[opensuse] Router? Splitter?...
Hi all, I'm looking into getting satellite internet, since all the dial-up ISP's are making it harder and harder for me to stay online the amount of time that I do (I'm disabled and being on the computer is all I have to keep myself occupied and from going insane with nothing to do). My mom will also be sharing the satellite hookup too, so we only have to pay for one modem etc. My question is: What would be best to use so that all I have to do is run a cable from her computer and one from my computer to the modem. I mean, how should I set it up so that both of us can use the same, single satellite modem? What would be best, and most importantly, easiest? Also, will our opensuse 11.3 pick up this new connection readily? Or will I have to do a bunch of cli stuff and wondering what and how to get connected? Any advice and help with this is greatly appreciated. JB -- "Properly read, the Bible is the most potent force for atheism ever conceived." -Isaac Asimov -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 06/22/2011 10:20 PM, Insomniac wrote:
Hi all,
I'm looking into getting satellite internet, since all the dial-up ISP's are making it harder and harder for me to stay online the amount of time that I do (I'm disabled and being on the computer is all I have to keep myself occupied and from going insane with nothing to do).
My mom will also be sharing the satellite hookup too, so we only have to pay for one modem etc.
My question is: What would be best to use so that all I have to do is run a cable from her computer and one from my computer to the modem. I mean, how should I set it up so that both of us can use the same, single satellite modem? What would be best, and most importantly, easiest?
Someone I know has a Satellite connection and the modem provided is just that, only a modem. You will need to get a router, something like http://biz.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=3537304&CatId=198 Or a wireless variety if you care for wireless.
Also, will our opensuse 11.3 pick up this new connection readily? Or will I have to do a bunch of cli stuff and wondering what and how to get connected?
These routers usually have a DHCP server built in, thus as long as you have your network connection setup to accept DHCP leases, YaST -> Networking, you should be all set. The routers also usually have a web base configuration at 192.168.1.1. HTH, Robert -- Robert Schweikert MAY THE SOURCE BE WITH YOU SUSE-IBM Software Integration Center LINUX Tech Lead rschweikert@novell.com rschweikert@ca.ibm.com 781-464-8147 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011/06/24 10:22 (GMT-0400) Robert Schweikert composed:
The routers also usually have a web base configuration at 192.168.1.1.
Depending on brand, I've seen any of 192.168.0.1, 192.168.1.1 or 192.168.2.1. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 06/24/2011 12:23 PM, Felix Miata pecked at the keyboard and wrote:
On 2011/06/24 10:22 (GMT-0400) Robert Schweikert composed:
The routers also usually have a web base configuration at 192.168.1.1.
Depending on brand, I've seen any of 192.168.0.1, 192.168.1.1 or 192.168.2.1.
And the one I have (Trendnet) uses 192.168.10.1 -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ken Schneider - openSUSE <suse-list3@bout-tyme.net> wrote:
On 06/24/2011 12:23 PM, Felix Miata pecked at the keyboard and wrote:
On 2011/06/24 10:22 (GMT-0400) Robert Schweikert composed:
The routers also usually have a web base configuration at 192.168.1.1.
Depending on brand, I've seen any of 192.168.0.1, 192.168.1.1 or 192.168.2.1.
And the one I have (Trendnet) uses 192.168.10.1
-- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
DLink routers use .254 just to be different :) also Thomson routers do also . I wonder when will home routers switch to IP v6. And cable/DSL operators when will they switch to IPv6. -- Kind Regards Mr Stuart Tanner Bolton Linux 24 Vincent Street Heaton Bolton BL1 4SA United Kingdom TEL:+44(0)1204410474 MOB:+44(0)7868028028 Sent from my Android phone with K-9 Mail. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router? -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 2:50 PM, Jim Henderson wrote:
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network.
