[opensuse] What is the proper entry for /etc/hosts 127.0.0.1?
Guys, What is the proper entry for 127.0.0.1 in /etc/hosts? I have seen discussion that 127.0.0.2 is deprecated so that leaves a problem with dnsdomainname if you remove the 127.0.0.2 entry and leave the 127.0.0.1 entry as: 127.0.0.1 localhost.localdomain localhost yourRealHostname In this situation, dnsdomainname resolves to localdomain: 15:39 phoenix:~> dnsdomainname localdomain Setting the entry as: 127.0.0.1 localhost.youReadDomainName.com localhost yourRealHostname fixes the return of dnsdomainname, but does not having localdomain cause problems as well? What say the gurus? -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 12/30/2010 2:45 PM, David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts? I have seen discussion that 127.0.0.2 is deprecated so that leaves a problem with dnsdomainname if you remove the 127.0.0.2 entry and leave the 127.0.0.1 entry as:
127.0.0.1 localhost.localdomain localhost yourRealHostname
In this situation, dnsdomainname resolves to localdomain:
15:39 phoenix:~> dnsdomainname localdomain
Setting the entry as:
127.0.0.1 localhost.youReadDomainName.com localhost yourRealHostname
fixes the return of dnsdomainname, but does not having localdomain cause problems as well? What say the gurus?
I thought averything 127.x.x.x pointed to localhost. Did I miss a memo? -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts?
My systems all have: 127.0.0.1 localhost
I have seen discussion that 127.0.0.2 is deprecated
Like John says, 127.0.0.0/8 are usually assigned to the loopback interface, and are usually = localhost. -- Per Jessen, Zürich (1.9°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts?
My systems all have:
127.0.0.1 localhost
I have seen discussion that 127.0.0.2 is deprecated
Like John says, 127.0.0.0/8 are usually assigned to the loopback interface, and are usually = localhost.
IIRC, OpenSUSE assigns 127.0.0.1 to local host and 127.0.0.2 to the computer name. It's much simpler on IPv6, where ::1 works for both. ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Per Jessen wrote:
David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts?
My systems all have:
127.0.0.1 localhost
I have seen discussion that 127.0.0.2 is deprecated
Like John says, 127.0.0.0/8 are usually assigned to the loopback interface, and are usually = localhost.
IIRC, OpenSUSE assigns 127.0.0.1 to local host and 127.0.0.2 to the computer name.
Isn't there an option for that during installation? I seem to remember some network option I always deselect. -- Per Jessen, Zürich (3.2°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
IIRC, OpenSUSE assigns 127.0.0.1 to local host and 127.0.0.2 to the
computer name.
Isn't there an option for that during installation? I seem to remember some network option I always deselect.
Yes, it asks if you want the computer name to be added to the hosts file. I generally allow that, as it doesn't hurt anything and may be useful on servers. So, on my home network, I'm running dmsmasq on my firewall, which has all the computers and devices listed in /etc/hosts (with the IPv6 address listed first). Then all the computers have localhost & computer name in their own hosts file. The only exception is my notebook, which has all the devices listed in it's hosts file, as I often use it to connect to stuff at home via IPv6 or VPN. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 12/31/2010 02:55 AM, Per Jessen wrote:
David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts?
My systems all have:
127.0.0.1 localhost
I have seen discussion that 127.0.0.2 is deprecated
Like John says, 127.0.0.0/8 are usually assigned to the loopback interface, and are usually = localhost.
Well, The documentation shows (man hosts): IP_address canonical_hostname [aliases...] showing you can have any number of aliases for a given IP_address canonical_hostname pair. So I have always included the hostname as an alias after localhost: 127.0.0.1 localhost phoenix which provides resolution for localhost as well as your hostname on loopback. I have run across several web apps that want to be able to resolve the loopback address with the hostname. The 127.0.0.2 SuSE has used is a hack and there is talk about doing away with it completely. The real problem is with dnsdomainname (or hostname -d) which will not resolve to anything unless you include the full canonical_hostname in /etc/hosts: 127.0.0.1 providence.rlfpllc.com localhost providence This works fine for dnsdomainname (or hostname -d). Also, since it provides the definition for localhost on loopback, it does what it is supposed to as far as I can tell. I can't see any downside to this approach, but I'm skeptical enough to ask and see if anybody else knows of any gotchas or side-effects from doing this? -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
On 12/31/2010 02:55 AM, Per Jessen wrote:
David C. Rankin wrote:
Guys,
What is the proper entry for 127.0.0.1 in /etc/hosts?
My systems all have:
127.0.0.1 localhost
I have seen discussion that 127.0.0.2 is deprecated
Like John says, 127.0.0.0/8 are usually assigned to the loopback interface, and are usually = localhost.
Well,
The documentation shows (man hosts):
IP_address canonical_hostname [aliases...]
showing you can have any number of aliases for a given IP_address canonical_hostname pair. So I have always included the hostname as an alias after localhost:
127.0.0.1 localhost phoenix
which provides resolution for localhost as well as your hostname on loopback. I have run across several web apps that want to be able to resolve the loopback address with the hostname. The 127.0.0.2 SuSE has used is a hack and there is talk about doing away with it completely.
I can't quite figure out what that is good for, and I've certainly never used it. All of my hostnames resolve to the primary IP-address of the host.
The real problem is with dnsdomainname (or hostname -d) which will not resolve to anything unless you include the full canonical_hostname in /etc/hosts:
127.0.0.1 providence.rlfpllc.com localhost providence
It works fine on my systems - dnsdomainname and hostname -d both return the domain-name. -- Per Jessen, Zürich (0.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hello, On Sun, 02 Jan 2011, David C. Rankin wrote: [..]
Well,
The documentation shows (man hosts):
IP_address canonical_hostname [aliases...] [..] The real problem is with dnsdomainname (or hostname -d) which will not resolve to anything unless you include the full canonical_hostname in /etc/hosts:
127.0.0.1 providence.rlfpllc.com localhost providence
And that's what you should use. I use the pattern: 127.0.0.1 host.domain.tld localhost host more_aliases 127.0.0.2 www.host.domain.tld www ### for use with apache e.g. 127.0.0.3 docs.host.domain.tld docs ### for use with apache e.g. [..] 127.0.1.1 ad.doubleclick.com ad.doubleclick.net ad.uk.doubleclick.net 127.0.1.1 ad-emea.doubleclick.net 127.0.1.2 www.google-analytics.com ssl.google-analytics.com google-analytics.com [..] If 'hostname' and 'hostname -f' return the correct values, you're good. I had problems when all adserver/tracker stuff was on one IP (more than 40 or whatever it was). -dnh -- "But you should never let rules overrule common sense - if you do, you end up doing stupid things" -- Linus Torvalds -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 1/2/2011 4:24 PM, David C. Rankin wrote:
127.0.0.1 localhost phoenix
which provides resolution for localhost as well as your hostname on loopback. I have run across several web apps that want to be able to resolve the loopback address with the hostname. The 127.0.0.2 SuSE has used is a hack and there is talk about doing away with it completely.
The 127.0.0.2 is not just specific to opensuse, its been in use since the Pleistocene in several distros. I suspect it might have been necessary at one time or another in the early days. I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8). Any links to such a discussion? -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 01/03/2011 04:08 PM, John Andersen wrote:
On 1/2/2011 4:24 PM, David C. Rankin wrote:
127.0.0.1 localhost phoenix
which provides resolution for localhost as well as your hostname on loopback. I have run across several web apps that want to be able to resolve the loopback address with the hostname. The 127.0.0.2 SuSE has used is a hack and there is talk about doing away with it completely.
The 127.0.0.2 is not just specific to opensuse, its been in use since the Pleistocene in several distros. I suspect it might have been necessary at one time or another in the early days.
I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8).
Any links to such a discussion?
Primarily: https://features.opensuse.org/308824 Others: http://www.njabl.org/use.html Many more threads about... -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 1/3/2011 6:18 PM, David C. Rankin wrote:
On 01/03/2011 04:08 PM, John Andersen wrote:
On 1/2/2011 4:24 PM, David C. Rankin wrote:
127.0.0.1 localhost phoenix
which provides resolution for localhost as well as your hostname on loopback. I have run across several web apps that want to be able to resolve the loopback address with the hostname. The 127.0.0.2 SuSE has used is a hack and there is talk about doing away with it completely.
