• vivendi@programming.dev
    link
    fedilink
    English
    arrow-up
    136
    ·
    3 months ago

    Every day I regret becoming a network engineer more and more

    You have a clusterfuck of a clusterfuck because corpocunts make more money from keeping everyone on shit old stacks

    The network engineer to communist/anarchist pipeline is real

  • otacon239@lemmy.world
    link
    fedilink
    arrow-up
    123
    ·
    3 months ago

    I would love a horror game set in a massive building with nothing but networking equipment. With the goal being to fix and patch old parts of the system finding more and more awful things that have happened to the previous employees.

  • rem26_art@fedia.io
    link
    fedilink
    arrow-up
    111
    arrow-down
    2
    ·
    3 months ago

    oh and if any single one of those 200M customers gets caught pirating a single mp3, all 200M will go to jail forever

    • marcos@lemmy.world
      link
      fedilink
      arrow-up
      46
      ·
      3 months ago

      A random one will. For each time somebody gets caught.

      Or, at least this seems to be how NAT works today.

  • Kazumara@discuss.tchncs.de
    link
    fedilink
    arrow-up
    38
    arrow-down
    2
    ·
    3 months ago

    Funny how many here took this to be real, judging from the reactions. To me it’s an obvious joke.

    Question to you guys: How do you suppose 200 million customers will share the less than 65’536 ports that are available on that one address?

    • Fred@programming.dev
      link
      fedilink
      arrow-up
      21
      arrow-down
      1
      ·
      3 months ago

      As @shane@feddit.nl says, you can use the same public port for many different destination address, vendors may call it something like “port overloading”.

      More importantly, you can install a large pool of public address on your CGNAT. For instance if you install a /20 pool, work with a 100 users / public address multiplexing, you can have 400,000 users on that CGNAT. 100 users / address is a comfortable ratio that will not affect most users. 1000 users / address would be pushing it, but I’m sure some ISP will try it.

      If you search for “CGNAT datasheet” for products you can deploy today, the first couple of results:

      • Kazumara@discuss.tchncs.de
        link
        fedilink
        arrow-up
        11
        ·
        3 months ago

        As @shane@feddit.nl says, you can use the same public port for many different destination address, vendors may call it something like “port overloading”.

        I just responded to him on that point, while you were typing to me. I didn’t know this existed, thanks for pointing it out!

        More importantly, you can install a large pool of public address on your CGNAT. For instance if you install a /20 pool, work with a 100 users / public address multiplexing, you can have 400,000 users on that CGNAT. 100 users / address is a comfortable ratio that will not affect most users. 1000 users / address would be pushing it, but I’m sure some ISP will try it.

        Sure, yeah, I have seen a few threads on NANOG about the NAT address ratios people are using. I also think I remember someone saying he was forced to use 1000 and it kind of worked as long as he pulled the heaviest users out of the pool. But if I recall correctly he was also saying he made IPv6 available in parallel to reduce the CGNAT load.

        But the point that made this post ridiculous and an obvious joke is that it said “one address” :-)

        • Fred@programming.dev
          link
          fedilink
          arrow-up
          5
          ·
          3 months ago

          Well the “one address” bit sure :) but given the scale supported by CGNAT systems today, I don’t think being able to support an entire country behind a single cluster is that far off. At which point the difficulty becomes “is the 100.64.0.0/10 block big enough”? Or maybe they’re using DS-lite for the hauling from private network to the NAT.

    • shane@feddit.nl
      link
      fedilink
      arrow-up
      10
      ·
      3 months ago

      A TCP session is a unique combination of client IP, client port, server IP, and server port.

      So you can use the same IP and port as long as the destination is a different IP or port.

      This means that in principle you could use the same IP and port to connect to every IP address on the Internet using 65536 concurrent sessions. 😆

      This wouldn’t help going to popular destinations, since they have a lot of people going to the same IP address and port, but for many (most?) of them you probably have some sort of CDN servers in your data centers anyway.