Jim
one bezillion-bezillion Why do people continue to think in terms of "likely" and "enough" and "normally" etc? What's "enough" or "common" or "likely" today is only the result of factors that may change at any time. Everyone has seen this process happen many times already so it should be a known given. Once a capability exists, it gets used and then relied upon as a necessity, even if the use and the necessity didn't exist before. So consider, in this case, with container (and other virtualization) technology getting so much better and easier to use, many traditional applications are going start running inside their own containers just because they can and it doesn't cost anything (not even cpu cycles or ram or hardware access speed, let alone money) and it grants security and compartmentalization. So, what used to be one box with one IP running several services, becomes several virtual boxes each with their own ip. And one of the major points of ipv6 is no longer needing nat any more. But those are still small numbers. I can imagine, once unlimited IP's and nat-less routing exist, forget having an IP per physical box, even including all those ip-connected doorknobs that don't exist yet, forget having an ip per virtual box, those are still smallish numbers even if we had all ip-connected light switches and smoke alarms and each of those had 5 or 10 virtual servers in it for the web server and other services it provides, How about an IP per individual process? how about _many_ ip's per _process_ used for all kinds of weird new IPC, _real_ cloud computing. It's only crazy because it doesn't exist right now. There is only no use for it because it doesn't exist right now. This kind of projection should be the default expectation by now. So assumed as to be beneath comment. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 06/24/2011 03:37 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 2:50 PM, Jim Henderson wrote:
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network.
Jim
one bezillion-bezillion
WTF does have to do with the OP's original request for help? He plainly stated a use case for two computers. And you wonder why people are getting pissed off with this list and leaving. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 3:45 PM, Ken Schneider - openSUSE wrote:
On 06/24/2011 03:37 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 2:50 PM, Jim Henderson wrote:
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network.
Jim
one bezillion-bezillion
WTF does have to do with the OP's original request for help? He plainly stated a use case for two computers.
And you wonder why people are getting pissed off with this list and leaving.
WhenTF did topic drift become illegal and WhoTF made you the police of it and WTF does your post help? WTF is wrong with your delete button? I do not wonder at all why people get pissed and leave this list. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 06/24/2011 04:25 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 3:45 PM, Ken Schneider - openSUSE wrote:
On 06/24/2011 03:37 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 2:50 PM, Jim Henderson wrote:
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network.
Jim
one bezillion-bezillion
WTF does have to do with the OP's original request for help? He plainly stated a use case for two computers.
And you wonder why people are getting pissed off with this list and leaving.
WhenTF did topic drift become illegal and WhoTF made you the police of it and WTF does your post help?
WTF is wrong with your delete button?
I do not wonder at all why people get pissed and leave this list.
-- bkw
Just as I thought, the one person feeling guilty would respond. Have a nice weekend. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 5:12 PM, Ken Schneider - openSUSE wrote:
On 06/24/2011 04:25 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 3:45 PM, Ken Schneider - openSUSE wrote:
On 06/24/2011 03:37 PM, Brian K. White pecked at the keyboard and wrote:
On 6/24/2011 2:50 PM, Jim Henderson wrote:
On Fri, 24 Jun 2011 14:27:28 -0400, Felix Miata wrote:
On 2011/06/24 19:13 (GMT+0100) Stuart Tanner composed:
> I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
With virtual interfaces, as many as they want. The real question is how many useful unique IP addresses can anyone set up on a home network.
Jim
one bezillion-bezillion
WTF does have to do with the OP's original request for help? He plainly stated a use case for two computers.
And you wonder why people are getting pissed off with this list and leaving.
WhenTF did topic drift become illegal and WhoTF made you the police of it and WTF does your post help?
WTF is wrong with your delete button?
I do not wonder at all why people get pissed and leave this list.
-- bkw
Just as I thought, the one person feeling guilty would respond. Have a nice weekend.
