[00:16] <mercutio> not to mention that average consumers are already happy with nat and wifi
[00:16] <mercutio> they just want something "good enough"
[00:20] <Webhostbudd> exactly
[00:20] <Webhostbudd> which sucks
[00:20] <Webhostbudd> my friends don't even mind shared internet that cuts out all the time
[00:21] <Webhostbudd> because they use some crappy nat router which ends up having too large a state table
[00:21] <Webhostbudd> so many bad things
[00:22] <Webhostbudd> the problem is that consumers today can still easily pick up brand new modems and routers which don't support ipv6
[00:22] <Webhostbudd> not to mention people still using windows xp
[00:23] <Webhostbudd> i wish there was a better way to incentivise people to upgrade but it would require some revolutionary new features
[00:23] <Webhostbudd> and the price would have to be right
[00:26] <mercutio> my modem doesn't support ipv6
[00:27] <mercutio> ipv6 tends to slow down the net atm
[00:27] <mercutio> so i'm not that keen on ipv6 myself yet
[00:27] <Webhostbudd> oh really?
[00:27] <Webhostbudd> you mean it slows down ipv4 browsing?
[00:27] <mercutio> i just use routed ip addresses
[00:27] <mercutio> nah worse routing
[00:28] <Webhostbudd> oh
[00:28] <Webhostbudd> i believe that
[00:28] <Webhostbudd> is there still a lot of backbone infrastructure that doesn't support it?
[00:28] <Webhostbudd> im guessing this isn't a fundamental problem
[00:28] <mercutio> well there's less peering of ipv6 than ipv4
[00:28] <Webhostbudd> well yea
[00:29] <mercutio> and cdn's that do ipv6 can have worse routes
[00:29] <mercutio> i dunno, firewalling is my biggest concern with ipv6 for home users
[00:30] <Webhostbudd> how come?
[00:30] <Webhostbudd> it shouldn't be any worse than ipv4
[00:31] <mercutio> well nat saves a lot of people atm
[00:31] <mercutio> a lot of people when they firewalls do ipv4 onyl firewalls
[00:31] <mercutio> if they add ipv6 they don't necessarily add firewalls to ipv6
[00:32] <Webhostbudd> but no one plugs directly into ipv6
[00:32] <Webhostbudd> err
[00:32] <Webhostbudd> the internet
[00:32] *** Ehtyar has quit IRC (Quit: Never look down on someone unless you're helping them up.)
[00:32] <mercutio> people often use nat for security atm
[00:32] <Webhostbudd> but a router that is ipv6 enabled is just as secure by default
[00:32] <Webhostbudd> and they only get nat on the router
[00:32] <mercutio> the router may be
[00:33] <Webhostbudd> any sane router manufacturer would be
[00:33] <mercutio> but the hosts behind it get direct net access when they had nat'ed access before
[00:33] <mercutio> on that note upnp isn't good :)
[00:33] <Webhostbudd> i don't see how they could make such a novice mistake
[00:33] <mercutio> hmm, i haven't seen an ipv6 modem yet
[00:33] <Webhostbudd> plus, i see plenty of people dmz machines for no good reason
[00:33] <mercutio> but in built firewalls on modems have never been great
[00:34] <Webhostbudd> since when do modems incorporate a firewall?
[00:34] <Webhostbudd> i take that back, i completely disabled it last time i had one
[00:34] <Webhostbudd> because it's stupid
[00:35] <Webhostbudd> most people have wireless routers these days and you can be sure the manufacturers will put sane default firewall policies on those
[00:35] <Webhostbudd> people who work around them usually did so with ipv4 anyway
[00:36] <mercutio> i dunno adsl is common here and all in one units
[00:36] <mercutio> and people leave wps enabled
[00:36] <Webhostbudd> yes, but those have built in firewalls
[00:36] <Webhostbudd> if they supported ipv6 they would also have default policies
[00:36] <mercutio> enabled by default?
[00:36] <mercutio> maybe
[00:36] <mercutio> we'll see :)
[00:36] <mercutio> it's prob a few years off anyway
[00:36] <Webhostbudd> well, if they don't then that company deserves to die
[00:36] <mercutio> they all come from china
[00:36] <mercutio> who don't even do reverse dns on their ip's
[00:37] <Webhostbudd> the firmware usually doesn't though?