The 127.0.0.2 is not just specific to opensuse, its been in use since the Pleistocene in several distros. I suspect it might have been necessary at one time or another in the early days.
I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8).
Any links to such a discussion?
Primarily: https://features.opensuse.org/308824
Others: http://www.njabl.org/use.html
Many more threads about...
Ah, well the first is simply a local suse issue and the second is actually a valid use of 127/8 for the specific purpose it was intended for, resolving all sorts of things right back to the local machine. There is no inherent reason that njabl would need many such entries, one would do just the same, and they could have used 127.0.0.1 for all of them. Its simply a book keeping feature, but they all resolve to local host. So the second is actually an argument multiple uses of 127.0.0.x, but nothing they do requires an entry in hosts file, because they rely on the fact that the entire 128/8 block always points to localhost. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8).
That would break a lot of existing computers and devices. The proper way out of the address shortage is IPv6. I have my own IPv6 /56 subnet with an address space about 1 trillion times the entire IPv4 address space. If only /48 subnets were handed out, as some propose, there's be enough addresses for about 35 trillion of them, each containing a trillion, trillion addresses and this is using only the 1/8 of the entire IPv6 address range that's currently allocated to unicast addresses. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* John Andersen (jsamyth@gmail.com) [20110103 23:08]:
I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8).
Restricting the range of localhost would be a dumb move as 127.0.0.0/8 has been in effect for far too long and is embedded in too many devices. Face it, IPv6 is the only viable way to go. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Philipp Thomas wrote:
* John Andersen (jsamyth@gmail.com) [20110103 23:08]:
I have not seen any talk about doing away with it, but the shortage of IP space would certainly apply pressure in that direction (reducing localhost to a /24 instead of a /8).
Restricting the range of localhost would be a dumb move as 127.0.0.0/8 has been in effect for far too long and is embedded in too many devices. Face it, IPv6 is the only viable way to go.
Even if it was only 127.0.0.0/8, it would only delay the inevitable. IPv4 simply cannot meet the needs of today, let alone the future. The more people try to dream up schemes to extend IPv4, the worse the problem will get. Move to IPv6. I have! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 2011-01-04 at 20:56 -0500, James Knott wrote:
Even if it was only 127.0.0.0/8, it would only delay the inevitable. IPv4 simply cannot meet the needs of today, let alone the future. The more people try to dream up schemes to extend IPv4, the worse the problem will get. Move to IPv6. I have!
It is not our decision to make. It is our providers (the ISPs) who must make that move. And not one provider, but all, at the same time. - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0j7bEACgkQtTMYHG2NR9VatwCeI2zeVnw+SxzSPkkFojvEwW+5 2kYAn2QBj15INQudnvr4n8zp5IbBqGsx =5fjy -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2011-01-05 at 05:04 +0100, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tuesday, 2011-01-04 at 20:56 -0500, James Knott wrote:
Even if it was only 127.0.0.0/8, it would only delay the inevitable. IPv4 simply cannot meet the needs of today, let alone the future. The more people try to dream up schemes to extend IPv4, the worse the problem will get. Move to IPv6. I have!
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, it is yours. Don't use your ISP-IPv6-reluctance for any delay on your side. Around the net you can find reports that failure to provide IPv6 will be a reason for ISP's to go bust. Are you willing to wait for that to happen? And then be forced to move to another ISP? In the mean time, use a tunnelbroker, while you can not get native-IPv6. I use HE (tunnelbroker.net, but there are others) in the mean time. My provider has started to give V6-addresses for those who want it, but i seriously think of sticking to my independant-tunnel-provider, instead of going native. My /48 is now independant of my isp,and i can switch to another isp without any re-numbering, Just adjusting my tunnel setup. hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011-01-05 at 09:17, Hans Witvliet <hwit@a-domani.nl> wrote: In the mean time, use a tunnelbroker, while you can not get native-IPv6. I use HE (tunnelbroker.net, but there are others) in the mean time. My provider has started to give V6-addresses for those who want it, but i seriously think of sticking to my independant-tunnel-provider, instead of going native. My /48 is now independant of my isp,and i can switch to another isp without any re-numbering, Just adjusting my tunnel setup.
http://www.fix6.net/archives/2010/12/06/the-trouble-with-6to4-2/ http://www.potaroo.net/ispcol/2010-12/6to4fail.html I think you should allways choose native, if you have the choice. And your also dependent on the bottleneck at the tunnel provider. Will they invest enough and on time in new equipment, when they become more widely used? -- Met vriendelijke groet / Best regards, Wilfred van Velzen -- SERCOM Regeltechniek B.V. Heereweg 9 2161 AB Lisse Nederland +31 (0)252 416530 (voice) +31 (0)252 419481 (fax) <http://www.sercom.nl/> Op al onze offertes, op alle opdrachten aan ons en op alle met ons gesloten overeenkomsten zijn toepasselijk de METAALUNIEVOORWAARDEN, gedeponeerd ter Griffie van de Rechtbank te Rotterdam, zoals deze luiden volgens de laatstelijk aldaar neergelegde tekst. De leveringsvoorwaarden worden u op verzoek toegezonden. --- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2011-01-05 at 09:41 +0100, Wilfred van Velzen wrote:
On 2011-01-05 at 09:17, Hans Witvliet <hwit@a-domani.nl> wrote: In the mean time, use a tunnelbroker, while you can not get native-IPv6. I use HE (tunnelbroker.net, but there are others) in the mean time. My provider has started to give V6-addresses for those who want it, but i seriously think of sticking to my independant-tunnel-provider, instead of going native. My /48 is now independant of my isp,and i can switch to another isp without any re-numbering, Just adjusting my tunnel setup.
http://www.fix6.net/archives/2010/12/06/the-trouble-with-6to4-2/ http://www.potaroo.net/ispcol/2010-12/6to4fail.html
I think you should allways choose native, if you have the choice.
And your also dependent on the bottleneck at the tunnel provider. Will they invest enough and on time in new equipment, when they become more widely used?
-- Well, instinctively i would agree: keep it as simpel as possible.
But performance is good: sometimes my latency is slightly (1 ms) higher. And horror stories like above (failure-rate) are completely unknown. Since HE has a end-point on the ams-ix, performance is that good, that i even recommended it at work. Furthermore, HE has 25 tunnel-endpoints at several major internet-router-sites (london, frankfurt, paris, singapore, hongkong), so you can avoid the single point of failure. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hans Witvliet wrote:
No, it is yours. Don't use your ISP-IPv6-reluctance for any delay on your side.
Around the net you can find reports that failure to provide IPv6 will be a reason for ISP's to go bust. Are you willing to wait for that to happen? And then be forced to move to another ISP?
In the mean time, use a tunnelbroker ... [snip] ... My /48 is now independant of my isp,and i can switch to another isp without any re-numbering, Just adjusting my tunnel setup.
I'm pretty ignorant of the issues, so could you or somebody else explain how this helps? (perhaps a link to a RTFM/FAQ?) Surely, if your ISP goes broke then you will still have to change your mail, DNS, ADSL login etc credentials anyway (or else the ISP must have been taken over seamlessly) so I'm not clear how already having an IPV6 connection saves much work. Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Dave Howorth wrote:
Hans Witvliet wrote:
No, it is yours. Don't use your ISP-IPv6-reluctance for any delay on your side.
Around the net you can find reports that failure to provide IPv6 will be a reason for ISP's to go bust. Are you willing to wait for that to happen? And then be forced to move to another ISP?
In the mean time, use a tunnelbroker ... [snip] ... My /48 is now independant of my isp,and i can switch to another isp without any re-numbering, Just adjusting my tunnel setup.
I'm pretty ignorant of the issues, so could you or somebody else explain how this helps? (perhaps a link to a RTFM/FAQ?)
Surely, if your ISP goes broke then you will still have to change your mail, DNS, ADSL login etc credentials anyway (or else the ISP must have been taken over seamlessly) so I'm not clear how already having an IPV6 connection saves much work.
If you're running services (mail, web, whathaveyou) on your IPv6 range, a change of provider will mean changing IP-addresses, just like today. If you're not running services, it doesn't matter much - just like today. -- Per Jessen, Zürich (-0.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Dave Howorth wrote:
Surely, if your ISP goes broke then you will still have to change your mail, DNS, ADSL login etc credentials anyway (or else the ISP must have been taken over seamlessly) so I'm not clear how already having an IPV6 connection saves much work.
