The IPv6 protocol declares that extension options are end-to-end, meaning that in-between nodes do NOT look at any of the options headers. The ONLY exceptions are the Hop-by-Hop option header, the Routing header, and the Destination options header.
Packet fragmentation and reassembly are ONLY done by the source and destination nodes. (Yes, the underlying link may do fragmentation, but that is entirely the problem of the layer below, IPv6 does not care...) The IPv6 header area - which includes the Hop-by-Hop header, Destination options, and Routing headers, if present - is considered UNFRAGMENTABLE.
As is frequently mentioned on NANAE, it is effectively impossible to purchase ANY "opt-in" list. (Unless each individual on the list approved the sale to you specifically, and how likely is that?)
One of the beauties of Linux is that it can be ported to so many different platforms easily.
This really has nothing to do with what is being discussed here, but I thought I'd point out that Sun
has repeatedly demonstrated that they thing even the
PORTING step for software should be rendered moot.
(Java, binary compatibility straight up the SPARC
architecture...)
Sun uses it and then goes on to say IBM shouldn't?
You need to re-read the article. Sun is employing
Linux on its Cobalt servers and the like. Sun's
article is saying that it seems pretty foolish to
spend a deranged amount of money on das ubermaschine and then stick Linux on it. (Scott
McNealy has said this same thing even in relation
to Sun's own hardware!)
They even say it explicitly in the article... if
IBM claims to get 20 separate images on a $400000
machine, WHY wouldn't you just buy twenty PCs and
run Linux on them? You see this exact argument again and again on Slashdot whenever someone suggests buying Sun gear... why does it suddenly
become "FUD" when Sun uses it?
There are valid reasons to run Linux in multiple virtual machines. I even do it here on my PC.
Your PC is not a mainframe. Beyond yourself,
nobody gives a damn if it starts crashing, performance goes into the toilet, programs start malfunctioning, or what have you. Part of Sun's
point is that big gear like is being discussed DOES get deployed where many people WILL care.
Re:Have you ever tried to USE Solaris on x86?
on
No Solaris 9 for x86
·
· Score: 1
I have seen a number of Linux-developed applications be difficult, if not impossible, to port to any non-Linux platform, so I think your "Next time, use Linux" attitude to be a bit shortsighted.
The Linux development platform seems to support - nay, encourage - sloppy programming mistakes and poor development habits that Solaris simply does not put up with.
There's not been just a few instances on comp.unix.solaris where a "this works on Linux but not on Solaris" post has been replied to with "well, you did THIS wrong..."
The problem with Sun's out-of-the-box implementation is that there are no header files or some such (can't remember exactly right now) and it works with CDE, but nothing else!
I have absolutely zero problem building Sawfish or any other X window manager on any Solaris machine I've installed. There's something wrong on your end.
If you're missing headers, then you've messed up your installation. They're located on the second CD of the software set. Depending on the install type, the installation would have asked for the second CD when the machine first booted.
The Solaris FAQ addresses this situation now, I believe.
And hopefully nobody will reply with "why doesn't it install it all even in the minimum installation?" or some other equally silly question.
I believe the "bonehead(s)" in question presented the idea of hooking appliances to the net as an example of what COULD be done, not as any endorsement of DOING it. Too bad so many armchair net admins have taken it up as a flag to wave for the "uselessness of IPv6".
Ignoring the fact that address space IS NOT the only reason for the implementation of IPv6, it IS a major part. As much as some people would like to bury us behind NAT after NAT after NAT, there are all kinds of reasonable applications that "solution" would hinder or destroy.
Sure, the dork at home is perfectly willing to buy a NAT box, and exclaim that he doesn't need an IP-enabled fridge, but what about the vending machine maker, or the cellphone manufacturer?
Sure, they can both hide their devices behind NATs.
But that makes the benefits of management disappear in the mess of trying to build and maintain the network. (Such a thing would NOT be static, like the home-dork's network.)
And THEN, what happens when those two companies want to make their devices talk to each other? Waving your cellphone at a Coke machine to order a drink is a perfectly reasonable thing to expect people to want to do. Or how about pushing the takeoff schedule into your cellphone when you walk into the airport?
