Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Home Server On IPv6-only Internet Connection? 164

RandyOo writes "I've recently learned that our neighborhood is getting a fiber optic network, with a 100Mbps connection in each subscriber's home. IPv6 connectivity is included, but unfortunately, the only IPv4 connectivity they offer is Carrier Grade NAT, due to the exhaustion of IPv4 addresses in RIPE. I travel a lot, and I've become accustomed to accessing my home network via SSH, VNC, etc. It appears uPNP and PMP are unsupported by CGN. So, without a publicly-routed IPv4 address, I'll be unable to reach devices on my home network from an IPv4-only connection, such as the one provided by my cellular carrier (which also appears to be behind some kind of NAT, by the way). If the ISP isn't willing or able to sell me an IPv4 address, what alternatives do I have? I'd be willing to pay a small monthly fee for, say, a VPN service that would allow me to accept incoming connection requests on a range of ports on their Internet-facing IPv4 address. Does such a service exist?"
This discussion has been archived. No new comments can be posted.

Home Server On IPv6-only Internet Connection?

Comments Filter:
  • Hamachi (Score:5, Informative)

    by PhaseBurn ( 44685 ) * <> on Thursday February 28, 2013 @09:36PM (#43041593) Homepage

    I've been using LogMeIn's Hamachi system to accomplish this. It's a virtual LAN solution that links machines behind firewalls or CGN devices. The down side is that it has to be installed on all devices that access the virtual LAN, and they don't have any mobile clients (yet), but if you need access from a device you can't install the Hamachi client on, you can always get a cheap VPS, install the linux client on it, and set up some port forwarding - the Hamachi IPs are static, so each machine always gets the same one.

    There are some limitations with the free version (5 machines in a virtual LAN, connection only works with a logged in user on desktop clients), but the $30ish it costs per year for a 32 user license is very reasonable. And it supports IPv6 and IPv4 across the VLAN, too.

    • Re:Hamachi (Score:4, Informative)

      by Anonymous Coward on Thursday February 28, 2013 @10:10PM (#43041831)

      Hamachi squats on valid address space, and may cause problems.

      • There's downsides to everything. I don't use anything in the range, as the entire block is owned by the Ministry of Defense in GB. I'd wager that nobody who reads this article has ever connected to a 25/8 IP, including you, and the user inquiring about a solution to his CGN conundrum.

        • That's not the only large block. There are *lots* of blocks just like it. I was exposed to a /16 that uses maybe 4 /24's in it.

          Even in blocks as (relatively) small as a /24, there is lots of dead space. Rarely do places properly plan ahead, You're *suppose* to only ask for your next /24 when you are at 80% *and* you expect to reach it in the near future.

          I've seen shops put every unused IP on machines, just so they can say they're fully utilized, and get more blocks.

          It's not utilization that is hurting

          • Re:Hamachi (Score:4, Insightful)

            by marka63 ( 1237718 ) <> on Friday March 01, 2013 @12:17AM (#43042599)

            Actually it is utilisation. IPv4 ran out of addresses over a decade ago when NAT no longer became optional for the majority of users of the Internet. Ever since then we have been in stopgap mode. Unfortunately most users have never experience the real Internet when everyone can be both a producer and a consumer.

          • Well many have been giving back, though those who do are usually private entities. IBM gave a few /12 blocks back to IANA a few years ago, with Microsoft doing about the same.

        • Re:Hamachi (Score:4, Informative)

          by danpbrowning ( 149453 ) on Thursday February 28, 2013 @11:10PM (#43042187)

          They finally fixed that? Good. They previously used and it took a *long* time to figure out why certain users can't access certain web servers.

        • Wow...they should really divvy that up, especially with the UK government complaining to ISP's who are choosing NAT only solutions as opposed to dual stack. I mean think about that, 16.7 million IP addresses...I think even if you added up all of their servers, capital equipment (e.g. tanks, HMMWV's, fighter jets) and personell you'd get nowhere near 16.7 million.

          • But imagine the effort needed to determine who needs how many addresses. Spending that sort of time on a technology that's all set to be replaced does no good. Instead, governments should aggressively push IPv6 adaption, and at some point, announce a cutoff of all IPv4 services. That thing won't go away unless and until someone takes the initiative and pulls that plug. Once they do, anyone who wants to deal w/ them will be forced to adapt IPv6, and after that, there will be no shortages
          • by smash ( 1351 )
            I'd like to introduce you to the idea of subnets, and how even if you have a /8, you likely won't use all the IPs in ONE fucking subnet.
            • Well yes. That's 24 fucking million addresses.

