Recent searches

No recent searches

Search options

Only available when logged in.
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

372
active users

med-mastodon.com: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.1

#nat

0 posts0 participants0 posts today
Replied in thread
*
Kevin Karhan :verified:

@drscriptt Naive question: WHEN does the average #Internet #user ever open up a webpage with an #IP address instead of a #domain or even #FQDN?

  • Seriously, the only cases I saw were either some old, non-public - facing server in some B2B/API setting or a test that #httpd / #ngnix / #ssh / … function properly on like a #VPS and that the #DNS hasn't been updated (yet!) to include said host / FQDN in the records, and even then it's bad cuz you'd rather want to use it's FQDN instead because with #IPv4 shortages on one hand and tools like #Portainer on the other, one should not use an #IPaddress as addressing method because #WAF / #Proxies used to "#MUX" / "#NAT" services under one IP address or #IPv6 block may need that distinction by being queried for a specific FQDN...

The Idea if !SSL / #TLD for #IPaddresses makes me feel like Jeff Goldblum!

YouTubeJurassic Park - They didn't stop to see if they shouldBy LoveMovieQuotes
mkj

Do I have anyone within my reach who would be willing to help me debug a DNAT issue on OPNsense?

I can sincerely say that it's *probably* trivial, and I am *probably* just missing something obvious; but it's not obvious when you're not quite sure what you're looking for. Reading the documentation, browsing the forum and searching the web has not led me to find a solution.

Boosts appreciated.

#OPNsense#NAT#DNAT
Replied to Rynn 🌙 Professional Cyberwitch 🌙
mkj

@lycanmatriarch That does sound weird. The LAN-side-of-NAT IP (typically RFC 1918 space) should only show up on the LAN side of NAT. That's kind of the point of NAT.

Are you *sure* it's your Plex box originating that traffic, and not just some other machine on the network you're on that happens to have the same IP address? Maybe something in the Plex web UI which happens to include a request to its internal IP address and which (obviously) does not get rewritten by the NAT at your home?

#NAT
Rynn 🌙 Professional Cyberwitch 🌙

Hey other #network folks I have a weird #firewall and #NAT question. I'm looking at the firewall traffic log where my work laptop (I'm in the office) is the source, and I'm looking at the traffic connecting to my home plex server.

The plex server is a private IP behind NAT. In the log I show the putbound traffic from my work laptop to my home router IP, but I also see a following entry with the private IP that my router is forwarding plex's port traffic to. I thought anything done behind NAT wouldn't show up, especially because I'm only looking at the initial communication out, and not the return communication from my server to my me. Is my understanding of NAT wrong?

Replied in thread
Litchralee_v6

What Docker did was to intellectually limit the creativity that users could have had with containers, funneling everyone into the most trivial of network use-cases. When everything is server-client, it's really hard to develop peer-to-peer or avant guard applications.

The parallels to #LegacyIP and #NAT are staggering, as they too stymied progress in other, not-yet imagined scenarios. #IPv6 should have been the go-to for hyperscalar from day-one. That it wasn't is forever a travesty.

7/n

Replied in thread
*
Kevin Karhan :verified:

@landley @jschauma @ryanc @0xabad1dea yeah, the exhaustion problem would've been shoved back with a #64bit or sufficiently delayed by a 40bit number.

Unless we also hate #NAT and expect every device to have a unique static #IP (which is a #privacy nightmare at best that "#PrivacyExtensions" barely fixed.)

  • I mean they could've also gone the #DECnet approach and use the #EUI48 / #MAC-Address (or #EUI64) as static addressing system, but that would've made #vendors and not #ISPs the powerful forces of allocation. (Similar to how technically the #ICCID dictates #GSM / #4G / #5G access and not the #IMEI unless places like Australia ban imported devices.

I guess using a #128bit address space was inspired by #ZFS doing the same before, as the folks who designed both wanted to design a solution that clearly will outlive them (way harder than COBOL has outlived Grace Hopper)...

If I was @BNetzA I would've mandated #DualStack and banned #CGNAT (or at least the use of CGNAT in #RFC1918 address spaces) as well as #DualStackLite!

