Posts by sthen

Re: Addressing only the problem that v4 has?

It's not just IP stacks that would need to recognise it. Application software (servers, clients, management systems, log processing, etc) too. Also routing protocols so that different networks know how to reach each other. Address registries (RIPE, ARIN etc). DNS. Hardware designs in routers/switches - many ISP networks and even home routers rely on hw acceleration of various sorts to be able to send packets quickly.

The additions/changes needed in this pile of tech is exactly one of the main reasons why IPv6 adoption is not fast. Going to a completely different scheme wouldn't help and would nullify much of the work already done for IPv6.

Re: I have been removing these for a while now for other reasons

The LR versions can be worth it, you won't legally get any extra transmit power in the UK with them, so you won't get a stronger signal reported on client devices, but the extra gain helps with the signal received from the client devices.

It would be reasonable for ARIN to require agreements from networks wanting to sign their routes disclaiming responsibility for problems caused by doing so. But (and I don't think it's made clear in the article) is that they are asking for agreement from people just wanting to fetch the ARIN TAL ("trust anchor locator" - similar to a CA certificate in the HTTPS world) to validate routes published by ARIN members.

This is equivalent to a CA requiring an explicit agreement from *everybody in the world who wants to validate sites signed by them*. There actually is an example of this - cacert.org - as you might expect they aren't widely used!

I am absolutely astonished that ARIN's members accept this (it's a regional monopoly so they can't just go and transfer their addresses to another RIR like RIPE or APNIC who handle this more sanely).

Re: What about competition?

FrogsAndChips, if it's BT FTTP then there are more choices than just BT (see http://www.superfastcornwall.org/can-you-connect/fttp-ordering) but it *is* rather limited. For some reason, despite the similar costs, some ISPs don't provide this option.

But then there are a bunch of new builds with FTTP provided by another company (often IFNL), and in those cases you have approximately 2 ISP options.

Anyone looking at a new build property, CHECK CAREFULLY about options for broadband. Don't assume that the developer will be doing anything useful unless forced.

Re: Doubly FFS

No need to trust jump boxes with your SSH agent - you can just use ProxyCommand with nc or ssh -W instead. The first SSH session authenticates you to the jump box, then it just passes TCP to the destination.

Re: Implementation of IPv6 is a farce..

There are a number of choices - see https://www.sixxs.net/faq/connectivity/?faq=native&country=gb (or remove the &country=gb if outside the UK).

@mark 63, Fedora and Debian are probably not *primarily* distributed in torrents either, there are lots of traditional ftp/http mirrors. And torrent download is an option for other things too e.g. libreoffice. But it's only worth the hassle to set this up for something which is frequently downloaded and fairly large.

@jonathanb

Reducing TTL on the proper records won't help; caching of the incorrect results will be down to whatever TTL the hackers' DNS server returns with the A records (but typically a name resolver will cap the TTL to a certain value if it's excessive).