Historically it used to be running on my local router/firewall and the pure v6 was just between my devices and that firewall. However my setup has changed considerably since then and nat64 has been moved to a VPS out of my normal network path because I got my own public v6 space. So my current setup is basically firewall -> VPN -> VPS with BGP for normal(v6) internet comms. That whole path is pure v6 and then in the same datacenter as that BGP VPS is my NAT64 VPS. Beautiful thing about NAT64 is you don’t actually need it local if you don’t want. There’s even a fully public service for free if you don’t want to setup your own and don’t mind the tradeoffs (bad latency, shared IPs, low bandwidth) https://nat64.net/.

If it goes down for some reason I just lose access to websites that don’t normally have AAAA records, which sounds like a big loss but honestly I’ve been running NAT64 in some capacity since 2019 and so over time I have sort of black balled services that don’t have v6 in favor of ones that do so very little of my normal online activity normally needs v4. I actually have packet counting on my firewall tracking the amount of data exchanged with various large services, Google, Cloudflare, etc, my NAT64 VPS is one of the things it tracks and compared to my total traffic the NAT64 traffic is a very small <10% of my normal internet usage at this point.

No not really, I just don’t like having the address on my interface, ironically it doesn’t break half the stuff that removing 127.0.0.1 does…but I do that too XD. Removing loopback isn’t actually THAT bad but I’ve found more stuff that struggles with that than with not having a clat

I deliberately don’t want or use a clat, the goal is to avoid IPv4

It’s gotten better but I’m not v6 only, I just don’t have v4. I have NAT64 which basically uses your IPv6 as the private address in a traditional NAT setup, allowing you to continue to access the legacy internet without IPv4 inside your network. Catch is you can’t connect to IPv4 addresses because it relies on a DNS64 server to generate IPv6 AAAA records from the IPv4 address when a domain only returns IPv4 so only DNS based services work. Basically it lets you have all the befits of a v6 only network with few of the drawbacks.

…right…I can’t view this meme LMAO…I don’t have IPv4 on my network 🤣

Too bad it doesn’t work, probably because of vhosting

Yep, I’m aware of that too, doesn’t change my initial point

…right…tell that to cmd.exe or the OpenVPN daemon, or the soft ether VPN daemon, or OpenConsole.exe, or Idk, I only tested 4 that immediately came to mind but my point stands. There are a lot of programs that do not have a window handle and do not bother with window messages.

You clearly didn’t read my message…I said a “window close message.” I.e…WM_CLOSE. that is not a process signal, it’s a window management signal. Hence taskkill not working without /f on headless processes

TIL about the console signaling stuff, good to know. I am aware of SEH but that seemed a little too in the weeds for this discussion since that’s as you say akin to SIGSEGV

Ironically it’s actually the opposite. Linux has signals, and with the exception of SIGKILL and I think SIGABRT they can all be handled gracefully. Windows on the other hand doesn’t have signals, it can only TerminateProcess() which is forceful. The illusion of graceful termination on windows is done by sending a Window close message to all of the windows belonging to a given process, however in the event the process has no windows, only forceful termination is available due to the lack of a real mechanism to gracefully terminate processes. That’s why the taskkill command tells you a process requires forceful termination when you run it against something headless.

Oh yeah… actually I forgot about that configuration too. With or without a clutch

I had to give this a really good think because I can’t remember the last time I’ve seen a car with a manual transmission so I was fully like

What do you mean? The brake is the left most pedal?

But Linux also has containers and I haven’t found a networking setup I can’t do with it so while this may be true it seems anecdotal

Further increase confusion by having error pages where all 3 are green

Thanks, that is indeed dystopian

Can someone summerize the article, for some reason it thinks I’m using AdBlock despite not and won’t let me actually read it

Was he worried about the kid or his network lol?

Yeah, he did that…and then kept going for some reason. A separate subnet in a separate firewall zone that doesn’t forward anywhere but the internet should be sufficiently safe

Look, I love FOSS and open platforms, to the point that I will only run proprietary software if it is sufficiently sandboxed AND there is no alternative. Unfortunately, hardware just isn’t there right now. You basically cannot have a modern computing experience on fully open hardware. At some point you have to make a compromise with it, it’s unfortunate but it’s the world we live in. Typically that compromise is either all open software with closed hardware and firmware, or all open software and firmware, with incredibly old or restricted hardware (which is still closed). I have yet to see any solution that involves truly, fully open hardware and so you basically have to just draw an arbitrary line and say “this is good enough.”