Ventor 🐧

Interessante Beobachtung: Der Airbnb Hotspot verwendet irgendeine interessante Technologie um IPv6-Seiten zu erreichen:

$ curl -v -6 https://icanhazip.com
* Host icanhazip.com:443 was resolved.
* IPv6: ::ffff:104.16.184.241, ::ffff:104.16.185.241
* IPv4: (none)
*   Trying [::ffff:104.16.184.241]:443...

Mein Gerät hat keine eigene IPv6-Adresse, dennoch funktioniert die Verbindung.

Ist das sowas wie DNS64 und NAT64 nur andersrum?

#ipv6#nat
HoldMyType

any application needing to communicate large messages with UDP must implement packetization, retransmission, reordering, etc-- the same things that TCP already implements for us. Many applications that have 'rolled their own TCP' in userspace have ended up with exploitable bugs in them, so it isn't something that should be done without good cause.

#UDP also has the issue of #NAT traversal: Getting bidirectional communication across a NAT with UDP is not a simple matter. Crossing anything more complicated than a full cone nat requires considerable amounts of special code but without it there will be a many hosts that just can't talk to other peers with UDP.
bitcoin.stackexchange.com/ques

Bitcoin Stack ExchangeCan someone please explain FIBRE to me like I'm 5 and why is it useful?I read the website but they imply you already know why this is valuable. Can someone please illuminate me on this issue?
napierge

Finally run debian12 with gui thanks to vm-bhyve on freebsd14 after several month of tweaking and learning. Really big thank to @vermaden and his article vermaden.wordpress.com/2023/08 ❤️

But one thing I still dont get it. I have a problem with resolving a DNS on the VM. IP addreses works well but domain names like google.com not at all. I solved it by adding "nameserver 8.8.8.8" in /etc/resolv.conf in VM, but I am not sure if I solve it well and dont understabd why I have to solve it anyway, I do not remeber that I would have to set it.
I se vm-bhyve with host wifi wlan interface so I had to set NAT in PF, in article it is a section laptop wifi nat. Is it normal to set resolv.conf file in VM?

𝚟𝚎𝚛𝚖𝚊𝚍𝚎𝚗 · FreeBSD Bhyve VirtualizationThe Bhyve FreeBSD hypervisor (called/spelled ‘beehive’ usually) was created almost 10 years ago. Right now it offers speed and features that other similar solutions provide – such…
#freebsd#bhyve#debian
*
sgt1372

#Jazz

Here's a great clip from the #NatKingCole Show in the 50's featuring musicians from #NormanGranz 's #JazzAtThePhilharmonic #JATP group including but not limited to Oscar Peterson, Ray Brown, Herb Ellis, Stan Getz, Illinois Jacquet, Coleman Hawkins, Jo Jones & Roy Eldridge.

Most people don't know that #Nat got his start in jazz as a piano player & transitioned to being popular music singer.

There are some get sets w/Nat featuring a variety of JATP musicians which are timeless.

This early 50' period in jazz is called #Modern but I call it #Timeless bc it is my favorite period in American jazz history.

Nat's performance of "Paper Moon" & "Tenderly" are classic.

youtu.be/po9dxA7iFOc

YouTubeNorman Granz and Jazz At The Philharmonic on The Nat King Cole Show I FULL Episode 3 Ep. 5By Nat King Cole
Leeloo

The only place NAT should be allowed is lab/experiment networks, where you might need to duplicate a production IP range.

"But what about the office network, there is no reason that anyone should ever need to connect directly to an office PC". Once you use NAT there, your IP telephony software needs fragile workarounds just for Sally in marketing to be able to call Alice in legal. And in the next version, those fragile workarounds will be replaced with a cloud service that sells your trade secrets to your competitor.

"But Skype just works". Skype is a great example of the above, it used to have all kinds of NAT workarounds, now it goes via a server where Microsoft listens in on your calls.

#NAT#IPv6
Yehor 🇺🇦

I discovered that my #ISP could provide up to 3 public IP addresses on a single connection. That's awesome news because I can separate my network and use reverse proxy where the Cloudflare tunnel is unsuitable.

I now have an excuse to buy #UniFi Cloud Gateway Ultra as a router that could utilize this feature over a single WAN port. So excited to have my first UniFi device!

#selfhosted#selfhosting#homelab
TrendingLive feeds
About