***: SpaceDum1 has quit IRC (Ping timeout: 240 seconds)
m0unds has quit IRC (Ping timeout: 264 seconds)
SpaceDump has joined #arpnetworks
m0unds has joined #arpnetworks
mercutio has quit IRC (Ping timeout: 264 seconds)
mercutio has joined #arpnetworks
mercutio is now known as Guest61571
ben2 has joined #arpnetworks
Guest61571 has quit IRC (Ping timeout: 240 seconds)
ben2 is now known as mercutio
SpaceDump has quit IRC (*.net *.split)
vissborg has quit IRC (*.net *.split)
dj_goku has quit IRC (*.net *.split)
merc2 has quit IRC (*.net *.split)
mercutio has quit IRC (*.net *.split)
jlgaddis has quit IRC (*.net *.split)
dwarren has quit IRC (*.net *.split)
qbit has quit IRC (*.net *.split)
b^_^d has quit IRC (*.net *.split)
tooth has quit IRC (*.net *.split)
ix33 has quit IRC (*.net *.split)
anisfarhana has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
novae has quit IRC (*.net *.split)
dne has quit IRC (*.net *.split)
meingtsla has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
anisfarhana has joined #arpnetworks
pjs has joined #arpnetworks
tooth has joined #arpnetworks
dwarren has joined #arpnetworks
b^_^d has joined #arpnetworks
jlgaddis has joined #arpnetworks
merc2 has joined #arpnetworks
dj_goku has joined #arpnetworks
ix33 has joined #arpnetworks
qbit has joined #arpnetworks
vissborg has joined #arpnetworks
SpaceDump has joined #arpnetworks
mercutio has joined #arpnetworks
novae has joined #arpnetworks
dne has joined #arpnetworks
meingtsla has joined #arpnetworks
NiTeMaRe has joined #arpnetworks
vissborg has quit IRC (Excess Flood)
brycec has quit IRC (*.net *.split)
mnathani has quit IRC (*.net *.split)
mkb has quit IRC (*.net *.split)
phlux has quit IRC (Ping timeout: 244 seconds)
brycec has joined #arpnetworks
mnathani has joined #arpnetworks
mkb has joined #arpnetworks
hazardous has quit IRC (Ping timeout: 245 seconds)
vissborg has joined #arpnetworks
phlux has joined #arpnetworks
mdu59 has quit IRC (*.net *.split)
toeshred has quit IRC (*.net *.split)
DaCa has quit IRC (*.net *.split)
hazardous has joined #arpnetworks
mdu59 has joined #arpnetworks
toeshred has joined #arpnetworks
DaCa has joined #arpnetworks
BryceBot has quit IRC (*.net *.split)
BryceBot has joined #arpnetworks
hazardous has quit IRC (*.net *.split)
phlux has quit IRC (*.net *.split)
vissborg has quit IRC (*.net *.split)
m0unds has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
technoid_ has quit IRC (*.net *.split)
CaZe has quit IRC (*.net *.split)
staticsafe has quit IRC (*.net *.split)
gizmoguy has quit IRC (*.net *.split)
plett has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
hive-mind has quit IRC (*.net *.split)
carvite has quit IRC (*.net *.split)
joepie91- has quit IRC (*.net *.split)
reardencode has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
neish_ has quit IRC (*.net *.split)
tellnes has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
acf_ has quit IRC (*.net *.split)
jbergstroem has quit IRC (*.net *.split)
jbergstroem has joined #arpnetworks
bitslip has quit IRC (*.net *.split)
raptelan has quit IRC (*.net *.split)
mjp has quit IRC (*.net *.split)
awyeah has quit IRC (*.net *.split)
hazardous has joined #arpnetworks
vissborg has joined #arpnetworks
phlux has joined #arpnetworks
m0unds has joined #arpnetworks
eryc has joined #arpnetworks
technoid_ has joined #arpnetworks
CaZe has joined #arpnetworks
staticsafe has joined #arpnetworks
gizmoguy has joined #arpnetworks
plett has joined #arpnetworks
Hien has joined #arpnetworks
hive-mind has joined #arpnetworks
carvite has joined #arpnetworks
joepie91- has joined #arpnetworks
reardencode has joined #arpnetworks
mike-burns has joined #arpnetworks
neish_ has joined #arpnetworks
tellnes has joined #arpnetworks
twobithacker has joined #arpnetworks
acf_ has joined #arpnetworks
sinisalo.freenode.net sets mode: +o mike-burns
technoid_ has quit IRC (Write error: Broken pipe)
technoid__ has joined #arpnetworks
toddf has quit IRC (*.net *.split)