              • Or 16 fucking million. Something like that.

                • Actually, the smaller you slice v4 addresses, the more you lose, since you have smaller subnets that each have a network & broadcast address each, which can't be used for anything else. Yeah, there won't be ONE subnet, but neither will there be 4096. So there will still be plenty of addresses that will either be pooled, or could be used in PAT overloading. Another thing - some of the earliest IPv4 implementations did NOT support subnets or their implementations
            • Well yeah, that's why I said they should divvy that up. Divvy as in divide, as in subnet it out.

              Chances are I know more about networking than you do.

    • Re:Hamachi (Score:5, Funny)

      by rs79 ( 71822 ) <> on Thursday February 28, 2013 @11:47PM (#43042443) Homepage

      Beware that 84% of Hamachi sold is actually butterfish which can cause anal leakage, so be careful. []

      I'd like to hear more about changing the rolling meadow desktop thing, too.

    • by AlphaWolf_HK ( 692722 ) on Friday March 01, 2013 @02:41AM (#43043131)

      On the subject of tunnels, I'd say just go with a 6 to 4 broker on your remote end. There are a bunch of free ones such as hurricane electric. If you do that, then you've effectively got "end to end" (I'm doing air quotes) ipv6 access to your home server, even if your client side doesn't support ipv6. It's really very seamless if you set up a dynamic DNS.

      Virtually all modern operating systems support 6to4 tunnels, you can even do it from the command prompt in windows vista and up (usally three to four lines of code.)

      There are various android apps that do this as well, but I have no experience with iOS or windows phone (I'm a bit dubious of those two since a six to four tunnel actually requires being able to move v6 traffic over the v4 stack, and as far as I'm aware you can't do that sort of thing with those platforms due to anti-hacking restrictions - but I'm quite possibly wrong.)

      • by Guspaz ( 556486 )

        The advantage of Hamachi, though, is that it's a direct connection between your two machines, with the only overhead being udp headers. Any tunnel is going to be bouncing you off some router who knows where, lengthening your route and possibly hitting congestion (I'd worry particularly about the free ones).

        I can't speak to the current version of Hamachi, as I've not used it in years, but last time I did there was a console Linux version to go with the Mac and windows versions. It was very popular at the ti

      • Hurricane Electric has been doing ths stuff for years, Check them out, Even my ISP (Teksavvy) has been using them to provide IPv6 to its clients. Not sure what they are using now.

  • by yincrash ( 854885 ) on Thursday February 28, 2013 @09:42PM (#43041635)
    also, if you're using t-mobile and have a newer phone, you can get IPv6. []
  • by toygeek ( 473120 ) on Thursday February 28, 2013 @09:44PM (#43041649) Homepage Journal

    A cheap Linux based VPS (Virtual Private Server) will do what you want. You can set up a VPN connection between your home server and the VPS, and then connect to the VPS on its public IP and have it route to your home. I haven't set up such a thing myself, and it will be a bit laggy, but it should works for what you need.

  • Have you tried Toredo? (apt-get install miredo)

    It goes through relays, so you will probably want to only use it for small transfers. Alternatively, you can use a Linode VPS, which have IPv6 enabled by default, so you can configure an ipsec tunnel or equivalent from there.

    • by kasperd ( 592156 )
      Using Teredo would work great if he had his own Teredo relay at home. But a Teredo relay needs a public IPv4 address, and he does not have an IPv4 address at home. So running his own Teredo relay is not an option.

      He'd be stuck with whatever Teredo relays his provider is offering. As far as I know many providers don't even run their own Teredo relays either. In that case his provider would be forwarding the packets to some third party relay. In that case there would be no guarantees about the reliability
  • by SpazmodeusG ( 1334705 ) on Thursday February 28, 2013 @09:51PM (#43041697)

    Every system I've seen has some form of IPV6 tunneling that allows you to call out to an IPV6 server. The only time it fails is if you're trying to host an IPV6 server which will fail due to NAT but connecting to an IPV6 always works. The fact that you've got an IPV6 server means you're set. Run Teredo/Miredo on your clients and connect away.