Guilty? Of what? You get more bizarre the more you speak on this. I will say annoyed for sure. It's quite annoying to have you first try to take words out of my mouth and then try to put words into my mouth. Here's a couple of ideas. Call them requests if you will. 1) Why don't you just speak for yourself, and speak only about things you know anything about? By this I mean specifically: You have no place to say that I wonder something unless I ever said so myself. You have no place to say I feel any guilt over anything unless I ever said so myself. You can only speak to your own wonderment or guilt, not any others' unless they expressed it themselves at some point. 2)If you happen to have no interest in a topic others are speaking of, why don't you simply decline to participate in that discussion you find so uninteresting? By this I mean specifically: So what if the topic has drifted away from the narrowest definition of relevance to the OP's question? How does this hurt you? Or the OP for that matter? Did the OP pay me or anyone else participating in this thread for direct, immediate, personal, customer support? Or do you suppose that since they asked a question, they now own the exclusive licensing rights to use that subject line in posts to this list? It's a personal failing and weakness of mine that I derive amusement from making people answer for their idiotic sayings, so by all means, keep on trying to defend the indefensible. I'll be trapped in a data center for a while tonight and neither my girlfriend nor that wonderful Afghani restaurant we just discovered nor my guitars can join me in there, so for a while I actually don't have anything better to do. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Felix Miata wrote:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
My IPv6 subnet has 2^72 addresses. That's about a trillion times the entire IPv4 address space. That subnet is composed of 256 subnets, each with 2^64 addresses. In IPv6, you're supposed to get, at a minimum, a /64 subnet from the ISP. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011/06/24 15:59 (GMT-0400) James Knott composed:
Felix Miata wrote:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
My IPv6 subnet has 2^72 addresses. That's about a trillion times the entire IPv4 address space. That subnet is composed of 256 subnets, each with 2^64 addresses. In IPv6, you're supposed to get, at a minimum, a /64 subnet from the ISP.
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable? -- user of ipv6.disable=1 on cmdlines of a whole lotta systems Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 4:22 PM, Felix Miata wrote:
On 2011/06/24 15:59 (GMT-0400) James Knott composed:
Felix Miata wrote:
I wonder when will home routers switch to IP v6.
Never? How many unique IP's can anyone get onto one LAN inside a firewall/router?
My IPv6 subnet has 2^72 addresses. That's about a trillion times the entire IPv4 address space. That subnet is composed of 256 subnets, each with 2^64 addresses. In IPv6, you're supposed to get, at a minimum, a /64 subnet from the ISP.
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
Unambiguous identification is always better. The size of the number is completely, ridiculously, inconsequential. Saying the possible address space is too big is exactly as idiotic as saying the number of possible numbers in math is too big. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011/06/24 16:29 (GMT-0400) Brian K. White composed:
On 6/24/2011 4:22 PM, Felix Miata wrote:
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
Unambiguous identification is always better.
More reliable I can understand. Easier I have a big problem wrapping my head around. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 4:39 PM, Felix Miata wrote:
On 2011/06/24 16:29 (GMT-0400) Brian K. White composed:
On 6/24/2011 4:22 PM, Felix Miata wrote:
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
Unambiguous identification is always better.
More reliable I can understand. Easier I have a big problem wrapping my head around.
I know how rs232 works and had basically no problem with making it work whether it was a new install and I get to choose everything or working on something someone else set up and I never saw it before walking in the door. In many ways ethernet is a lot more complex than serial lines. And yet, my life as a person who has to install, maintain, repair, admin and in fact spec out and design networks and the stuff connected to them, is vastly simpler now that everything is mostly ethernet. Even though a lot of good simple dumb terminals and printers and bar code readers and scales etc... got more complicated by being replaced with more complicated thin clients or fully functional pc's. The extra complexity in one area provided previously impossible flexibility and allowed unprecedented straightforwardness in other, more difficult and more important areas. Lots of things get more complex at the microscopic level in trade for so much more simplicity at the macroscopic level that you no longer actually have to think about the microscopic level since that parts now automatic. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011/06/24 17:12 (GMT-0400) Brian K. White composed:
Lots of things get more complex at the microscopic level in trade for so much more simplicity at the macroscopic level that you no longer actually have to think about the microscopic level since that parts now automatic.