[00:37] <mercutio> hmm
[00:37] <mercutio> actually that's a point, it originally ocmes from broadcom etc
[00:37] <Webhostbudd> yea
[00:37] <mercutio> my modem started misbehaving last night with high pings
[00:37] <Webhostbudd> honestly, i think manufacturers will get it right since they have seen what has happened in the past
[00:37] <mercutio> i tried to track down what was causing it and couldn't find aynthing
[00:38] <mercutio> i rebooted and it was better
[00:38] <Webhostbudd> probably crap firmware
[00:38] <mercutio> rebooted modem that is
[00:38] <Webhostbudd> lol
[00:38] <mercutio> i was stumped
[00:38] <mercutio> but i don't even have iptables
[00:38] <Webhostbudd> yea, that's a problem
[00:38] <mercutio> you have to disable the firewall by changing firewall=yes to firewall=no in the xml file
[00:38] <Webhostbudd> lol
[00:38] <mercutio> err you download backup config file
[00:38] <mercutio> and reupload
[00:39] <mercutio> it doesn't seem to have anything on web interface to disable firewall
[00:39] <mercutio> id unno why but connections die randomly otherwise
[00:39] <Webhostbudd> that sounds awful
[00:39] <mercutio> it's got 32mb of ram, so it hasn't really got an excuse
[00:39] <mercutio> connection limit of around 3000 i think
[00:39] <Webhostbudd> hahaha
[00:39] <mercutio> but you don't need lots of connections for them to randomly die
[00:39] <mercutio> like ssh would die if you don't type on it and go and make a coffee and come back
[00:40] <mercutio> unless it's something like irc that receives a little bit of data often
[00:40] <Webhostbudd> that sucks
[00:40] <mercutio> yes
[00:40] <mercutio> very annoying very quickly
[00:40] <Webhostbudd> my cable modems have been pretty stable actually
[00:40] <Webhostbudd> im quite pleased
[00:40] <mercutio> they're briding?
[00:40] <mercutio> bridging?
[00:40] <Webhostbudd> yea
[00:40] <mercutio> yeh that's safer
[00:40] <Webhostbudd> i don't use consumer crap as a gateway
[00:41] <mercutio> i use a virtual machine as a router
[00:41] <Webhostbudd> i actually know quite a few people who do that
[00:41] <mercutio> actually my desktop just goes direct
[00:41] <Webhostbudd> and i tried it for some time but it just doesn't make sense to me
[00:41] <mercutio> wifi goes through router
[00:41] <mercutio> err through modem
[00:41] <mercutio> with no nat
[00:41] <Webhostbudd> i see
[00:41] <Webhostbudd> you get multiple ipv4's?
[00:41] <mercutio> well i'm transparently proxying wifi traffic
[00:41] <mercutio> yeh
[00:41] *** sako has joined #arpnetworks
[00:42] <Webhostbudd> now that sounds kinda awesome
[00:42] <Webhostbudd> can't do that on cable
[00:42] <mercutio> i've only got a /29
[00:42] <mercutio> i'm sure they could do it
[00:42] <Webhostbudd> yea they could
[00:42] <Webhostbudd> actually
[00:42] <mercutio> well a /32 and a /29
[00:42] <mercutio> the /29 routes to the /32
[00:42] <Webhostbudd> i might be able to just grab 4 dhcp leases
[00:42] <mercutio> i'm wasting an ip really
[00:43] <mercutio> eww dhcp
[00:43] <Webhostbudd> yup
[00:43] <mercutio> can't you get a statici ip?
[00:43] <Webhostbudd> not without paying for business class service
[00:43] <Webhostbudd> with ipv6 i just treat it as static though
[00:43] <Webhostbudd> and take what i want
[00:43] <Webhostbudd> i don't give a fuck
[00:43] <mercutio> haha
[00:44] <mercutio> and that works?
[00:44] <Webhostbudd> yep
[00:44] <mercutio> so they cna't track you?
[00:44] <Webhostbudd> their routers don't enforce an ip per mac address
[00:44] <Webhostbudd> but they only assign one
[00:44] <Webhostbudd> the problem is that someone could get a lease over top of your arbitrarily allocated static block
[00:44] <Webhostbudd> but ill take that risk
[00:45] <Webhostbudd> i might do it with ipv4 but i don't know how well that would work
[00:45] <Webhostbudd> im sure the address space is pretty congested and hard to guess out
[00:46] <Webhostbudd> i don't really care much though, i just want to be able to use slaac on two interfaces for ipv6
[00:46] <Webhostbudd> so i need two /64's
[00:46] <Webhostbudd> however, comcast only allocates one
[00:46] <mercutio> oh they assign a dynamic /64?