These things CAN be done without IPv6 - but the implementation in that case turns into a BIG FRIGGIN' MESS.
The cries of "I can use NAT! My toaster doesn't need an IP!" from the three-device home-users in no way counter the REAL reasons IPv6 is a good idea.
This is almost the way things work now (except DHCP
for IPv6 is a nebulous concept).
Most OSes which implement IPv6 treat IPv4 and IPv6
as if they were completely seperate interfaces. Getting
an address for each is handled individually, the
success (or failure) of getting an address on one does
not affect the other.
Since Sun is essentially giving away Solaris away these days, I can't see why using Linux over Solaris would concern them.
This whole "Intel versus Sun" thing comes up again and again. As is repeatedly pointed out, an Intel machine with the strength and reliability of an equivalent Sun box costs effectively the same, and even those machines have to fight against the "cheap x86 crap" stigma that follows them up from the desktop.
Sun has always been about the datacentre. Yes, they're suffering on the desktop, but the few cases I've heard of of "admins" trying to replace a Solaris server farm with their favored Linux have always ended in disaster (and pink slips).
I don't see why they can't just say "right. no more API changes, no more rewrites. let's spend the next 3 months making everything stable, and release 1.0".
Because sometimes the fixes REQUIRE a rewrite. And for the obnoxious and ignorant individuals who get righteous and say "they should have done it right the first time": then what the hell do we need version numbers FOR?
They shouldn't be shooting for perfection with their first stable release.
They're getting slagged now because they're shooting for perfection. If they put out a browser now, they'd be slagged for NOT producing perfection.
In short, they're damned if they do, and they're damned if they don't.
Personally, I'll pick the "damned" that produces superior software. Other people can feel free to grab one of the milestones, and do a search and replace for the version number to make it "1.0". Hell, commercial organizations do it!
I don't know why that is, but I don't a qt port is going to help this.
A qt port probably won't help. So don't use it.
The people who do the qt port are also not the same people who are working on the main browser, so don't waste time complaining about "misallocation of resources", either.
Remember, if you have any sense of ethics, blocking banner ads is stealing content.
Really, now? And what then, of the "banner" ads
that fail to load, causing the entire browser to
wait up, not displaying any of the content I was actually AFTER? Or how about the idiotic flash-based ads that pop up big graphics over top
of the browser and can't be moved or dismissed (End of Days online ads were one such example)?
These block the websites themselves. Is that somehow NOT stealing content? I am perfectly capable of ignoring normal web banner ads, and most of the time I do. But if an advertiser... ANY advertiser... starts aggressively getting in my face, I'm going to do something about it, and I will not be called "unethical" for doing so. Start yelling ads in my face, and I'll probably knock you to the ground. Start popping obnoxious ads over my browser, and I'll start blocking them. This is hardly unexpected behavior for most people.
Re:Ipv6.. will that allow proxyless ICS?
on
Quake on IPv6
·
· Score: 1
I'm dissapointed if some space isn't made available in IPv6 for extended LAN IPs. Even if it meant having variable extended length (say addresses ending in 128-255, have an extra byte)instead of fixed 48bit length.
What are extended LAN IPs? I searched for that phrase on Google and come up with nothing.
IPv6-capable machines use their MAC address to generate a link-local address. This is a perfectly valid IP, auto-assigned, but only valid for the local segment. It is assumed that this IP will be used for stateless autoconfiguration and/or DHCPv6 (which all occurs over multicast/anycast)
Re:Quake on IPv6. So what?
on
Quake on IPv6
·
· Score: 3
Several things:
That version of Quake was put up by Viagenie a long time ago. I'm assuming the Slashdotters are calling it "new" just because it was added to the freenet6.net webpage with "New!" written next to it. ("New" refers to the LINK being new, not the game, or even the port!)
Secondly, in order to port Quake to IPv6, they needed Quake source. I'm sure if they'd had access to Quake 3 source at the time, they would have used that. But most game companies don't give away the source to their current money-makers, for some odd reason.