      • Kazumara@discuss.tchncs.de
        link
        fedilink
        arrow-up
        4
        ·
        3 months ago

        A TCP session is a unique combination of client IP, client port, server IP, and server port. So you can use the same IP and port as long as the destination is a different IP or port.

        Fair point! I wasn’t aware of any NAT working that way, but they could exist, I agree. It does blow up the session table a bit, but we are taking about a hell of a large theoretical system here anyway, so it’s not impossible.

        This wouldn’t help going to popular destinations, since they have a lot of people going to the same IP address and port, but for many (most?) of them you probably have some sort of CDN servers in your data centers anyway.

        Actually we have recently seen a few content providers not upgrading their cache servers and instead preferring to fall back to our PNIs (which to be fair are plenty fast and have good enough latencies). On the other hand others made new ones available recently. Seems there isn’t a universal best strategy the industry is converging on at the moment.

  • LaggyKar@programming.dev
    link
    fedilink
    arrow-up
    22
    ·
    3 months ago

    I know this is humor, but for the record this wouldn’t work. Each simultaneous TCP connection needs a unique four-tuple (source address, source port, destination address, destination port). If a lot the people behind the NAT try to connect to the same place (destination address and port) at the same time (something popular like Google, YouTube or Netflix), and their source address is the same, the source port needs to be different for each connection. So after at most 65535 connections within a short time the NAT would run out of ports and no one behind the same NAT would be able to open new connections to the same place until the NAT mapping expiries.

    So you could have at most tens of thousands of people behind the same NAT, maybe even fewer to make it reliable.

  • beemikeoak@lemmynsfw.com
    link
    fedilink
    arrow-up
    6
    ·
    3 months ago

    Shit is that my computer’s rear end? I haven’t looked in there for years! There could be intelligent rats back there pretending to be AI.

  • 🍉 Albert 🍉@lemmy.world
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    3 months ago

    stupid question, wouldn’t it be easier to just have sub addresses?

    like my fictional ip address is 123.123.123

    and I can set my router to give up to 1000 sub addresses, so one computer can host a Minecraft server at 123.123.123.001 I have another for my some projects, the projects ones each have sub addresses like 123.123.123.002.001 and 123.123 123.002.002…

    a company could have countless layers and any amount of addresss they want.

    and we’re never going to run out of addresses.

    • Xylight@lemdro.idOP
      link
      fedilink
      English
      arrow-up
      17
      ·
      3 months ago

      Well the IPv4 spec only allows 4 octets, so having 5 or more is impossible. We could fix it by changing the protocol, but at that point it’s more worth it to just migrate to IPv6.

      • 🍉 Albert 🍉@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        3 months ago

        fair, but isn’t IPv6 just going with the same assumption as IPv4, “so many addresses, no way we will ever use them all”

        • Hasherm0n@lemmy.world
          link
          fedilink
          arrow-up
          12
          ·
          3 months ago

          It’s pretty hard to overstate just how many addresses are in the ipv6 address space vs ipv4.

          One of my favorite descriptions comes from Beej’s guide to network programming, something I first read probably in the early to mid 2000s. https://beej.us/guide/bgnet/html/#ip-addresses-versions-4-and-6

          3.1 IP Addresses, versions 4 and 6 In the good old days back when Ben Kenobi was still called Obi Wan Kenobi, there was a wonderful network routing system called The Internet Protocol Version 4, also called IPv4. It had addresses made up of four bytes (A.K.A. four “octets”), and was commonly written in “dots and numbers” form, like so: 192.0.2.111.

          You’ve probably seen it around.

          In fact, as of this writing, virtually every site on the Internet uses IPv4.

          Everyone, including Obi Wan, was happy. Things were great, until some naysayer by the name of Vint Cerf warned everyone that we were about to run out of IPv4 addresses!

