Op 17 apr. 2014, om 20:50 heeft William Herrin het volgende
geschreven:
> On Thu, Apr 17, 2014 at 2:32 PM, Eugeniu Patrascu wrote:
>> It's a bigger risk to think that NAT somehow magically protects you against
>> stuff on the Internet.
>
> You are entitled to your opinion and you are entitled
On 18-4-2014 8:57, Matt Palmer wrote:
> On Thu, Apr 17, 2014 at 09:05:17PM -0500, Timothy Morizot wrote:
>> On Apr 17, 2014 7:52 PM, "Matthew Kaufman" wrote:
>>> While you're at it, the document can explain to admins who have been
>> burned, often more than once, by the pain of re-numbering intern
Op 26 apr. 2014, om 20:05 heeft Hank Nussbacher het
volgende geschreven:
> At 22:00 25/04/2014 +, cidr-rep...@potaroo.net wrote:
>> This report has been generated at Fri Apr 25 21:13:54 2014 AEST.
>> The report analyses the BGP Routing Table of AS2.0 router
>> and generates a report on aggr
Op 18 jun. 2014, om 11:41 heeft Martin Geddes het
volgende geschreven:
> "IPv6 will never become the defacto standard until the vast majority of
> users have access to IPv6 connectivity."
>
> It may never become the defacto standard, period. Nearly 20 years to reach
> 2% penetration is a stron
Op 12 jun 2011, om 12:05 heeft Daniel Roesen het volgende geschreven:
> VRRP communications itself is via link-local addresses. There is a
> requirement to have a link-local virtual address as well, but there
> might be many more, e.g. global scope.
In FreeBSD with pfSense I use CARP with a v6 a
Op 14 jun 2011, om 19:04 heeft Ray Soucy het volgende geschreven:
> My guess is within the next year we'll see something pop up that does this.
Ehm, It's already here, you searched google right?
I finished it 4 months ago. And a number of commercial platforms already
support it. Although Owen
Op 20 jun 2011, om 23:24 heeft Tony Finch het volgende geschreven:
> On 20 Jun 2011, at 16:26, Jérôme Nicolle wrote:
>>
>> But most RBL managers are shitheads anyway, so help them evade, that'll be
>> one more proof of spamhaus &co. uselessness and negative impact on the
>> Internet's best pr
Op 20 jun 2011, om 23:55 heeft John Levine het volgende geschreven:
>> An organization that blocks 90% of spam with no false positives is
>> incredibly useful.
>
>> Using a greylisting system is equally effective without the black
>> list part.
>
> Hi. I'm the guy who wrote the CEAS paper on g
grand scheme.
I've also contacted the nice people from the draft that we support it.
Since then we've got v4 and v6 with BGP at work so it's moot. But I digress.
Kind regards,
Seth Mos
pfSense developer.
> >
> > 6296 IPv6-to-IPv6 Network Prefix Translation. M. Wasser
Op 3 sep 2011, om 19:49 heeft Jimmy Hess het volgende geschreven:
> On Sat, Sep 3, 2011 at 6:20 AM, Skeeve Stevens wrote:
>
>> My guess is that 99% of consumer internet access is Asymmetrical (DSL,
>> Cable, wireless, etc) and iCloud when launched will 'upload' obscene amounts
>> of gigs of m
On 6-9-2011 15:49, Positively Optimistic wrote:
Greetings
Does anyone have a suggestion for a single piece of hardware that would
support 8 or less Ethernet interfaces and the two vpn tunnels ?
Single piece of hardware, no. If 2, then yes.
A PCengines Alix 2D3 with pfSense/m0n0wall and Open
Op 7 sep 2011, om 19:06 heeft jean-francois.tremblay...@videotron.com het
volgende geschreven:
> On Wed, Sep 07, 2011 at 12:16:28PM +0200, Randy Bush wrote:
>>> I'm going to have to deploy NAT444 with dual-stack real soon now.
