HackerTrans
TopNewTrendsCommentsPastAskShowJobs

TuxPowered

no profile record

comments

TuxPowered
·19 gün önce·discuss
> I've never seen a mobile phone AP offer IPv6 to clients, but if they do they have to use SLAAC-compatible IPv6 NAT in that situation.

iPhone does that, and I’m pretty sure I’ve seen Android doing the same. The phone keeps a single /128 from the /64 assigned by the mobile network on its mobile interface and the re-assigns the /64 on the WiFi interface. No NAT is involved.
TuxPowered
·19 gün önce·discuss
> Nothing is stopping an ISP from implementing it by taking one ip and assigning ports 1-10.000 to customer A, 10.001 - 20.000 to customer B, and so on. Similarly, nothing is stopping an ISP from adding long-lived mappings to an otherwise-random pool which outlive the initial connection.

I’m pretty sure that the scarcity of Legacy IP addresses and port numbers (!) is exactly what stops providers from doing that, at least by default. I’ve seen NAT running out of ports way too many times, and shortening of connection tracking lifetime comes with a whole set of hard to spot bugs.
TuxPowered
·19 gün önce·discuss
> Even if you want to geek out and manage it yourself, a VPS is a very attractive option.

And some VPS providers already started charging extra for hosting the server on Legacy IP.
TuxPowered
·geçen ay·discuss
While debugging some issues in some system Claude refused to write test case because it broke terms of use.

Oh shit, all this fantastic technology is in hands of corporations and they get to decide what we’re allowed to use it for.
TuxPowered
·2 ay önce·discuss
The availability of GitHub is still at 0% - it can't be reached over IPv6.
TuxPowered
·4 ay önce·discuss
> not fully compatible with OpenBSD one

The OpenBSD NAT and scrub syntax, and af-to are available in FreeBSD 15.
TuxPowered
·4 ay önce·discuss
Even with IPv6 you still might have stateful firewalls allowing only for outbound connection at both ends (e.g. a CPE a.k.a. “WiFi router”) and to establish communication you’d need to punch a hole in those firewalls.
TuxPowered
·4 ay önce·discuss
> just like almost all transportation is done today via cars instead of horses.

That sounds very Usanian. In the meantime transportation in around me is done on foot, bicycle, bus, tram, metro, train and cars. There are good use cases for each method including the car. If you really want to use an automotive analogy, then sure, LLMs can be like cars. I've seen cities made for cars instead of humans, and they are a horrible place to live.

Signed, a person who totally gets good results from coding with LLMs. Sometimes, maybe even often.
TuxPowered
·7 ay önce·discuss
It should always be at 0, because GitHub is unreachable over IPv6, which in 2025 should be considered an incident.
TuxPowered
·8 ay önce·discuss
I did traffic shaping per user for a few hundred users on 1GHz Pentium III on Linux. It can be done just fine.
TuxPowered
·8 ay önce·discuss
> On what's now almost 10 year old hardware, we could drop 44Mpps of a volumetric DOS attack and still serve our nominal workload with no impact.

Was filtering done with pf, ipfw or some custom firewall?
TuxPowered
·9 ay önce·discuss
> How do you avoid this

IPv6 of course.

> or is it just not important

Port knocking not a security feature anyway.
TuxPowered
·11 ay önce·discuss
Making my web resources IPv6-only has solved the problem for me. I don’t consider this a solution for ever, but for now it’s apparently way too modern or complicated for the A-so-called-I companies.