If you're running services (mail, web, whathaveyou) on your IPv6 range, a change of provider will mean changing IP-addresses, just like today. If you're not running services, it doesn't matter much - just like today.
Right, but using a tunneled IPv6 now doesn't seem to change the overall amount of work. Roughly speaking, either: (a) my ISP is stupid and goes broke or is so badly organized that I have to change to and set up another, or (b) my ISP is wise and I'm automatically migrated to IPv6 (or he sends me clear instructions on what I need to do) But I don't see how me doing anything now separately from my ISP reduces my overall workload. It feels likely that it will actually increase the work. ( Not trying to start a fight, just to understand if Hans' suggestion has legs. :) Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2011-01-05 at 10:08 +0000, Dave Howorth wrote:
Per Jessen wrote:
Dave Howorth wrote:
Surely, if your ISP goes broke then you will still have to change your mail, DNS, ADSL login etc credentials anyway (or else the ISP must have been taken over seamlessly) so I'm not clear how already having an IPV6 connection saves much work.
If you're running services (mail, web, whathaveyou) on your IPv6 range, a change of provider will mean changing IP-addresses, just like today. If you're not running services, it doesn't matter much - just like today.
Right, but using a tunneled IPv6 now doesn't seem to change the overall amount of work. Roughly speaking, either:
(a) my ISP is stupid and goes broke or is so badly organized that I have to change to and set up another, or (b) my ISP is wise and I'm automatically migrated to IPv6 (or he sends me clear instructions on what I need to do)
But I don't see how me doing anything now separately from my ISP reduces my overall workload. It feels likely that it will actually increase the work.
( Not trying to start a fight, just to understand if Hans' suggestion has legs. :)
Cheers, Dave
Just as Per wrote, I assume you have you mail and other services on you own domain-name, and not on a sub-domain of your provider. So mail/web/other-traffic goes to yourdomain.org
From your current-isp you get an ip-address and on that adres you terminate your IPv6-tunnel. Along with your tunnel you get an /64 network (ad if you want an extra /48 network) Define all of your services of the addresses of that /48 network.
In case you switch to another provider, only the ipv4-address of your tunnel changes, nothing else. ## Actually, this is more related to managing your own domainname, but since i started to use v6, i rather use names instead of addresses.. But even when you just use plain numbers, it is just adjusting your tun-setup script with the ip-adres of your new provider, as the addresses of your /48 remains the same. hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hans Witvliet wrote:
Just as Per wrote, I assume you have you mail and other services on you own domain-name, and not on a sub-domain of your provider. So mail/web/other-traffic goes to yourdomain.org
I think this is the key. My mail goes via the mail server of my ISP (in fact I think it may have to, to prevent open relays, though I'm not sure). My DNS comes from my ISP. So I'm just a regular user as I suspect Carlos is in this regard, though I seem to have more choice of ISP! (I do have my own domain, but it is something completely separate to which I just have net connections) So I think Per's later assessment is about right. For people in my position at present the only reason to use IPv6 is if I view it as educational or 'fun'. Which in some circumstances I might, but I've got other things to keep me busy at present. Thanks for the info anyway, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Dave Howorth wrote:
Right, but using a tunneled IPv6 now doesn't seem to change the overall amount of work. Roughly speaking, either:
(a) my ISP is stupid and goes broke or is so badly organized that I have to change to and set up another, or (b) my ISP is wise and I'm automatically migrated to IPv6 (or he sends me clear instructions on what I need to do)
But I don't see how me doing anything now separately from my ISP reduces my overall workload. It feels likely that it will actually increase the work.
Yeah, I think that's about it. Today, for the regular end-user, IPv6 is just something to play with if one is so inclined. -- Per Jessen, Zürich (0.4°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 09:17 +0100, Hans Witvliet wrote:
On Wed, 2011-01-05 at 05:04 +0100, Carlos E. R. wrote:
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, it is yours. Don't use your ISP-IPv6-reluctance for any delay on your side.
I can't move unles: My ISP changes to IPv6 The rest of the world changes If not, I will not be able to connect. What advantage do I get, if all sites I connect to are on IPv4?
Around the net you can find reports that failure to provide IPv6 will be a reason for ISP's to go bust. Are you willing to wait for that to happen? And then be forced to move to another ISP?
Absolutely yes. For one thing, they will not go bust, they'll move. They are too big, and the state has interests on them. They fail, then no telephone in the country. For another, there are no other ISPs. None here offers IPv6, and all of them except one uses the infraestructure of the main ISP, for starters. So, I wait for them to move and force me to change - meaning that they will have to pay for the router.
In the mean time, use a tunnelbroker, while you can not get native-IPv6.
I don't see any advantage. - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0kT48ACgkQtTMYHG2NR9UosQCdHRwguCmQTsP1TIhrMslCCPmN vLwAn0MYwLE6JGU2J8myy52a6+tHKwg8 =/xpD -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
On Wednesday, 2011-01-05 at 09:17 +0100, Hans Witvliet wrote:
On Wed, 2011-01-05 at 05:04 +0100, Carlos E. R. wrote:
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, it is yours. Don't use your ISP-IPv6-reluctance for any delay on your side.
I can't move unles:
My ISP changes to IPv6 The rest of the world changes
Not quite correct - like Hans suggests, you could use a tunnelling setup, or use 192.88.99.1 as a 6to4 relay. The rest of the world is already changing, even if only slowly.
If not, I will not be able to connect. What advantage do I get, if all sites I connect to are on IPv4?
None (except the experience in setting it up).
In the mean time, use a tunnelbroker, while you can not get native-IPv6.
I don't see any advantage.
There aren't really any. -- Per Jessen, Zürich (0.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 12:12 +0100, Per Jessen wrote:
Carlos E. R. wrote:
I can't move unles:
My ISP changes to IPv6 The rest of the world changes
Not quite correct - like Hans suggests, you could use a tunnelling setup, or use 192.88.99.1 as a 6to4 relay. The rest of the world is already changing, even if only slowly.
I could move, but what do /I/ gain? Nothing that I can see.
In the mean time, use a tunnelbroker, while you can not get native-IPv6.
I don't see any advantage.
There aren't really any.
That's the point. Doubtless, we we'll have to move. But why should I go first? I know nothing about IPv6, not even enough to use it in my own little home network. All the sites I connect to are on v4. I would have to invest on hardware, and when my ISP does the inevitable and changes, then perhaps I'll have to invest again. So no. They change first and carry us all. Like sheep in a flock. :-p - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0kVWcACgkQtTMYHG2NR9XiPgCfTos0QufENiBN4DNwj+5988hX /t8AnRpxvFO4xuEdT4aoDVX5GDepP8+v =SCv2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
In the mean time, use a tunnelbroker, while you can not get native-IPv6.
I don't see any advantage.
There aren't really any.
That's the point.
Doubtless, we we'll have to move. But why should I go first?
I know nothing about IPv6, not even enough to use it in my own little home network. All the sites I connect to are on v4. I would have to invest on hardware, and when my ISP does the inevitable and changes, then perhaps I'll have to invest again.
Well, no, as Hans has described, you could use a 6to4 tunnel - they're available for free and requires no addtional hardware. No, it brings you no advantages, it's only for you to play with. -- Per Jessen, Zürich (1.1°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
I could move, but what do /I/ gain? Nothing that I can see. You gain access to all the available web sites, not just those on IPv4. You get direct access to all your computers, without NAT getting in the way. In short, you get to use the internet in the manner it was intended to be used.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 21:12 -0500, James Knott wrote:
Carlos E. R. wrote:
I could move, but what do /I/ gain? Nothing that I can see. You gain access to all the available web sites, not just those on IPv4. You get direct access to all your computers, without NAT getting in the way. In short, you get to use the internet in the manner it was intended to be used.