>> you may want to review the presentations from last week's apnic me
Op 8 sep 2011, om 07:26 heeft Geoff Huston het volgende geschreven:
>
> On 08/09/2011, at 2:41 AM, Leigh Porter wrote:
>
> It may not be what Randy was referring to above, but as part of that program
> at APNIC32 I reported on the failure rate I am measuring for Teredo. I'm not
> sure its all
Congratulations on your nat444 connection. I suspect a autoblocklist of sorts.
They somehow always end up blocking the hosts you are using.
I vaguely remember my watchguard firebox 1000 doing so. It was red too.
Regards and good luck,
Seth
typed on a tiny touchscreen, why exactly?
Steve Bohre
On 7-11-2011 14:46, sth...@nethelp.no wrote:
>>> The practice of filling out the reverse zone with fake PTR record
>>> started before there was wide spread support for UPDATE/DNS. There
>>> isn't any need for this to be done anymore. Machines are capable
>>> of adding records for themselves.
>>
>
On 9-11-2011 0:06, Jones, Barry wrote:
> Hello all.
> I am potentially looking at firewall products and wanted suggestions as to
> the easiest firewalls to install, configure and maintain? I have a few small
> networks ( 50 nodes at one site, 50 odd at another, and maybe 20 at another.
> I have
On 9-11-2011 11:07, Tom Hill wrote:
> On Wed, 2011-11-09 at 09:13 +0100, Seth Mos wrote:
>> I am biased because I am a pfSense developer.
>>
>> pfSense is a free open source FreeBSD based firewall with the pf
>> packet filter. http://www.pfsense.org
>
> I'
Hello List,
As a pfSense developer I recently ran into a test system that (actually)
gets a IPv6 prefix from it's ISP. (Hurrah).
What is bewildering to me is that each time the system establishes a new
PPPoE session to the ISP they assign a different IPv6 prefix via
delegation together with a dif
Hi,
Op 24 nov 2011, om 21:09 heeft Joel jaeggli het volgende geschreven:
> On 11/21/11 14:18 , Nathan Eisenberg wrote:
>>> Look at the number that are refusing to make generous prefix
>>> allocations
>>> to residential end users and limiting them to /56, /60, or even worse,
>>> /64.
>>
>> Owen,
On 18-1-2013 15:03, William Herrin wrote:
> On Thu, Jan 17, 2013 at 11:15 PM, Constantine A. Murenin
> wrote:
> On the technical side, enterprises have been doing large-scale NAT for
> more than a decade now without any doomsday consequences. CGN is not
> different.
Well yeah, but everything is
Op 26 jan 2013, om 18:47 heeft William Herrin het volgende geschreven:
> On Sat, Jan 26, 2013 at 4:26 AM, Pavel Dimow wrote:
>> I can start to create
>> record and PTR recors in DNS and after that I should configure my
>> dhcp servers and after all has been done I can test ipv6 in LAN and
>
On 13-2-2013 16:19, JoeSox wrote:
> Just wondering if anyone can recommend Windows software (it could be
> Linux too but I might need to create a separate host for that
> configuration)
> that enables rotating [on one monitor] several webpages (dashboards)
> or windows (application dashboards).
> I
Hi,
> so : Cradlepoint with 3 x USB Modems -> Cisco2900 with integrated WLC and 6
> AP's
>
Alternatively, but I am biased as a pfSense developer, you could setup pfSense
with multiple usb 3G or 4G sticks.
pfSense has firewalling, some QoS, a traffic shaper and limiters. And the
firewall rule
On 9-4-2013 1:10, Jay Ashworth wrote:
> - Original Message -
>> From: "Huasong Zhou"
>
>> We got this modem and router all in one box from Comcast directly. And
>> by the way, home use routers don't assign 10.0.0.0 numbers.
>
> I have seen consumer NAT routers assign addresses in all thr
Hi,
Op 21 dec 2011, om 20:16 heeft Tomas Podermanski het volgende geschreven:
> Hi,
>
> from my perspective the short answer for this never-ending story is:
To be fair, SLAAC was designed as a light weight method to configure addressing
on the hosts.
