Posts by I could be a dog really

Re: A consequence of IPv6's poor design and many failures

There are aspects of IPv6 which I don't particular care for, but having followed discussions in IETF mailing lists, I recognise WHY things are as they are.

Take, for example, the default 64bit local part to the address. There isn't actually anything fundamental in the IPv6 spec that requires it - except SLAAC (stateless address auto configuration) where the spec does specify the address split at 64 bits.

Usually, complaints that it's "wasteful" come from IPv4 thinking where addresses are scarce. Lets just thing about things for a moment - any decent ISP will be giving you a /48 allocation, which allows you to have 65,336 /64 prefixes internally. I'll pause while you think about that - you have the equivalent of using the entire 192.168/16 RFC1918 address space of public IPs as network identifiers (subnets in IPv4 speak.) Some ISPs will only give you a /56 - which means you "only" have 256 prefixes.

But some ISPs will only give you a single /64. These are the ones that would be head of the race to the bottom of the pond, and if the /64 restriction were lifted*, would quickly shift to giving end users smaller allocations - the logical endpoint down in the mud being that you get a single /128 allocation and have to use NAT, so losing lots of the benefits. It's the same sort of thinking that makes crappy ISPs enforce regular IPv4 address changes.

There is no excuse, the smallest allocation for an ISP is a /32, meaning that they can offer a /48 to 64k (2^16) users or a /56 to 16M (2^24) users. If they have a lot of users, they can get larger than a /32.

* It comes up every now and then, and is intensely debated - and always the end consensus is not to enable that race to the bottom.

To be more precise, there is nothing against DHCP in IPv6 except ... one specific vendor with a dominant market position who not only won't support DHCP but pressure hardware vendors to block it in the chipset to make sure others can't add support for it. It's perfectly possible to run a network using only DHCP for addressing - as long as you don't need Android devices to work.

So please direct any ire over lack of DHCP support to Google - they are the only ones being a p.i.t.a. about it.

But for many networks, particularly small ones like home and small business, you really don't need DHCP. Plug and play self configuration works very well for these environments, and removes a complication that many people don't need.

Yes, 100% of systems would have needed a minor update

Congratulations for demonstrating that you know s.f.a. about network addressing or router hardware. 100% of systems would need a major upgrade, and almost all infrastructure routers would need a hardware upgrade (well actually, replacement).

All but the smallest routers have a hardware support plane, and that's where the money goes. Most routing is done in hardware, which has paths designed to suit the address lengths in use. Extend the address, whether that's an extra 1 bit or an extra 96, and that hardware plane cannot handle it. In reality, any change will need new hardware - and if you need hardware, why pee around with a minor increase that will only postpone the next update by a short time, or just go for something that should last for the foreseeable future ?

Leaving aside the hardware issue, the network stack will need updating as well, so again, might as well go for an update that's going to last a long time and avoid needing to do the same thing in a few year's time.

Put another way, there is absolutely no way whatsoever that you can have any sort of "upgrade" from the IPv4 332 bit address space without creating a two-layer internet of IPv4 + IPvSomethingElse.

Rule #1 of getting people on board with Shiny New Thing, make it backwards compatible with Crappy Old Thing

Rule #1 of networking upgrades - you cannot "upgrade" a network protocol without breaking everything that currently handled it. No, you CANNOT add a few bits to the address to get IPv4+ - 100% of the existing routers will not be able to handle it. However you choose to do it, it's a new protocol and will need new/upgraded routers, network stacks, whatever.

Rule #2 of networking upgrades - there will always be people who haven't a clue how things work who will say we "just need to ..." and ignore the basic fact that it cannot work that way.

Protocol designers had numerous options for meeting needs of the use case without resorting to a lazy fallback to global addressability.

really ?

"global addressability" used to be a thing, in fact it was the default before some idiots broke it.

Hey Bob, do you know where Fred lives, I've got something for him ? Yeah, he's at 15 High Street. That's such a stupid paradigm isn't it ? He lives somewhere in Anytown, but you can't go there, the only way to get to him is to go to the Town Hall and wait until he comes for you - he does know to come for you doesn't he ? That sounds like a great paradigm.