This sounds much like the pitch from Xorg people about its automagification, and the Kernel people about its KMS. In fact, its much the same as the pitch about computers, which enabled things which were never before possible, but now requisite impositions by gummints. Makes me wish I lived in that brief era between inventions of Gayetty's medicated paper for the water-closet and full US AC electrification. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/2011 5:52 PM, Felix Miata wrote:
On 2011/06/24 17:12 (GMT-0400) Brian K. White composed:
Lots of things get more complex at the microscopic level in trade for so much more simplicity at the macroscopic level that you no longer actually have to think about the microscopic level since that parts now automatic.
This sounds much like the pitch from Xorg people about its automagification, and the Kernel people about its KMS. In fact, its much the same as the pitch about computers, which enabled things which were never before possible, but now requisite impositions by gummints. Makes me wish I lived in that brief era between inventions of Gayetty's medicated paper for the water-closet and full US AC electrification.
It's true that progress often isn't. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Felix Miata wrote:
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
One thing it can do is tie IP addresses to the MAC address. One method of creating an IPv6 address is to take the 48 bit MAC address, insert FFFE into the middle of it and then add the 64 bit subnet address to make the 128 bit address. This eliminates the need for DHCP, though it can still be used if desired. Of course, it also eliminates the need for NAT, which is a hack to get around the address shortage and creates other problems in the process. As mentioned, every device now has a public address, so the internet can work as intended and also support all the VoIP phones, including wireless, that need a public address to work properly. IPv6 also has security built in, with IPSec, unlike IPv4 where it's been tacked on. Then there's mobile IP and so much more... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/24/11 4:11 PM, James Knott wrote:
Felix Miata wrote:
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
One thing it can do is tie IP addresses to the MAC address. One method of creating an IPv6 address is to take the 48 bit MAC address, insert FFFE into the middle of it and then add the 64 bit subnet address to make the 128 bit address. This eliminates the need for DHCP, though it can still be used if desired. Of course, it also eliminates the need for NAT, which is a hack to get around the address shortage and creates other problems in the process. As mentioned, every device now has a public address, so the internet can work as intended and also support all the VoIP phones, including wireless, that need a public address to work properly. IPv6 also has security built in, with IPSec, unlike IPv4 where it's been tacked on. Then there's mobile IP and so much more...
Every device on a public IP address? Better keep your toaster and fridge patched! Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Flanagan wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
It's also possible to configure "private" IPv6 addresses that are not routable over the public internet, in a manner similar to the RFC 1918 IPv4 addresses. Of course, you can still use a firewall to allow/deny access. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/25/11 2:52 PM, James Knott wrote:
Jim Flanagan wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
It's also possible to configure "private" IPv6 addresses that are not routable over the public internet, in a manner similar to the RFC 1918 IPv4 addresses. Of course, you can still use a firewall to allow/deny access. I was not aware of that. I understood the IPv6 addresses were designed to be non NATable. How would a private IPv6 address work thru an IPv6 router?
Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Flanagan wrote:
On 6/25/11 2:52 PM, James Knott wrote:
Jim Flanagan wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
It's also possible to configure "private" IPv6 addresses that are not routable over the public internet, in a manner similar to the RFC 1918 IPv4 addresses. Of course, you can still use a firewall to allow/deny access. I was not aware of that. I understood the IPv6 addresses were designed to be non NATable. How would a private IPv6 address work thru an IPv6 router?
You're confusing private addresses with NAT. NAT uses private addresses to get around the address shortage. However, there's no reason why you couldn't have a network using private addresses, without any consideration for accessing the internet. You could also have some devices with more that one address, perhaps one one private, for talking to other local devices and a public address for talking to the rest of the world. IPv6 has 3 different private address types. There's "link local", which is non routable and starts with FE80. Every IPv6 capable device has one of these and is often used for local management, connecting to routers etc. There are also site local, which are not globally unique and unique local, which are globally unique, but are not supposed to be routed over the internet. Site local address, however, have been deprecated. There's an excellent book from O'Reilly called "IPv6 Essentials", which covers this and much more. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/28/11 3:09 PM, James Knott wrote:
Jim Flanagan wrote:
Jim Flanagan wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
It's also possible to configure "private" IPv6 addresses that are not routable over the public internet, in a manner similar to the RFC 1918 IPv4 addresses. Of course, you can still use a firewall to allow/deny access. I was not aware of that. I understood the IPv6 addresses were designed to be non NATable. How would a private IPv6 address work
On 6/25/11 2:52 PM, James Knott wrote: thru an IPv6 router?