    Go setup teredo/miredo and connect away.

    • Re: (Score:3, Informative)

      by JimboJoe ( 1518093 )

      I would definitely try Teredo first, though it does depend on the NAT design used by your ISP (you want remote IPv4 hosts to repeatedly see the same source address after repeated connections -- if the reported address changes, Teredo won't work for you).

      The protocol doesn't require explicit ISP support, though NAT design can certainly break it and ISPs can filter it if they choose. When it works, the net effect is that any two hosts running Teredo clients can connect to each other via their client's IPv6 ad

      • There's a small privacy aspect present since that other server sees your source and destination trying to start a connection, but all the real traffic is direct, peer-to-peer.

        That's not the case. Unfortunately, Teredo requires relay of all data in the tunnel. There's simply no guarantee that an IPv4-only host has a direct, peer-to-peer path to and from an IPv6-only host, as is the case here in the original question.

        Teredo will probably work as a proof-of-concept, but for anything requiring more than a tri

      • by kasperd ( 592156 )

        Under the hood, it tunnels on top of NAT'd UDP over IPv4, using a 3rd party public IPv4 server to mediate the connection start-up (needed for NAT busting)

        You only need to worry about the behaviour of the NATs when both endpoints are using Teredo. When one endpoint is using native IPv6, Teredo behaves a bit differently. Of course the client is still behind a NAT, but it only needs to be able to do outgoing connections through that NAT.

        However there is another concern about Teredo in that case. The client

  • (Score:5, Informative)

    by alexandre ( 53 ) * on Thursday February 28, 2013 @09:51PM (#43041699) Homepage Journal

    Take a look at Hurricane Electric, they offer free tunnel, dns hosting, etc.
    Oh, and an awesome IPv6 training program for which you can get a t-shirt if you finish it! ;)
    You can be up and running on an IPv6 tunnel from anywhere in 30 seconds!

    • Take a look at Hurricane Electric, they offer free tunnel, dns hosting, etc. Oh, and an awesome IPv6 training program for which you can get a t-shirt if you finish it! ;) You can be up and running on an IPv6 tunnel from anywhere in 30 seconds!

      You misunderstand: the only native IP addresses he has are IPv6. For IPv4 he only has one or more RFC1918 addresses (private range addresses behind a carrier-grade NAT). AFAIK Hurricane Electric only offers IPv6 addresses tunneled over IPv4. What he wants is the opposite: a public IPv4 address tunneled over IPv6. If there are not currently any services available that offer this, I'm sure there will be soon, but I doubt they will come free of charge.

      • (Score:5, Informative)

        by gman003 ( 1693318 ) on Thursday February 28, 2013 @10:37PM (#43042005)

        You aren't looking at the full picture.

        What he needs is a way to connect to his (IPv6) home computers, from presumably-IPv4 remote locations. There are two ways he could do this - by finding a way to use IPv4 on his home machines, or by finding a way to use IPv6 on the remote connections. Tunneling IPv6 over IPv4 would work on the remote side, just as tunneling IPv4 over IPv6 would work on the home side.

        • by rs79 ( 71822 )

          Twenty years. You had one job to do ietf, and this is what it's come to? Nobody's quite sure how to make stuff work on the other network?

          Slow clap.
          (shakes head)

          • Which is basically down to lack of experience rather than actual gaps in protocol coverage.

            Most ISP's are only now starting to ask "how do I do this". They should have been asking this question 7 to 8 years, if not longer, ago.

          • by smash ( 1351 )
            Works fine for me.
          • by kasperd ( 592156 )

            You had one job to do ietf, and this is what it's come to?

            IETF completed their job on time. Other people had a job to do as well, but they all decided to wait until after the deadline before even start to think about it. There are ISPs still saying IPv6 isn't going to take off, and IPv4 will be fine for many years to come.

            Looking back there are things that could have made a difference. 10-15 years ago I started wondering why nobody was doing anything, because the entire upgrade process was stuck in a dea

        • Tunneling IPv4 over IPv6 is a part of DS-lite, but there, his home router would have to have RFC1918 addresses internally, and IPv6 externally, and encapsulate the former in the latter. But I'm not sure that that'll work w/ a server, since NAT is out of the question. His only way would be to tunnel his IPv4 connection in IPv6 over to his home network, where he can access whatever he wants.
      • []

        Interestingly, it was discussed in a forum topic on Tunnelbroker: []

        • by kasperd ( 592156 )
          I already commented on the thread you linked to. But it is a different use case, and hence needs a different solution. I was one of the people recommending NAT64 on the thread on, but I would not recommend NAT64 for RandyOo, because he is trying to solve a different problem.

