] ya im not looking forward to using ipv6. so fucking long just use DNS ^ how would you assign an ipv6 ip to a new machine, before it's even up and has a chance to be configured with dns? or maybe it is the dns server Plus if you have a brain like mine, it's easy to remember /64 portion mus1cbox: SLAAC dhcpv6 can register with dns or use mdns or just stop caring about addresses... (i.e. slaac) oh so you guys are having a fine experience running ipv6? static: no-one uses dns on ipv6 Huh ^? dns reverse lookups bascially don't exist. wtf why not uh... what? ^? mercutio: you trolling? because providers never seem to configure it? Because... DNS still a thing, including PTR. brycec: do some traceroutes over ipv6... you'll quickly see 8/10 or more ipv6 addresses have no reverse dns lazy providers... Half my v4 hops across comcast don't have ptr's. Doesn't mean nobody DNS' on IPv4 though. like tracing www.google.com from arp has 0 dns reverse lookups. Nah, it has 1 - google's not here seems ipv6 is reducing network accessibility for admins 11. iad23s23-in-x03.1e100.net 0.0% 6 68.4 68.5 68.4 68.7 0.2 http://pastebin.com/raw.php?i=kFTYJ0W6 mercutio: That's not a v6 thing, Google suck at adding v4 PTR records as well as v6 weird traceroute isn't working with udp or icmp wioth ipv4 oh just timing oitu hop 10 pa-in-f106.1e100.net (74.125.25.106) 30.763 ms 30.771 ms 30.612 ms i got one google lookup is it true ipv6 is less secure? No It's as-secure as v4 generally mus1cbox: lots of users don't do firewalls on ipv6. and were relying on nat for "firewall" on ipv4. there are some security/privacy extensions available to v6 too As a technology, it's as-secure so you may find suddenly you can accept incoming connections when you coiuldn't before. It's just the same as before "everybody" was NAT'ing there are some neighour exhaustion issues too. ah (and "everybody" used global v4 addresses) what's neighbor exhaustion? brycec: yes, but now people have the internet that used to not. mus1cbox: it's when your subnet gets scanned and your router struggles to deal with checking out who is there. it's kind of like the "too large bridge domain" issue with ipv4. http://inconcepts.biz/~jsw/IPv6_NDP_Exhaustion.pdf oh ty does ipv6 improve susceptibility to ddos? uhh ddos is a complex issue. you can trivially overload switches etc. it should be fixed sometime. the only improvement to ddos susceptibility is that lots of zombie boxes used to attack stuff don't have ipv6 connectivity yet hahha security through lack of connectivity :P m0unds: i thought hetzner etc had ipv6 now? mercutio: could be, i have no idea but there are still tons of compromised residential machines being used as attack sources oh wtf this is worse on that gear than i thought 1 pps of traffic with random ipv6 source address can full ndp table. pps? oh that's coming forom inside the network packet per second you don't mean petabyte do you? oh phew this is sounding worse and worse :) that's on nexus 5500 with juniper it's slightly better apparently. yes, faster cpu, more ram death by 1pbs pps* yea i think next time i buy networking gear i'll replace cisco with juniper so yeah don't use l3 switches for ipv6? there are pitfalls with either mercutio: yeah, haha i hate dhcp i hate arp not arp networks arp the protocol YOU BASTARD GET OUT i hate neighbour discovery i hate my neighbors m0unds: choosing a name like arp networks, you have to expect some confusion heh mus1cbox: i know it i actually kind of think there should just be a secure key between ethernet devices with maximum advertised ip's etc./ and dynamic routing type stuff with filters. and cut out bridging type systems but if using neighbour discovery you could still limit individual users to using too many addresses etc there's a discussion on nznog about ipv6 prefix size to allocate to end users. what's the thinking? not much currently. not the best time of year to get responses :) whenever i see an interesting post i hope people have interesting replys. but often the good posts don't get many answers. i'm about to redo my raid... fun times. going from 3 to 4 drives and new raid array is going to be slightly annoying as don't have enough sata ports :( do you use zfs? yes and mdadm i'm using mdadm in raid 10, and zfs in raid-z but going to do raid 10 for both i think but raid 0 for bulk storage. and just backup over network to hard-disk system this is ssd only :) only got 3x120gb atm though and upgrading to 2x250 and 2x480 trying to decide on layout.. i'm thinking like 32gb for mdadm per disk, 4gb for swap, 16gb for proxy, 200gb for zfs maybe 192gb for zfs, i have to short stroke a bit more the 250s i think. then like 220x2 extra for zfs raid 0 fuck it i'll just do the root first :) i hate grub +1 lilo felt so much easier JC_Denton: does lilo support uefi? i probably should research other boot loaders. no it doesn't elilo does @wiki elilo LILO (boot loader) :: LILO (LInux LOader) is a boot loader for Linux and was the default boot loader for most Linux distributions in the years after the popularity of loadlin. Today, most distributions use GRUB as the default boot loader. Overview LILO does not depend on a specific file system, and can boot an operating system (e.g., Linux kernel images) from floppy disks... http://en.wikipedia.org/wiki/LILO%20%28boot%20loader%29 interesting. i really just want to be able to select a few different kernels to boot how many people will stop following me on twitter, if I tweet about a powershell post? :P heh only one way to find out :) Timing buffered disk reads: 4660 MB in 3.00 seconds = 1552.74 MB/sec nice and fast raid :) https://www.youtube.com/watch?v=sV_bDXgeg7Q YouTube People: "Counterfeiting : Documentary on the Business of Counterfeits and Knock-Offs" by The New School (1h 35m 17s), 892,712 views, 2,727 likes and 256 dislikes. Uploaded 2013-10-01T03:56:12.000Z. interesting watch, esp for anyone who takes pharmaceutical drugs hahaha, i got a ps3 eye camera for doing head tracking in ARMA and flight sims my wife was freaked out moving her head and having it pan the view around step 1. step 2, Fabio. (http://www.fabioifc.com/) that does sound a little disorientating uh oh i'm reading slashdot again. bots are scanning github to steal amazon ec2 keys. how could that be, git users are soooo smart heh