I can not even reach my local printer on IPv6... - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0lQqsACgkQtTMYHG2NR9U5iQCfcw91epFCCvNVihYx5daCaXaZ xesAnRKcxcHS46GexLrjcqOAi290isIO =OmcD -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Carlos E. R. wrote:
I didn't realize we're up to IPv8 already. What happened to 6 & 7? ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 17:37 -0500, James Knott wrote:
Carlos E. R. wrote:
I didn't realize we're up to IPv8 already. What happened to 6 & 7? ;-)
Yeah, I figured v6 was old already, with all those galaxies to reach. Not enough numbers. :-p - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0lQvsACgkQtTMYHG2NR9U+8ACfSdXua4tO9xq4tI5pGYvZpbEu bxQAoIbjMSPaLMGTBlPBbC5WaxjhRM+m =dlcZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
I can't move unles:
My ISP changes to IPv6 The rest of the world changes
If not, I will not be able to connect. What advantage do I get, if all sites I connect to are on IPv4?
Yes you can. Operating systems such as Linux, Windows, Mac etc. can run dual stack, which means you can access both IPv4 and IPv6 sites. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 21:05 -0500, James Knott wrote:
If not, I will not be able to connect. What advantage do I get, if all sites I connect to are on IPv4?
Yes you can. Operating systems such as Linux, Windows, Mac etc. can run dual stack, which means you can access both IPv4 and IPv6 sites.
I doubt it. I can not reach my own local printer, which I know supports v6. If that doesn't work, even less the outside. Access my local machines without NAT? I prefer not to. I have more to lose than gain :-P - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0lQ3IACgkQtTMYHG2NR9UdfACeJwkIkfPIJ9BHfQqaQOS5h8QT LVQAnj/U04oOY6ETzfCOJCwNqnFE7bZ+ =3QpS -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
I doubt it. I can not reach my own local printer, which I know supports v6. If that doesn't work, even less the outside.
I'm not sure why you're having the problem. I'll have to look into it when I have more time. However, those link local IPv6 addresses are awkward to use, compared to the addresses you'd normally use.
Access my local machines without NAT? I prefer not to. I have more to lose than gain :-P
You lose nothing that a properly set up wirewall will give you. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 01/06/2011 05:42 AM, James Knott pecked at the keyboard and wrote:
Carlos E. R. wrote:
I doubt it. I can not reach my own local printer, which I know supports v6. If that doesn't work, even less the outside.
I'm not sure why you're having the problem. I'll have to look into it when I have more time. However, those link local IPv6 addresses are awkward to use, compared to the addresses you'd normally use.
Access my local machines without NAT? I prefer not to. I have more to lose than gain :-P
You lose nothing that a properly set up wirewall will give you.
I, like a lot of other people, do not run any local services so although I have nothing to lose I also have absolutely nothing to gain. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2011-01-06 14:47, Ken Schneider - openSUSE wrote:
On 01/06/2011 05:42 AM, James Knott pecked at the keyboard and wrote:
Carlos E. R. wrote:
Access my local machines without NAT? I prefer not to. I have more to lose than gain :-P
You lose nothing that a properly set up wirewall will give you.
I, like a lot of other people, do not run any local services so although I have nothing to lose I also have absolutely nothing to gain.
That is so. VoIP would be an exception, but then, on the against side, is p2p, it is preferable to be anonymous ;-) About that "properly set up wirewall", I don't have one. I have what my ISP gave me, which is only capable of v4 things, and limited at that. And if I go to the local shops, I'm sure I would only find similar adsl routers, none capable of ipv6 - which would be useless because the providers do not offer it. I would need a box capable of tunneling over IPv4, and I wouldn't have the foggiest idea what to buy. And it would be expensive, so I'll better wait till the ISPs do their move. I have no hurry :-) - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk0l/CYACgkQtTMYHG2NR9XIyACggYka30ueH7JS4b5y58ppaHMn ViMAn2qOiZxwq86Qb941IhY9oKpmBvko =5ZYb -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
About that "properly set up wirewall", I don't have one. I have what my ISP gave me, which is only capable of v4 things, and limited at that. And if I go to the local shops, I'm sure I would only find similar adsl routers, none capable of ipv6 - which would be useless because the providers do not offer it.
You trust the one-size-fits-all firewall that your ISP has provided? Why not run your own, e.g. the openSUSE firewall?
I would need a box capable of tunneling over IPv4, and I wouldn't have the foggiest idea what to buy.
Your own Linux box is all you need. -- Per Jessen, Zürich (4.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-ID: <alpine.LNX.2.00.1101062118041.7253@Telcontar.valinor> Resending, my ISP is failing again :-/ <opensuse@opensuse.org>: host smtp.telefonica.net[213.4.149.228] said: 552 5.2.0 sKms1f00J1LWEzc1jKmtS6 internal error (in reply to end of DATA command) On 2011-01-06 19:34, Per Jessen wrote:
Carlos E. R. wrote:
You trust the one-size-fits-all firewall that your ISP has provided?
Not really :-)
Why not run your own, e.g. the openSUSE firewall?
I do, it is on, but it only protects the computer. There are devices connected to the router without their own firewall: the printer, the digital TV recorder... Yes, I know I can get a computer with linux, two ethernet ports, and a switch, to really protect the local network. But that is more expense and a good deal of hassle. And more electricity.
I would need a box capable of tunneling over IPv4, and I wouldn't have the foggiest idea what to buy.
Your own Linux box is all you need.
Yes, for services from the computer. If I'd want (which I don't) to put a lone VoIp phone over IPv6, I would need something else. That is, if I want to get some of the advantages of IPv6, I would need something else. - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0mI9kACgkQtTMYHG2NR9WqHQCfYCzQZ1j2yGpjewlaMgkYA3wl C/kAn2Lo+Dv/wMVz7V7+FJiQ6YrHv+B6 =1mj+ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, 6 Jan 2011 21:19:36 +0100 (CET), "Carlos E. R." <robin.listas@gmail.com> wrote:
I do, it is on, but it only protects the computer. There are devices connected to the router without their own firewall: the printer, the digital TV recorder...
Get a router that supports alternative firmwares like DDWRT and run the lfirewall on it. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 01/06/2011 02:46 PM, Philipp Thomas wrote:
On Thu, 6 Jan 2011 21:19:36 +0100 (CET), "Carlos E. R." <robin.listas@gmail.com> wrote:
I do, it is on, but it only protects the computer. There are devices connected to the router without their own firewall: the printer, the digital TV recorder...
Get a router that supports alternative firmwares like DDWRT and run the lfirewall on it.
Philipp
But Getting a new router was an expense Carlos was looking to avoid. To me, the easiest thing seems to be to do this with a Linux machine as the only thing attached to the ISP. Its not that much more expensive than running a router, presuming you HAVE an old machine laying around (which I suspect most of us do). Running Headless, the power consumption is miniscule, its just as easy to configure as a router, and easier to keep up to date. That way during the next year or two of flux in the ipv4/ipv6 arena, you will be able to roll with the punches delivered by your ISP, adopt ipv6 well ahead of them if you wish, and use the linux box to do your tunneling. I do this now, and run linux as my gateway/router. My WiFi is relagated to merely an Access Point to my LAN. It doesn't even do dhcp. -- Explain again the part about rm -rf / -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2011-01-07 00:01, jsa wrote:
On 01/06/2011 02:46 PM, Philipp Thomas wrote:
On Thu, 6 Jan 2011 21:19:36 +0100 (CET), "Carlos E. R." <> wrote:
Get a router that supports alternative firmwares like DDWRT and run the lfirewall on it.
But Getting a new router was an expense Carlos was looking to avoid.
Correct.
To me, the easiest thing seems to be to do this with a Linux machine as the only thing attached to the ISP.
No, the easiest is doing nothing :-P A PC is not enough. For one, it doesn't have an ADSL port, so I still need the router from the provider. Then, the old PC I have has only one eth port, and for a router you need two - being an old computer, it might be impossible to get that card. And having very little memory (the one I have has only 32 Megs) it can run very few distros, if any at all. Then, on the home side ethernet port, I would have to plug a switch to connect my local machines. I would also need a wifi port to feed the laptop. That's four machines to replace the existing router. A lot of space (I already have a 2 meter high iron rack) and electricity (and maintenance effort) for something I do not need at all to do. If I were to do it, I would prefer some dedicated little box, a real router, preferable with open source code, as Philip says - but as I have no need for that, I'll do nothing till the current setup breaks down (at which moment I'll buy whatever I can get locally in a hurry), or till the ISP pushes upgrades down to the users - which in any case I would be forced to do when they do decide to change to IPv6. If someone has a suggestion of a real good and cheap router, with adsl port, wifi, generic code, support for IPv4, V6, and whatever is needed now and for the future (wow!), then speak up! :-) Not that I would buy that right now, but I would take a note for the future. - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iF4EAREIAAYFAk0mazwACgkQja8UbcUWM1yCPQD+ImzAadCYocDEOm5jEGaLuGkU pgq3Lp0kftQJE0i3drMBAIKtjWSUbltYiMct2KV7wuIdxwmDm+3SSWHHYZa27NMw =EqY4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
A PC is not enough. For one, it doesn't have an ADSL port, so I still need the router from the provider. Then, the old PC I have has only one eth port, and for a router you need two - being an old computer, it might be impossible to get that card.