          RandyOo could run NAT64 at home, but he would end up with an extra layer of NAT because he doesn't have a public IPv4 address at home for the NAT64. It would make much more sense for the ISP to run NAT64 since they ac
    • by IAN ( 30 )

      Take a look at Hurricane Electric, they offer free tunnel, dns hosting, etc. [...] You can be up and running on an IPv6 tunnel from anywhere in 30 seconds!

      Hurricane Electric is great, but note this item in their FAQ:

      I've tried to create a tunnel but did not succeed. Is there a basic guideline on how to set up a tunnel?


      *Two important notes:

      1. Your IPv4 endpoint address must be reachable via ICMP (Internet Control Message Protocol).
      2. If you are using a NAT (Network Address Translation) appliance, please make sure it allows and forwards protocol 41.

      That's protocol 41, not port, and support for any non-garden-variety protocol in the cheaper routers/APs is notably spotty. Who knows what POS you're going to end behind at your next hotel?

      • by kasperd ( 592156 )

        Who knows what POS you're going to end behind at your next hotel?

        Once in a while you get lucky. I have actually stayed at a hotel where I could get a public IPv4 address on my laptop when I connected to their WiFi. It is rare though, in most cases you'll end up behind a lousy NAT solution.

  • Like or

    then gogoc (or similar) to connect you to the IPv6 tunnel when on the greater internet, then ssh to your ipv6 address

  • I'd be willing to pay a small monthly fee for, say, a VPN service that would allow me to accept incoming connection requests on a range of ports on their Internet-facing IPv4 address. Does such a service exist?

    I believe AirVPN allows you to map up to 20 ports.

  • Reverse SSH Tunnel (Score:5, Informative)

    by Ingenium13 ( 162116 ) < minus pi> on Thursday February 28, 2013 @10:07PM (#43041811) Homepage

    As one other comment suggested, get a cheap VPS and setup a VPN so that you can connect to your network. DigitalOcean has one for $5/month (I'm in no way affiliated) [] and you can then have your router connect to the VPN. Setup the routes correctly and any VPN user can access every device at home.

    However you won't always want to load up the VPN on your phone, and if there's just 1 computer you want to access you can use a VPS with a remote SSH tunnel. Have the computer on your network connect to the VPS and forward some high numbered port, say 4222, to port 22: ssh -R 4222:localhost:22 user@vps. Then you can ssh into your VPS on port 4222 and it will go directly to your home computer. Just made sure you add "GatewayPorts yes" to /etc/ssh/sshd_config or the remote port will only bind to localhost.

    Couple this with autossh and the home computer will always keep the connection open and re-establish it as necessary.

    Sure, there's a little overhead, but I've never really noticed it. I use this trick so that my phone and tablet can always ssh into my laptop no matter where the laptop is (home network, friend's house, coffee shop, etc)... no need to find the IP address and worry about port forwarding.

    • I am not affiliated with Digital Ocean either, but a pal of mine told me about it a few months ago - very nice responsive support and decent prices.
  • by mysidia ( 191772 ) on Thursday February 28, 2013 @10:10PM (#43041827)

    SSH into the Virtual private server, then SSH from the virtual private server to your LAN's IPv6 address

    For VNC, open SSH back to your remote computer from inside your LAN in remote tunnel mode, using the -R option, to tunnel the port to the local VNC at the remote end, then connect to that local port on your local computer with VNC for remote access to your home.

  • by ls671 ( 1122017 ) on Thursday February 28, 2013 @10:28PM (#43041949) Homepage

    For me, the cheapest way to go was to have the machine behind NAT automatically connect to a second server and bring up an IP tunnel through pppd-ssh.

    The second server has a public IP and I connect to it when I want to access the machine behind NAT. You can also do port redirection on the public IP server so you can log directly into your home computer with the public IP.

  • by funkboy ( 71672 ) on Thursday February 28, 2013 @10:31PM (#43041971) Homepage

    Your ISP should at least be giving you a block of static ports on a static public IPv4 address so that you can just map them on your home router afterwards. It's called "port block allocation". See this slide deck [] for more details.