Hosts. We don't have hosts on the internet
Op 26 dec 2011, om 20:46 heeft Steven Bellovin het volgende geschreven:
> Not quite what you're asking for, but I was very pleasantly surprised to see
> that some (at least) Brother printers support IPv6. Progress...
Indeed, my Mac has no issues printing or scanning to my MFC-9465DCN I purchase
:470:20::2 2592 msec
The google DNS server I'm using is doing swimmingly so far, OpenDNS seems ok
too.
2001:4860:4860::884416 msec
Kind regards,
Seth Mos
Hi,
Just pointing out to other responding to this thread that I was referring to
the *query* response times, I said nothing about ICMP which is perfectly fine.
So please stop responding with ping response times already :-)
No, pfSense does not set these per default, they are in wide use because
Hi,
We chose the 3Com, now H3C wx3012 controller and AP9552 accesspoints.
Initial issues where that blackberries could not connect to the wifi, the
support initially was mediocre.
Do note that this was at the time that everything got sold to HP. And they did
pick up the issue and came around w
Op 10 mrt 2012, om 03:40 heeft Chris Adams het volgende geschreven:
>
> Can anybody tell me how they are configuring their IPv6 setup?
They deploy using 6rd. In other words, they get to deploy IPv6 _again_ in about
a few years time.
Basically any router with 6rd support and the knobs in the u
On 12-3-2012 16:07, Robert E. Seastrom wrote:
>
> Doug Barton writes:
>
> Grass-roots, bottom-up policy process
> +
> Need for multihoming
> +
> Got tired of waiting
> =
> IPv6 PI
+
Cheap End Users
=
IPv6 NPt (IPv6 Prefix Translation)
Cheers,
Seth
Hi,
Op 12 mrt 2012, om 18:09 heeft Owen DeLong het volgende geschreven:
>> +
>> Cheap End Users
>> =
>> IPv6 NPt (IPv6 Prefix Translation)
>>
>> Cheers,
>>
>> Seth
>
> I don't get the association between cheap end users and NPT. Can you explain
> how one relates to the other, given the added
Hi,
Op 11 apr 2012, om 20:16 heeft Anurag Bhatia het volgende geschreven:
> Also, does it makes sense to go for BGP Tunnel for now? I just setup IPv6
> Tunnel via Hurricane Electric. Latency seems pretty much OK ~ 10-15ms of
> overhead. Yet to test other parameters. I heard Tunnels are usually ba
Hi Anurag,
Op 16 apr 2012, om 20:09 heeft Anurag Bhatia het volgende geschreven:
> Hello everyone
> I wonder if anyone else also had similar issues? Also, if my guesses are
> correct then how can we disable Red Hat distro oriented servers from taking
> such automated configuration - simple DHC
Op 17-4-2012 10:33, Carlos Martinez-Cagnazzo schreef:
IMO it's much easier to disable one rogue than to disable IPv6 on the
whole network. That is if you can find it, but with some proper
tcpdumping and/or CLI commands (depending on the switches that you have)
it should be relatively easy.
Even
Op 5-6-2012 16:10, Livingood, Jason schreef:
In preparation for the World IPv6 Launch, inbound (SMTP) email to the
comcast.net domain was IPv6-enabled today, June 5, 2012, at 9:34 UTC.
Roughly one minute later, at 9:35:30 UTC we received our first
inbound email over IPv6 from 2001:4ba0:fff4:1c:
Op 5-6-2012 16:29, David Hubbard schreef:
Does anyone have suggestions on good books to really get
a thorough understanding of v6, subnetting, security practices,
etc. Or a few books. Just turned up dual stack with our
peers and a test network but I'd like to be a lot more
comfortable with it b
Op 5-6-2012 23:23, William Herrin schreef:
On 6/5/12, David Hubbard wrote:
Hi David,
Instead of going the book route, I'd suggest getting some tunneled
addresses from he.net and then working through
http://ipv6.he.net/certification/ .
