From: Quantum Scientific <Info@Quantum-Sci.com>
To: netdev@oss.sgi.com
Cc: usagi-users@linux-ipv6.org
Subject: Re: support of IPv6 by NFS
Date: Tue, 1 Mar 2005 07:44:37 -0600 [thread overview]
Message-ID: <200503010744.38339.Info@Quantum-Sci.com> (raw)
In-Reply-To: <42243F8D.5030302@bull.net>
On Tuesday 01 March 2005 4:10, Gilles Quillard wrote:
> This works but this needs that the kernel has been compiled with IPv6,
> which is not mandotary. A lot of people in the Linux community do not
> have experience with IPv6 yet and are not ready to use it. So making it
> mandatory for NFS, even in a pure IPv4 network, is not easy.
My experience is that IPV6 is extremely difficult to figure out how to set up
securely, for the time being, due to lack of connection-sharing. This little
fact goes completely unmentioned in ALL of the HowTos. Thank goodness for
the USAGI project.
Also one must become an ip6tables expert in order to have a reasonably secure
firewall, because ip6tables and 6tables are dead, and Shorewall does not
support IPV6 security for some reason. Another deterrant.
And 80% of potential users are behind a cable/DSL 4 NATting router. There is
no clarity that it is possible overcome this by either setting to DMZ, or
hoping your cablemodem passes protos 41, 50 & 51. Even some tunnel operators
do not know this, so I had to figure it out myself. There is no Linux 6to4
UDP tunnelling app, but there should be, because this is such a common
problem. (As I understand, Teredo is Winduhs-only, and is not supported by
most tunnel operators)
And frankly, most Linux users' only contact with IPV6 has been the DNS AAAA
browser delay seemingly inherent in some distros. Although I realize that
all of us who run Linux are ostensibly uber-gurus, fact is this is a negative
first experience for most, stemming from attempts by distros to encourage ppl
to use it with an inoperative function, and without an obvious way to
troubleshoot/repair.
These issues contradict assertions that IPV6 is beneficial and easy. If I
didn't have a strong motivation and lots of time, I would have chucked
early-on. Speaking the actual truth, not propaganda or spin, leads to
understanding of the *real* world.
Carl Cook
next prev parent reply other threads:[~2005-03-01 13:44 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-01 10:10 support of IPv6 by NFS Gilles Quillard
2005-03-01 13:44 ` Quantum Scientific [this message]
2005-03-01 15:08 ` (usagi-users 03222) " Jeroen Massar
2005-03-01 16:19 ` Olaf Kirch
2005-03-01 17:18 ` Jeroen Massar
2005-03-01 18:39 ` (usagi-users 03224) " Rémi Denis-Courmont
2005-03-01 18:56 ` (usagi-users 03222) " Quantum Scientific
2005-03-01 19:46 ` Jeroen Massar
2005-03-01 21:37 ` (usagi-users 03226) " Elliott Mitchell
2005-03-06 11:04 ` (usagi-users 03222) " Harald Welte
2005-03-06 15:40 ` (usagi-users 03249) " Jeroen Massar
2005-03-01 15:19 ` (usagi-users 03222) " YOSHIFUJI Hideaki / 吉藤英明
2005-03-01 16:35 ` Rémi Denis-Courmont
2005-03-06 11:02 ` Harald Welte
2005-03-01 15:42 ` YOSHIFUJI Hideaki / 吉藤英明
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200503010744.38339.Info@Quantum-Sci.com \
--to=info@quantum-sci.com \
--cc=netdev@oss.sgi.com \
--cc=usagi-users@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).