Host a “phones off” party, go to a sauna, go for a hike with friends with self control etc., but please don’t hold me hostage (connectivity wise) in a cramped metal tube for your sense of nostalgia.
Planes are just about the least pleasant space to experience involuntary offline-ness. (That said, people scrolling reels with the speaker on (or the display at brightness levels making me consider sunscreen) should immediately go on the no-fly list.)
> What’s nice is not that it’s just me, but that it’s everyone.
This made it sound like you enjoy me being offline, and that seems pretty selfish (as long as I don't annoy you somehow with my Internet connection, and on that, see my original comment).
I'm a big fan of offline gatherings (ideally in nature, which is pretty much the opposite of economy class on many dimensions), but I think this should be a choice.
I do enjoy you being offline. There’s nothing selfish about having different preferences to you. Selfish would be forcing those preferences on you. That you assumed one was the other is a good reason to reflect.
Why would you be "terrified" of space-based ballistic missile defense? Seems a lot better than ground-based interceptors that have a not-great rate of interception.
For trillions of dollars, Golden Dome is unlikely to be effective at interception, but it destabilizes MAD and can be used as a global prompt strike offense weapon.
Depends on the size of the system you need to secure.
If kilobytes of storage and very limited computing power works for your use case, you can get very secure (smartcards and secure elements remain essentially undefeated at the hardware level; all attacks I know happened via weak ciphers).
For an entire current-gen gaming console, you'll have a much harder time.
I pay $25 for my backup 5G internet - but unlike a mobile plan, it's actually unlimited at 300mbps, and I don't have to resort to TTL shenanigans and such to use it for my whole network. It's just plugged into one of the ports on my router, and provides it with real public IPv4. Ran it for a few days when the fiber dropped out and consumed 200GB without complaint from either myself or the ISP.
The bottom of the page does give some details about what "unlimited data" means here in the UK between the different carriers. Some cap speeds, some monitor usage and then either turf you off on "fair use" grounds or do traffic management/shaping. The general rule seems to be 650GB in 6 months is just about the limit of what is ok.
That wouldn't be anywhere near enough for me. Looking at my router I see I've downloaded 522GB in the last 34 days alone.
> Romania reportedly has unlimited for 4€ but I don't know which operator.
Orange Yoxo is the only one which has actually-unlimited, all the others have a fine-print somewhere with "up to X GB/month, then bandwidth is severely throttled".
I'm using the 4.9€ plan for a mountain webcam[1] and they have been true to their word, no throttling so far.
I mean it's more to do with the cool factor of using a satellite, not practical concerns. Practically a mobile failover is superior if you have coverage.
Wouldn't a widespread ground-based infrastructure outage also take out (or at least severely degrade) Starlink in the affected region if people were to widely use it as a backup solution?
Starlink has been known to carry traffic over lasers from Southern Africa to Europe and from New Zealand to Eastern USA. During the power outage in Spain/Portugal they proactively moved traffic to the UK
Local failures don't matter unless your country doesn't allow landing user traffic in other countries (Indonesia, Bangladesh)
> Set IPv6 Connection to SLAAC (this is critical - SLAAC must be used, not DHCPv6) [...] Set 'Prefix Delegation Size' to 56
Is this also A UniFi bug, is Starlink doing IPv6 address assignment in a weird way, or is this a normal/RFC-compliant way of assigning a /56 subnet to a router?
I always assumed routeable prefixes on v6 require DHCPv6 (except for hacks like RFC 7278 and /64 subnets)?
I think that section left out some details. On my Unifi setup, the router's IPv6 connection is configured with DHCPv6 (SLAAC isn't even an option) while the local networks are configured with SLAAC.
> If you could just ask your router for a lease on a chunk of IP+NAT addresses
The “just” is doing a lot of lifting there. I’m glad the various port mapping protocols didn’t really take off and it looks like IPv6 is going to actually make it instead. Much less complexity in most parts of the stack and network.
It is always a mystery how people just randomly misinterpret what I write. At literally no point did I mention port mapping.
I am pointing out how the problem NAT “solves” is just dynamic address configuration. They have implemented a N+K bit address where the N-bit prefix is routed and allocated using IP and the low K-bits are routed and allocated like a custom fever dream.
You can just do it all the same way instead of doing it differently and worse for the low bits.
To be clear, the router should rewrite zero bits in the packet under the scheme I am describing just like how routers have no need to rewrite any bits when routing to a specific globally-routable IP address.
You get a lease for a /N+K address. /N routes to your router which routes the last K bits just like normal as if it had a /N-M to a /N route. This is a generic description of homogenous hierarchical routing.
If I understand it correctly, you're suggesting formalizing a way to make parts of the (host-specific) port canonically part of the network-wide address, no?
This still sounds like a very bad mixing of layers, even if done in a perfectly standardized and uniform way.
> It is always a mystery how people just randomly misinterpret what I write.
If this is intended literally and not as a general complaint: My main problem of understanding your suggestion is that I don't know what you mean by "IP+NAT address". NAT is a translation scheme, not an address.