[00:47] <Webhostbudd> yes
[00:47] <Webhostbudd> they give the wan a /128 lease and then send it a /64 to allocate to the lan segment
[00:48] *** sako has quit IRC (Ping timeout: 260 seconds)
[00:49] <Webhostbudd> and that works, but i have multiple network segments
[00:49] <Webhostbudd> i usually have two different nat'd ipv4 segments
[00:50] <Webhostbudd> there isn't really a good way to do that with ipv6 unfortunately
[00:50] <Webhostbudd> i mean, i could do nat'd ipv6
[00:50] <Webhostbudd> but that's just rediculous
[00:50] <Webhostbudd> you need a /64 per network
[00:50] <Webhostbudd> which actually drives me a little crazy
[00:51] <Webhostbudd> i mean, yea we have 2^128 addresses now
[00:51] <Webhostbudd> but we are effectively limited to 2^64 gateways
[00:52] <Webhostbudd> it should really be 2^80
[00:52] <Webhostbudd> err
[00:52] <Webhostbudd> 2^79
[00:54] <Webhostbudd> theoretically the space behind the gateway is only limited to mac addresses
[00:54] <Webhostbudd> and those are only 48 bits
[00:54] <Webhostbudd> of course they decided to expand that to 64 bits
[00:54] <Webhostbudd> which to me seems stupid
[01:07] *** Webhostbudd has quit IRC (Quit: Leaving)
[01:28] *** LT has joined #arpnetworks
[01:40] <jlgaddis> < mercutio> like ssh would die if you don't type on it and go and make a coffee and come back  <-- that's due to TCP timeouts in your NAT setup, which can be changed (or you can setup keepalives in your SSH client).
[02:34] <mercutio> jlg: yeh but there's no way to fix it easily on the modem
[02:35] <mercutio> it's "broken" behaviour
[02:35] <mercutio> disabling iptables fixed tings
[03:47] <jlgaddis> It's your modem timing out the NAT translation due to no traffic... which keepalives will fix.  But okay.
[04:08] <mercutio> yeh but the modem's meant to just route traffic
[04:08] <mercutio> i wasn't using nat
[05:20] *** heavysixer has quit IRC (Quit: heavysixer)
[06:01] *** Guest52883 is now known as pjs
[07:41] *** sako has joined #arpnetworks
[07:44] *** ryk has joined #arpnetworks
[07:54] *** teneightypea has quit IRC (Ping timeout: 250 seconds)
[07:56] *** bGeorge has quit IRC (Ping timeout: 260 seconds)
[07:56] *** mike-burns has quit IRC (Ping timeout: 260 seconds)
[07:56] *** pjs has quit IRC (Ping timeout: 246 seconds)
[07:56] *** up_the_irons has quit IRC (Ping timeout: 246 seconds)
[07:56] *** kraigu has quit IRC (Ping timeout: 246 seconds)
[07:56] *** twobithacker has quit IRC (Ping timeout: 260 seconds)
[07:56] *** ix34 has quit IRC (Ping timeout: 246 seconds)
[07:57] *** Guest69786 has quit IRC (Ping timeout: 246 seconds)
[07:57] *** CaZe has quit IRC (Ping timeout: 260 seconds)
[07:59] *** nukefree has joined #arpnetworks
[08:00] *** CaZe` has joined #arpnetworks
[08:01] *** CaZe` has quit IRC (Read error: Connection reset by peer)
[08:01] *** bGeorge has joined #arpnetworks
[08:01] *** ix34 has joined #arpnetworks
[08:02] *** teneightypea has joined #arpnetworks
[08:02] *** CaZe` has joined #arpnetworks
[08:02] *** CaZe`_ has joined #arpnetworks
[08:02] *** up_the_irons has joined #arpnetworks
[08:02] *** ChanServ sets mode: +o up_the_irons
[08:02] *** CaZe` has quit IRC (Remote host closed the connection)
[08:03] *** pjs has joined #arpnetworks
[08:03] *** twobithacker has joined #arpnetworks
[08:03] *** CaZe` has joined #arpnetworks
[08:03] *** pjs is now known as Guest59293
[08:05] *** Guest59293 is now known as pjs
[08:05] *** sako has quit IRC (Ping timeout: 252 seconds)
[08:05] *** CaZe` has quit IRC (Read error: Connection reset by peer)
[08:05] *** nukefree has quit IRC (Ping timeout: 246 seconds)
[08:06] *** bGeorge has quit IRC (Ping timeout: 272 seconds)
[08:07] *** CaZe`_ has quit IRC (Ping timeout: 240 seconds)
[08:07] *** CaZe` has joined #arpnetworks
[08:07] *** twobithacker has quit IRC (Ping timeout: 260 seconds)
[08:08] *** bGeorge has joined #arpnetworks
