Sounds like you definitely need a tunnel. Fortunately you have a Linux box in a well connected data center with a static IP address. You can do an SSH tunnel, or you can get really lazy and set up a PPTP server that hands out a public address (like we did for Ford).
I suppose if I had gotten cable I would have set up something like that by now too.
When this option is *NOT* checked, the only traffic that gets tunnelled is the traffic on the same subnet as the address handed out by the VPN "adapter."
When the option *IS* checked, everything goes through the tunnel except for the PPTP itself.
When we did Ford's setup, we abused PPTP by having it hand out a globally routable public address in order to virtually bind a static IP to a computer located on a consumer-grade ISP. He's running Linux on the client side, though, and can play with the routing.
In your case, you're really just trying to reach stuff on your own server, right? If that's the case then you can probably just use the simplest possible pptpd configuration, un-check the "Use default gateway on remote network" box, and commit yourself to always activating the VPN when you play on the server (the commitment is required because your mail client etc. will need to be programmed with the VPN private address instead of the server's public address).
Here is something that might interest y'all.
My internet provider is currently running PPPv6 trials to give a 'native' IPv6 interface to DSL customers. Previously I used a hexago-style tunnel from them as well.
My main stumbling block has been with various flavors of dhcpv6 - I have to use the rare WIDE DHCPv6 client as it seems to be the only one to support v6 prefix delegation right now. radvd also wants me to have my leased prefix in its config file, unlike the tunnel which did not need that.
# /sbin/ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:18.104.22.168 P-t-P:22.214.171.124 Mask:255.255.255.255
inet6 addr: 2001:44b8:3071:b2:c041:64f6:4610:608b/64 Scope:Global
inet6 addr: fe80::c041:64f6:4610:608b/10 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:22727 errors:0 dropped:0 overruns:0 frame:0
TX packets:23518 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:15744030 (15.0 MiB) TX bytes:4612865 (4.3 MiB) # traceroute6 hawthorne.citadel.org
traceroute to hawthorne.citadel.org (2001:470:1f06:531::2) from 2001:44b8:3071:b2:c041:64f6:4610:608b, 30 hops max, 16 byte packets
1 loop0.lns6.syd7.internode.on.net (2001:44b8:b070::4) 45.265 ms 46.456 ms 43.87 ms
2 gi1-1.cor2.syd7.internode.on.net (2001:44b8:b070:5::1) 45.82 ms 44.307 ms 44.577 ms
3 gi6-0-0-102.bdr1.syd7.internode.on.net (2001:44b8:b070:102::1) 45.573 ms 48.259 ms 44.586 ms
4 gi8-0.bdr1.sjc2.internode.on.net (2001:44b8:b070:4::2) 227.631 ms 249.515 ms 250.076 ms
5 paix.ipv6.he.net (2001:504:d::10) 227.081 ms 237.242 ms 230.119 ms
6 10gigabitethernet1-1.core1.lax1.he.net (2001:470:0:34::2) 271.494 ms 261.085 ms 259.693 ms
7 10gigabitethernet4-3.core1.nyc4.he.net (2001:470:0:10e::2) 323.422 ms 328.833 ms 322.739 ms
8 1g-bge0.tserv4.nyc4.ipv6.he.net (2001:470:0:5d::2) 327.635 ms 321.43 ms 325.192 ms
9 * * *
10 uncnsrd-pt.tunnel.tserv4.nyc4.ipv6.he.net (2001:470:1f06:531::2) 323.828 ms 324.649 ms 322.789 ms
I solved my PHP problem I posted about a while back... turns out all i needed was:
eval (blah blah blah)}
eval (blah blah blah)}
and repeat the elseif() inefinately until i conver all the uid's then end with a general else() to cover the rest of the pplz' logged in. didnt have to use a switch()... turned out pretty snazzy.
On a more _on the topic_ note, i noticed i'm not getting the upload speed i paid for... im supposed to get 1mb upload and im only getting about 400k. is there any way to get what i paid for or am i screwed??
"Up to" is ISP-speak for "we'll provision your hardware for 1 Mbps but we'll probably oversubscribe the network to the point where you have very little chance of getting that much throughput."
The only way to actually get the advertised speed is to visit all of your neighbors and destroy their computers.
I'm getting the advertised downspeed (7mb/sec), their advertised up-speed is "1mb/sec standard, Up To 2mb/sec with 'Power Boost'" and downspeed is advertised at "7mb/sec standard, up to 9mb/sec with 'Power Boost'"... or at least that's what's on my monthly agreement...
The "T Band" frequencies are the ones available for upstream.
Upstream also has to be time division multiplexed at the CMTS, which uses the bandwidth less efficiently than statistical multiplexing. Downstream can be stat muxed because the CMTS has all of the data already and can blast the packets out at wire speed.
(In plain English: you're screwed)
Yes, I'm on Time Warner's cable internet package. I'll take a look at that link you posted when I get home.. I'm posting from work currently >.<
There is no shame in geekdom... unless you're not proud of being a geek.
I took a look at that table... yeah... like you said... I'm screwed.
I guess my upload depends on how many people are connected to the upload stream at one time, so the more there are connected, the less bandwidth I have and the packets aren't "expected" like with a download so it takes even longer.
So how do "Big Hosting Companies"(TM) get such high upload bandwidth? FIOS? Other(o.0)?
FIOS is shared bandwidth, but it's not nearly as oversubscribed as cable television nodes tend to be. The data channels on BPON for example are 622 Mbps downstream, 155 Mbps upstream, shared between no more than 32 subscribers.
I'm provisioned at 25/15 and I've never had trouble reaching either of those limits whenever I felt inclined to test it.
So, the next time I go looking for internet, I go looking for FIOS?
That seems to be the big news around the broadband world. 25/15 is a bit overkill for what I do, but it would be very nice since I like to do a bunch of hosting and whatnot from my home.
---hate to ask... but about how much does residential fios run?
I'm on a $99/month "triple play" package that provides 25/15 Mbps Internet, one phone line, and a decent lineup of television channels (including many in HD ... too bad I don't have an HDTV). After adding a DVR, a second television, and all of the BTAF (let's use that acronym from now on to refer to what Ford calls "Bullshit Taxes And Fees") it comes to about $139/month.
It was a better deal than the cable company was able to offer. Your mileage may vary.
I don't think FIOS is available to me at my current location, or where I plan on moving, but I'll check into it. That seems like an awesome deal if I can get it.
PPTP server that hands out a public address (like we did for Ford).
is that running on pete's machine?
I never really checked the port blocking situation since they switched me over from weird customer to normal customer, but in fact, port 80 and 25 are NOT blocked.
I am stunned.
I don't trust them.
I bet if they see too much utilization, they'll do something bad.
As it is, my bi-weekly mailing to 150 people in my mailing list originally failed because I sent mail too quickly, after 10 in rapid succession, I had to wait I think 15 minutes before I could send mail again.
so now I slowed it down to 1 every 5 seconds or so and it seems to work okay.
Then last week the mail starting getting blocked as spam by their mailer (which I now realize is why it takes soooooooooo long to send mail with them, they have to spam check every piece going out. )
And since I had an IP address in a url, they started marking it as spam.
Worked 2 weeks ago, but not anymore.