Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:Gigabit speeds, though? (Score 2) 118 118

Most speedtest servers are hosted on 1 gigabit/s which means you will probably never be able to get a clean 1 gigabit/s reading from those. That would require that you got the server all by yourself and that wont happen.

We are an ISP that sell gigabit. We host our own speedtest.net server on a 10 gigabit/s. It might be considered "cheating" as the user will only be measuring our internal network. But there is simply no other speedtest server nearby that is able to give consistent good readings. There are a couple that will give you ok readings ("almost 1 gig") but that depends on the time of the day and you might have to try several times.

And no, our transit connections are not congested. However ISPs that do not market themselves as selling 1 gig or more will have no reason to establish 10 gigabit/s at all interconnections. But that also means traffic to them will be limited by the interconnection.

Take a look at any IX member list and notice how many companies have only 1 gbps or slower ports. Our users will never get 1 gig to those guys if the traffic goes that route. Remember there will always be other traffic on the port as well.

However, if a user has traffic to multiple destinations he will usually be able to take full advantage. So it is good for families. You will never be slowed down by what others are doing in your household.

Comment Re: Wouldn't apply to Netflix (Score 3, Interesting) 85 85

I work for an ISP. The way it works is, the 2 isp's have a free peering agreement... Every month or 3 they compare traffic and true up. You ate up 100gig more than we did? You party us X. And vice versa.

I own an ISP. This is not the way it works at all.

Peering policy is actually a rather complex topic. How it works depends on what kind of ISP you are and your size. Small ISPs want to peer no matter what. Large ISPs typically do not want to peer at all. The balanced peering requirement is a poor excuse to say no to peering.

As a small ISP we want to peer with all and everything. This is because any byte transmitted over a free peering is a byte that did not have to go via our paid transit circuit. It does not really matter in what direction that byte is going.

As a residential ISP the majority of our traffic is download. The transit cost is determined by the larger of upload and download. If we can get rid of some download, we will save good money. Netflix is offering to bring some of that download to us for free.

It is very asymmetric and it is a very good deal for both companies. It is a win-win.

So why do large ISPs not want to do this? Because they can get away with forcing everyone to pay to deliver traffic to them. It is no longer a win for them if they think they can get Netflix to be a paying customer. Nor if they already have free peering with the big transit providers, because then they are already getting the stream for free.

Why do mid sized ISPs not want to peer with small ISPs? If the mid sized ISP has a peering agreement with the transit provider of the small ISP, they are already getting the traffic for free. So there is no gain for them. On the other hand, the mid sized ISP might believe the smaller ISP could become a transit customer and you never peer with your customers or potential customers.

But instead of coming clear and tell the real reason, you will typically get the balanced peering requirement quote instead.

In truth balanced peering is not really possible nor desirable for a residential ISP. Only other residential ISP would have balance with us but there will be very little traffic. Just a little bit of bittorrent etc. As a residential ISP we need to peer with content providers, hosting companies and the like.

Comment Re:it could... (Score 2) 148 148

You need torque to turn this thing. Due to the extreme reduction, the needed torque has little if any relation to what you put at the output. Instead it is just the internal friction of the plastic gears. Which means there is a point where further reduction does not make it any easier to turn.

You need strength in the part to use the output torque. Due to the extreme reduction, output torque is practically limited only to the point where the plastic gears break. There is a point where further reduction does not give you anything, because you are already past the point where the gears break.

Clearly this thing is way past both of those points.

You can not get infinite accuracy either. At some point the output shaft will stop moving smoothly compared to input, but instead move in a way determined by imperfections in the gears.

Comment Re:It's the end of the world as we know it! (Score 1) 307 307

That has already been invented. It is called address plus port (RFC 6346 or A+P): https://tools.ietf.org/html/rf...

But it will only be used for "compatibility" - to communicate with IPv4 hosts that have not yet been upgraded to IPv6. If you think about it, there are no reason to deploy devices that can understand "quints" as that is just as big an upgrade to the IP stack as switching to IPv6.

Your home router will run the A+P function. It will share an IP address with other customers at your ISP. You will be assigned a port range with that shared IP address. The router will simply do NAT, so your devices on the home network do not need to know anything about this.

At some point you will find that it sucks not to be able to run ssh on port 22 and http on port 80. Therefore your helpful ISP has also provided you with IPv6, where no such limitations apply.

Also the trick only works with UDP and TCP, as other IP protocols do not use ports.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287 287

That is not what should happen if you have it configured proper.