You're confusing private addresses with NAT. NAT uses private addresses to get around the address shortage. However, there's no reason why you couldn't have a network using private addresses, without any consideration for accessing the internet. You could also have some devices with more that one address, perhaps one one private, for talking to other local devices and a public address for talking to the rest of the world. IPv6 has 3 different private address types. There's "link local", which is non routable and starts with FE80. Every IPv6 capable device has one of these and is often used for local management, connecting to routers etc. There are also site local, which are not globally unique and unique local, which are globally unique, but are not supposed to be routed over the internet. Site local address, however, have been deprecated.
There's an excellent book from O'Reilly called "IPv6 Essentials", which covers this and much more.
OK, but what about something like we have now where we have one or more internal computers or devices connected to and protected from outside by our router, but that does have access to the internet for email, browsing, patching, upgrading etc.? Basically a firewall that protects internal computers, and even prevents them from being known or exposed to the internet? How will this be handled by IPv6? I realize the original design for IPv6 was to get back to "native" IP protocol where each device has its own unique address without all this "silly" NAT stuff. But the world has changed quite a bit and I and many others have grown accustomed to having our router be in the front line, so to speak. Good tip on the book. Will have to order it. Thanks, Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Flanagan wrote:
OK, but what about something like we have now where we have one or more internal computers or devices connected to and protected from outside by our router, but that does have access to the internet for email, browsing, patching, upgrading etc.? Basically a firewall that protects internal computers, and even prevents them from being known or exposed to the internet? How will this be handled by IPv6?
If a device needs to access the internet, it'll need a public address. Hiding behind NAT does nothing that a properly configured firewall can't do. You'd configure the firewall to allow access only to what you want to be available and block everything else, just like with IPv4. Also, NAT breaks a lot of things. BTW, my firewall and some commercial firewall/routers runs Linux. My firewall is configured only to allow specific services, such as SSH, VPN and IMAPS. With NAT on IPv4, I forward to the appropriate computer behind the firewall, with IPv6, you'd simply allow that specific address & port combination. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/28/11 5:11 PM, James Knott wrote:
Jim Flanagan wrote:
OK, but what about something like we have now where we have one or more internal computers or devices connected to and protected from outside by our router, but that does have access to the internet for email, browsing, patching, upgrading etc.? Basically a firewall that protects internal computers, and even prevents them from being known or exposed to the internet? How will this be handled by IPv6?
If a device needs to access the internet, it'll need a public address. Hiding behind NAT does nothing that a properly configured firewall can't do. You'd configure the firewall to allow access only to what you want to be available and block everything else, just like with IPv4. Also, NAT breaks a lot of things.
OK, so each device that needs internet access will need/have a separate unique public address? I guess we'll get a block of these from our ISPs?
BTW, my firewall and some commercial firewall/routers runs Linux. My firewall is configured only to allow specific services, such as SSH, VPN and IMAPS. With NAT on IPv4, I forward to the appropriate computer behind the firewall, with IPv6, you'd simply allow that specific address & port combination.
Ok so here, my IMAP machine for example will have its own public IP address, and my firewall will allow IMAP traffic to that IP address? I have flashed my router to a linux version of firmware, so it is IPv6 capable. I've notice just in the last week or so my ISP is showing and IPv6 address along with my IPv4 address. However for some reason I beleive that is a tunneled address at the moment, but I'm not there to check it right now. Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 06/28/2011 06:49 PM, Jim Flanagan pecked at the keyboard and wrote:
On 6/28/11 5:11 PM, James Knott wrote:
Jim Flanagan wrote:
OK, but what about something like we have now where we have one or more internal computers or devices connected to and protected from outside by our router, but that does have access to the internet for email, browsing, patching, upgrading etc.? Basically a firewall that protects internal computers, and even prevents them from being known or exposed to the internet? How will this be handled by IPv6?