    Port control protocol [] is also very close to being reality []. It's a bit like a combination of UPnP and DHCP that allows static IPv4 ports to be requested by and allocated to an end user like IP addresses are now.

    You should pester your ISP about these two services monthly until they have a satisfactory response for you. Frankly it's irresponsible on their part if they don't have a FAQ explaining this stuff and a policy for helping customers deal with these things. To do otherwise is demeaning to their customers.

    • Frankly it's irresponsible on their part if they don't have a FAQ explaining this stuff and a policy for helping customers deal with these things. To do otherwise is demeaning to their customers.

      Most ISP's TOSes for home users technically disallow listening to incoming ports from the internet or any "server-like" behavior. While it really isn't enforced when your modem has a world-reachable IPv4 address, I don't think they'll be very helpful if their architecture simply doesn't allow this anymore. Heck, it might have been a desired feature of their rollout.

      • by v1 ( 525388 )

        Most ISP's TOSes for home users technically disallow listening to incoming ports from the internet or any "server-like" behavior.

        Not from my experience. And I've had around a dozen ISPs over the years. And I have two at the moment.

        The ONLY snag I've ran into in the past is having a mailserver listening on port 25, for obvious reasons. One phonecall and that block went away. I've heard of others having issues with outgoing connections on 110 for much the same reason, but traffic levels are low on my ser

      • Most ISP's TOSes for home users technically disallow listening to incoming ports from the internet or any "server-like" behavior.

        No. Some crap ISP's do. The vast majority of ISPs in the world let you do whatever the hell you want providing you don't dare consider using the bandwidth you paid for.

    • by thegarbz ( 1787294 ) on Friday March 01, 2013 @01:28AM (#43042861)

      Port control protocol [] is also very close to being reality []. It's a bit like a combination of UPnP and DHCP that allows static IPv4 ports to be requested by and allocated to an end user like IP addresses are now.

      Humans' ability to create complex and convoluted workarounds for problems that have been foreseen for 20 years and have had a solution for equally as long simply waiting for a bit of investment in infrastructure amazes me. If people spent even half the amount of effort in implementing IPv6 as they do finding assbackwards workarounds to easily solvable problems then the world would be a much better place.

    • by funkboy ( 71672 )

      Mkay, so I followed the link & translated his new regional metro fiber carrier's FAQ from German. It seems like they're pretty clued in & have a reasonably OK explanation of why their customers only get NATted IPv4. I think they're possibly lacking a bit in funds, clue, or both.

      The OP should make sure someone from his ISP goes to the next RIPE meeting in Dublin in May. There are plenty of ways to provide better service to their customers without breaking the bank, and the folks at RIPE will tell

    • Port control protocol is also very close to being reality. It's a bit like a combination of UPnP and DHCP that allows static IPv4 ports to be requested by and allocated to an end user like IP addresses are now.

      I have never understood this its like people keep chasing themselves around in circles.

      Having a computer with a public address and no firewall is bad.

      Having a computer with a public address and a firewall in which every application you install adds a firewall exception for itself is good.

      Having a computer with a private address with UPNP is good when this is little different from having a public address with no firewall.

      What is really the difference between intentionally listening on a port locally and send

  • by phizi0n ( 1237812 ) on Thursday February 28, 2013 @11:04PM (#43042139)

    Don't bother with any 3rd parties like most suggestions are advising. OpenVPN supports tunneling IPv4 and IPv6 over either of them. You can use a laptop or anything else that supports IPv6 to connect to your server at home over IPv6 via a bridged tap tunnel interface and then anything you connect to the laptop via layer 2 will be able to communicate with your home over IPv4.

  • Get:

    • A cloud instance
    • Virtual private server
    • A real dedicated server
    • A shell account on a friend's server (for ssh tunnels).

    Then do:

    • ssh -F and -R tunnels cross connected.
    • tun2socks (part of badvpn package)to make TCP connections through socks to ssh -D
    • OpenVPN
    • IPsec tunnel mode (in some cases you can do transport mode, too).
  • Just dump the IP addresses entirely for your applications. Anonymizing networks like Tor and I2P do this automatically, switching the 'address' to a node identification key. If your node has the key, then any other node looking for that key will find you, no matter what your current IP address is. The key validates 'who' your systems are, so the IP address or domain doesn't even matter.