Third, while ISPs dragging their feet getting IPv6 to their customers IS getting annoying, you don't have to wait for them; that's what services like freenet6.net are for. There'll be lag problems due to the tunnelling, but you'll at least have something to play with.
And as for putting the cart before the horse - no one is going to switch to IPv6 if there aren't any programs that take advantage of it. If you try to get IPv6 everywhere before anything uses it, it won't happen. Yes, IPv6 is a superior protocol. That doesn't mean anything. Its human nature (not to mention SOP at ISPs) to bailing-wire and band-aid things to the point of destruction before going through the "work" of an upgrade.
Thankfully, I have native IPv6 access between my workstation, my machines at home, and Ca*Net3, so I'm ready to go.:) --
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Something I think about every time I see articles like this...
We have ample evidence that people have problems driving in TWO dimensions. Why do we want to add a third? --
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
There was nothing wrong with his comment. Just because its a "production release" means nothing, ESPECIALLY in today's software development industry.
You can repeat "it should work fine, this isn't a beta" all you like, including when you're fixing crashed production machines you decided to use as testbeds. It won't change the reality which this whole article just emphasizes. --
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
What Sun seems to not be realizing here is that the cobalt machines aren't just true appliances. Why would they support Telnet access if they did?
What kind of logic is this? Does this mean that the managed switch down the hall that I can telnet to is more than just a switched hub?
Personally, I liked that cobalt machines ran linux cause it meant I could expand the machines
capabilities simply by installing new software.
Yeah, that's one of the outstanding problems with Solaris. You can't install things. Damned Solaris! Burn in HELL!
And now, thanks to this decision, finding new software to add to these pretty machines will be alot more difficult.
First off, "considering" != "decision". Secondly,
these machines are NETWORK APPLIANCES. Are you going to be upset because you can't install gnapster? I can't think of anything that would be used on a NETWORK APPLIANCE that would be lost from a transition from Linux to Solaris.
I apologize. I read this article and thread looking for facts, thought, and rationality. I forgot I was on Slashdot.
GE might very well indeed need 16 million addresses. A cellphone manufacturer recently asked for 500 million addresses, and they were able to justify needing that many! They weren't able to get them, obviously. That manufacturer is now looking to IPv6 for their product.
It seems to be fashionable to rant against IPv6 these days. The main, ignorant arguments seem to be:
"We can use NAT, its easy and cheap" - Wrong. Processing power to do NAT may be cheap, but bandwidth sizes are increasing just as fast. With any "real" number of sessions, a modern NAT box has trouble keeping up with 100Mb. GigE is becoming popular, and they CAN'T keep up, at least not while remaining in the land of "cheap and easy".
"Not every device needs an IP" - Right, but the number of devices that WILL WANT an IP is growing, and devices like that are just STARTING to come out!
"Proper subnetting will fix everything" - Wrong. If you've got a/22 and need a/21, do you expect to be able to just take away the other neighboring/22 from the people who are using it? Or do you expect to completely ditch your current numbers and get a whole new block, if its even available? Will you get a different/22 in addition to your existing one, thus polluting the core routing table even further?
And these are just the address-space arguments. People forget, again and again and again, that IPv6 offers more than just address space... that's just its most touted feature.
"4.3 billion addresses is enough for anybody". Gee, that has a familiar ring to it. --
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Re:Using M17 and N4.73 side by side comparision
on
Mozilla M17 Is Out
·
· Score: 1
The source is always available, via either the tarballs on the FTP/website, or via anonymous CVS.
Head to www.mozilla.org, there's links right off the main page detailing how to get the source via either method, and build the browser with the options you prefer. --
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
You looked at Mozilla, an in-development project, FIVE MONTHS AGO and presume to declare that it still sucks? Sorry, that has to be in the top twenty stupid things I've heard anyone state. Computers suck. I know, because I used a PC Jr ten years ago and it could hardly run anything. This industry isn't going to go anywhere. (This bit of snarkery brought to you via Mozilla build ID 2000073021) -- Brandon Hume hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
block in on ed1 all pass in on ed1 proto tcp from any to any port = 21 keep state pass out on ed1 all keep state
I don't believe passing incoming on port 20 is terribly useful, since that's the ORIGINATING port for ftp-data (it connects OUT, not in).