If a device needs to access the internet, it'll need a public address. Hiding behind NAT does nothing that a properly configured firewall can't do. You'd configure the firewall to allow access only to what you want to be available and block everything else, just like with IPv4. Also, NAT breaks a lot of things.
OK, so each device that needs internet access will need/have a separate unique public address? I guess we'll get a block of these from our ISPs?
Probably at a cost. I don't know of any business now a days that doesn't charge extra for every little thing.
BTW, my firewall and some commercial firewall/routers runs Linux. My firewall is configured only to allow specific services, such as SSH, VPN and IMAPS. With NAT on IPv4, I forward to the appropriate computer behind the firewall, with IPv6, you'd simply allow that specific address & port combination.
Ok so here, my IMAP machine for example will have its own public IP address, and my firewall will allow IMAP traffic to that IP address?
I have flashed my router to a linux version of firmware, so it is IPv6 capable. I've notice just in the last week or so my ISP is showing and IPv6 address along with my IPv4 address. However for some reason I beleive that is a tunneled address at the moment, but I'm not there to check it right now.
Jim F
-- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ken Schneider - openSUSE wrote:
OK, so each device that needs internet access will need/have a separate unique public address? I guess we'll get a block of these from our ISPs?
Probably at a cost. I don't know of any business now a days that doesn't charge extra for every little thing.
I have a /56 subnet that costs me absolutely nothing. According to specs, ISPs are supposed to provide a /64 subnet, at a minimum. That's the entire IPv4 address space squared! Some IPv6 tunnel brokers provide, again at no charge, /48 subnets. That's a trillion, trillion addresses per subnet. IPv6 addresses are so plentiful there's no point in trying to charge for them. One comparison I recently read was if all the IPv4 addresses were represented by a 1.5" square, then IPv6 addresses would be represented by the area of the entire solar system! I've also heard, as another example, more IPv6 addresses than there are grains of sand on the earth or atoms in a ton of carbon. In short, there's a *LOT* of 'em. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ken Schneider - openSUSE wrote:
On 06/28/2011 06:49 PM, Jim Flanagan pecked at the keyboard and wrote:
On 6/28/11 5:11 PM, James Knott wrote:
Jim Flanagan wrote:
OK, but what about something like we have now where we have one or more internal computers or devices connected to and protected from outside by our router, but that does have access to the internet for email, browsing, patching, upgrading etc.? Basically a firewall that protects internal computers, and even prevents them from being known or exposed to the internet? How will this be handled by IPv6?
If a device needs to access the internet, it'll need a public address. Hiding behind NAT does nothing that a properly configured firewall can't do. You'd configure the firewall to allow access only to what you want to be available and block everything else, just like with IPv4. Also, NAT breaks a lot of things.
OK, so each device that needs internet access will need/have a separate unique public address? I guess we'll get a block of these from our ISPs?
Probably at a cost. I don't know of any business now a days that doesn't charge extra for every little thing.
My firm has had a /48 for a year or so - no extra cost. Hetzner in Germany provides IPv6 for their leased servers at no extra cost. -- Per Jessen, Zürich (21.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
My firm has had a /48 for a year or so - no extra cost. Hetzner in Germany provides IPv6 for their leased servers at no extra cost.
Some people think that size of subnet will cause a shortage of IPv6 addresses. However, even with just 1/8th of all IPv6 addresses being allocated for unicast addresses, that still leaves enough for over 35 trillion /48 subnets. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Flanagan wrote:
Ok so here, my IMAP machine for example will have its own public IP address, and my firewall will allow IMAP traffic to that IP address?
Correct. This is the way things worked before NAT was available and still does when sufficient addresses are available. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Flanagan wrote:
OK, so each device that needs internet access will need/have a separate unique public address? I guess we'll get a block of these from our ISPs?