Yeah, I'll take the larger load washing machine, can you deliver it please ? Sure, where to ? 10 Low Street please. That's such a stupid paradigm isn't it ? Only $[megacorp-logistics] who I'm forced to subscribe to can deliver it. That sounds like a great paradigm.

In the case of SIP, it makes sense for endpoints to be able to talk to each other - with the registrar simply telling A that there's a call from B, and B can be reached at [address-port]. And it does work, except where someone decides to f*** up the networking so it doesn't. Now every generic VoIP provider is forced to run a big NAT proxy and consume lots of bandwidth to unbreak NAT.

A protocol to "understand NAT" would be great, but having spend a few decades in networking, I can tell you that the implementors of NAT have many ways to f**k that up - I have a special place in hell for Zyxel with their "don't care if everything is borked, it's secure" attitude and a NAT that actively borks pretty well any attempt to code around it.

Re: A consequence of IPv6's poor design and many failures

And if you want to, you CAN just use it as more address space.

More space was needed (is needed); NAT does not fix things, it breaks a shitload of stuff (that most users don't see because of the effort put into hiding that); NAT also pushes towards an internet that is run by corporations for their own ends because of the things it breaks which are "fixed" by relying on someone's servers; it's 100% impossible to add address space without breaking existing networks, so forget about those stupid "just add a few bits" suggestions because any such scheme would work with 0% of the installed routers of the internet; and IPv6 fixes a lot of things that people want to do but can't (either easily, or at all) with IPv4.

BUT that is all irrelevant anyway. For various reasons, including idiots suggesting we never needed to do anything major beyond add a few bits, IPv4 is going to be around for some time. And while it is, because of it's address scarcity, you will get greedy corporates like the one mentioned screwing with the system for profit.

Why should Gerald know that anyone else needs to be informed of a server move when he's correctly updated the DNS ?

I've had a similar issue in the past, updating our client facing mail server which ran on a different IP address. Of course, everyone who set things up as per our directions had no problems. But then one customer took a couple of weeks to realise they had a problem - they'd hard coded their web site to send emails to our server at the IP address rather than using the DNS. Of course, it was our fault for not telling them, to which I replied that we've never supported anything but using the DNS name and if they depart from that then they take responsibility for updating their end.

But then customers always seem to find "different" ways of doing things. Like the one who also had a problem sending email from their web site. We used greylisting, and they couldn't send anything because their site was coded to not support authentication (which bypassed greylisting), and also didn't support "store and try again" which would also have got around the greylisting. I just pointed out that they could either act as a MUA, or an MTA, and if they did it properly they'd have no problem - and no, we can't do custom config tweaks for individual customers (I'm not going down that rabbit hole !)

Re: Would any of these dipshits like to suggest...

Since when has reality mattered. Given some of the people in control over there (and over here in the UK, we don't seem to be too far behind at times), I could well believe some of them could think they could ban gravity and pass a law to that effect. As previously stated, not enforceable, but that wouldn't stop some people arresting you anyway and leave it to the courts to sort out.

Re: I dont believe it...

I can only assume from the downvotes to this and an earlier post that there are people who actually do think it's a good idea for a mail server to accept messages "yes, I'll take that and deliver it" - but then just toss it in the virtual bin. The mind boggles at the mindset who would rather have no idea if their message wasn't delivered than get a response (from their own mail server) to inform them about it. OK, there may be nothing you can do about it, but at least you know if it wasn't delivered.

Re: I dont believe it...

"The problem with rejecting spam is, what is the sender supposed to do with something time-sensitive needed by the recipient?"

Ring them, go to see them, send snail mail, send a carrier pigeon, anything but assume they've got it and wonder why nothing happens. At least you know they didn't do it so can try and mitigate the problem.

Re: I dont believe it...

But all of these junk messages have a red 'Unverified' label, so why pass them on to me in the first place? Just filter them out!

You've mentioned yourself about false positives - and I can assure you that filtering out false positives and not delivering them is a real problem that all the big oligopolists have built into their systems. It's really not hard to do "check a message and reject (refuse delivery) if it fails" filtering - and if everyone did that then spam would be a lot less of a problem. Or rather, the collateral damage from dealing with spam would be a lot less of a problem. As I've noted elsewhere, being able to look in your server logs and see a message was accepted - but know that the user might not get it - is "very irritating".

But if they all either delivered what they accept, or reject what they won't deliver, then life would be a lot simpler.

And "junk folders" are another complete p.i.t.a. which I turn off as best I can on any system I use. I'd rather filter the junk out of my inbox than find I've had something important sat there for weeks and I've not seen it. Even worse are those users who just nuke everything that's "junk" without even looking.

Re: That's actually a positive change

Indeed, they run a broken by design system - but strangely, few people seem to think that there's anything wrong with accepting messages and then not delivering them. It shows how good the "we'll deal with your spam problem" marketing has worked.

It's a real problem in that I can look at my server logs and see a message has been accepted, but have no idea if the user will actually see it. It's hard to get angry about non-replies (like paying a bill) when you know it might be as simple as them never having received it because I have the temerity to not use one of the oligopolists enshittified systems.

Re: Basic Rule.

chap/he could be chapette/she but generally women seem to take this stuff more seriously and have no tolerance for hazing for obvious reasons

And what "obvious reasons" might they be ? I've worked in female dominated environments, and trust me, the women can be worse than the men on pretty well any measure of better/worse. In some ways, they can be worse because they know there's more tolerance - for example, if a bunch of men make lewd comments to the fresh meat woman then that's sexual harassment; but switch it round, and in many places it's just "banter". It shouldn't be, but that's how it is.

As an example of how there is still (OK, it's a few years old now, but attitudes haven't changed all that much) a difference in attitude, it takes all the way down to this post for someone to point out that things would have been different had it been men attacking a woman.

Re: Delete

You don't ever need to delete.

Hmm, how many ways is that wrong, lets think of a few ...

1) It's illegal to keep personal information that's no longer needed.

2) disk space isn't infinite, but the ability to use it is. For example, I tend to rip DVDs and store just the film/programs on my media server with the physical disks put out of the way - it's both more convenient, and a better experience stripping all the "coming soon trailers for stuff that came out decades ago, and the obligatory 'you're a criminal' bits". That takes "a few gigs" each time with stuff I will never need again (and if I did, it's on the original DVD). I only have a 2TB SSD in my laptop, spinning rust (if I could afford to waste it like that) would be a lot slower over USB.

3) In a past life, we had an accounting system I was sysadmin for - it generated gigs of data when 18G was about the limit if you had deep pockets. We often made copies of the database in order to test something. Ditto it not being practical to keep everything.

4, 5, 6, 7,...) Some of us have discovered something called ... a backup. Used to have cabinets full of the tapes for said system in #3

Definitely not with a wildcard. Definitely not with a -f.

Hmm, so are you going to delete hundreds, thousands, of files individually ? Ditto hitting Y "a few times" when the OS seems to think it's fun to keep asking ?

The general principle - move something rather than delete it - yes, fully agree. But unless you have an unlimited budget for storage and are willing to accept the risks of constantly upgrading the hardware, you have to delete stuff sometime when you're done with it.

Re: An SME just wants their IT to work

Well the analogy is - if you have a car and don't know how to look after it, then you take it to someone (e.g. a garage) who does and pay them to look after it.

The IT world is still that the "buy a car, at some point notice the brakes are only working on one wheel, and without bothering with any manuals (or these days, online videos) figure out how to bodge a bit of wood in place of the worn out pads" stage.

Re: Platitudes

The guy doing the work doesn't need to have any qualifications if he's adequately supervised by someone who does.

Also, you are a little out of date, the IEE merged with Institution of Incorporated Engineers to become the IET 20 years ago ! The IIE had itself absorbed the Society of Engineers the year before. See the history of the IET

When it comes to (installation) certificates, there are actually three signatures: the guy that designed the system, the guy that installed it, and the guy that inspected and tested it. They can be the same person, but in large projects you may find that it's three different people, each of whom is not qualified to sign off either of the other two. And again, as long as the guy signing the certificate at the end "adequately supervised" the other two, then there's no problem.

I don't know why you've got downvotes for a factual statement.

At least there are few actual connectors in a full fibre network - most of the connections are fusion splices which are as immune to dirt etc. as the fibre itself.

Re: It worries me that *everything* is being forced to depend on the …

Light a fire under those responsible for comms; cell towers around here got extended life UPSes and generators after several hurricanes

Round here (UK), the most that's likely to happen is a lot of people complaining on twitface or whatever. But since everyone is preoccupied with "how cheap can I get it", don't expect the networks to spend money on meaningful battery backup that might never be used.

This report should be required reading for anyone with even the remotest responsibility for providing services - or interest in their own resilience. I would challenge anyone to read it and not find something they hadn't thought of that requires electricity and is essential or very important to basic living.

Re: Wiggle the mouse

Indeed, having something moving to tell you it's working makes things feel quicker than "just nothing".

Something else to be aware of ...

Some OSs prioritise apparent boot speed. The time between switching on and getting to a login prompt is a key driver of user perception. But, having got to the login prompt, or after that, a desktop on the monitor, the system won't do anything for you as it's still busy loading all the background stuff it needs to work. When I'm working form home, I'll switch on and put in the bitlocker password before I do breakfast, then I'll log in and have breakfast (and/or switch to my personal laptop and catch up with ElReg) while waiting for it to get to a point of being usable.

Re: CRT Monitors and floppies

Those with memory from the era might recall that Apple often had photos of the Apple ][ with two dick drives on top, and a monitor on top of that. It worked just fine ... as long as it was the Apple monitor which had magnetic screening in the base. At the time, we had the local Apple dealership, and one particular client had problems with corrupted disks - but when the rig was brought in, we'd never find any problem. It was a while before we twigged that they had the monitor sat on top of the floppy drives just like in the pictures - but it wasn't an Apple monitor.

Before that we'd been looking at power problems, they had some powerful spot welding equipment in the factory ...

Re: Power without responsibility

At one place I worked at, we had a couple of occasions I had to investigate ... wobbly screens.

One occasion, all the screens (green, or some of them, amber Wyse 60 terminals hooked up to a Unix box) would wobble - not a lot, just enough to be annoyingly noticeable. And it didn't happen all the time. I tracked it down to only doing it when the curtain fan heater in the shop below was running - i.e. a 2 or 3 kW load. I asked the electricians if any work had been done recently - they found a neutral had dropped out of the back of a socket - so what should have been a ring, was only a ring for the live, and thus creating a single turn coil carrying about half the fan heater current. This was enough to make the screens wobble.

More fun was when the offices were being extended - steel frame building, and for good measure the builders welded all the joints as well as bolting them. This time, they connected the welding earth to a convenient point and wandered around with the welding torch. So the steel frame became a large coil carrying welding current (probably 100+amps) - this took the picture almost off the edge of the tube when they struck up a good arc !

And a tale I was told by our instructor at an electronics night school ... cough decades ago. He'd been in an apprentice training scheme where one day a week for practical experience, local would be encouraged to bring electrical stuff in that needed repair - repair was free, just parts to pay for. One day, a rather high quality German TV set was brought in - and being one fo the better apprentices, he got to repair it. Simple fault, quickly fixed - then time to "fiddle". Who remembers playing with the horizontal hold controls on TVs/monitors ? Well apparently this one could shift the picture a good way off the side of the tube ... so ... he wired in a slider pot with a lump of plasticine on it's slider, and put the back on.

So, called over the instructor, said he'd fixed the fault, but got this very strange one - when he tipped the TV on it's side, the picture "slid" downwards. Tilt it the other way, picture slide downwards again - onto the tube and off the lower side.Before long it was being held up in front of the whole group, and various theories were being put forward - including interaction with the earth's magnetic field. Apparently it was half an hour before anyone thought to take the back off and they discovered the trick.