[08:08] *** up_the_irons has quit IRC (Ping timeout: 246 seconds)
[08:08] *** nukefree has joined #arpnetworks
[08:08] *** twobithacker has joined #arpnetworks
[08:08] *** up_the_irons has joined #arpnetworks
[08:08] *** ChanServ sets mode: +o up_the_irons
[08:12] *** kraigu has joined #arpnetworks
[08:32] *** sako has joined #arpnetworks
[08:38] *** sako has quit IRC (Ping timeout: 276 seconds)
[09:33] *** LT has quit IRC (Quit: Leaving)
[09:53] *** mike-burns has joined #arpnetworks
[09:53] *** ChanServ sets mode: +o mike-burns
[10:06] *** CaZe` is now known as CaZe
[10:07] *** Webhostbudd has joined #arpnetworks
[10:21] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[10:28] *** heavysixer has joined #arpnetworks
[10:28] *** ChanServ sets mode: +o heavysixer
[10:33] *** sako has joined #arpnetworks
[10:38] *** sako has quit IRC (Ping timeout: 245 seconds)
[10:46] *** HighJinx has joined #arpnetworks
[10:59] *** dferris has quit IRC (Quit: leaving)
[11:05] *** dan_ has joined #arpnetworks
[11:05] *** dan_ has quit IRC (Client Quit)
[11:07] *** dan_ has joined #arpnetworks
[11:07] *** dan_ is now known as dferris
[11:08] *** dferris has quit IRC (Client Quit)
[11:10] *** dferris has joined #arpnetworks
[11:25] *** mike-burns has quit IRC (Read error: Connection reset by peer)
[11:25] *** mike-burns has joined #arpnetworks
[11:25] *** ChanServ sets mode: +o mike-burns
[11:32] *** jbum has joined #arpnetworks
[11:45] *** krazydad has joined #arpnetworks
[11:45] *** krazydad has quit IRC (Client Quit)
[11:46] *** jbum has quit IRC (Read error: Connection reset by peer)
[12:00] *** beandog has joined #arpnetworks
[12:00] *** beandog has quit IRC (Changing host)
[12:00] *** beandog has joined #arpnetworks
[12:13] *** beandog has left "Leaving"
[12:34] *** sako has joined #arpnetworks
[12:39] *** sako has quit IRC (Ping timeout: 260 seconds)
[14:05] *** Webhostbudd_ has joined #arpnetworks
[14:08] *** Webhostbudd has quit IRC (Ping timeout: 250 seconds)
[14:35] *** sako has joined #arpnetworks
[14:40] *** sako has quit IRC (Ping timeout: 248 seconds)
[16:36] *** sako has joined #arpnetworks
[16:41] *** sako has quit IRC (Ping timeout: 276 seconds)
[17:31] *** Ehtyar has joined #arpnetworks
[18:37] *** sako has joined #arpnetworks
[18:41] *** sako has quit IRC (Ping timeout: 240 seconds)
[18:58] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[19:27] *** dj_goku has joined #arpnetworks
[19:27] *** dj_goku has quit IRC (Changing host)
[19:27] *** dj_goku has joined #arpnetworks
[19:32] *** Webhostbudd_ has quit IRC (Read error: Connection reset by peer)
[19:33] *** Webhostbudd_ has joined #arpnetworks
[19:39] <andol> up_the_irons: In case you are around, my Arpnetworks VPS leto seems to have a bit of a problem talking IPv4 to another VPS of mine - http://paste.ubuntu.com/1197889/
[19:39] <andol> (IPv6 on the other hand works just perfect.)
[19:45] <andol> up_the_irons: Also did some tcpdumping, the other VPS halleck actually sees, and replies to, the packages from my Arpnetworks VPS leto. Let on the other hand doesn't see any packages from halleck.
[20:34] *** dj_goku has quit IRC (Read error: Connection reset by peer)
[20:35] *** dj_goku has joined #arpnetworks
[20:35] *** dj_goku has quit IRC (Changing host)
[20:35] *** dj_goku has joined #arpnetworks
[20:36] *** jbergstroem has quit IRC (Ping timeout: 265 seconds)
[20:37] *** jbergstroem has joined #arpnetworks
[20:37] *** sako has joined #arpnetworks
[20:42] *** sako has quit IRC (Ping timeout: 260 seconds)
[21:19] <andol> up_the_irons: Well, kind of works as it should again now, so not sure if there are much to look at presently.
[22:06] *** HighJinx has joined #arpnetworks
[22:39] *** sako has joined #arpnetworks
[22:55] *** sako has quit IRC (Ping timeout: 252 seconds)
[23:22] *** sako has joined #arpnetworks
[23:32] *** sako has quit IRC (Ping timeout: 272 seconds)