Also, you might find it useful to use a 'pass in quick from/32 to any' at the top of the file, until you get the rules sorted out.
There's extensive documention that comes with IPFilter, you shoudl check it out. Once you know how to use it, you'll see how ipchains and ipfw are pale imitators. -- Brandon Hume hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Well, my means of upgrading from 4.0 to 5.0-CURRENT was merely by cvsup'ing the source tree, doing a 'make buildworld', 'make installworld', built a kernel using the new sources, installed it, rebooted, and then basked in the -CURRENT.:) I imagine the same process would work for 4.0 to 4.1. -- Brandon Hume hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
For now, you need IPv6 and IPv4. But as time goes on, and people slowly switch, you'll find that more and more of the hosts you talk to are interacting via IPv6.
And you are considerably overestimating the amount of effort it takes to set up a host on an existing IPv6 network. How much work is it on Solaris? 'touch/etc/hostname6.le0'. And that's if you took the time to hit the checkbox on the main install saying you didn't want IPv6! FreeBSD comes up with IPv6 by default, as does OpenBSD. My point is, if your devices are IPv6 capable, they are probably 'enabled' already.
Yes, setting up the routers is probably more complicated, but not much more so, keeping the way IPv6 was MEANT to be deployed in mind.
Setting up a DNS record for an IPv6 host is exactly the same as with a regular IPv4 address. AAAA instead of A. You don't need to 'insure DNS gives out v6 addresses', the remote hosts ask for the ones they want.
Enabling is pretty much done for you. Configuring things is easy. Getting a v6 block from your upstream will happen in time.
The real work goes into screwing things up. -- Brandon Hume hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
IPv6 is more than just address space. If you haven't done your research before posting then there's no point in me doing it for you. Enough other people have posted useful links for the uninformed. Not much can be done about the deliberately ignorant.
But for the other incorrect statements you've made:
- The money for IPv6 has already been spent. Its already here. The money will be wasted if IPv6 is NOT used. - AT is a way of pretending you have more address space than you do. Do you know what's better than pretend? REALITY! - If you think IPv6 would cost more to put into effect than cleaning up the current IPv4 mess, then you really have no concept of the state of things. -- Brandon Hume hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Slashdot Mirror
I don't think you know what you're talking about.
The IPv6 protocol declares that extension options are end-to-end, meaning that in-between nodes do NOT look at any of the options headers. The ONLY exceptions are the Hop-by-Hop option header, the Routing header, and the Destination options header.
Packet fragmentation and reassembly are ONLY done by the source and destination nodes. (Yes, the underlying link may do fragmentation, but that is entirely the problem of the layer below, IPv6 does not care...) The IPv6 header area - which includes the Hop-by-Hop header, Destination options, and Routing headers, if present - is considered UNFRAGMENTABLE.
You need to re-read RFC 2460.
As is frequently mentioned on NANAE, it is effectively impossible to purchase ANY "opt-in" list. (Unless each individual on the list approved the sale to you specifically, and how likely is that?)
One of the beauties of Linux is that it can be ported to so many different platforms easily.
This really has nothing to do with what is being discussed here, but I thought I'd point out that Sun has repeatedly demonstrated that they thing even the PORTING step for software should be rendered moot. (Java, binary compatibility straight up the SPARC architecture...)
Sun uses it and then goes on to say IBM shouldn't?
You need to re-read the article. Sun is employing Linux on its Cobalt servers and the like. Sun's article is saying that it seems pretty foolish to spend a deranged amount of money on das ubermaschine and then stick Linux on it. (Scott McNealy has said this same thing even in relation to Sun's own hardware!)
They even say it explicitly in the article... if IBM claims to get 20 separate images on a $400000 machine, WHY wouldn't you just buy twenty PCs and run Linux on them? You see this exact argument again and again on Slashdot whenever someone suggests buying Sun gear... why does it suddenly become "FUD" when Sun uses it?
There are valid reasons to run Linux in multiple virtual machines. I even do it here on my PC.