If you need ISA, I'll send you a couple of 3c590 or 3c515 if you pay the postage. If PCI works, you can have a D-Link <somewthing> with RA8381.
And having very little memory (the one I have has only 32 Megs) it can run very few distros, if any at all.
I ran my internet gateway on a 486DX2 with 24Mb for years. I think it was SuSE Linux 7.1 - with 11.3 the issue is the installation, not the operation. You might have to add a bit of memory during installation. Anyway, I can pop some old memory in the package when I send the 3c590 - in fact, you have the whole box, but it'll be a bit expensiveto ship :-) Today I would probably buy some embedded thingie, more probably one of these http://www.pcengines.ch/ and then run the xDSL router in bridging mode. Setting it up would be more work, but I would want the flexibility.
If someone has a suggestion of a real good and cheap router, with adsl port, wifi, generic code, support for IPv4, V6, and whatever is needed now and for the future (wow!), then speak up! :-)
I don't know of one that will satisfy all of those requirements. Quite a few come close though - Zyxel has very affordable boxes, but only one that does IPv6 and it's not using openWRT. Linksys WRT54GL is good option, but it doesn't have ADSL, so you'd have to keep your existing modem. -- Per Jessen, Zürich (5.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2011-01-07 09:08, Per Jessen wrote:
Carlos E. R. wrote:
A PC is not enough. For one, it doesn't have an ADSL port, so I still need the router from the provider. Then, the old PC I have has only one eth port, and for a router you need two - being an old computer, it might be impossible to get that card.
If you need ISA, I'll send you a couple of 3c590 or 3c515 if you pay the postage. If PCI works, you can have a D-Link <somewthing> with RA8381.
Well, thanks, but better not. I feel lazy in this matter, it is not something I really need so I'll probably do nothing in a long time O:-) I was only describing the difficulties, not calling for help - not yet, anyway. I could probably get a card second hand quite cheap.
I ran my internet gateway on a 486DX2 with 24Mb for years. I think it was SuSE Linux 7.1 - with 11.3 the issue is the installation, not the operation.
The machine has 7,3 currently.
Today I would probably buy some embedded thingie, more probably one of these http://www.pcengines.ch/ and then run the xDSL router in bridging mode. Setting it up would be more work, but I would want the flexibility.
Yes, I had thought of that, too. That idea tickles me a bit :-)
If someone has a suggestion of a real good and cheap router, with adsl port, wifi, generic code, support for IPv4, V6, and whatever is needed now and for the future (wow!), then speak up! :-)
I don't know of one that will satisfy all of those requirements. Quite a few come close though - Zyxel has very affordable boxes, but only one that does IPv6 and it's not using openWRT. Linksys WRT54GL is good option, but it doesn't have ADSL, so you'd have to keep your existing modem.
I'll have a (lazy) look to see what I can find, thanks ;-) - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iF4EAREIAAYFAk0m5rUACgkQja8UbcUWM1yUDwEAmJbL9nA5cdCDC3K5A1iwB32F Rnmfa9TTXNMXGAD+M6QBAJmvZuV9Ymi1QFXKGxA73K6mYV/57zQiqfW4Vk2c0vpI =y03I -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 07 Jan 2011 02:24:12 +0100, "Carlos E. R." <robin.listas@telefonica.net> wrote:
A PC is not enough. For one, it doesn't have an ADSL port, so I still need the router from the provider.
You need a DSL-Router but not necessarily one from the provider. And I was talking about replacing exactly this DSL-Router with one that you can use an alternative firmware on. Freetz vor AVM Fritzbox (http://www.freez.org) and DD-WRT (http://www.dd-wrt.com/site/index) for a wider range of routers come to mind. These alternative firmwares allow you to run much more services on the box then their original ones. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jsa wrote:
On 01/06/2011 02:46 PM, Philipp Thomas wrote:
On Thu, 6 Jan 2011 21:19:36 +0100 (CET), "Carlos E. R." <robin.listas@gmail.com> wrote:
I do, it is on, but it only protects the computer. There are devices connected to the router without their own firewall: the printer, the digital TV recorder...
Get a router that supports alternative firmwares like DDWRT and run the lfirewall on it.
Philipp
But Getting a new router was an expense Carlos was looking to avoid.
To me, the easiest thing seems to be to do this with a Linux machine as the only thing attached to the ISP.
Yep. Any old PC will do. -- Per Jessen, Zürich (5.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jsa wrote:
I do this now, and run linux as my gateway/router. My WiFi is relagated to merely an Access Point to my LAN. It doesn't even do dhcp.
That's exactly what I do here. My firewall is an old Compaq* computer, running OpenSUSE 11.3. It provides firewall, router, DHCP, DNS, VPN end point etc. Like you, my WiFi is a router used in bridging mode. * I wonder if a Gateway would work better? ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
About that "properly set up wirewall", I don't have one. I have what my ISP gave me, which is only capable of v4 things, and limited at that. And if I go to the local shops, I'm sure I would only find similar adsl routers, none capable of ipv6 - which would be useless because the providers do not offer it.
I would need a box capable of tunneling over IPv4, and I wouldn't have the foggiest idea what to buy. And it would be expensive, so I'll better wait till the ISPs do their move.
You can get boxes from Linksys & D-link, among others that should be easy to set up and not too expensive. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I also have absolutely nothing to gain. At the moment. However, there are other things in the works that make accessing your home network desirable. One simple example is home control & security. You could control your thermostat etc. remotely. People currently use those X11 modules for that. You can also check status & alarms or even security cameras remotely. Many, many more
Ken Schneider - openSUSE wrote: things are possible. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 01/06/2011 09:41 PM, James Knott pecked at the keyboard and wrote:
I also have absolutely nothing to gain. At the moment. However, there are other things in the works that make accessing your home network desirable. One simple example is home control & security. You could control your thermostat etc. remotely. People currently use those X11 modules for that. You can also check status & alarms or even security cameras remotely. Many, many more
Ken Schneider - openSUSE wrote: things are possible.
As I said _I_ have absolutely nothing to gain. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2011-01-07 03:41, James Knott wrote:
Ken Schneider - openSUSE wrote:
I also have absolutely nothing to gain. At the moment. However, there are other things in the works that make accessing your home network desirable. One simple example is home control & security. You could control your thermostat etc. remotely.
Which I don't have. There are two mechanical thermostat (one is a small gas reservoir controlling a gas stove), and one electronic, standalone, for a single stove. I don't have money to spend on house automation. The gadgets I buy are those I really need, like an UPS for the frequent power failures (the house current limiter triggers at 10 A). So no new router till absolutely needed.
People currently use those X11 modules for that. You can also check status & alarms or even security cameras remotely.
Here, they use a dedicated cellular phone in the alarm box, separated from any networking in the house.
Many, many more things are possible.
Yes, like locating who is doing P2P >:-) - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iF4EAREIAAYFAk0rgjMACgkQja8UbcUWM1xWNgD/XAGUbqEfMW6Z2uWxvHHwcg+O 67ccDwGAnZ6IB322BTEA/iom9TklNEDuCoIrMDqKDvUzTaJubo52N3GgumHJYKOn =waWM -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 2011-01-10 at 23:03 +0100, Carlos E. R. wrote:
Yes, like locating who is doing P2P >:-)
Does tor not work for IPv6 ? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 2011-01-10 22:29, Hans Witvliet wrote:
On Mon, 2011-01-10 at 23:03 +0100, Carlos E. R. wrote:
Yes, like locating who is doing P2P >:-)
Does tor not work for IPv6 ?