    Tor cannot do this as seamlessly as I2P for a couple or reasons:

    1) Tor is really only designed for browsing and doesn't han

  • If skype works then both showmypc and gotomypc will work.

  • by Zarhan ( 415465 ) on Friday March 01, 2013 @01:12AM (#43042801)

    Teredo(IPv6 over UDP) is easy to set up - if your Windows is Vista or later, it works automatically. For Linux it depends on the distro. If you happen to be in a non-NATted environment for once, 6to4 works great too.

    So just enjoy the IPv6.

    If you have devices at home that don't support IPv6, you can set up a NAT64 within your home network.

  • by wvmarle ( 1070040 ) on Friday March 01, 2013 @03:53AM (#43043319)

    Serious question, no interest in flamebait or trolls. Why is mobile not on IPv6?

    It's a place where I would expect it. Quick turnaround of devices, new networks all the time. It made sense for 2G and GRPS to be IPv4 at the time. But 3G and even 4G apparently are still using IPv4.

    It's hard to believe the phones are not up to the task. It's all in the software, not too hard to require v6 on 3G and later, Older devices that are v4 only can't use 3G networks anyway. Users don't need to know their IP address, ever. This are devices, and there is a huge number of it, exactly what v6 was meant to support. Carriers have full control over their networks, start to finish, so that part of switching to v6 is also not an issue. They of course have to provide a gateway to access v4-only web sites, but that shouldn't be too much harder than maintaining a NAT like they have to do now to keep everyone on v4.

    Honestly, I just don't get it.

    It's such a stark contrast with that fibre provider that is basically IPv6, while providing a v4 compatibility layer for older devices that still need it.

    • by Guspaz ( 556486 )

      My understanding is that mobile devices are one of the few places that IPv6 actually IS seeing any significant deployment...

      • That's what I would totally expect. Yet submitter mentions he can get only v4 on mobile data (and with the expectation of using it to log in to a home server I would expect it's at least 3G that he uses).

    • Actually, LTE deprecates IPv4 and mandates IPv6, so 4G is very much IPv6 only. He is probably using a 2G or 3G carrier, where such a mandate doesn't exist.
      • by kasperd ( 592156 )

        Actually, LTE deprecates IPv4 and mandates IPv6

        I have heard about providers even going IPv6 only on their mobile networks and then using NAT64 to allow the mobile devices to still reach IPv4 only servers.

  • Set up a server somewhere with an IPv4 address, and then, on your home machine, set up a script that ssh's into it and establishes a reverse tunnel:
    ssh -R 2022:localhost:22 -oGatewayPorts=yes
    You can call this script from /etc/inittab, so that it is relaunched automatically should the connection die.

    Then, when on the road, to connect to your home network, just do ssh -p 2022 on your phone.

    A suitable server may be a raspberry pi hosted for free at Edis, Austria []. Just send them

  • [] seems to be 36 EUR for one year.

  • You can either get a VPS that supports IPv6, and log in from there ... another solution that works fairly well.

    You use a reverse tunnel, created on demand based on an HTTP request. Here's what you do:
    Run a script on your machine that checks, if it gets, say, NO_TUNNEL, it does nothing (or even better, make that a script and return 404 or some other header to signify FALSE). If, instead, it gets a json or csv, or whatever else you want (I used JSON) with an IP address, a port, and whic

  • E.g. adding to the ipv6 address, []

    Don't know if any allow numerical addresses. Is the ISP providing DNS service for adding your own AAAA records to your routed subnet?

  • Get a free tunnel from SixXS and install the AICCU programme on your laptop. This should work fine and is easy enough to set up. I used SixXS (for a different purpose) for a few years until I got native IPv6 on my ADSL.
  • There are two solutions I can think of, depending on what you need and how much work you're willing to put in.

    First, you could use something like LogMeIn or GoToMyPC. You leave the agent running on a PC on your network then you can login to that PC remotely and access the network resources from there.

    The second solution, and what I do, is use VPN. In my case, I have a dynamic IP address from my ISP and I don't care to remember it. I also want to be able to directly address hosts on my LAN rather th

Order and simplification are the first steps toward mastery of a subject -- the actual enemy is the unknown. -- Thomas Mann