kevr has quit IRC (*.net *.split)
relrod has quit IRC (*.net *.split)
tabthorpe has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
JC_Denton has quit IRC (*.net *.split)
toddf has joined #arpnetworks
relrod has joined #arpnetworks
kevr has joined #arpnetworks
tabthorpe has joined #arpnetworks
jcv has joined #arpnetworks
JC_Denton has joined #arpnetworks
sinisalo.freenode.net sets mode: +o toddf
up_the_irons has quit IRC (*.net *.split)
ant has quit IRC (*.net *.split)
KDE_Perry has quit IRC (*.net *.split)
bitslip_ has joined #arpnetworks
up_the_irons has joined #arpnetworks
ant has joined #arpnetworks
KDE_Perry has joined #arpnetworks
sinisalo.freenode.net sets mode: +o up_the_irons
pyvpx has quit IRC (*.net *.split)
milki has quit IRC (*.net *.split)
SpeedBus has quit IRC (*.net *.split)
pcn has quit IRC (*.net *.split)
josephb has quit IRC (*.net *.split)
bitslip has joined #arpnetworks
raptelan has joined #arpnetworks
mjp has joined #arpnetworks
awyeah has joined #arpnetworks
bitslip has quit IRC (Ping timeout: 244 seconds)
pyvpx has joined #arpnetworks
milki has joined #arpnetworks
SpeedBus has joined #arpnetworks
pcn has joined #arpnetworks
josephb has joined #arpnetworks
phlux has quit IRC (*.net *.split)
m0unds has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
CaZe has quit IRC (*.net *.split)
gizmoguy has quit IRC (*.net *.split)
staticsafe has quit IRC (*.net *.split)
plett has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
hive-mind has quit IRC (*.net *.split)
carvite has quit IRC (*.net *.split)
joepie91- has quit IRC (*.net *.split)
reardencode has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
neish_ has quit IRC (*.net *.split)
tellnes has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
acf_ has quit IRC (*.net *.split)
phlux has joined #arpnetworks
m0unds has joined #arpnetworks
eryc has joined #arpnetworks
CaZe has joined #arpnetworks
staticsafe has joined #arpnetworks
gizmoguy has joined #arpnetworks
plett has joined #arpnetworks
Hien has joined #arpnetworks
hive-mind has joined #arpnetworks
carvite has joined #arpnetworks
joepie91- has joined #arpnetworks
reardencode has joined #arpnetworks
mike-burns has joined #arpnetworks
neish_ has joined #arpnetworks
tellnes has joined #arpnetworks
twobithacker has joined #arpnetworks
acf_ has joined #arpnetworks
sinisalo.freenode.net sets mode: +o mike-burns
CaZe has quit IRC (Remote host closed the connection)
CaZe has joined #arpnetworks
hive-mind has quit IRC (Ping timeout: 244 seconds)
hive-mind has joined #arpnetworks
mkb_ has joined #arpnetworks
mnathani has quit IRC (Ping timeout: 264 seconds)
mkb has quit IRC (Ping timeout: 264 seconds)
brycec has quit IRC (Ping timeout: 264 seconds)
brycec has joined #arpnetworks
mnathani has joined #arpnetworks
twobithacker has quit IRC (Read error: Network is unreachable)
twobithacker has joined #arpnetworks
gizmoguy has quit IRC (Ping timeout: 244 seconds)
gizmoguy has joined #arpnetworks
toddf has quit IRC (Ping timeout: 265 seconds)
gizmoguy has quit IRC (Ping timeout: 244 seconds)
gizmoguy has joined #arpnetworks
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
mike-burns has quit IRC (Ping timeout: 244 seconds)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
CaZe has quit IRC (Quit: Reconnecting)
CaZe has joined #arpnetworks
gizmoguy has quit IRC (Ping timeout: 244 seconds)
CaZe has quit IRC (Changing host)
CaZe has joined #arpnetworks
gizmoguy has joined #arpnetworks
Hien has quit IRC (Ping timeout: 244 seconds)
CaZe has quit IRC (Ping timeout: 244 seconds)
gizmoguy has quit IRC (Ping timeout: 244 seconds)
gizmoguy has joined #arpnetworks
zhangxiaobao has joined #arpnetworks
toddf has quit IRC (Ping timeout: 244 seconds)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf zhangxiaobao: Hello guys mercutio: hi zhangxiaobao: I'm trying to set up ipv6 multihoming without BGP. Does LISP(Locations/ID seperation protocol) work when the other endpoint doesn't support LISP? Should I use ULA with prefix translation? Does it break anything? Are there any other options? mercutio: i have no idea sorry zhangxiaobao: What are the benefits of enabling IPv6 for an average home user? mercutio: nil :)