Say your prefix is 2001:db8:1::/48

Your LAN is 2001:db8:1:1::/64
Your WIFI is 2001:db8:1:2::/64

Your laptop has 2001:db8:1:1::10 on the LAN and 2001:db8:1:2::20 on the WIFI.

Now if you type ping6 2001:db8:1:1::42 it will automatically prefer the LAN interface and use the 2001:db8:1:1::10 IP address. It will not use the WIFI address unless you force it.

On the other hand if you ping6 2001:db8:1:2::42 it will select the WIFI interface and use 2001:db8:1:2::20 as source address.

If you ping something on the internet or if you ping 2001:db8:1:3::99 (assuming the laptop is not connected directly to that), it will first select an outgoing interface (either LAN or WIFI) and then pick the source address from that interface. Again unless you force it to do something different. These are the default address selection rules.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287 287

Typically your firewall is also the device that is handling the DHCP-PD with upstream and assigning /64s to your downstream routers or to different ports on the device. It will just work. It will not think that the traffic is spoofed. It will also do connection tracking and know exactly what is spoofed and what is not.

Devices will pick the correct IP from the outgoing interface. If your laptop has a Wifi connection, it will use the Wifi address when initiating connections that way. And the LAN address when sending out traffic on the wired network.

Applications can override that behavior but then you are dealing with misconfiguration or broken applications.

Trouble with devices connected to two subnets (links in IPv6 terms) at the same time are basically the same with IPv4 and IPv6.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287 287

Android does not support DHCPv6 at all. Proposing that they should implement IA_PD but not IA_NA is silly. Doing that might very well break PD on networks where there is a requirement that the next hob for the PD is known and stable. Such as ours...

What you can't do? You can't do tethering except on 3G/4G networks. Why you would want to? Dunno, but I notice that not every Android device is a phone. There could be use cases for that.

Also there are universities and large companies that simply wont let you do SLAAC. I have no experience running such networks, so I can not tell if they are right in doing that. I imagine they could have some of the same issues that we have in our ISP network (ND cache exhaustion etc). A simple defense could be to use a /120 or /112 with DHCPv6.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287 287

I do not know about APNIC, but RIPE accepts /48 assignments to end users. All ISPs in my country, which are doing IPv6 (which few of them are), are handing out /48 to users. So that is kind of the standard here.

Even the smallest ISP can get a /29 allocation from RIPE. That is a half a million of /48 assignments to give on to end users.

The problem with the idea of a global hierarchy routing is that the internet is not a hierarchy. BGP simply does not work like that. Solving that (if it needs solving) requires something more. One proposal is LISP.

Comment Re:So what? (Score 1) 287 287

Try using tethering while you have that Android on Wifi (tethering using bluetooth to a laptop). That wont work because that requires DHCPv6. Why would you want to? I don't know, but that is what is broken here.

It works while using cellular internet because they effectively have an alternative to DHCP-PD to assign a /64 prefix to the phone. They new LTE standard is switching to DHCP-PD so I wonder what Google will do then.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287 287

Except for cellular carriers, almost all ISPs are assigning multiple /64. Most are doing either /56 or /48.

The way to structure your internal network with three subnets is very simple. You will use three /64 out of the /56 or /48 that you got from your ISP.

There are many reasons that ISPs will not be assigning /64 or smaller. That is simply very hard on the ISP equipment. So have no fear, that will not become common.

Comment Re:A perspective of an ISP (Score 1) 287 287

Privacy extensions is an extension to SLAAC. All major operating systems come with privacy extensions enabled by default, which means they will do a dosen of adresses per device. If you enable SLAAC in the provider network and do not use DHCPv6-PD, most CPEs will bridge IPv6. That means the ISP switch/router has to track every single device inside your household multiplied by number of addresses used for privacy extensions.

But it is a problem even with no device actually using the address. If someone starts mapping your address space (eg. using nmap) the ISP router has to start NDP discovery on every single address that someone sends a ICMP ping to. There is no way the ISP router can know that there is no device with that address. The only defense is to limit the number of active cache entries per customer, but then you just made it very simple to DoS the customer with trivial amount of ICMP traffic.

For this reason the sane way to implement IPv6 as to do DHCPv6-PD and assign either 0 or 1 IPv6 address on the link interface. Zero is possible because IPv6 can use link local addresses for routing, but it will screw up your traceroute and arguably it prevents the CPE from sending back mandatory ICMP packets such as MTU changes.

Yes, we will be going to OSI, Mars, and Pluto, but not necessarily in that order. -- Jeffrey Honig

Working...