They have the basics pretty well covered, it's interactive
Hi,
Op 16 jul 2012, om 18:34 heeft valdis.kletni...@vt.edu het volgende geschreven:
> On Mon, 16 Jul 2012 11:09:28 -0500, -Hammer- said:
>> ---That is clearly a matter of opinion. NAT64 and NAT66 wouldn't be there
>> if there weren't enough customers asking for it. Are all the customers naive
Op 17 jul 2012, om 04:56 heeft Grant Ridder het volgende geschreven:
> If you are running an HA pair, why would you care which box it went back
> through?
Because it could be/is a stateful firewall and the backup will drop the
traffic. (FreeBSD CARP)
Cheers,
Seth
>
> -Grant
>
> On Monday,
Op 17-7-2012 8:43, Owen DeLong schreef:
On Jul 16, 2012, at 10:36 PM, Seth Mos wrote:
Hi,
Op 16 jul 2012, om 18:34 heeft valdis.kletni...@vt.edu het volgende geschreven:
To highlight what the current NAT66 is useful for, it's a RFC for Network
Prefix translation. It has nothing do
Op 18 sep 2012, om 18:39 heeft George Herbert het volgende geschreven:
>
> I'm having problems finding any announcements for this net 10/8, too. Can
> someone talk to these "IANA" folks about reclaiming it, too? They have a
> bunch of other space in 172.x they should be able to use...
Don't
Op 18-9-2012 22:50, William Herrin schreef:
On Tue, Sep 18, 2012 at 4:31 PM, Nick Hilliard wrote:
On 18/09/2012 21:24, William Herrin wrote:
IPv6 falls down compared to IPv4 on wifi networks when it responds to a
router solicitation with a multicast (instead of unicast) router
advertisement.
Op 19-9-2012 14:35, Leo Bicknell schreef:
In a message written on Tue, Sep 18, 2012 at 09:11:50PM -0700, Mike Hale wrote:
I'd love to hear the reasoning for this. Why would it be bad policy
to force companies to use the resources they are assigned or give them
back to the general pool?
There's
Op 20 sep 2012, om 07:34 heeft Mark Andrews het volgende geschreven:
>
> In message
>
> , Jimmy Hess writes:
>
> The work to fix this on most OS is minimal. The work to ensure
> that it could be used safely over the big I Internet is enormous.
> It's not so much about making sure new equipme
Op 21-9-2012 21:42, Mark Radabaugh schreef:
Running dual stack to residential consumers still has huge issues with
CPE. It's not an environment where we have control over the router
the customer picks up at Walmart. There is really very little point
in spending a lot of resources on someth
Op 3-10-2012 18:33, Kevin Broderick schreef:
I'll add that in the mid-90's, in a University Of Washington lecture hall, Vint
Cerf expressed some regret over going with 32 bits. Chuckle worthy and at the
time, and a fond memory
- K
"Pick a number between this and that." It's the 80's and you
Hi,
Since about a week or so it's become impossible to reach wp.com content
over IPv6.
IPv4 content does work fine, using the IPv6 literal returns a 404 which
is small enough to fit in a smaller 1480 byte MTU.
I have another test site that has a clean 1500 byte mtu and I can fetch
the s0.w
Srikanth Sundaresan schreef op 6-10-2014 0:43:
> Hi all,
>
> Netalyzr is a free network measurement and debugging app developed
> by the International Computer Science Institute, Berkeley.
>
Hi,
Maybe it's just me, but my Xperia T (LT30p) does have IPv6 on Wifi and
test-ipv6.com validates it. I
David Hofstee schreef op 23-10-2014 11:02:
> Hi,
>
> Is anyone from Vodafone around? We are having connectivity loss with
> smtp.vodafone.nl and the helpdesk is not cooperating...
I've had good succes getting a out of date bogon filter issue for all
Vodafone NL customers resolved after contactin
Hi,
Whilst rummaging through some DNS (dnsmasq) logs I've noticed quite a
decent amount of queries for pdf.js from what appear to be mozilla browsers.
