mercutio: they just want something "good enough" Webhostbudd: exactly
which sucks
my friends don't even mind shared internet that cuts out all the time
because they use some crappy nat router which ends up having too large a state table
so many bad things
the problem is that consumers today can still easily pick up brand new modems and routers which don't support ipv6
not to mention people still using windows xp
i wish there was a better way to incentivise people to upgrade but it would require some revolutionary new features
and the price would have to be right mercutio: my modem doesn't support ipv6
ipv6 tends to slow down the net atm
so i'm not that keen on ipv6 myself yet Webhostbudd: oh really?
you mean it slows down ipv4 browsing? mercutio: i just use routed ip addresses
nah worse routing Webhostbudd: oh
i believe that
is there still a lot of backbone infrastructure that doesn't support it?
im guessing this isn't a fundamental problem mercutio: well there's less peering of ipv6 than ipv4 Webhostbudd: well yea mercutio: and cdn's that do ipv6 can have worse routes
i dunno, firewalling is my biggest concern with ipv6 for home users Webhostbudd: how come?
it shouldn't be any worse than ipv4 mercutio: well nat saves a lot of people atm
a lot of people when they firewalls do ipv4 onyl firewalls
if they add ipv6 they don't necessarily add firewalls to ipv6 Webhostbudd: but no one plugs directly into ipv6
err
the internet ***: Ehtyar has quit IRC (Quit: Never look down on someone unless you're helping them up.) mercutio: people often use nat for security atm Webhostbudd: but a router that is ipv6 enabled is just as secure by default
and they only get nat on the router mercutio: the router may be Webhostbudd: any sane router manufacturer would be mercutio: but the hosts behind it get direct net access when they had nat'ed access before
on that note upnp isn't good :) Webhostbudd: i don't see how they could make such a novice mistake mercutio: hmm, i haven't seen an ipv6 modem yet Webhostbudd: plus, i see plenty of people dmz machines for no good reason mercutio: but in built firewalls on modems have never been great Webhostbudd: since when do modems incorporate a firewall?
i take that back, i completely disabled it last time i had one
because it's stupid
most people have wireless routers these days and you can be sure the manufacturers will put sane default firewall policies on those
people who work around them usually did so with ipv4 anyway mercutio: i dunno adsl is common here and all in one units
and people leave wps enabled Webhostbudd: yes, but those have built in firewalls
if they supported ipv6 they would also have default policies mercutio: enabled by default?
maybe
we'll see :)
it's prob a few years off anyway Webhostbudd: well, if they don't then that company deserves to die mercutio: they all come from china
who don't even do reverse dns on their ip's Webhostbudd: the firmware usually doesn't though? mercutio: hmm
actually that's a point, it originally ocmes from broadcom etc Webhostbudd: yea mercutio: my modem started misbehaving last night with high pings Webhostbudd: honestly, i think manufacturers will get it right since they have seen what has happened in the past mercutio: i tried to track down what was causing it and couldn't find aynthing
i rebooted and it was better Webhostbudd: probably crap firmware mercutio: rebooted modem that is Webhostbudd: lol mercutio: i was stumped
but i don't even have iptables Webhostbudd: yea, that's a problem mercutio: you have to disable the firewall by changing firewall=yes to firewall=no in the xml file Webhostbudd: lol mercutio: err you download backup config file
and reupload
it doesn't seem to have anything on web interface to disable firewall
id unno why but connections die randomly otherwise Webhostbudd: that sounds awful mercutio: it's got 32mb of ram, so it hasn't really got an excuse
connection limit of around 3000 i think Webhostbudd: hahaha mercutio: but you don't need lots of connections for them to randomly die
like ssh would die if you don't type on it and go and make a coffee and come back
unless it's something like irc that receives a little bit of data often Webhostbudd: that sucks mercutio: yes
very annoying very quickly Webhostbudd: my cable modems have been pretty stable actually
im quite pleased mercutio: they're briding?