the main advantage of ipv6 is more ip addresses with direct connectivity. but the majority of things do not use it.
it has more benefit to mobile providers who are running out of ip addresses and are starting to use nat, and it may in some cases stop you having to use carrier grade not of your provider
but as of right now, it's mostly useful if you want to "play" with more ip addresses, or if you want direct connectivity to multiple hosts.
which home users don't generally need. ***: Hien has joined #arpnetworks
Hien has quit IRC (Changing host)
Hien has joined #arpnetworks zhangxiaobao: OK, thank you very much mercutio: the amount of usage of ipv6 is increasing, but it's mostly to things like google, facebook etc which are all on ipv4 as well as ipv6
with businesses there are some advantages. if you want to connect two networks together and directly access each other, you can each have your own ip address space and not have to renumber.
but so many things depend on ipv4 right now you still have to renumber. and just using an ip address space other than 10.0.0.0/8, 192.168.1.0/24, 192.168.0.0/24 means you're less likely to clash.
if you really want to multihome then it's reasonably easy to get ip address space to multihome.
it's easier in most instances than increasing your amount of ip address space. zhangxiaobao: well my mobile provider uses 172.x and my college uses some 10.x and 192.168 :) mercutio: i wouldn't say there's anything bad about playing with ipv6. zhangxiaobao: i can't get my own ip address because my upstream(college) won't route it mercutio: well you'd need two providers to be of benefit anyway.
do you want multiple incoming addresses at home?
err at your college? zhangxiaobao: er...yes mercutio: why? :) zhangxiaobao: because of the great firewall of china mercutio: you mean you want to bypass firewall?
you can vpn
you could vpn to somewhere which may let you have incoming connections. zhangxiaobao: it's not about incoming connections, but outgoing ones mercutio: from my understanding, the most consistent performance from china for vpn'ing comes from vpn'ing to hong kong.
but if you want to access the US, then as long as you have a route that doesn't give evening congestion than vpn'ing to the US should work ok. zhangxiaobao: i've been doing this mercutio: but the problem comes when you want to route some stuff over vpn and some stuff not. zhangxiaobao: but then if you want to visit a website in china you're going china-->us-->china
yes, exactly mercutio: exactly. zhangxiaobao: that's why i'm trying to do multihoming mercutio: ok there are other solutions.
do you have a linux box there? zhangxiaobao: yes i'm using one as a router mercutio: can it run squid? zhangxiaobao: i think so mercutio: can you code in perl? zhangxiaobao: not really :) mercutio: if you can fake it you're probably fine :)
i did a perl plugin for squid before that can proxy to various proxies depending on what country a destination is in
or go direct if within the same country
it's really sloppy and proof of concept, but i think it'd work the best/easiest for normal usage for you zhangxiaobao: this can only proxy http connections right? mercutio: http and https
so can do fakebook etc zhangxiaobao: how does https work? mercutio: you set proxy as explicit proxy on your computer zhangxiaobao: doesnt it break the end to end model? mercutio: and then it does a CONNECT www.facebook.com etc
and looks like http
http://en.wikipedia.org/wiki/HTTP_tunnel
like that BryceBot: HTTP tunnel :: HTTP tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed an HTTP tunnel. HTTP tunnel... zhangxiaobao: so it proxies https from the tcp layer? mercutio: i'm in new zealand, i played with having it proxy for US, UK etc.
