At this point, I actually think the meth is more socially acceptable, too.

Because you are on an instance that has defederated with many of the other ones where these types of posts originate.

He tried so hard to save Artax… 😭

It’s a security\legal risk to allow adhoc wireless networks within your environment, pretty much any organization above a certain size has the same restrictions.

You could theoretically allow anyone to access your router directly, which would let them bypass agreeing to the Acceptable Use Policy, for example, shifting liability back to the organization for that users behavior.

And Yes I would have slaves. But I would feed em and house em and treat them right and made sure they were alright

You’d be one of the good slave owners, did I get that right?

Why would they need to date anyway? That’s just questioning God’s Plan for them.

A lot of negativity around Ubiquity in here, which is surprising to me, honestly. I had their USG for years and loved it, recently swapped it out for the Dream Machine and love it. Really don’t understand the complaints about linking it to the cloud. I just didn’t bother, everything works fine. Additionally, I managed to get a Debian container running on it and installed ntopng, it’s been awesome for getting realtime visibility into my network traffic.

E. I should add I have 6 of their switches and 3 access points, one of which is at least 7 years old and still receiving updates.

You have to open with “Chugga Chugga Choo Choo, we’re all gonna run a train on you!” Or it’s just a plain ole gangbang.

We were very *very *close to replacing our ~700 office Cisco SD-Wan environment with VeloCloud, which is owned by VMware. The Broadcom merger put the brakes on the project completely, they missed out on a few million dollars on that effort alone. The Velo guys were totally in the dark on what was coming down the pipe for them, Broadcom forced them to change hardware vendors on day one, for example.

It probably has to do with being native ipv6 and needing to ride a 6to4 nat to reach the broader internet.

Start at 1400 and walk the MTU down by ~50 until you find stability, then id creep it back up by 10 to find the ‘perfect’ size, but that part isn’t really needed if you’re impatient. :)

E. I found 1290 was needed for reliable VPN over an ATT nighthawk hotspot.

After reading the article, I came away with the opinion that we should be doing away with all of the pageantry of holiday gatherings, and focus instead on the connections we’re tying to maintain.

But that’s really the thrust of the article, isn’t it? The fact that so many men seem to not care about the appearance and presentation is the problem in their eyes.

E. Edited for clarity.

I swear to Apophis I can hear this thing all the way through the cold vacuum of space just by looking at that picture.

deleted by creator

That makes sense! Believe it or not it’s actually easier for an ISP to block a whole country than select websites and services. We actually null route all Russian public IP space where I work, that would absolutely be plausible on a national scale as well.

It’s imperfect, you can get around it, but it catches 99% of normal users, which is the goal.

You are absolutely correct, I should have lead with that. Encrypted client handshake means no one can see what certificate you are trying to request from the remote end of your connection, even your ISP.

However, It’s worth noting though that if I am your ISP and I see you connecting to say public IP 8.8.8.8 over https (443) I don’t need to see the SNI flag to know you’re accessing something at Google.

First, I have a list of IP addresses of known blocked sites, I will just drop any traffic destined to that address, no other magic needed.

Second, if you target an IP that isn’t blocked outright, and I can’t see your SNI flag, I can still try to reverse lookup the IP myself and perform a block on your connection if the returned record matches a restricted pattern, say google.com.

VPN gets around all of these problems, provided you egress somewhere less restrictive.

Hope that helps clarify.

Yeah, even if they miss your DNS request, the ISP can still do a reverse lookup on the destination IP you’re attempting to connect to and just drop the traffic silently. That is pretty rare though, at least in US, mainly because It costs money to enforce restrictions like that at scale, which means blocking things isn’t profitable. However, slurping up your DNS requests can allow them to feed you false error pages, littered with profitable ads, all under the guies of enforcing copyright protections.

Most ISP blocking is pretty superficial, usually just at the DNS level, you should be fine in the vast majority of cases. While parsing for the SNI flag on the client hello is technically possible, it’s computationally expensive at scale, and generally avoided outside of enterprise networks.

With that siad, When in doubt, VPN out. ;)

QSFP and SFP are different physical connectors, they are not interoperable.

This is good info, thank you for taking the time to elucidate.

Judging by the screenshots, this looks very similar to Portainer. Are they basically the same tool set for different container architectures? Looks pretty interesting.