Seems rather odd that it is performing DNS queries for a internal PDF
viewer.
Has anyone else come across these lookups?
Kind regards,
Seth
> -Oorspronkelijk bericht-
> Van: NANOG [mailto:nanog-boun...@nanog.org] Namens Seth Mos
> Verzonden: Thursday, November 13, 2014 2:26 PM
> Aan: NANOG list
> Onderwerp: Mozilla performing pdf.js DNS queries?
>
> Hi,
>
> Whilst rummaging through some DNS (dnsmasq)
symack schreef op 9-12-2014 22:03:
> * Can I change from an active (ie, disks with data) raid 5 to raid 10.
> There are 4 drives
Dump and restore. I've used Acronis succesfully in the past and today,
they have a bootable ISO. Also, if you have the option, they have
universal restore so you can res
Op 29 jan. 2015, om 17:18 heeft Tyler Mills het volgende
geschreven:
> Most of the issues are related to firmware. Most of my UBNT experience was
> with the UAP-Pro and the UAP-AC, and it wasn't a good experience.
> Production firmwares seem to be of beta quality.
It’s meh, but it’s good enou
Dear Google,
It appears that one of the Youtube CDN's (in Europe, NL) is not
reachable over IPv6 from AS 20844. Can someone get back to us on this,
the company can't access any of the videos currently, although the
mainpage loads fine (over IPv6).
Kind regards,
Seth
telnet r6---sn-5hne6n76.goog
Dear Google,
As of Dec 2nd the Google Chrome 47.0.2526.73M breaks NTLM proxy
authentication. This is unfortunate as nobody can get off the company
network now, which is secure I suppose, but not quite what I had in mind.
https://productforums.google.com/forum/#!topic/chrome/G_9eXH9c_ns;context-pl
Get ready for a rough monday morning, we've already had to field quite a
few calls, and the GPO policy doesn't work, yay.
Dear Google, your internet browser doesn't browse the internet, please
make haste.
Kind regards,
Seth
Op 3-12-2015 om 9:04 schreef Seth Mos:
> Dear Google,
Smallnetbuilder.com has quite a few models of routers tested, which is decent.
I've bugged them about ipv6 testing before but not too much progress there.
Powerconsumption is not listed either, which can be as expensive as the router
itself at 21 cents per kWh.
Regards,
Seth
Oorspron
ue is ongoing, I would be happy to look into this;
> otherwise, I don't believe there is any action I can take to assist at
> this time.
>
> All the best.
>
>
>>> * seth@dds.nl (Seth Mos) [Fri 06 Nov 2015, 09:00 CET]:
>>>> Dear Google,
>>>
Op 14-1-2016 om 16:37 schreef valdis.kletni...@vt.edu:
> On Thu, 14 Jan 2016 16:04:54 +0100, Seth Mos said:
>
>> lsintra:~# telnet 62.214.62.205 443
>
>> lsintra:~# telnet 2001:1438:1:2::d 443
>
>> Is it possible for Google to realize some form of internal
>&g
Stephen Satchell schreef op 26-3-2015 om 12:24:
> On 03/25/2015 07:31 PM, Aaron C. de Bruyn wrote:
>> After getting a few helpful users on the phone to run some quick
>> tests, we found port 22 was blocked.
>
> It's been a while since I did this, but you can select an additional
> port to accept S
Paul S. schreef op 12-5-2015 om 15:36:
> Hi guys,
>
> We're shortly going to be getting some 10G SANs, and I was wondering
> what people were using as SAN switches for 10G SANs.
In one location a HP Procurve 8212zl with 8 SFP+ module, and a 8Gbe
module. Here i'm using a Dell EQL PS6210 SSD cabine
Marco Davids schreef op 25-6-2015 om 14:33:
> Hi,
>
> Would anyone from Google care to explain to me off-list why certain
> Youtube-content is blocked in the Netherlands while using IPv6 when it
> is working fine via IPv4?
>
> Geolocation imperfections perhaps?
