not to mention that average consumers are already happy with nat and wifi they just want something "good enough" exactly which sucks my friends don't even mind shared internet that cuts out all the time because they use some crappy nat router which ends up having too large a state table so many bad things the problem is that consumers today can still easily pick up brand new modems and routers which don't support ipv6 not to mention people still using windows xp i wish there was a better way to incentivise people to upgrade but it would require some revolutionary new features and the price would have to be right my modem doesn't support ipv6 ipv6 tends to slow down the net atm so i'm not that keen on ipv6 myself yet oh really? you mean it slows down ipv4 browsing? i just use routed ip addresses nah worse routing oh i believe that is there still a lot of backbone infrastructure that doesn't support it? im guessing this isn't a fundamental problem well there's less peering of ipv6 than ipv4 well yea and cdn's that do ipv6 can have worse routes i dunno, firewalling is my biggest concern with ipv6 for home users how come? it shouldn't be any worse than ipv4 well nat saves a lot of people atm a lot of people when they firewalls do ipv4 onyl firewalls if they add ipv6 they don't necessarily add firewalls to ipv6 but no one plugs directly into ipv6 err the internet people often use nat for security atm but a router that is ipv6 enabled is just as secure by default and they only get nat on the router the router may be any sane router manufacturer would be but the hosts behind it get direct net access when they had nat'ed access before on that note upnp isn't good :) i don't see how they could make such a novice mistake hmm, i haven't seen an ipv6 modem yet plus, i see plenty of people dmz machines for no good reason but in built firewalls on modems have never been great since when do modems incorporate a firewall? i take that back, i completely disabled it last time i had one because it's stupid most people have wireless routers these days and you can be sure the manufacturers will put sane default firewall policies on those people who work around them usually did so with ipv4 anyway i dunno adsl is common here and all in one units and people leave wps enabled yes, but those have built in firewalls if they supported ipv6 they would also have default policies enabled by default? maybe we'll see :) it's prob a few years off anyway well, if they don't then that company deserves to die they all come from china who don't even do reverse dns on their ip's the firmware usually doesn't though? hmm actually that's a point, it originally ocmes from broadcom etc yea my modem started misbehaving last night with high pings honestly, i think manufacturers will get it right since they have seen what has happened in the past i tried to track down what was causing it and couldn't find aynthing i rebooted and it was better probably crap firmware rebooted modem that is lol i was stumped but i don't even have iptables yea, that's a problem you have to disable the firewall by changing firewall=yes to firewall=no in the xml file lol err you download backup config file and reupload it doesn't seem to have anything on web interface to disable firewall id unno why but connections die randomly otherwise that sounds awful it's got 32mb of ram, so it hasn't really got an excuse connection limit of around 3000 i think hahaha but you don't need lots of connections for them to randomly die like ssh would die if you don't type on it and go and make a coffee and come back unless it's something like irc that receives a little bit of data often that sucks yes very annoying very quickly my cable modems have been pretty stable actually im quite pleased they're briding? bridging? yea yeh that's safer i don't use consumer crap as a gateway i use a virtual machine as a router i actually know quite a few people who do that actually my desktop just goes direct and i tried it for some time but it just doesn't make sense to me wifi goes through router err through modem with no nat i see you get multiple ipv4's? well i'm transparently proxying wifi traffic yeh now that sounds kinda awesome can't do that on cable i've only got a /29 i'm sure they could do it yea they could actually well a /32 and a /29 the /29 routes to the /32 i might be able to just grab 4 dhcp leases i'm wasting an ip really eww dhcp yup can't you get a statici ip? not without paying for business class service with ipv6 i just treat it as static though and take what i want i don't give a fuck haha and that works? yep so they cna't track you? their routers don't enforce an ip per mac address but they only assign one the problem is that someone could get a lease over top of your arbitrarily allocated static block but ill take that risk i might do it with ipv4 but i don't know how well that would work im sure the address space is pretty congested and hard to guess out i don't really care much though, i just want to be able to use slaac on two interfaces for ipv6 so i need two /64's however, comcast only allocates one oh they assign a dynamic /64? yes they give the wan a /128 lease and then send it a /64 to allocate to the lan segment and that works, but i have multiple network segments i usually have two different nat'd ipv4 segments there isn't really a good way to do that with ipv6 unfortunately i mean, i could do nat'd ipv6 but that's just rediculous you need a /64 per network which actually drives me a little crazy i mean, yea we have 2^128 addresses now but we are effectively limited to 2^64 gateways it should really be 2^80 err 2^79 theoretically the space behind the gateway is only limited to mac addresses and those are only 48 bits of course they decided to expand that to 64 bits which to me seems stupid < mercutio> like ssh would die if you don't type on it and go and make a coffee and come back <-- that's due to TCP timeouts in your NAT setup, which can be changed (or you can setup keepalives in your SSH client). jlg: yeh but there's no way to fix it easily on the modem it's "broken" behaviour disabling iptables fixed tings It's your modem timing out the NAT translation due to no traffic... which keepalives will fix. But okay. yeh but the modem's meant to just route traffic i wasn't using nat up_the_irons: In case you are around, my Arpnetworks VPS leto seems to have a bit of a problem talking IPv4 to another VPS of mine - http://paste.ubuntu.com/1197889/ (IPv6 on the other hand works just perfect.) up_the_irons: Also did some tcpdumping, the other VPS halleck actually sees, and replies to, the packages from my Arpnetworks VPS leto. Let on the other hand doesn't see any packages from halleck. up_the_irons: Well, kind of works as it should again now, so not sure if there are much to look at presently.