I assume it works, but you are located, you get a fixed IP, which is something not typically wanted with p2p. Ah, "tor"... you mean this? http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29 I have no idea. [... reading ...] No, you can not: ]> Bandwidth hogging ]> It is considered impolite by Tor community members to transfer massive amounts of data ]> across the Tor network ? the onion routers are run by volunteers using their own bandwidth ]> at their own cost. Due to the high bandwidth usage caused by the peer-to-peer file sharing ]> networks, it is considered impolite and inappropriate by Tor community members to utilize ]> the Tor network for protocols like BitTorrent. By default, the Tor exit policy blocks the ]> commonly used peer-to-peer ports.[29] -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith))
Carlos E. R. wrote:
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, you can make the move right now, the same way I did. You use a service called a "tunnel broker". With a tunnel broker, you set up your computer or firewall to use 6in4 tunnelling. This adds a 20 byte IPv4 header to the IPv6 packet, for transport over the existing IPv4 network. The tunnel broker then removes that header and puts your IPv6 packet on the IPv6 internet. You can do this with Linux, Windows, Mac and other. There are also many routers that support this. Cisco routers certainly do, as do certain D-link models. I believe the Apple Airports do as well. Also, given Cisco's support for IPv6, I wouldn't be surprised to see some Linksys models with it to. It can also be used with the various WRT models that can be reflashed with (IIRC) OpenWRT. My home network, including DNS is set up to always use IPv6 when available. Even my Google Nexus One can use IPv6, when connected to my WiFi. All my IPv6 capable devices have their own IPv6 address, which can be reached from the internet. While I have an IPv6 subnet on my home network, I can also run the 6in4 tunnelling client in single address mode, on my notebook, when away from home. BTW, my firewall is OpenSUSE 11.3 running on an old computer. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 05:47 -0500, James Knott wrote:
Carlos E. R. wrote:
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, you can make the move right now, the same way I did. You use a service called a "tunnel broker".
What for? What do I gain? All sites I use are on IPv4. Look, my printer has IPv6. I can not even connect to it on that! It could be well that I am clueless. It says: TCP/IP(v6) Status: Ready Link-Local address: FE80::21E:BFF:FE08:4CCB Stateless (from Router): Not configured Stateful (from DHCPv6): Not configured But if I write in firefox: http://FE80::21E:BFF:FE08:4CCB I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-) Yes, I'm playing thick-head here. Just to show you that I have no idea of IPv6 - and I'm a trained network installer, I have a Cisco diploma somewhere >:-p (we saw nothing of IPv6 in the training)
With a tunnel broker, you set up your computer or firewall to use 6in4 tunnelling. This adds a 20 byte IPv4 header to the IPv6 packet, for transport over the existing IPv4 network. The tunnel broker then removes that header and puts your IPv6 packet on the IPv6 internet. You can do this with Linux, Windows, Mac and other. There are also many routers that support this.
Which I would have to pay. :-( No, thanks.
Cisco routers certainly do, as do certain D-link models.
Cisco for a home ADSL? Way over the roof in price. No, let my ISP do the change, they will tell me what I have to do. And possibly they will pay for the change, being their "fault" >:-) - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0kUpIACgkQtTMYHG2NR9VV7gCfeHoc8tZpTzR/bdkFhUmtOTw9 W3cAn19TAjkfS/1EKkwUc+3ZkzY49Opz =eULb -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
On Wednesday, 2011-01-05 at 05:47 -0500, James Knott wrote:
Carlos E. R. wrote:
It is not our decision to make. It is our providers (the ISPs) who must make that move.
No, you can make the move right now, the same way I did. You use a service called a "tunnel broker".
What for? What do I gain? All sites I use are on IPv4.
Look, my printer has IPv6. I can not even connect to it on that! It could be well that I am clueless.
It says:
TCP/IP(v6) Status: Ready
Link-Local address: FE80::21E:BFF:FE08:4CCB Stateless (from Router): Not configured Stateful (from DHCPv6): Not configured
But if I write in firefox:
http://FE80::21E:BFF:FE08:4CCB
I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-)
Try this instead: http://[FE80::21E:BFF:FE08:4CCB] -- Per Jessen, Zürich (0.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 12:24 +0100, Per Jessen wrote:
But if I write in firefox:
http://FE80::21E:BFF:FE08:4CCB
I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-)
Try this instead:
Same thing :-( cer@Telcontar:~> ping6 "FE80::21E:BFF:FE08:4CCB" connect: Invalid argument cer@Telcontar:~> ping6 "FE80\:\:21E\:BFF\:FE08\:4CCB" unknown host cer@Telcontar:~> ping6 ::1 PING ::1(::1) 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.027 ms cer@Telcontar:~> ping6 FE80::21E:BFF:FE08:4CCB connect: Invalid argument I have no idea how one is supposed to use this. however, ntop does see "ff02::1:2", with the MAC address of the printer. There is connectivity on IPv6. I think it is a dhcpv6-client request from the printer. I also see activity on ff02::fb. - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0kb9IACgkQtTMYHG2NR9Xd7QCdFg+yCDJJGuUTnm9fPVQQO4o7 DJcAoIz6gTYyM8iTuiViecrNT8ATIvkb =P9k7 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
On Wednesday, 2011-01-05 at 12:24 +0100, Per Jessen wrote:
But if I write in firefox:
http://FE80::21E:BFF:FE08:4CCB
I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-)
Try this instead:
Same thing :-(
cer@Telcontar:~> ping6 "FE80::21E:BFF:FE08:4CCB" connect: Invalid argument cer@Telcontar:~> ping6 "FE80\:\:21E\:BFF\:FE08\:4CCB" unknown host
Yes, the link-local address can't be used like that - TBH, I don't know why. For ping6, you need to specify the interface: ping6 -I ethX FE80::21E:BFF:FE08:4CCB -- Per Jessen, Zürich (2.2°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 15:22 +0100, Per Jessen wrote:
Yes, the link-local address can't be used like that - TBH, I don't know why. For ping6, you need to specify the interface:
ping6 -I ethX FE80::21E:BFF:FE08:4CCB
Ah, yes, I remember that now. As I don't use v6 and I can't understand the reason of having to specify the interface, so I always forget that detail. Yes, that ping works, and then the address appears in ntop. The syntax for browsing is, or so says ntop, "http://[ff02::1:ff08:4ccb]/", I don't know why is the difference - at least, that's what ntop says it is. But it doesn't work: Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb]. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. But the printer does not respond to that IP by ping, either; it does to "FE80::21E:BFF:FE08:4CCB" instead. However, if I put "http://[FE80::21E:BFF:FE08:4CCB]/" in FF, FF doesn't even try to connect, I keep seeing the same page that was there previously. Obviously, I don't know if the printer is properly configured, or if my linux is. I guess it is, as I can ping the printer. But I have no idea. I also see entries in the firewall: <0.4> 2011-01-06 03:18:13 Telcontar kernel - - - [256669.247433] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:1e:0b:08:4c:cb:86:dd SRC=fe80:0000:0000:0000:021e:0bff:fe08:4ccb DST=fe80:0000:0000:0000:0221:85ff:fe16:2d0b LEN=104 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=62255 SEQ=1 <0.4> 2011-01-06 03:18:14 Telcontar kernel - - - [256670.247202] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:1e:0b:08:4c:cb:86:dd SRC=fe80:0000:0000:0000:021e:0bff:fe08:4ccb DST=fe80:0000:0000:0000:0221:85ff:fe16:2d0b LEN=104 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=62255 SEQ=2 <0.4> 2011-01-06 03:18:15 Telcontar kernel - - - [256671.247229] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:1e:0b:08:4c:cb:86:dd SRC=fe80:0000:0000:0000:021e:0bff:fe08:4ccb DST=fe80:0000:0000:0000:0221:85ff:fe16:2d0b LEN=104 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=62255 SEQ=3 <0.4> 2011-01-06 03:18:16 Telcontar kernel - - - [256672.247220] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:1e:0b:08:4c:cb:86:dd SRC=fe80:0000:0000:0000:021e:0bff:fe08:4ccb DST=fe80:0000:0000:0000:0221:85ff:fe16:2d0b LEN=104 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=62255 SEQ=4 <0.4> 2011-01-06 03:18:17 Telcontar kernel - - - [256673.247210] SFW2-INext-DROP-DEFLT IN=eth0 OUT= MAC=00:21:85:16:2d:0b:00:1e:0b:08:4c:cb:86:dd SRC=fe80:0000:0000:0000:021e:0bff:fe08:4ccb DST=fe80:0000:0000:0000:0221:85ff:fe16:2d0b LEN=104 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=ICMPv6 TYPE=129 CODE=0 ID=62255 SEQ=5 - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0lKQEACgkQtTMYHG2NR9V41gCfatlaI3hL7ffAHRtEoc4odtBm XmQAnjlKEjyo6vnvxcs+bmEXdQG/BRlO =Oqss -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb].
Try this instead: http:///[FE80::21E:BFF:FE08:4CCB%eth0] That format works for me. -- Per Jessen, Zürich (3.1°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Carlos E. R. wrote:
Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb].
Try this instead:
http:///[FE80::21E:BFF:FE08:4CCB%eth0]
That format works for me.
Correction: http://[FE80::21E:BFF:FE08:4CCB%eth0] -- Per Jessen, Zürich (5.9°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2011-01-06 09:20, Per Jessen wrote:
Carlos E. R. wrote:
Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb].
Try this instead:
http:///[FE80::21E:BFF:FE08:4CCB%eth0]
That format works for me.
Indeed! That one works. Three or two bars, both work. But it is a terrible format! (thunderbird doesn't highlight it. It is not clickable) Having to add a 6 to the ping, specify the interface in pings or web browsing... Perhaps it is a question of routing tables :-? What would happen if I modify my bind dns configuration in an unfathomable way, so that the returned address for the printer is the v6 one instead of the v4 one, would I have to write the port too? That's absurd. It is, isn't it? So if I bookmark the address, it would go with eth0 too... How weird. And where from did the printer get that address? I did not configure it, it was HP, the manufacturer. Perhaps I should configure instead the equivalent v6 address to the v4 addr. Ha! I'm lucky to have a v4 ISP, or you could be printing to /my/ printer from your home! >:-) Is there an IPv6 manual for dummies? - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk0l+IwACgkQtTMYHG2NR9W+/wCeLauJNMNx7Xgdkix4WbxF37Nz wOoAnj5e99xjCiZHi2wYfUm8dtnlI8nj =tj1W -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2011-01-06 09:20, Per Jessen wrote:
Carlos E. R. wrote:
Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb].
Try this instead:
http:///[FE80::21E:BFF:FE08:4CCB%eth0]
That format works for me.
Indeed! That one works. Three or two bars, both work.
But it is a terrible format!
Yes, it is unusual having an IP-address in the URL, normally it would be a name, but the %ethX extension doesn't work with a name (as far as I have seen). Btw, the FE80::21E:BFF:FE08:4CCB%eth0 format also works with e.g. ssh and telnet. It is handled by the getaddrinfo() function. I suspect there must be a way of specifying a name plus devicename, but I haven't found it yet.
Having to add a 6 to the ping, specify the interface in pings or web browsing... Perhaps it is a question of routing tables :-?
It is a problem specific to link-local addresses - if you were to use global unicast addresses, i.e. "plain" IPv6 addresses, there is no problem. If you can assign your own IPv6 addresses to the printer, you could try using the fec0 prefix - it's deprecated, but was meant to be site-local.
What would happen if I modify my bind dns configuration in an unfathomable way, so that the returned address for the printer is the v6 one instead of the v4 one, would I have to write the port too? That's absurd. It is, isn't it?
If you change the A record and make it an AAAA instead with a proper IPv6 address, it'll work just fine. I tried it with a link-local address, and I couldn't get it to work with the %ethX notation.
And where from did the printer get that address? I did not configure it, it was HP, the manufacturer. Perhaps I should configure instead the equivalent v6 address to the v4 addr.
It's automatically configured; the fe80 prefix means "link-local", the rest is an encoding of MAC-address of the interface.
Is there an IPv6 manual for dummies?
I'm sure there are many good books out there, but I can't recommend anyone specific. Sofar I've managed with a couple good wikipedia articles and googling a lot. -- Per Jessen, Zürich (5.3°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Resending, lets see if Telefonica behaves properly now. On 2011-01-06 18:46, Per Jessen wrote:
Carlos E. R. wrote:
But it is a terrible format!
Yes, it is unusual having an IP-address in the URL, normally it would be a name, but the %ethX extension doesn't work with a name (as far as I have seen). Btw, the FE80::21E:BFF:FE08:4CCB%eth0 format also works with e.g. ssh and telnet. It is handled by the getaddrinfo() function. I suspect there must be a way of specifying a name plus devicename, but I haven't found it yet.
I meant terrible compared to an IPv4 numerical address. There is no need for brackets nor for the interface.
Having to add a 6 to the ping, specify the interface in pings or web browsing... Perhaps it is a question of routing tables :-?
It is a problem specific to link-local addresses - if you were to use global unicast addresses, i.e. "plain" IPv6 addresses, there is no problem. If you can assign your own IPv6 addresses to the printer, you could try using the fec0 prefix - it's deprecated, but was meant to be site-local.
Well, I certainly want local-only addresses, not global addresses. I read somewhere that old v4 addresses could be mapped to new v6 addresses. Some prefix, then the old 192.168... (I need a good read on all this...)
What would happen if I modify my bind dns configuration in an unfathomable way, so that the returned address for the printer is the v6 one instead of the v4 one, would I have to write the port too? That's absurd. It is, isn't it?
If you change the A record and make it an AAAA instead with a proper IPv6 address, it'll work just fine. I tried it with a link-local address, and I couldn't get it to work with the %ethX notation.
No, I don't want to put the eth part :-) So add an AAAA record. But also add the reverse file somehow, too.
And where from did the printer get that address? I did not configure it, it was HP, the manufacturer. Perhaps I should configure instead the equivalent v6 address to the v4 addr.
It's automatically configured; the fe80 prefix means "link-local", the rest is an encoding of MAC-address of the interface.
Ahh! I see. And I don't need routing tables, because we write the eth0 port in the address given to firefox. If I would be using names, how would the routing know on which ether port is that MAC address? Routing tables are done by prefixes common to many machines. Unless the operating system does discovery and automatic routing...
Is there an IPv6 manual for dummies?
I'm sure there are many good books out there, but I can't recommend anyone specific. Sofar I've managed with a couple good wikipedia articles and googling a lot.
I'm more lazy than that, I would prefer a book in paper, or a really good, simple, web page. :-) - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0mJDIACgkQtTMYHG2NR9XmwQCdFtkZUWtg41pZvYW0ser1BYMq CIAAnReOHHL5JnueDtCESgVGWgyOXapi =wMgo -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
On 2011-01-06 18:46, Per Jessen wrote:
Carlos E. R. wrote:
But it is a terrible format!
Yes, it is unusual having an IP-address in the URL, normally it would be a name, but the %ethX extension doesn't work with a name (as far as I have seen). Btw, the FE80::21E:BFF:FE08:4CCB%eth0 format also works with e.g. ssh and telnet. It is handled by the getaddrinfo() function. I suspect there must be a way of specifying a name plus devicename, but I haven't found it yet.
I meant terrible compared to an IPv4 numerical address. There is no need for brackets nor for the interface.
In the normal case, that would be the same for IPv6. The numerical address is too long to be really useful by itself. Using the IPv6 numerical address is an exception, not the norm.
Having to add a 6 to the ping, specify the interface in pings or web browsing... Perhaps it is a question of routing tables :-?
It is a problem specific to link-local addresses - if you were to use global unicast addresses, i.e. "plain" IPv6 addresses, there is no problem. If you can assign your own IPv6 addresses to the printer, you could try using the fec0 prefix - it's deprecated, but was meant to be site-local.
Well, I certainly want local-only addresses, not global addresses.
Well, as far as I've understood, that's actually not foreseen in IPv6. There is a concept of site-local addresses, but it's been deprecated. IPv6 has enough addresses for everyone.
I read somewhere that old v4 addresses could be mapped to new v6 addresses. Some prefix, then the old 192.168...
Yes, that is true - one of the transition mechanisms is 6to4, where all IPv4 addresses are mapped into IPv6 as 2002:: - doesn't mean the private RFC1918 addresses suddenly become public though.