>
> The IPv6-address is within 2a0
> Op 25 jun. 2015, om 16:44 heeft Max Tulyev het volgende
> geschreven:
>
> Hi,
>
> +1.
>
> Our 2a01:d0::/32 is floating by Google's geo all around the world, it
> was Iran, now it is Russia... and I can't do anything with it, and have
> no human contact in Google for complaint.
That sounds
Residential users just buy another router for wifi coverage at the local wall
mart. They have no clue about anything internet.
That is why isp CPE devices should always perform dhcp-pd on their own to
provide a prefix to the downstream devices so those have globally routed ipv6
too.
For that to
Meanwhile, I'm sitting here on a patio at a cafe on Samos, Greece. And the free
wifi gives me native v6 to my tablet and phone without any intervention.
Test-ipv6.com tells me that the score is 10/10 and all the google bits just
work.
So, surely it "just works".
I wish we had it this easy in
We had the same thing finding a broker for a /24 pi in the RIPE region. Not all
of the brokers have the size you want, eg a /20 when you need a /24.
It ends up being between 2500 to 4000 euros depending on notary fees and if you
already have a LIR agreement.
Cheers
Oorspronkelijk bericht
So, if i get this right. The problem is not quite as bad to fix.
It just needs a dnscache/dnsproxy process bound to the ipv4 localhost that uses
the ipv6 dns server.
Basically what dnsmasq does. Biggest problem is that it wouldn't follow
autoconfigure and thus require manual intervention. That is
Ricky Beam schreef op 18-7-2015 om 1:14:
On Fri, 17 Jul 2015 06:25:26 -0400, Christopher Morrow
wrote:
mean that your UBee has to do dhcpv6? (or the downstream thingy from
the UBee has to do dhcpv6?)
The Ubee "router" is in bridge mode. Customers have ZERO access to the
thing, even when it i
Op 19 nov 2013, om 18:25 heeft Hank Disuko het volgende geschreven:
> Hi folks,
>
> I've traditionally been a Cisco Catalyst shop for my switching gear.
>
> I am doing a significant hardware refresh in one of my offices, which will
> entail replacing about 20 access switches and a couple core
Op 22 nov 2013, om 06:37 heeft Jay Ashworth het volgende geschreven:
> - Original Message -
> Anecdote:
>
> My local IHOP finally managed to get Wifi internet access in the restaurant.
>
> For reasons unknown to me, it's a Meraki box, backhauled *over T-mobile*.
>
> That's just as unpl
On 2-12-2013 22:25, Ricky Beam wrote:
> On Fri, 29 Nov 2013 08:39:59 -0500, Rob Seastrom wrote:
> Handing out /56's like Pez is just wasting address space -- someone *is*
> paying for that space. Yes, it's waste; giving everyone 256 networks
You clearly have no understanding of route aggregation
On 13-12-2013 14:54, Nick Cameo wrote:
> Hello Everyone,
>
> I have a customer that is looking for a voip router. The router part
> is easy however,
> they need it to support their ADSL/VDSL connection PPoE, and all that lovely
> stuff. Can you gents and ladies kindly recommend something that woul
Op 27-4-2011 0:38, Andrew Kirch schreef:
> On 4/26/2011 12:11 PM, Brielle Bruns wrote:
>> I've run a volunteer/free hosting service since 1997 or so - it never
>> ceases to amaze me how people will complain about free things, but
>> when you ask them to pony up a little monthly support its like you
Hi Jay,
Can you correlate the user from the access logs and send them a email that
their IPv6 internet is not working correctly?
Regards,
Seth
Op 9 jun 2011, om 05:03 heeft Jay Ashworth het volgende geschreven:
> """
> World IPv6 Day came to an end earlier today. We successfully enabled IPv6
Op 12 jun 2011, om 03:50 heeft Randy Carpenter het volgende geschreven:
>
> I have an interesting situation at a business that I am working on. We
> currently have the office set up with redundant connections for their mission
> critical servers and such, and also have a (cheap) cable modem fo
76 matches
Mail list logo
