But now PI is there, no more restrictions in the path, so they can use
"traditional" multihoming :-)
Regards,
Jordi
> De: Donald Stahl <[EMAIL PROTECTED]>
> Responder a: <[EMAIL PROTECTED]>
> Fecha: Tue, 29 May 2007 20:53:36 -0400 (EDT)
> Para: JORDI PALET MARTINEZ <[EMAIL PROTECTED]>
> CC: N
On 29-mei-2007, at 21:53, David Conrad wrote:
We have tried to overlay the same transport and presentation layer
onto a new network layer, but have not engineered the new network
layer to facilitate this. We have new APIs and new naming
attributes, requiring applications to do the heavy l
On Wed, May 30, 2007 at 10:55:04AM +1200,
Nathan Ward <[EMAIL PROTECTED]> wrote
a message of 56 lines which said:
> Use Javascript, or flash, or some other fancy thing to do a GET for
> two files on two different servers as the page loads:
> a) http://ip6test./file
> b) http://ip4test./file
> > In the past we've used "www6" for v6 only, "www4" for v4 only, and
> > "www" has both v6 and v4.
> Which works fine for you and me, but not for my mother.
Which means it is an excellent suggestion for the transition phase into
an IPv6 Internet. Since that happens to be where we are right
On 30/05/2007, at 9:46 PM, Stephane Bortzmeyer wrote:
On Wed, May 30, 2007 at 10:55:04AM +1200,
Nathan Ward <[EMAIL PROTECTED]> wrote
a message of 56 lines which said:
Use Javascript, or flash, or some other fancy thing to do a GET for
two files on two different servers as the page loads:
On 30/05/2007, at 8:00 PM, Iljitsch van Beijnum wrote:
I can't seem to reach www.ietf.org over IPv6 these days and I have
to wait 10 seconds before I fall back to IPv4.
What browser are you using that falls back? Does it require hints
(ie. unreachables, or similar) or does a timeout in TCP
> Before someone starts it, the debate between transition
> protocols to use is well and truely over. Teredo and 6to4
> have been chosen for use by the software vendors of the end
> systems. (fine by me)
This is misleading. You are using IPv6 jargon (transition protocol)
whose meaning is not o
On 30/05/2007, at 11:41 PM, <[EMAIL PROTECTED]> wrote:
Before someone starts it, the debate between transition
protocols to use is well and truely over. Teredo and 6to4
have been chosen for use by the software vendors of the end
systems. (fine by me)
This is misleading. You are using IPv6 j
> > This assumes a single machine scanning, not a botnet of
> 1000 or even
> > the 1.5m the dutch gov't collected 2 yrs ago.
> > Again, a sane discussion is in order. Scanning isn't AS
> EASY, but it
> > certainly is still feasible,
> With 1.5 million hosts it will only take 3500 years... f
But now PI is there, no more restrictions in the path, so they can use
"traditional" multihoming :-)
If ARIN is going to assign /48's, and people are blocking anything longer
than /32- well then that's a problem :)
-Don
On 30-mei-2007, at 13:23, Nathan Ward wrote:
I can't seem to reach www.ietf.org over IPv6 these days and I have
to wait 10 seconds before I fall back to IPv4.
What browser are you using that falls back? Does it require hints
(ie. unreachables, or similar) or does a timeout in TCP session
I would call that not understanding today's security world. "Scanning"
is not the primary mode of looking for vulnerabilities today. There are
several more effective "come here and get infected" and "click on this
attachment and get infected" techniques.
I'm well aware of the modern security pr
Donald Stahl wrote:
If ARIN is going to assign /48's, and people are blocking anything
longer than /32- well then that's a problem :)
To be specific, ARIN is currently assigning up to /48 out of
2620::/23.
I noticed that http://www.space.net/~gert/RIPE/ipv6-filters.html
has the following en
[let me whine again about this one more time... *sigh*]
[guilty parties in cc + public ml's so that every body sees again that
this is being sent to you so that you can't deny it... *sigh again*]
Iljitsch van Beijnum wrote:
>
> On 30-mei-2007, at 13:23, Nathan Ward wrote:
>
>>> I can't seem to r
On Wed, 30 May 2007, Jeroen Massar wrote:
> [let me whine again about this one more time... *sigh*]
> [guilty parties in cc + public ml's so that every body sees again that
> this is being sent to you so that you can't deny it... *sigh again*]
Actually appreciated, as the only sessions with 3ffe
> > I think what's going on is that packets from www.ietf.org don't make it
> > back to my ISP. A ping6 or traceroute6 doesn't show any ICMP errors and
> > TCP sessions don't connect so it's not a PMTUD problem. So it's an
> > actual timeout.
>
> I also just started noticing this, that is, that i
On Wed, May 30, 2007 at 12:40:00PM -0700, Randy Bush wrote:
>
> > This is a grand game of chicken. The ISPs are refusing to move first due to
> > lack of content
>
> pure bs. most significant backbones are dual stack. you are the
> chicken, claiming the sky is falling.
I'd have to say
I guess we have different definitions for "most significant backbones".
Unless you mean they have a dual-stack router running _somewhere_, say, for
instance, at a single IX or a lab LAN or something. Which is not
particularly useful if we are talking about a "significant backbone".
Rather th
On Wed, May 30, 2007 at 09:10:02PM +0200, Iljitsch van Beijnum wrote:
> If you like DHCP, fine, run DHCP. But I don't like it, so please
> don't force _me_ to run it.
OK, I can (and do) live with that.
I tend to prefer technical reasons to choose a technology (and in
so doing, hope to avoid "th
It matters not if a handful of transit providers are dual-stack, access
networks still prevent native IPv6 from reaching the customer. Also from
what I have seen there is very little native dual-stack or 6PE in North
America, even from those that claim to offer IPv6 service. Everyone is
'waiting f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
James Jun wrote:
>>> I think what's going on is that packets from www.ietf.org don't make it
>>> back to my ISP. A ping6 or traceroute6 doesn't show any ICMP errors and
>>> TCP sessions don't connect so it's not a PMTUD problem. So it's an
>>> actual
I gotta say that until I saw your blog I had no idea my Windows Mobile
phone spoke v6. Very cool.
Sean Siler wrote:
I understand some questions recently arose regarding Microsoft and
Teredo. I tried reading through the archives but it has more twists that
Pacific Coast Highway.
Are th
That's why I was not in favor of PI neither critical infrastructures with
/48.
It will take time, but hopefully everybody will place the right filters.
Regards,
Jordi
> De: Donald Stahl <[EMAIL PROTECTED]>
> Responder a: <[EMAIL PROTECTED]>
> Fecha: Wed, 30 May 2007 10:12:54 -0400 (EDT)
> Pa
For core networks I will suggest to use pure dual-stack or MPLS/6PE. In the
worst case, if you can't do that, just use manually configured tunnels. For
the upstream, dual-stack or again manually configured tunnels
(6in4/protocol-41 or GRE).
6to4, in general, is useful for end users with a public
I've stayed out of this since I'm not following list closely right
now but if there's been progress made in last 14 months on more
providers in the US having IPv6-capable deployment it would be great
to hear. When I was doing the v6 work for Connexions and looking at
who to set up the v4
I've been trying to collect the info about services (including ISPs and
transit providers) and products (software and hardware) that "say" they
offer IPv6 (still in the phase of verifying one by one, but almost done !).
Is still not complete, but I think provides a good picture.
http://www.ipv6-t
On 31/05/2007, at 5:40 AM, Sean Siler wrote:
I understand some questions recently arose regarding Microsoft and
Teredo. I tried reading through the archives but it has more twists
that Pacific Coast Highway.
Are there some specific requests/questions that I can help with?
Probably, yeah.
Hi Nathan,
I can probably talk about our own experience ...
We started running Teredo Server+Relay in the Windows 2003 implementation
around 3-4 years ago (not completely sure right now). Unfortunately, when
the Service Pack (SP1 I think) was released, stopped working.
Until then it was working
On 31/05/2007, at 10:52 AM, JORDI PALET MARTINEZ wrote:
Hi Nathan,
I can probably talk about our own experience ...
We started running Teredo Server+Relay in the Windows 2003
implementation
around 3-4 years ago (not completely sure right now).
Unfortunately, when
the Service Pack (SP1
We have a single Linux box in a small in-house data center. This box is at
the same time a 6to4 relay, a Teredo Server and Teredo relay. It is also our
tunnel broker.
Is not our core business, but we could be considered a small "data center"
(all kind of customers and own contents, not just http,
Thus spake "Donald Stahl" <[EMAIL PROTECTED]>
I'm not sure I understand what you are saying- if you number
based on hardware addresses then I have no idea what you
mean by "address ranges." The hosts you are trying to
compromise could be anywhere in the subnet- that's the 3500
years I was referr
This is more in the way of a leading question for those who are
attending NANOG 40.
I'll ask it the same way I did at NZNOG back in February --
what problem is it that IPv6 is actually supposed to solve?�
�
I used to know the answer to this, but I don't now. In 1997
(or even years before, readin
> what problem is it that IPv6 is actually supposed to solve?
that's an easy one. in 1993-5, the press was screaming that we were
about to run out of ip space. a half-assed design was released. the
press stopped screaming. victory was declared, everyone went home.
and, as usual, ops and engi
THe intention was that ipng would address the issues you quote Scott
as raising. What could be addressed cleanly, and was addressed, was
the number of bits in the address.
In part, I think this was due to unrealistic expectations. Security,
as you well know, is not a network layer questio
At 5:27 PM -0700 5/30/07, Fred Heutte wrote:
>This is more in the way of a leading question for those who are
>attending NANOG 40.
>
>I'll ask it the same way I did at NZNOG back in February --
>what problem is it that IPv6 is actually supposed to solve?
>
>I used to know the answer to this, but I
> Most of those features were completely gone by 1995
TLAs et alia lasted until 2000+. and i think anycast is still broken,
though we can at least ignore it and use v4-style anycast, which turns
out to be what we need.
> leaving larger address space as the sole practical benefit and no
> actual
> And what do we see: 6bone space and still in use.
>
> As a lot of places correctly filter it out, the PMTU's get dropped, as
> they are supposed to be dropped.
>
> The whois.6bone.net registry is fun of course:
>
> inet6num: 3FFE:800::/24
> netname: ISI-LAP
> descr:Harry Try
> i think anycast is still broken, though we can at least ignore it and
> use v4-style anycast, which turns out to be what we need.
i am told by a good friend who lurks that this was actually fixed a year
or two ago. a team of ops-oriented folk were sufficiently persistent
and strident to get i
At 6:28 PM -0700 5/30/07, Randy Bush wrote:
>well, you get two points for copping to it. i lay on the train tracks
>and was squashed.
Well, I became a contentious objector... (RFC1669). One can
confirm a real sense of humor to the cosmos, because I now
get to be lead advocate for the very scena
On Wed, 30 May 2007 18:52:12 PDT, Randy Bush said:
> > i think anycast is still broken, though we can at least ignore it and
> > use v4-style anycast, which turns out to be what we need.
>
> i am told by a good friend who lurks that this was actually fixed a year
> or two ago. a team of ops-orie
On Wed, 30 May 2007, David W. Hankins wrote:
> Maybe I'm getting old, but the idea of managing this configuration
> information in my routers sounds like a real chore compared to the
> old DHCP relayed central server model.
not 'old' just 'sane'. or 'taking the same crazypills chris is', your
41 matches
Mail list logo