Yes, that's correct. I have a /56 subnet, which means I have 72 address bits to play with or about a trillion times the entire IPv4 address space. That /56 subnet would typically be split into 256 /64 subnets. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott said the following on 06/28/2011 04:09 PM:
You're confusing private addresses with NAT.
Many people do The private - "unrouteable" - addresses were part of the IP4 address structure long before NAT or the address shortage.
NAT uses private addresses to get around the address shortage.
I would put a "can" in there. It was never the intent.
However, there's no reason why you couldn't have a network using private addresses, without any consideration for accessing the internet.
Which was the original intent of this design feature. The "Motivation" section of RFC1981 explicitly says <quote> an increasing number of non-connected enterprises use this technology and its addressing capabilities for sole intra-enterprise communications, without any intention to ever directly connect to other enterprises or the Internet itself </quote> My ISP, for example, has their nation-wide internal router network built around private addresses. People used to comment that it seemed wasteful to 'burn' a subnet just to connect two routers. Well with 10.x.x.x it doesn't matter. Every cable company, every DSL company, can use **THE SAME** private network for their internal routing. That they don't might account for the address shortage!
You could also have some devices with more that one address, perhaps one one private, for talking to other local devices and a public address for talking to the rest of the world.
Excellent! The admin ports on your routers and switches, the network doing C&C and SNMP, which you very certainly don't want on the Bad Bad Word-Spanning Internet! As for NAT, that came later. The idea that every host on the 'Net should be able to communicate with every other, that NAT is "wrong", is, as far as I can see, a mis-impression. I have a number of clients that have many allocated public class Bs & class Cs. Yes they were that when they got them. But they are all used internally. None of these addresses reaches the outside world for security reasons. All are behind at least TWO layers of firewalls, maybe more. (Yes, I know, this is pre-CIDR terminology, but that was then, when class Bs were handed out for the asking.) No server or workstation can access the net directly. All go via an application proxy. Store-and-forward for email, proxies for the web access. Users cannot do either without explicit permission; authorization from their manager stating that it is part of their job function and explain how is required and is reviewed each year. This seems a common policy for brokerage and other financial firms. It is likely to be a requirement with PCI:DSS and in a few years, perhaps, with FFIEC or some other regulatory body. That company has two class Bs and about 60 class Cs. All _could_ be 'returned'. The cost would be 'renumbering' and changing settings on DHCP servers. The latter could be done very easily with little to no impact. Since they can't get any more addresses they are already using private addresses. Converting to all private addresses except for the gateways would not kill them. Those would amount to one class C There is **NO** NAT in any of this. I get to wonder how many networks that are internal and private, be they administrative/SNMP or isolated by proxies, there are using the address space? -- "I think there is a world market for about five computers." Thomas J. Watson, chairman of the board of IBM, 1943 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Anton Aylward wrote:
My ISP, for example, has their nation-wide internal router network built around private addresses. People used to comment that it seemed wasteful to 'burn' a subnet just to connect two routers. Well with 10.x.x.x it doesn't matter.
Every cable company, every DSL company, can use **THE SAME** private network for their internal routing. That they don't might account for the address shortage!
My ISP does that too, and as long as those 10.x.y.z addresses don't leak into the internet, all is well. However, even if all router links used private addresses, there's still nowhere near enough IPv4 addresses to go around, even before you consider inefficiency, broadcast, loopback and other special addresses. There are only 4.3 billion of them, which is little more than half the population of the world. Incidentally, one reason Comcast, in the U.S. is pushing IPv6 is that there's not enough of those private IPv4 addresses just to manage their entire network. They've started using something called "Dual Stack Lite", in which they provide IPv6 addresses to their customers and then use carrier grade NAT to provide IPv4 access, via 4in6 tunnels, to their customers. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Anton Aylward wrote:
<quote> an increasing number of non-connected enterprises use this technology and its addressing capabilities for sole intra-enterprise communications, without any intention to ever directly connect to other enterprises or the Internet itself </quote>
I was thinking about that exact sort of thing, long before I ever heard of RFC 1918. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 6/25/2011 1:19 PM, Jim Flanagan wrote:
On 6/24/11 4:11 PM, James Knott wrote:
Felix Miata wrote:
Gee. Number bigger than I can write, much less remember. Exactly how does that make the job of a LAN admin who knows how it works now easier or more reliable?