but it can probably be simplified
acttually even how it is now it goes direct for china :)
because NZ -> CN is faster than NZ -> US -> CN zhangxiaobao: yeah mercutio: } elsif ($geoip =~ m/CN/) {
print "ERRn";
it's hackish like that :)
basically squid just has to see OK or ERR
if it's a china or non china web site zhangxiaobao: :) mercutio: but you probably want TW etc to go direct too
http://pastebin.com/mpFQW11r zhangxiaobao: what about things other than http(s)? mercutio: well you'd have to VPN properly for that
lots of things can use http/https proxy
even things like skype can afaik
that's just a subsection
basically i just added a few things hah zhangxiaobao: but you still have to set the proxy setting yourself? mercutio: most things listen to internet explorer proxy settings in windows zhangxiaobao: well i'm trying to set up wireless network for my roommates who doesn't know what is http... mercutio: it's just using the maxmind database for geoip
well i'd do it the squid way myself :)
there is an alternative way
but it's the simplest way to get good performance for web zhangxiaobao: now i'm routing everything over vpn but they complain it's too slow for websites within china mercutio: yeah
the other way is using BGP
and the other way still is to vpn to hong kong
# lookmeup www.china.cn
Rev 1: CN 22 Beijing
so i have a script like that zhangxiaobao: what is that? mercutio: if all the web sites end in .cn, ,tw etc you can make rules in squid too
it's a maxmind lookup
geoiplookup -f /usr/local/share/GeoIP/GeoLiteCity.dat $1 | mawk -F, '{ print $2, $3, $4 }'
it just formats it a little nicer zhangxiaobao: oh ok mercutio: http://dev.maxmind.com/geoip/geoip2/geolite2/
seems there's a new format
but you can basically download database of where ip's are zhangxiaobao: i'm thinking of a global routing table mercutio: you can do that too
but it's still complicated :/ zhangxiaobao: like this:https://github.com/fivesheep/chnroutes
gets subnet allocation from apnic
then add routes to a specific country
works at ip layer instead of squid layer mercutio: ok try that then ;)
i imagine you'll have to force it to route things like google through it zhangxiaobao: i haven't tried it mercutio: well google gives me an apnic ip zhangxiaobao: but i'd imagine it would have some trouble with anycast ips? mercutio: google doesn't anycast normally
8.8.8.8 is anycasted
but it's not the norm
and 8.8.8.8 is ARIN ip zhangxiaobao: are you receiving ip for google.co.nz? mercutio: google.co.nz is a cname to google.com
so it's the same zhangxiaobao: oh, ok mercutio: 74.125.237.216
i usually get ip's like that though
which i assume is arin
yeah that's arin
but it sometimes can give APNIC results, google are kind of weird. :)
and there's nothing worse than thinsg that randomly break zhangxiaobao: yeah mercutio: but yeah as a first shot try bypassing for all apnic ip addresses
should be able to find a list of their ranges somewhree
http://www.apnic.net/publications/research-and-insights/ip-address-trends/apnic-resource-range
so uhh zhangxiaobao: that should be easy, it's all /8? mercutio: yeah hangon
http://pastebin.com/D3Ey4fJy
try that
but change 192.168.1.1 to your gateway zhangxiaobao: i'm not trying now
only have ssh access to my router
will do when i get back mercutio: ok
it may still go via US to some universitys etc
at least here some universities have legacy pre-apnic address space
but it should fix most stuff
even just 202.0.0.0/8 and 203.0.0.0/8 would probably fix qutie a lot ***: zhangxiaobao has quit IRC (Quit: Page closed)
dj_goku has quit IRC (Ping timeout: 244 seconds)
dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks