that at first to just start with the very simple:
Organisations transferring IP packets should be kicked off the Internet if they do not implement BCP38.
That would make al kind of spoofed attacks already impossible, that being the DNS, NTP, Quake-alike and many many others...
But, as there is no money to be earned with this, ISPs do not enforce it.
(and yes, it does cost some cash to implement as not all routers support it unfortunately..... )
Instead of shoving a list of addresses into a DNS server (dnsmasq) in this case, it would be better to use RPZ (http://en.wikipedia.org/wiki/Response_policy_zone)....
Next to that:
> Open the file with sudo nano /etc/resolv.conf and replace the contents with the following:
> nameserver 192.168.42.49
> nameserver 8.8.8.8
> nameserver 4.4.4.4
192.168.42.49 = apparently the address of the fake webserver (would be great if they configured that somewhere before making test queries....)
8.8.8.8 = Google Public DNS, no ads maybe but running all your DNS queries through Google is not helping much now does it.
4.4.4.4 = is not a valid DNS server, likely they meant 8.8.4.4 which is the secondary Google Public DNS address.
If you have a DNSmasq anyway, just let it recurse and play caching resolver, much better idea.
> iface wlan0 inet static
> address 192.168.42.1
> netmask 255.255.255.0
> post-up ip addr add dev wlan0 192.168.42.49/24
One just has to wonder which IP the box will be using for outgoing queries, depends a lot on the kernel.... .1 would always be chosen, but as a /24 magical things will happen
Now if that was 192.168.42.49/32 the
Etoomanypitholes and lots of people will be bitten.
Strange, this "article" does not even mention the official Tor Project Cloud effort: https://cloud.torproject.org/
From the github page: "Written by @hubert3 / . Presented at Blackhat USA July 2012, code published on Github 2012-08-31"
Slashdot, News of Last year, today! ;)
But yes, it is a rather cool hack that still works....
Related links for this article:
DTN Research Group: http://www.dtnrg.org/wiki
lots of docs: http://www.dtnrg.org/wiki/Docs
overview presentation: http://jeroen.massar.ch/presentations/files/CCC2007-DTN-Upgrading-Martian-Carrier-Pigeons.ppt
The book: http://www.amazon.com/dp/1596930632
Wikipedia: http://en.wikipedia.org/wiki/Delay-tolerant_networking
Source code: http://dtn.dsg.cs.tcd.ie/sft/ltplib/
Oh and yes, theoretically this extends the Internet in the same way that various other protocols do, eg 6lowpan etc.
And yes, as it is store-and-forward it looks an awful lot like SMTP.
Enjoy ;)
"The 1980's are calling for their foreign policy back" -- Barack Obama :)
There are actually only few out of the 30.000+ people who signed up with a proper essay, and the ones that did always earn quite a few extra credits for when they actually do write something more than just "I need IPv6".
If you where not able to get a SixXS account you likely just did not read the text on the signup page, most likely then proceeded by providing garbage details which is definitely not accepted and any such request simply gets rejected.
But if you are unable or willing to read the signup page, most likely you won't get IPv6 working either as you'll be doing all kinds of things that will break the configuration, thus reading is essential.
We (SixXS) have tried to make it as easy as possible by bringing AICCU into the world and working together with various vendors though so that they support IPv6 tunnels out of the box, but even then some problems need reading for a bit to get them resolved. Thus if you can't read at signup you likely won't pass for the rest either.
sixxs dont require a linkedin account (or something changed since i created mine and several friends accounts)
Indeed SixXS never required a LinkedIn/XING/etc account.
Those links where only requested at the time so that one would get extra credits (ISK) donated to the person when they signed up, they got the credits because they proved a little bit more that they where real (as we, that is SixXS, could check the trust-graph in those websites) and more importantly as the people who did that actually read the signup page, which is something a lot of people clearly do not do even with colorful indicators.
This solved a small catch-22 with people who got flashy new IPv6 enabled routers (read: AVM Fritz!Box at the time) and thus for whom a tunnel alone was not enough. As since the beginning of 2012 the new sixxsd v4 software was deployed, this was not needed anymore as one then automatically has a routed /64 next to the tunnel space.
It's good that Planetary Annihlation will have support for modding and Linux :)
So give them your voice and some of your cash by funding them on Kickstarter and then next year we'll all happily be destroying planets!
> Win7 requires me to kill ipv6, because there's no good way to tell the system to prefer ipv6.
If you have tunneled connectivity, thus non-native being announced on an Ethernet interface you will likely have to set in the registry:
SYSTEM\CurrentControlSet\services\Dnscache\Parameters\AddrConfigControl = 0 (DWORD)
That way AAAA lookups are always performed and also preferred. Though it still depends on the application if it actually uses getaddrinfo() at all and does not resort addresses itself, which some applications do and some others do not.
> Let me easily set priority of v4 vs. v6.
With Lion Apple has implemented a variant (quite unrelated to the IETF drafts) of Happy Eyeballs in their systems. As such, depending on previous connection history, latency and other factors you might get IPv4 or IPv6 connections at random. And nope, there is no knob at all to turn off that behavior. Right back at you.
(oh and yes, I have a Mac too, which is why it kinda annoys me, but if you just slow down IPv4 a bit on the outbound router you always get IPv6 as the Mac thinks that IPv4 is "slower" than IPv6... still a knob would be useful, yes, bug reported a long time ago)
Banning people from IPv6 service for forking their connectivity software seems quite abusive to me.
You mean relicensing SixXS software (AICCU) under a more restrictive license? Yes, that is indeed quite abusive, be happy that the copyright enforcers are not coming down your neck for that.
It is great to make websites with all kinds of 'facts' but without actually showing both sides of a story and including all the details, they are not facts and they are effectively just biased statements from a pissed off person.
To quote slimjim8094:
aside from people who were pissed that they got cut off for abuse.
As that is what those "true stories" are about, nothing else.
Dear anonymous poster, please move along or get an account with your real name and details instead of just posting fact-less and out of context inflammatory remarks. Kthx!
> And it's no coincidence that half of abusive SixXS is half-run by a Google employee.
What you mean with "abusive" here is the "half" that cuts people off when they abuse the service. That "half" would be me, not the "half" that you try to implicate.
There are actually even websites dedicated to this about it which only name me. The other "half" is a true voice of reason, so don't say bad things about him that have no backing at all.
Thus really the 'co-incidence' seems to be merely in the fact that you are an anonymous poster, who likely was abusive him/her/itself, got cut off yourself and likely that is why he/she/it cannot even post on slashdot with a real account as here you also got kicked out already.
It makes sense for several years already, as a lot of "firewalls" (eg, that nice Great Chinese Firewall) and various other such country-wide blockades to the Internet, do not have a single bit of understanding of IPv6, and as long as they remain that way, IPv6 will work like a charm......
Next to the other thing for home users: everything becomes accessible, instead of having to get IPv4 addresses from your home ISP (which generally they won't do, but indeed there are cases where they do), or getting a private server outside in a network, which is not home. For years already: set up an IPv6 tunnel, get a prefix, use it from anywhere.
There are only 9 labs which are real IBM Research Laboratories: Almaden, Austin, Brazil, China, India, Haifa, Tokyo, Watson and Zurich
linky: http://www.research.ibm.com/worldwide/index.shtml which does not list Sao Paolo, Brazil yet though.
This new one in Australia is just a new IBM R&D center, part of IBM, but not part of IBM Research though....
As that thing does not even seem to fly and people always like to see movies, check: http://ng.uavp.ch/ for a huge amount of information about NG-UAVP's (Next Generation Universal Areal Video Platform) of course all open source hard and software.
Multiple videos of WORKING drones over here: http://ng.uavp.ch/moin/Videos
Also, don't forget to check this cool cyber-cute overload: Quadrocopter Drone Has Its Own Little Home :)
Btw, what is so special about adding a wireless card/stick to a drone and letting it sniff the airwaves? :)
To make sure that no other packages like eg base-files suddenly start adding these kind of packages you might want to add to /etc/apt/preferences or prolly better a file like /etc/apt/preferences.d/dontwant something like:
This will block two annoying packages that don't belong on most servers.
avahi, because you don't need to announce everywhere when your server is located somewhere in a DC (indeed it might be handy in a local network, but it stops being useful when you don't have multicast routing and/or have a routed network)
canonical-census, because Ubuntu does not need to know what your server is doing.
