Hitler discovers that Julian Assange lost out to Mark Zuckerberg

http://blogs.forbes.com/kashmirhill/2010/12/16/mark-zuckerberg-imma-let-you-finish-but-julian-assange-was-clearly-the-person-of-the-year/?boxes=Homepagechannels

You must have been born yesterday.

Merit has nothing to do with it. It's all about politics. You can bet they got rid of plenty of top quality talent and kept a lot of dead wood.

Be careful what you wish for - IPv6 so full of flaws, until IPv4 completely runs and and it gets rammed down our throats, no enterprise will adopt this. Where do I even start?

OK, case in point. The people who designed IPv6 think NAT is not necessary because there's enough addresses for everybody. That's the dumbest thing I've ever heard. They're missing the point! Does anyone NOT think about the routing tables?

Right now IPv4 over the Internet is barely manageable and only because people NAT. In fact, you cannot have networks more specifc than a /24 because many ISP's will filter you out because it would be just too many routes to deal with. Most companies that connect to the Internet have one network (or a small handful of networks) and thankfully present only those few networks to the Internet. Now let's say you take NAT out of the equation. You mean to say you want the **INTERNAL routing table of every company everywhere ** in every Internet router?? That's madness! Do people think routers just have terabytes of memory, and that routing protocol convergence times are negligible?

And before you try to suggest summarization as a solution, no, you cannot just summarize in IPv6 and call that a simple answer. That leaves no room for mobility. So one specific host leaves the summary route and goes to a different location, how are you going to inject that /128 route into the Internet routing tables? You can't, nobody would be able to handle your /128 (host) route and know how to return traffic to you. NAT is clearly the only way to allow access for mobile devices to change locations and still get to the Internet.

Here's a more specific example. You have an IP address at home. You IPSec VPN to work. They turn off split tunneling for security reasons, which of course means all traffic has to go over the VPN tunnel. However they allow you to go to the Internet through this VPN tunnel. So now you pass traffic to the VPN concentrator, and try to get to the Internet. But now you have a problem, without NAT. Your home computer's IP now has to appear as if it's coming from your company? So you have to inject a host route to the Internet, and hope the rest of the Internet has a return route to you? That's so not happening - no routing protocol can handle that.

Let me also point out NAT hides addresses and provides security. I don't want the Internet knowing my internal host IP's. They can know about my firewall IP though. So I want to hide the internal IP's. NAT does this beautifully, and is an essential security function.

There's no denying NAT is needed. The fact the the IPv6 designers even debate this at all shows how clueless they are to real world issues, and because they are so detached from reality, nobody wants to implement their new protocol. It's no mystery why the IPv6 adoption rate is so slow.

And who's going to pay for it? You?

That costs money. Many people have routers and NAT works fine, but those routers cannot handle the firewall.

Case in point. Let's say you have a Cisco 2800 router. You can run NAT for a branch office, and give that branch office Internet access, no problems. You have security.

On the other hand, let's say you want to run stateful firewall on that Cisco router. First, you need to purchase a security license to turn on the CBAC, which is the IOS stateful firewall. Secondly, the router will perform like crap, and your throughput is drastically reduced. I had a user office with 10 people and a Cisco 2821 couldn't handle the traffic with CBAC. Changed the config to simple NAT and everything was fine.

You can make up stories all you want about how stateful firewall is more secure than NAT. It's not true. We never got broken into by China. Randomizing TCP sequence numbers, etc might theoretically help but in practice, it doesn't really make a difference. NAT will protect you.

Having said that if you can afford a real firewall or you are a profitable business, by all means get a firewall. But there's plenty of situations where it's not worth the money.

But it needs to go both ways. GET RID OF TRAFFIC CAMERA'S FIRST. You record us, and ask not to be recorded? That's so funny.

Does anyone know if ldpd is available in Linux also? Do you need OpenBSD to support VRF's?

What does your question have anything to do with the article? Completely non sequitur.

"Power over Ethernet" does not in any way mean "Power over Internet" as your title implies. It's a way to provider power to your devices through your Ethernet cable, but that power comes from a local power source from within the same building, not from some remote source on the Internet. For example if your ethernet switch is PoE capable, it can power your devices, and the power comes from that local switch.

Get a Mac Mini with EyeTV (e.g. get an EyeTV Hybrid). That's the best combo ever. Works as a great DVR. You also have a full computer, can surf the web, etc. You can launch Firefox and play Netflix no problem, do it all of the time. Has front row which is awesome, you can simply launch iTunes and play movies, TV shows, etc. And the best part is you are up and running from day 1, nothing to configure, the software just works and is intuitive. The apple remote is fine for a lot of things but I also recommend a Logitech diNovo Edge keyboard. You want a bluetooth keyboard. Other wireless keyboards don't have the range, you can't sit on your couch on the other side of the room and control things, but bluetooth keyboards can work at that distance no problem.