| 21 Aug 2021 |
 6aa4fd | seems pretty straightforward on paper | 02:57:25 |
 matthewcroughan - nix.zone | In reply to @6aa4fd:tchncs.de
I'm not really qualified to comment on it. I couldn't design something that would get me mail from Tokyo in an hour, let alone a quarter second I only know that there's better things out there, not that I could design them. | 02:57:54 |
| 6aa4fd | BTW if you have a server center where you have ipv6 without HE, you don't need HE at home, you can just tunnel to that DC | 02:58:05 |
| matthewcroughan - nix.zone | SCION being one of them, the most promising. | 02:58:07 |
| matthewcroughan - nix.zone | There's actually a remarkable amount of layer 2 replacements though. | 02:58:16 |
| 6aa4fd | maybe I misunderstood your network topography | 02:58:23 |
| matthewcroughan - nix.zone | In reply to @6aa4fd:tchncs.de
BTW if you have a server center where you have ipv6 without HE, you don't need HE at home, you can just tunnel to that DC Tunnel to it how? | 02:58:37 |
| matthewcroughan - nix.zone | You mean use it as my ipv6 provider instead of hurricane electric? | 02:58:47 |
| 6aa4fd | In reply to @matthewcroughan:defenestrate.it
You mean use it as my ipv6 provider instead of hurricane electric? yeah. that is all you are paying he for, using their servers as endpoints | 02:59:21 |
| matthewcroughan - nix.zone | I suppose. Though I actually can't do that, because I don't have control over the network there. | 02:59:43 |
| matthewcroughan - nix.zone | Additionally, they only have a /64 block, so they can't actually do that. | 02:59:51 |
| 6aa4fd | a data center with only a /64? what a joke | 03:00:11 |
| matthewcroughan - nix.zone | Well, it's just a business connection. | 03:00:22 |
| matthewcroughan - nix.zone | BT (British Telecom) | 03:00:27 |
| 6aa4fd | that is like a v4 network with only one vlan | 03:00:30 |
| matthewcroughan - nix.zone | Yup :D | 03:00:35 |
| matthewcroughan - nix.zone | Horrible. | 03:00:36 |
| matthewcroughan - nix.zone | and the network administrator is a BOFH | 03:00:54 |
| 6aa4fd | do they just use Mac based firewalling? | 03:01:01 |
| matthewcroughan - nix.zone | Not sure about the firewall details, it's a free for all. | 03:01:18 |
| matthewcroughan - nix.zone | https://youtu.be/GE94BJg3U1Q | 03:01:26 |
| matthewcroughan - nix.zone | This video should explain it. | 03:01:28 |
| 6aa4fd | In reply to @matthewcroughan:defenestrate.it
Not sure about the firewall details, it's a free for all. time to get ya shit out brotha | 03:06:05 |
| matthewcroughan - nix.zone | I'm not that paranoid really. | 03:06:16 |
| 6aa4fd | anyways good luck with the tunnel, ping me if it hisses | 03:06:37 |
| matthewcroughan - nix.zone | A NixOS machine is a pretty good and secure internet facing base. | 03:06:39 |
| 6aa4fd | sure unless they get any user with read access | 03:07:00 |
| matthewcroughan - nix.zone | Only two users on the machine. Me and the other Administrator. | 03:07:31 |
| 6aa4fd | until we have granular store permissions its pretty dicey as production | 03:07:37 |
| matthewcroughan - nix.zone | Two users with a shell, and ssh access, ssh keys only. | 03:07:47 |