Of course other packages can be blocked in a similar way from being auto-added by apt. (unfortunately a dpkg 'hold' does not work).
Another way is to make a fake empty package, then the depends are satisfied, in the above case you might have packages which refuse to install because the package can't be found. Do make sure with 'apt-cache policy' to see if you don't have other apt-prefs at a prio of 1001 (or higher if that is possible) otherwise they might still get there.
I am also wondering when Ubuntu/Redhat and other such commercial "Linux" companies start being nice to all the people who actually do the hard work and start acknowledging that those people are what they are selling/supporting/consulting on and earning money with.
The numbers to add, so to NOT confuse the people who now shout that Africa is going so great:
See SixXS Ghost Route Hunter for the live data:
* 6bone (144) (phased out on 6/6/2006)
* RIPE (1119)
* APNIC (490)
* ARIN (706)
* LACNIC (115)
* AfriNIC (60)
There are thus ONLY 60 IPv6 allocations in the African region, if you then follow the link, you will find the following nice thing: "Thus 19 (33.33%) networks are currently correctly announced."
As there barely is no Internet in Africa, (especially when looking at ASNs, and remember that a lot of US ASN's are used in Africa) yes you might reach 22%.
Wow, yes that is a lot compared to the rest of the world:
AFRINIC - 19 (33.33%)
LACNIC - 37 (32.17%)
APNIC - 223 (45.70%)
ARIN - 239 (34.00%)
RIPE - 548 (49.02%)
Europe wins again! :)
Statistics again show how easily things can be misunderstood and interpreted in various ways.
It's light (~1.5kg), has loads of battery time (~6+ most of the time), it's smaller than a4 (except a bit thicker ;)
:)
Only "disadvantage": no DVI output
For the rest it is perfect and I am loving mine
IPv4 = 192.0.2.2 (IANA TEST-NET ;)
/64 on each link, thus you can have 65535 networks you meant ? :)
/48 is also 80bits - 32bits (IPv4) -> 48 = 2^48 = 281474976710656 bigger as the IPv4 space in terms of single IP addresses ;)
Thus:
2002::::/48 or in hex:
2002:c000:0202::/48 compresss that a bit:
2002:c000:202::/48
Now, IPv6 has 128 bits, minus the 48, leaves you with 80 bits for yourself which is the default site delegation, we use a
a
But.... 6to4 looks good, it won't be as long as there are no relays close to you and there are only few of those. See The 6to4 list or check your traceroutes to the anycast address...
Can anyone say Zebra? Which is not maintained actively (make that at all) anymore because the main 'developer' is working on a commercial variation called ZebOS.
;)
But fortunately after almost a year of quarrelling we now have the PJ fork called Quagga or mirrored at quagga.ch. So long for official GNU projects
In The Netherlands it was Hobbyscoop, and they even pressed a CD from it:
;)
CD Cover
For the non-dutch:
Wednesday: Radio 1 and 2, FM Stereo 19:02 - 19:30
Monday: Basicode Radio 5 AM 1008 KHZ 21:35 - 22:00
And yes indeed it sounds like Aphex Twins
In IPv6 one can use the following address syntax to communicate with IPv4 hosts: ::ffff:192.168.1.2
Note that some application somewhere, probably an ALG will need to translate that IPv6 packet into an IPv4 packet though as the IPv4 only host doesn't know how to deal with IPv6. Yup that is somewhat a NAT or more a proxy.
The IPv6-only host will simply have a route to the IPv4 address space with the NAT/proxy/ALG translating it.
The transition path between IPv4 and IPv6 will take a lot of time because there are loads of applications using IPv4 and that will stay that way at least the coming 20 years or so. It will not be a flag day it will go transient.