          (Besides warning everyone of the Coming IPv4 Apocalypse Of Doom And Gloom, Vint Cerf14 is also well-known for being The Father Of The Internet. So I really am in no position to second-guess his judgment.)

          Run out of addresses? How could this be? I mean, there are like billions of IP addresses in a 32-bit IPv4 address. Do we really have billions of computers out there?

          Yes.

          Also, in the beginning, when there were only a few computers and everyone thought a billion was an impossibly large number, some big organizations were generously allocated millions of IP addresses for their own use. (Such as Xerox, MIT, Ford, HP, IBM, GE, AT&T, and some little company called Apple, to name a few.)

          In fact, if it weren’t for several stopgap measures, we would have run out a long time ago.

          But now we’re living in an era where we’re talking about every human having an IP address, every computer, every calculator, every phone, every parking meter, and (why not) every puppy dog, as well.

          And so, IPv6 was born. Since Vint Cerf is probably immortal (even if his physical form should pass on, heaven forbid, he is probably already existing as some kind of hyper-intelligent ELIZA15 program out in the depths of the Internet2), no one wants to have to hear him say again “I told you so” if we don’t have enough addresses in the next version of the Internet Protocol.

          What does this suggest to you?

          That we need a lot more addresses. That we need not just twice as many addresses, not a billion times as many, not a thousand trillion times as many, but 79 MILLION BILLION TRILLION times as many possible addresses! That’ll show ’em!

          You’re saying, “Beej, is that true? I have every reason to disbelieve large numbers.” Well, the difference between 32 bits and 128 bits might not sound like a lot; it’s only 96 more bits, right? But remember, we’re talking powers here: 32 bits represents some 4 billion numbers (232), while 128 bits represents about 340 trillion trillion trillion numbers (for real, 2128). That’s like a million IPv4 Internets for every single star in the Universe.

        • bss03@infosec.pub
          link
          fedilink
          English
          arrow-up
          8
          ·
          3 months ago

          For every IPv4 address, IPv6 has 18 quintillion IPv4 Internets.

          But, sure, it might be possible for us to fsck up allocations, again.

          • 🍉 Albert 🍉@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            3 months ago

            wouldn’t surprise me if we end up in a situation where individual programs have their own IP. then individual variables, so different programs in different networks can access them.

            that might actually end up consuming all the addresses …

            stupid suggestion. just saying that future technologies might figure up a way to fuck this up again

            • bss03@infosec.pub
              link
              fedilink
              English
              arrow-up
              4
              ·
              3 months ago

              Yeah, the Universe keep making bigger fools (of us all). But, we should still use IPv6 instead of clawing the tattered remains of IPv4. I just wish my ISP agreed.

              • 🍉 Albert 🍉@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                3 months ago

                without a doubt ipv6 is an improvement. only loss is that it’s humanely possible to remember ipv4 addressed, but that ain’t necessary.

                my only “objection” is that an actual solution should accommodate unlimited growth, rather than what we consider a big enough number.

                • bss03@infosec.pub
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  3 months ago

                  I think that’s a bad objection. It’s idealistic in the worst way, it’s making “Perfect […] the enemy of the good”. Plus, there are significant practical advantages to a fixed-length addressing scheme, and any fixed-length going to have a maximum. So, under the constraint of fixed-length addressing “big enough” is all we have.

                  128 bits really is quite hard to fill up, we’ll have to worry about a lot of very different things before the run out of addresses. Like speed-of-light latency vs. TCP (and possibly TLS session) timers for interplanetary connections.

            • cellardoor@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              3 months ago

              There’s enough V6 addresses for every atom on the planet and enough spare to do it 100x over. We’ll be fine.

  • Fontasia@feddit.nl
    link
    fedilink
    arrow-up
    3
    ·
    3 months ago

    Fuck whoever chose to make the acronym the same, but this is already possible by being a terrible person and sticking PAT behind traditional NAT