Your PC is not a mainframe. Beyond yourself, nobody gives a damn if it starts crashing, performance goes into the toilet, programs start malfunctioning, or what have you. Part of Sun's point is that big gear like is being discussed DOES get deployed where many people WILL care.
I have seen a number of Linux-developed applications be difficult, if not impossible, to port to any non-Linux platform, so I think your "Next time, use Linux" attitude to be a bit shortsighted.
The Linux development platform seems to support - nay, encourage - sloppy programming mistakes and poor development habits that Solaris simply does not put up with.
There's not been just a few instances on comp.unix.solaris where a "this works on Linux but not on Solaris" post has been replied to with "well, you did THIS wrong..."
I have absolutely zero problem building Sawfish or any other X window manager on any Solaris machine I've installed. There's something wrong on your end.
If you're missing headers, then you've messed up your installation. They're located on the second CD of the software set. Depending on the install type, the installation would have asked for the second CD when the machine first booted.
The Solaris FAQ addresses this situation now, I believe.
And hopefully nobody will reply with "why doesn't it install it all even in the minimum installation?" or some other equally silly question.
I believe the "bonehead(s)" in question presented the idea of hooking appliances to the net as an example of what COULD be done, not as any endorsement of DOING it. Too bad so many armchair net admins have taken it up as a flag to wave for the "uselessness of IPv6".
Ignoring the fact that address space IS NOT the only reason for the implementation of IPv6, it IS a major part. As much as some people would like to bury us behind NAT after NAT after NAT, there are all kinds of reasonable applications that "solution" would hinder or destroy.
Sure, the dork at home is perfectly willing to buy a NAT box, and exclaim that he doesn't need an IP-enabled fridge, but what about the vending machine maker, or the cellphone manufacturer?
Sure, they can both hide their devices behind NATs. But that makes the benefits of management disappear in the mess of trying to build and maintain the network. (Such a thing would NOT be static, like the home-dork's network.)
And THEN, what happens when those two companies want to make their devices talk to each other? Waving your cellphone at a Coke machine to order a drink is a perfectly reasonable thing to expect people to want to do. Or how about pushing the takeoff schedule into your cellphone when you walk into the airport?
These things CAN be done without IPv6 - but the implementation in that case turns into a BIG FRIGGIN' MESS.
The cries of "I can use NAT! My toaster doesn't need an IP!" from the three-device home-users in no way counter the REAL reasons IPv6 is a good idea.
This is almost the way things work now (except DHCP
for IPv6 is a nebulous concept).
Most OSes which implement IPv6 treat IPv4 and IPv6
as if they were completely seperate interfaces. Getting
an address for each is handled individually, the
success (or failure) of getting an address on one does
not affect the other.
Since Sun is essentially giving away Solaris away these days, I can't see why using Linux over Solaris would concern them.
This whole "Intel versus Sun" thing comes up again and again. As is repeatedly pointed out, an Intel machine with the strength and reliability of an equivalent Sun box costs effectively the same, and even those machines have to fight against the "cheap x86 crap" stigma that follows them up from the desktop.
Sun has always been about the datacentre. Yes, they're suffering on the desktop, but the few cases I've heard of of "admins" trying to replace a Solaris server farm with their favored Linux have always ended in disaster (and pink slips).
I don't see why they can't just say "right. no more API changes, no more rewrites. let's spend the next 3 months making everything stable, and release 1.0".
Because sometimes the fixes REQUIRE a rewrite. And for the obnoxious and ignorant individuals who get righteous and say "they should have done it right the first time": then what the hell do we need version numbers FOR?
They shouldn't be shooting for perfection with their first stable release.
They're getting slagged now because they're shooting for perfection. If they put out a browser now, they'd be slagged for NOT producing perfection.
In short, they're damned if they do, and they're damned if they don't.
Personally, I'll pick the "damned" that produces superior software. Other people can feel free to grab one of the milestones, and do a search and replace for the version number to make it "1.0". Hell, commercial organizations do it!
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
A qt port probably won't help. So don't use it. The people who do the qt port are also not the same people who are working on the main browser, so don't waste time complaining about "misallocation of resources", either.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Remember, if you have any sense of ethics, blocking banner ads is stealing content.
Really, now? And what then, of the "banner" ads that fail to load, causing the entire browser to wait up, not displaying any of the content I was actually AFTER? Or how about the idiotic flash-based ads that pop up big graphics over top of the browser and can't be moved or dismissed (End of Days online ads were one such example)?
These block the websites themselves. Is that somehow NOT stealing content? I am perfectly capable of ignoring normal web banner ads, and most of the time I do. But if an advertiser... ANY advertiser... starts aggressively getting in my face, I'm going to do something about it, and I will not be called "unethical" for doing so. Start yelling ads in my face, and I'll probably knock you to the ground. Start popping obnoxious ads over my browser, and I'll start blocking them. This is hardly unexpected behavior for most people.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
What are extended LAN IPs? I searched for that phrase on Google and come up with nothing.
IPv6-capable machines use their MAC address to generate a link-local address. This is a perfectly valid IP, auto-assigned, but only valid for the local segment. It is assumed that this IP will be used for stateless autoconfiguration and/or DHCPv6 (which all occurs over multicast/anycast)
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Several things:
:)
That version of Quake was put up by Viagenie a long time ago. I'm assuming the Slashdotters are calling it "new" just because it was added to the freenet6.net webpage with "New!" written next to it. ("New" refers to the LINK being new, not the game, or even the port!)
Secondly, in order to port Quake to IPv6, they needed Quake source. I'm sure if they'd had access to Quake 3 source at the time, they would have used that. But most game companies don't give away the source to their current money-makers, for some odd reason.
Third, while ISPs dragging their feet getting IPv6 to their customers IS getting annoying, you don't have to wait for them; that's what services like freenet6.net are for. There'll be lag problems due to the tunnelling, but you'll at least have something to play with.
And as for putting the cart before the horse - no one is going to switch to IPv6 if there aren't any programs that take advantage of it. If you try to get IPv6 everywhere before anything uses it, it won't happen. Yes, IPv6 is a superior protocol. That doesn't mean anything. Its human nature (not to mention SOP at ISPs) to bailing-wire and band-aid things to the point of destruction before going through the "work" of an upgrade.
Thankfully, I have native IPv6 access between my workstation, my machines at home, and Ca*Net3, so I'm ready to go.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Something I think about every time I see articles like this...
We have ample evidence that people have problems driving in TWO dimensions. Why do we want to add a third?
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
There was nothing wrong with his comment. Just because its a "production release" means nothing, ESPECIALLY in today's software development industry.
You can repeat "it should work fine, this isn't a beta" all you like, including when you're fixing crashed production machines you decided to use as testbeds. It won't change the reality which this whole article just emphasizes.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
What Sun seems to not be realizing here is that the cobalt machines aren't just true appliances. Why would they support Telnet access if they did?
What kind of logic is this? Does this mean that the managed switch down the hall that I can telnet to is more than just a switched hub?
Personally, I liked that cobalt machines ran linux cause it meant I could expand the machines
capabilities simply by installing new software.
Yeah, that's one of the outstanding problems with Solaris. You can't install things. Damned Solaris! Burn in HELL!
And now, thanks to this decision, finding new software to add to these pretty machines will be alot more difficult.
First off, "considering" != "decision". Secondly,
these machines are NETWORK APPLIANCES. Are you going to be upset because you can't install gnapster? I can't think of anything that would be used on a NETWORK APPLIANCE that would be lost from a transition from Linux to Solaris.
I apologize. I read this article and thread looking for facts, thought, and rationality. I forgot I was on Slashdot.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
GE might very well indeed need 16 million addresses. A cellphone manufacturer recently asked for 500 million addresses, and they were able to justify needing that many! They weren't able to get them, obviously. That manufacturer is now looking to IPv6 for their product.
/22 and need a /21, do you expect to be able to just take away the other neighboring /22 from the people who are using it? Or do you expect to completely ditch your current numbers and get a whole new block, if its even available? Will you get a different /22 in addition to your existing one, thus polluting the core routing table even further?