Maybe it would be clearer if you could provide an example?
> You get a lease for a /N+K address. /N routes to your router which routes the last K bits just like normal as if it had a /N-M to a /N route.
> This still sounds like a very bad mixing of layers, even if done in a perfectly standardized and uniform way.
No, I am describing a generalization of IP to arbitrary concatenated routing prefixs.
NAT has the same problems as if we lived in a alternate world where we decomposed IPv4 into 4 8-bit layers and then used a different protocol for each layer. That is obviously stupid because the subdivision of a /8 into /16s and a /16 into /24s is fractally similar. You can just use the same protocol 4 times. Or even better, use one protocol (i.e IP) that just handles arbitrary subdivision.
In the IPv4 (no NAT) world your application has a 49-bit address. Your router is running a DHCPv4 server and allocates your computer a /32 and your computer is “running” a DHCPvPort server that allocates a 17-bit prefix to your applications.
In the IPv4+NAT world your application has a 49-bit address. Your router is “running” a DHCPv4+Port server and allocates your applications a /49, but only tells them their /32 and then rewrites the packets because the applications do not know their address because the stupid router did not tell them.
In good world your application has a 49-bit address. Your router is “running” a DHCPv4+Port server and allocates your applications a /49 and tells them their /32 prefix and 17-bit segment. No packet rewriting is necessary.
Your router could also choose to allocate your computer a /32 subnet and leave DHCPvPort to your computer. Or it could give your computer a /31 if you have 8 interfaces. Or a /34 as a /32 subnet with 2-bit port prefix. Each node routes as much or as little routing prefix as it understands/cares about.
This is a generalization of IP that can handle arbitrary-length, arbitrarily-concatenated routing in a completely uniform manner and all the pieces are basically already there, just over-specialized.
The original SOCKS proxy specification was something like this. You'd LD_PRELOAD a library that would make the application think it was running directly on the proxy server, and it supported both connecting outbound and listening.
I didn’t see it as mysterious. 25 years ago, the problem as stated went through lots of consensus to become IPv6. It took a few years for SLAAC to emerge. But we don’t need it to be homogeneous; the router advertises different feature levels via ICMPv6.
Basically the same thing. If you legitimately need to establish a connection then put a firewall rule in, whether that needs nat or pat is a function of your available addresses.
If you are tying to work around your firewall because it isn’t yours, that’s not a legitimate use.
Love it when random people tell me whether my use case is legitimate or not without apparently even knowing it exists!
Take mobile data connections, for example: Most people don't want to pay for metered (by the byte) inbound traffic they didn't ask for that also drains their battery, but do want to be able to establish P2P connections for lower latency VoIP etc.
This is a firewall that's definitionally "not theirs", but that still also serves their interests, yet usually doesn't offer any user-accessible management interface.
So may I please traverse this firewall now, or is my use case still illegitimate?
Are you even acknowledging my example? Where does it exist in your bimodal model of reality of "my firewall" and "somebody else's firewall"?
What provider would you suggest somebody wanting to make VoIP calls on their smartphone switch to that allows port forwarding of the kind you describe? And which popular VoIP app would support statically forwarded ports like that?
You're assuming that the firewall was configured correctly or that the firewall admin is cooperative. That's a big ask.
On the other hand, there is plenty of badly written networked software. I bet most of the networked software developers have no idea how to correctly plumb their software. They just open whatever connection, e.g. sockets, their OS provides and just run with it without care of the underlying layers. The OSI model theory in fact encourages this ignorance.
P2P traffic is illegitimate according to you? Like Skype calls? You think Skype should not exist? (Well it doesn't exist any more, but whatever replaced it)
Lord, we're how many years into using LLMs, and people still don't understand that their whole shtick is to produce the most plausible output - not the most correct output?
The most plausible output might be correct, or it might be utter bullshit hallucinations that only sound correct; the only way to tell is to actually try it or cross-reference primary sources. Unless you do, the AI answer is worthless.
The reason why they're getting so good at code now is that they can check their output by running and testing it; if you're just prompting questions into a chatbot and then copying their output verbatim to a comment, you're not adding any meaningful value.
Exactly! This is what LLMs do: they bullshit you by coming across as extremely knowledgeable, but as soon as you understand 5% of the topic you realise you've been blatantly lied to.
Even if you get 70% blatant lies and 30% helpful ideas, if you can cheaply distinguish the two due to domain expertise, is that not still an extremely useful tool?
But to the point of this thread: If you can't validate their output at all, why would you choose to share it? This was even recently added to this site's guidelines, I believe.
But then why make this comment at all, even despite the disclaimer? Anyone can prompt an LLM. What's your contribution to the conversation?
To be clear, I use LLMs to gut check ideas all the time, but the absolute minimum required to share their output, in my view, is verification (can you vouch for the generated answer based on your experience or understanding), curation (does this output add anything interesting to the conversation people couldn't have trivially prompted themselves and are missing in their comments), and adding a disclaimer if you're at all unsure about either (thanks for doing that).
But you can't skip any of these, or you're just spreading slop.
reply