deleted by creator
- 0 Posts
- 39 Comments
Joined 2 years ago
Cake day: June 11th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2·14 days agoYou would think…
3·23 days agoCGNAT is for IPv4, the IPv6 network is separate. But if you have IPv6 connectivity on both ends setting up WG is the same as with IPv4.
Only the 14% statistic was explicitly about IPTV, the others are about “consuming content illegally”. It seems like maybe there are multiple surveys involved?
Only giving a /64 breaks stuff, but some ISPs do it anyway. With only a /64 you can’t subnet your network at all.
I really doubt it. We could give everyone on Earth their own /48 with less than 1% of the IPv6 address space.
Giving a /48 is spec, but a lot of ISPs are too stingy :/
Going to other planets would require a total re-architecting of our communications infrastructure anyway. There’s such distance too it’s not really viable to have a shared internet. Even Mars would have up to 22 minute latency at peak. So I don’t think it makes sense to plan our current internet around potential future space colonization.
Even so, IPv6 is truly massive. We could give a /64 to every square centimeter of the Earth’s surface and still have IPs to spare. Frankly, I think the protocol itself will be obsolete before we run out.
“You wouldn’t download a car” is a meme edit that got stuck in everyone’s heads. The original PSA actually does say “you wouldn’t steal a car” and basically was what you describe in your last paragraph.
All of your temporary privacy addresses will be coming out of the same subnet, so it’s clear they all belong to the same people.
Ultimately the privacy extensions are just bringing IPv6’s privacy back in line with IPv4, because without the privacy extensions every single device has a separate IPv6 address based on its MAC address whereas in IPv4 most consumer networks have every device sharing a single IP.
2·2 months agoThe free version of ChatGPT is 4o or 4.1-mini at this point. You can’t even access 3.5 without paying, ironically, since it’s legacy now.
In IPv6, a /64 is only supposed to be used for a single subnet. If you have a subnet smaller than /64, things will break. SLAAC needs a /64, which means Android phones for example can’t use IPv6 on a subnet smaller than /64.
/64 might seem huge but that’s just how IPv6 works. The entire 64-bit host ID is used for encoding MAC addresses into the IP address, or creating randomized privacy addresses. It needs to be huge so that it can do that statelessly.
Be that as it may, the Plex official guide for setting up “remote streaming” walks you through port forwarding. That implies that when they say remote streaming, they mean port forwarding by default. I then had to go digging to find mention of the Relay service which seems to be a fallback. (Apparently it isn’t even supported by all clients)
Surely if they meant they’d start charging for Relays they’d mention that explicitly, and not use the term “remote streaming”?
It’s the confusing mess of subscriptions and seemingly locking basic functionality behind a paywall that’s skeevy, not paying for software itself. I have happily paid for software before and would again. Plex has never appealed to me though, and they’re certainly doing nothing to make themselves more appealing.
Do you have a source for this claim that the new pricing scheme only applies to the Plex Relays? As far as I can tell it applies to anything they consider “remote access”, regardless of whether it goes through their servers or not.
It seems deeply opposed to the spirit of selfhosting to have to pay for the privilege of accessing one’s own server. If the software itself cost money, that would be one thing, but this whole monetization scheme is skeevy.
It seems like multiple things are being conflated here and I’m not sure what the reality is because I’ve never used Plex.
Some people claim this has something to do with Plex needing to pay for NAT traversal infrastructure. Okay, that seems sort of silly but at least there’s the excuse that their servers are involved in the streaming somehow.
But their wording is very broad, just calling it “remote streaming.” That led me to this article on the Plex support website, which walks people through setting up port forwarding in order to enable “remote streaming”! So that excuse doesn’t really seem to hold water. What exactly is being paid for here then? How do they define what “local streaming” is?
Tailscale is just a bunch of extra fancy stuff on top of Wireguard. If you don’t need the fancy stuff, using raw Wireguard can be more lightweight, but might require more networking knowledge.
The biggest thing Tailscale brings you the table is NAT traversal. On top of that it uses direct Wireguard tunnels as necessary instead of creating a mesh like you usually would if you were using raw Wireguard. It also offers convenient bits of sugar like internal DNS, and it handles key exchanges for you so it’s just generally easier to configure. When you do raw Wireguard you’re doing all the config yourself, which could be a pro or a con depending on your needs—and you’ll be editing config files, unlike Tailscale which has a GUI for most things. It also supports some more detailed security options like ACLs and I think SSO, while Wireguard is reliant on your existing firewall for that.
Here’s what Tailscale has to say about it: https://tailscale.com/compare/wireguard
I’ve messed around with Tailscale myself, but ultimately settled on running Wireguard. The reason I do that though is because I trust my LAN, and I only run Wireguard at the edge. Tailscale really wants to be run on every node, which in turn is something that raw Wireguard theoretically can do but would be onerous to maintain. If I didn’t trust my LAN, I’d probably switch to Tailscale.
A lot of people have suggested Tailscale and it’s basically the perfect solution to all your requirements.
You keep saying you need ProtonVPN which means you can’t use Tailscale, but Tailscale actually supports setting up an exit node which is what you need. Put Protonvpn on the Raspberry Pi, then set it up as an exit node for your tailnet. There’s a lot of people talking about how they did this online. It looks like they even have native support for bypassing the manual setup if you use Mullvad.
As long as every client has the ability to use Tailscale (I.e. no weird TVs or anything) this seems like it checks all your boxes. And since everything is E2EE from Tailscale, TLS is redundant and you can just use HTTP.
deleted by creator