Lithuania. Haven't heard of this happening here. However, in some cases, both drivers can be declared guilty. If the insurance company tries to say that the driver in front stopped for no reason to get insurance money, this still does not excuse the driver behind of not keeping a safe distance (well, what if the driver in front had a reason to brake?).
In my country if you hit a car in front of you, you are guilty for the accident because you failed to keep at a safe distance. It does not matter if the driver in front stepped on the brakes for no reason (in some cases you may be both declared guilty). The reasoning is that even if he stepped on the brakes for no reason at that time, what if there was a reason (pothole, someone on the road etc) that you could not see? You would still have hit the car in front of you.
In my country, speed cameras are preceded with a sign announcing the presence of said camera. The signs far enough away that you can slow down without hitting the brakes too hard (unless you were really speeding). The government said that, yes, more fines would be collected without those signs, however, the intended result is not to collect fines, but to make people drive slow, at least in that area. Which the signs do well.
Well, one man in my country had 0.84% BAC. Yea, twice the LD50 level. He was driving but could not find his way out of an (almost) empty parking lot and a bystander called the police.
The record BAC was 1.4%, though that guy was unconscious on the side of a road.
Yea, in my country hitting a car from behind makes you guilty (should have kept the distance), unless the other driver is drunk (drunk driver is always guilty) or he changed lanes too close in front of you and braked immediately.
your outgoing traffic will still be fine
That may not be fine as well, since unless IPv6 can cram both host IPs into the packet, existing sessions will get dropped (which may not happen with IPv4, since IPs stay the same). Also, that requires more complex firewall configuration (what's the probability that one of the IPs will not be entered?).
My back-of-a-napkin solution to this a few years ago was that there's an obvious business model for a few ISP to conspire to jointly provide dual-homing.
There are a few problems with this:
1. The ISPs must be willing to cooperate (unlike now, they only have to provide BGP access).
2. The customer still cannot change ISPs (now I can take my AS to another ISP if I do not like the current one or another pair of ISPs if I'm moving and the current ISPs do not provide service in the new location).
3. The failure of an ISP must trigger a BGP announce to stop traffic from coming to it. This may not happen. Currently we had multiple problems where the main ISP failed but did not announce that - out BGP router still though that the ISP is good. I had to write a script that checks if the internet is accessible and if not (for a few minutes) forces our BGP router to use the other ISP (done with prepends and priorities).
It's so great that all dangerous diseases are immediately obvious to averyone and the sick person himself. I mean there is no way that you could be sick, but not know that yet and transmit the disease to others. Right?
No, it's not. A NAT router works as a good firewall straight out of the box, you may not even need to configure it other than setting the admin password. Uplink IP is configured using DHCP, the router has its own DHCP server for internal network and no incoming connections are allowed.
I remember quite a few v4 IPs of my own machines, machines of the company I work for and of clients.
Adding all that to a DNS server would be a pain (either having one private server with all of them or adding to the servers of the appropriate client, assuming the client has a DNS server, some don't, after all a network of x Windows PCs and a single samba server does not really need DNS, especially if the network is just a bunch of Windows PCs with no server).
When a program does not work, I just run tcpdump (on both ends) and figure out the problem. A port scanner may only be able to scan a limited number of hosts at once, so if it spends a couple of hours trying to scan me, it won't scan others. Also, if the scanning is not automated (like a bot or virus) but is instead because somebody ran nmap, they might get bored and stop.
This is especially useful if the server does not have publicly accessible resources (that is, all incoming connections are limited by source IP). Dropping packets makes it look like that host isn't even there. Also useful in case of a DOS (that is not enough to completely saturate the uplink) as there are no packets going back.
switch to another ISP, it isn't as if ISPs are thin on the ground.
I have a few options, but AFAIK a lot of Americans do not (I do not live in the US). Even for me, since I live in an individual house it would be expensive o have another ISP get its fiber cable to me.
You _can_ allocate networks smaller than a
That's good to know, though it would mean that if I use Android devices I will have to type in the long v6 IPs even though IPv4 has shorter IPs AND DHCP works with all devices.
Though since I would still need NAT (for keeping the IPs when switching to a backup ISP), I guess that is not such a big problem and AFAIK NAT exists for v6 (though not one-to-many as I understand, so I would need a proxy server to make all outgoing connections look like they are from a single device).
I usually use DROP instead of REJECT. Makes port scanners take longer to scan.
Takes longer to type, though maybe they will start making keyboards with hex numpads.
Also, to me, remembering a number and letter combination is more difficult than just number combination (I guess it's related to the numpad).
Besides, I never had to type external and internal IP at once. It's either the external IP (one, so not difficult to remember) or the internal IP (can be compressed as "the 192 subnet" 1 2)
So, the designers of IPv6 could not conceive that somebody could have less than 2^64 devices and still want to put them in separate networks? Well, I guess IPv4 was divided using classes in the past, but CIDR is great.
So now my ISP will have a say in how many internal networks I have? And this is supposed to be better than IPV4 with NAT?
NAT creates layers of indirection, and NAT makes machines not directly addressable.
Good. What if I want to have machines that are not directly addressable. Also, I may want to redirect the packets to various machines based on where it came from (internal network or outside).
With NAT, you'll end up needing to fumble with your router and open / redirect ports anyway, just to be sure that everything works as it should.
Which I will need to do with IPv6 just the same because I do not want to allow incoming connections by default.
Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?