It seems to be fashionable to rant against IPv6 these days. The main, ignorant arguments seem to be:
"We can use NAT, its easy and cheap" - Wrong. Processing power to do NAT may be cheap, but bandwidth sizes are increasing just as fast. With any "real" number of sessions, a modern NAT box has trouble keeping up with 100Mb. GigE is becoming popular, and they CAN'T keep up, at least not while remaining in the land of "cheap and easy".
"Not every device needs an IP" - Right, but the number of devices that WILL WANT an IP is growing, and devices like that are just STARTING to come out!
"Proper subnetting will fix everything" - Wrong. If you've got a
And these are just the address-space arguments. People forget, again and again and again, that IPv6 offers more than just address space... that's just its most touted feature.
"4.3 billion addresses is enough for anybody". Gee, that has a familiar ring to it.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
The source is always available, via either the tarballs on the FTP/website, or via anonymous CVS.
Head to www.mozilla.org, there's links right off the main page detailing how to get the source via either method, and build the browser with the options you prefer.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
You looked at Mozilla, an in-development project, FIVE MONTHS AGO and presume to declare that it still sucks? Sorry, that has to be in the top twenty stupid things I've heard anyone state. Computers suck. I know, because I used a PC Jr ten years ago and it could hardly run anything. This industry isn't going to go anywhere. (This bit of snarkery brought to you via Mozilla build ID 2000073021)
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
To add on to my reply to your previous rant on the same subject:
Add 'log' to your rules. Run ipmon. Then you can SEE what IPFilter is blocking, and it'll even provide the line of the rule that caused it to do so!
And again: Read the documentation.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Gak, of all the times to skip previewing.
I MEANT,
'pass in quick from [your workstation's ip]/32 to any'
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Try:
/32 to any' at the top of the file, until you get the rules sorted out.
block in on ed1 all
pass in on ed1 proto tcp from any to any port = 21 keep state
pass out on ed1 all keep state
I don't believe passing incoming on port 20 is terribly useful, since that's the ORIGINATING port for ftp-data (it connects OUT, not in).
Also, you might find it useful to use a 'pass in quick from
There's extensive documention that comes with IPFilter, you shoudl check it out. Once you know how to use it, you'll see how ipchains and ipfw are pale imitators.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Well, my means of upgrading from 4.0 to 5.0-CURRENT was merely by cvsup'ing the source tree, doing a 'make buildworld', 'make installworld', built a kernel using the new sources, installed it, rebooted, and then basked in the -CURRENT. :) I imagine the same process would work for 4.0 to 4.1.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Crawl, walk, run.
/etc/hostname6.le0'. And that's if you took the time to hit the checkbox on the main install saying you didn't want IPv6! FreeBSD comes up with IPv6 by default, as does OpenBSD. My point is, if your devices are IPv6 capable, they are probably 'enabled' already.
For now, you need IPv6 and IPv4. But as time goes on, and people slowly switch, you'll find that more and more of the hosts you talk to are interacting via IPv6.
And you are considerably overestimating the amount of effort it takes to set up a host on an existing IPv6 network. How much work is it on Solaris? 'touch
Yes, setting up the routers is probably more complicated, but not much more so, keeping the way IPv6 was MEANT to be deployed in mind.
Setting up a DNS record for an IPv6 host is exactly the same as with a regular IPv4 address. AAAA instead of A. You don't need to 'insure DNS gives out v6 addresses', the remote hosts ask for the ones they want.
Enabling is pretty much done for you. Configuring things is easy. Getting a v6 block from your upstream will happen in time.
The real work goes into screwing things up.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
IPv6 is more than just address space. If you haven't done your research before posting then there's no point in me doing it for you. Enough other people have posted useful links for the uninformed. Not much can be done about the deliberately ignorant.
But for the other incorrect statements you've made:
- The money for IPv6 has already been spent. Its already here. The money will be wasted if IPv6 is NOT used.
- AT is a way of pretending you have more address space than you do. Do you know what's better than pretend? REALITY!
- If you think IPv6 would cost more to put into effect than cleaning up the current IPv4 mess, then you really have no concept of the state of things.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/