One thing it can do is tie IP addresses to the MAC address. One method of creating an IPv6 address is to take the 48 bit MAC address, insert FFFE into the middle of it and then add the 64 bit subnet address to make the 128 bit address. This eliminates the need for DHCP, though it can still be used if desired. Of course, it also eliminates the need for NAT, which is a hack to get around the address shortage and creates other problems in the process. As mentioned, every device now has a public address, so the internet can work as intended and also support all the VoIP phones, including wireless, that need a public address to work properly. IPv6 also has security built in, with IPSec, unlike IPv4 where it's been tacked on. Then there's mobile IP and so much more...
Every device on a public IP address? Better keep your toaster and fridge patched!
He did say "public address" but that was just a misnomer. A globally unique address in no way implies public accessibility. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Brian K. White wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
He did say "public address" but that was just a misnomer. A globally unique address in no way implies public accessibility.
It's also possible to use non globally unique addresses in a manner similar to RFC1918. Those addresses are not available over the internet, unless you use a VPN or tunnel to get to your network. Might be just the thing to keep some intruder from raiding your fridge. ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Stuart Tanner <stuart@bolin.org.uk> [06-24-11 14:15]:
DLink routers use .254 just to be different :) also Thomson routers do also .
I just installed a cisco/linksys which also uses .254, iirc :^) -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Stuart Tanner wrote:
I wonder when will home routers switch to IP v6. And cable/DSL operators when will they switch to IPv6.
There already are some consumer level routers that support IPv6 as do some ISPs. Mine has promised support by the end of the year. In the mean time, I use a 6in4 tunnel to get IPv6. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Stuart Tanner wrote:
I wonder when will home routers switch to IP v6. And cable/DSL operators when will they switch to IPv6.
In Switzerland, quite a few ISPs support IPv6, especially the smaller ones. -- Per Jessen, Zürich (14.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday, June 24, 2011 09:22 Robert Schweikert wrote:
On 06/22/2011 10:20 PM, Insomniac wrote:
Hi all,
I'm looking into getting satellite internet, since all the dial-up ISP's are
making it harder and harder for me to stay online the amount of time that I do (I'm disabled and being on the computer is all I have to keep myself occupied and from going insane with nothing to do).
My mom will also be sharing the satellite hookup too, so we only have to pay
for one modem etc.
My question is: What would be best to use so that all I have to do is run a
cable from her computer and one from my computer to the modem. I mean, how should I set it up so that both of us can use the same, single satellite modem? What would be best, and most importantly, easiest?
Someone I know has a Satellite connection and the modem provided is just that, only a modem. You will need to get a router, something like
http://biz.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo= 3537304&CatId=198
Or a wireless variety if you care for wireless.
Also, will our opensuse 11.3 pick up this new connection readily? Or will I
have to do a bunch of cli stuff and wondering what and how to get connected?
These routers usually have a DHCP server built in, thus as long as you have your network connection setup to accept DHCP leases, YaST -> Networking, you should be all set.
The routers also usually have a web base configuration at 192.168.1.1.
HTH, Robert
Thanks, Robert! That really helped out a lot! Gave me a little more information that I just wasn't able to put together very well from the other replies (not that they weren't helpful, just more insufficient perhaps to get me to see what I was having trouble puttinmg together). JB -- "Properly read, the Bible is the most potent force for atheism ever conceived." -Isaac Asimov -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (12)
-
Anton Aylward -
Brian K. White -
Felix Miata -
Insomniac -
James Knott -
Jim Flanagan -
Jim Henderson -
Ken Schneider - openSUSE -
Patrick Shanahan -
Per Jessen -
Robert Schweikert -
Stuart Tanner