What would happen if I modify my bind dns configuration in an unfathomable way, so that the returned address for the printer is the v6 one instead of the v4 one, would I have to write the port too? That's absurd. It is, isn't it?
If you change the A record and make it an AAAA instead with a proper IPv6 address, it'll work just fine. I tried it with a link-local address, and I couldn't get it to work with the %ethX notation.
No, I don't want to put the eth part :-)
So add an AAAA record. But also add the reverse file somehow, too.
You probably don't have to, but it's just as easy as an IPv4 reverse map.
And I don't need routing tables, because we write the eth0 port in the address given to firefox. If I would be using names, how would the routing know on which ether port is that MAC address?
The same it does today for IPv4 - it has a route.
Routing tables are done by prefixes common to many machines. Unless the operating system does discovery and automatic routing...
It does, just like today. -- Per Jessen, Zürich (5.4°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
I meant terrible compared to an IPv4 numerical address. There is no
need for brackets nor for the interface.
In the normal case, that would be the same for IPv6. The numerical address is too long to be really useful by itself. Using the IPv6 numerical address is an exception, not the norm.
The reason you need the brackets is because of the colons used to separate the hex digits. The colon is also used to specify a port number, so you need some way to separate the address from port. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
What would happen if I modify my bind dns configuration in an unfathomable way, so that the returned address for the printer is the v6 one instead of the v4 one, would I have to write the port too? That's absurd. It is, isn't it? A valid IPv6 address is something like this: ::ffff:172.16.1.10. You just add the ::ffff: to the IPv4 address. However, your operating system recognizes it for what it is and contacts it as IPv4. You only have to specify the port when using the link local address. If you had a subnet, even one not connected to the internet, your computer could
Carlos E. R. wrote: figure out which interface to use. Just like in IPv4, there are address blocks for that purpose. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
And where from did the printer get that address? I did not configure it, it was HP, the manufacturer. Perhaps I should configure instead the equivalent v6 address to the v4 addr.
Every IPv6 capable device automatically gets a link local address that starts out with FE80 and includes the mac address. However, the mac address is split into two parts, the first 3 bytes, which correspond to the manufacturer, then FFFE, then the last 3 bytes, which are the manufacturers sequential number for the NIC. The FFFE is used to fill out the 48 bit mac address to the 64 bit subnet address. (The smallest permissible IPv6 subnet is /64.) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
Is there an IPv6 manual for dummies?
Actually, O'Reilly has a good book. It's "IPv6 Essentials" IIRC. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Carlos E. R. wrote:
Firefox can't establish a connection to the server at [ff02::1:ff08:4ccb].
Try this instead:
http:///[FE80::21E:BFF:FE08:4CCB%eth0]
That format works for me.
That's what I was trying to remember. Since I have a proper IPv6 subnet, I don't hae to worry about using the link local addresses. I can just use the address by itself, without specifying the interface. I can even use the host name, as my DNS server hands out IPv6 & IPv4 addresses. BTW, you can also put the host names in the hosts file. If you put the IPv6 line in ahead of the IPv4 line, your apps will use IPv6 when available. In the hosts file on the computer running dnsmask, the hosts file contains one block of lines with the IPv6 addresses for the various host names and then a block for IPv4 addresses. Both sections use the same host name for each device. Of course the IPv4 section has a couple more lines for IPv4 only devices. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Yes, the link-local address can't be used like that - TBH, I don't know why. For ping6, you need to specify the interface:
ping6 -I ethX FE80::21E:BFF:FE08:4CCB
The reason you have to specify the interface for the link local address, is because otherwise the computer won't know what interface to use (I have 3 NICs in one computer). With other addresses, the interface can be determined by the subnet the address belongs to. Since the link local address isn't in a subnet, that method doesn't work. However, the link local address is used to access routers on your network. In that case, the router periodically announces itself to the computers on the local network and from that, the computers know which interface the router is connected to. Here's an example from my computer showing the default IPv6 route: default via fe80::202:a5ff:fe7b:d908 dev eth0 proto kernel metric 1024 expires 1695sec mtu 1280 advmss 1220 hoplimit 64 Notice that it specifies eth0 as the interface to find the router. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Per Jessen wrote:
Yes, the link-local address can't be used like that - TBH, I don't know why. For ping6, you need to specify the interface:
ping6 -I ethX FE80::21E:BFF:FE08:4CCB
The reason you have to specify the interface for the link local address, is because otherwise the computer won't know what interface to use (I have 3 NICs in one computer).
How about a simple workstation with just one NIC? Besides, in a box with multiple interfaces, each interface has it's own link-local address (AFAICT), but for some reason the routing table shows all link-local addresses accessible via lo(opback). There must be a reason, I just don't know what it is. -- Per Jessen, Zürich (5.4°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
How about a simple workstation with just one NIC? Besides, in a box with multiple interfaces, each interface has it's own link-local address (AFAICT), but for some reason the routing table shows all link-local addresses accessible via lo(opback). There must be a reason, I just don't know what it is.
I suspect it's done for the general situation, so that it can handle all situations the same way. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2011-01-05 at 12:14 +0100, Carlos E. R. wrote:
What for? What do I gain? All sites I use are on IPv4.
You probably mean: "All the sites i used _untill now_, are on IPv4" Did you ever consider the possibility that there might me a site tomorrow that is ipv6 only?
Look, my printer has IPv6. I can not even connect to it on that! It could be well that I am clueless.
That's for the brave at heart.
I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-)
Then you probably use SuSE_6.3 or even much older...
Yes, I'm playing thick-head here. Just to show you that I have no idea of IPv6 - and I'm a trained network installer, I have a Cisco diploma somewhere >:-p
(we saw nothing of IPv6 in the training)
Well, it is even in the current BSDA-exams
With a tunnel broker, you set up your computer or firewall to use 6in4 tunnelling. This adds a 20 byte IPv4 header to the IPv6 packet, for transport over the existing IPv4 network. The tunnel broker then removes that header and puts your IPv6 packet on the IPv6 internet. You can do this with Linux, Windows, Mac and other. There are also many routers that support this.
Which I would have to pay. :-(
If you are into Cisco, you wil probably be overpaid...
No, thanks.
Cisco routers certainly do, as do certain D-link models.
Cisco for a home ADSL? Way over the roof in price.
No, let my ISP do the change, they will tell me what I have to do. And possibly they will pay for the change, being their "fault" >:-)
- -- Well i guess that your v.23 modem probably doesn't support it ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 2011-01-05 at 23:08 +0100, Hans Witvliet wrote:
On Wed, 2011-01-05 at 12:14 +0100, Carlos E. R. wrote:
What for? What do I gain? All sites I use are on IPv4.
You probably mean: "All the sites i used _untill now_, are on IPv4" Did you ever consider the possibility that there might me a site tomorrow that is ipv6 only?
That will be tomorrow. Or beyond. And tomorrow, it will still be tomorrow. >:-)
I'm refered to a google page instead of my printer. So, linux is not IPv6 aware >:-)
Then you probably use SuSE_6.3 or even much older...
Last time I looked it was 11.2 at least.
(we saw nothing of IPv6 in the training)
Well, it is even in the current BSDA-exams
Not in what we did. It was a training course over 250 hours paid by the government. If the government thinks I should know nothing about IPv6, who am I to argue? >:-)
Which I would have to pay. :-( If you are into Cisco, you wil probably be overpaid...
Ha! Wish I were. Any of that, Cisco or overpaid. I would be grateful to be paid at all.
Well i guess that your v.23 modem probably doesn't support it ;-)
I guess it does support IPv6. It is only transmission hardware, it knows nothing of the IP. That's handled by the ppp daemon in Linux... so, is the ppp Linux daemon IPv6 capable? Einn? >:-) - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk0lRY0ACgkQtTMYHG2NR9VxPQCbBevyV2AnNDaHIwYWDbE0rOYU YggAn2Wl5wYGCKDdPMhsBS1tQwjJdj+E =TWc3 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
Which I would have to pay.
Not with the tunnel brokers I'm aware of. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (14)
-
Carlos E. R. -
Carlos E. R. -
Dave Howorth -
David C. Rankin -
David Haller -
Hans Witvliet -
James Knott -
John Andersen -
jsa
-
Ken Schneider - openSUSE -
Per Jessen -
Philipp Thomas -
Philipp Thomas -
Wilfred van Velzen