bridging? Webhostbudd: yea mercutio: yeh that's safer Webhostbudd: i don't use consumer crap as a gateway mercutio: i use a virtual machine as a router Webhostbudd: i actually know quite a few people who do that mercutio: actually my desktop just goes direct Webhostbudd: and i tried it for some time but it just doesn't make sense to me mercutio: wifi goes through router
err through modem
with no nat Webhostbudd: i see
you get multiple ipv4's? mercutio: well i'm transparently proxying wifi traffic
yeh ***: sako has joined #arpnetworks Webhostbudd: now that sounds kinda awesome
can't do that on cable mercutio: i've only got a /29
i'm sure they could do it Webhostbudd: yea they could
actually mercutio: well a /32 and a /29
the /29 routes to the /32 Webhostbudd: i might be able to just grab 4 dhcp leases mercutio: i'm wasting an ip really
eww dhcp Webhostbudd: yup mercutio: can't you get a statici ip? Webhostbudd: not without paying for business class service
with ipv6 i just treat it as static though
and take what i want
i don't give a fuck mercutio: haha
and that works? Webhostbudd: yep mercutio: so they cna't track you? Webhostbudd: their routers don't enforce an ip per mac address
but they only assign one
the problem is that someone could get a lease over top of your arbitrarily allocated static block
but ill take that risk
i might do it with ipv4 but i don't know how well that would work
im sure the address space is pretty congested and hard to guess out
i don't really care much though, i just want to be able to use slaac on two interfaces for ipv6
so i need two /64's
however, comcast only allocates one mercutio: oh they assign a dynamic /64? Webhostbudd: yes
they give the wan a /128 lease and then send it a /64 to allocate to the lan segment ***: sako has quit IRC (Ping timeout: 260 seconds) Webhostbudd: and that works, but i have multiple network segments
i usually have two different nat'd ipv4 segments
there isn't really a good way to do that with ipv6 unfortunately
i mean, i could do nat'd ipv6
but that's just rediculous
you need a /64 per network
which actually drives me a little crazy
i mean, yea we have 2^128 addresses now
but we are effectively limited to 2^64 gateways
it should really be 2^80
err
2^79
theoretically the space behind the gateway is only limited to mac addresses
and those are only 48 bits
of course they decided to expand that to 64 bits
which to me seems stupid ***: Webhostbudd has quit IRC (Quit: Leaving)
LT has joined #arpnetworks jlgaddis: < mercutio> like ssh would die if you don't type on it and go and make a coffee and come back <-- that's due to TCP timeouts in your NAT setup, which can be changed (or you can setup keepalives in your SSH client). mercutio: jlg: yeh but there's no way to fix it easily on the modem
it's "broken" behaviour
disabling iptables fixed tings jlgaddis: It's your modem timing out the NAT translation due to no traffic... which keepalives will fix. But okay. mercutio: yeh but the modem's meant to just route traffic
i wasn't using nat ***: heavysixer has quit IRC (Quit: heavysixer)
Guest52883 is now known as pjs
sako has joined #arpnetworks
ryk has joined #arpnetworks
teneightypea has quit IRC (Ping timeout: 250 seconds)
bGeorge has quit IRC (Ping timeout: 260 seconds)
mike-burns has quit IRC (Ping timeout: 260 seconds)
pjs has quit IRC (Ping timeout: 246 seconds)
up_the_irons has quit IRC (Ping timeout: 246 seconds)
kraigu has quit IRC (Ping timeout: 246 seconds)
twobithacker has quit IRC (Ping timeout: 260 seconds)
ix34 has quit IRC (Ping timeout: 246 seconds)
Guest69786 has quit IRC (Ping timeout: 246 seconds)
CaZe has quit IRC (Ping timeout: 260 seconds)
nukefree has joined #arpnetworks
CaZe` has joined #arpnetworks
CaZe` has quit IRC (Read error: Connection reset by peer)
bGeorge has joined #arpnetworks
ix34 has joined #arpnetworks
teneightypea has joined #arpnetworks
CaZe` has joined #arpnetworks
CaZe`_ has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
CaZe` has quit IRC (Remote host closed the connection)
pjs has joined #arpnetworks
twobithacker has joined #arpnetworks
CaZe` has joined #arpnetworks
pjs is now known as Guest59293
Guest59293 is now known as pjs
sako has quit IRC (Ping timeout: 252 seconds)
CaZe` has quit IRC (Read error: Connection reset by peer)
nukefree has quit IRC (Ping timeout: 246 seconds)
bGeorge has quit IRC (Ping timeout: 272 seconds)
CaZe`_ has quit IRC (Ping timeout: 240 seconds)
CaZe` has joined #arpnetworks
twobithacker has quit IRC (Ping timeout: 260 seconds)
bGeorge has joined #arpnetworks
up_the_irons has quit IRC (Ping timeout: 246 seconds)
nukefree has joined #arpnetworks
twobithacker has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
kraigu has joined #arpnetworks
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 276 seconds)
LT has quit IRC (Quit: Leaving)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
CaZe` is now known as CaZe
Webhostbudd has joined #arpnetworks
HighJinx has quit IRC (Quit: Computer has gone to sleep.)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 245 seconds)
HighJinx has joined #arpnetworks
dferris has quit IRC (Quit: leaving)
dan_ has joined #arpnetworks
dan_ has quit IRC (Client Quit)
dan_ has joined #arpnetworks
dan_ is now known as dferris
dferris has quit IRC (Client Quit)
dferris has joined #arpnetworks
mike-burns has quit IRC (Read error: Connection reset by peer)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
jbum has joined #arpnetworks
krazydad has joined #arpnetworks
krazydad has quit IRC (Client Quit)
jbum has quit IRC (Read error: Connection reset by peer)
beandog has joined #arpnetworks
beandog has quit IRC (Changing host)
beandog has joined #arpnetworks
beandog has left "Leaving"
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 260 seconds)
Webhostbudd_ has joined #arpnetworks
Webhostbudd has quit IRC (Ping timeout: 250 seconds)
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 248 seconds)
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 276 seconds)
Ehtyar has joined #arpnetworks
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 240 seconds)
HighJinx has quit IRC (Quit: Computer has gone to sleep.)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
Webhostbudd_ has quit IRC (Read error: Connection reset by peer)
Webhostbudd_ has joined #arpnetworks andol: up_the_irons: In case you are around, my Arpnetworks VPS leto seems to have a bit of a problem talking IPv4 to another VPS of mine - http://paste.ubuntu.com/1197889/
(IPv6 on the other hand works just perfect.)
up_the_irons: Also did some tcpdumping, the other VPS halleck actually sees, and replies to, the packages from my Arpnetworks VPS leto. Let on the other hand doesn't see any packages from halleck. ***: dj_goku has quit IRC (Read error: Connection reset by peer)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
jbergstroem has quit IRC (Ping timeout: 265 seconds)
jbergstroem has joined #arpnetworks
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 260 seconds) andol: up_the_irons: Well, kind of works as it should again now, so not sure if there are much to look at presently. ***: HighJinx has joined #arpnetworks
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 252 seconds)
sako has joined #arpnetworks
sako has quit IRC (Ping timeout: 272 seconds)