Re: [Nanog-futures] Draft Policy re individual sites
Not such a great idea. A down search engine is an operational problem whether its application or network. It makes lots of phones ring and finger pointing at our networks. This costs us money. Same for major mail products. Delete key? On 4/30/09, Simon Lyall si...@darkmere.gen.nz wrote: A policy idea that has been put forward, thoughts (especially from lurkers) ? Simon NANOG MLC Policy re individual sites == The availability and operation of specific Internet site such as websites and email services is off-topic unless: (a) The problems are caused by network reachability rather than problems at the site hosting the service. (b) The Internet site is a route-server or similar service which directly supports network routing and connectivity. -- Simon Lyall | Very Busy | Web: http://www.darkmere.gen.nz/ To stay awake all night adds a day to your life - Stilgar | eMT. ___ Nanog-futures mailing list Nanog-futures@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-futures -- Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants ___ Nanog-futures mailing list Nanog-futures@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-futures
Re: [Nanog-futures] Draft Policy re individual sites
On Thu, Apr 30, 2009 at 18:45, Simon Lyall si...@darkmere.gen.nz wrote: The availability and operation of specific Internet site such as websites and email services is off-topic unless: (a) The problems are caused by network reachability rather than problems at the site hosting the service. (b) The Internet site is a route-server or similar service which directly supports network routing and connectivity. It's really just easier to say that NANOG is only for old-timers, BGP, and long boring discussions of interest only to IETF policy makers and IETF wanna-bes. IMHO, Engineering belongs on IETF lists, Operational issues on NANOG, and everything else should expire within 24 hours. Is it down for just me *can* be Operational, depending on the poster. -Jim P. ___ Nanog-futures mailing list Nanog-futures@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-futures
Re: OOB customer communications (Re: Looking for Support Contact at Equifax)
On 27 Apr 2009, at 04:24, Suresh Ramasubramanian wrote: If your email and phone communications are down due to a connectivity break, and your customers get connectivity from you [assume no backup links, by default .. you'd be surprised at how many smaller customers get by with a single link and no backups at all. If their connectivity is down too - they just cant get to twitter right? Twitter, in line with the subject line, has got out of band - updates by SMS. So the general lesson is that even organisations with single homed connectivity can post updates to colleagues, peers, customers, if they build tools that let them do so from their cellphones... whether this is via twitter or an externally hosted blog, or status page, or something else. Andy
Re: Important New Requirement for IPv4 Requests
Randy Bush ra...@psg.com writes: mtu clue is also useful. here on tokyo b-flets, and i would guess in many other ppoe environments, you need to tune or lose big-time. But not difficult to beneficially MiM: in pf: scrub in on gre0 max-mss 1400 scrub out on gre0 max-mss 1400 in cisco-land: ip tcp adjust-mss 1400 i'm sure the linux folks can offer up something similar... -r
RE: Important New Requirement for IPv4 Requests
Default MSS for most linux is 0, which causes the kernel to calculate it as the interface MTU-40bytes. You can either change the MTU on the interface or more specifically use the 'ip route ipblock dev interface advmss new mss' command to update it on a per route basis. ~J -Original Message- From: Robert E. Seastrom [mailto:r...@seastrom.com] Sent: Thursday, April 30, 2009 7:12 AM To: Randy Bush Cc: nanog@nanog.org Subject: Re: Important New Requirement for IPv4 Requests Randy Bush ra...@psg.com writes: mtu clue is also useful. here on tokyo b-flets, and i would guess in many other ppoe environments, you need to tune or lose big-time. But not difficult to beneficially MiM: in pf: scrub in on gre0 max-mss 1400 scrub out on gre0 max-mss 1400 in cisco-land: ip tcp adjust-mss 1400 i'm sure the linux folks can offer up something similar... -r
RE: one shot remote root for linux?
On Tue, 28 Apr 2009, Gregory Boehnlein wrote: It is a common misconception that the ESX Hypervisor is Linux based, but that is an urban legend. Is the ESX Hypervisor useful without the Linux layer? Then, to what extent do based on and depends on differ in the context of software? --paulj
Re: Question. Cisco PIX/ASA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe - Maybe the middlebox along the path doesn't like tcp window scale parameter being changed in the midway due to dropped tcp connections or something. Could be specific to microsoft server. What does your pix logs show? Have you tried turning off 'tcp window scale' option on your windows server? I believe this is enabled by default[0]. See if you can test this. I've ran into similar problems using pix/nokia fw. Hopefully this helps and you might want to bounce (do not crosspost :)) this thread off cisco-nsp. regards, /virendra [0] http://support.microsoft.com/kb/934430 Jo¢ wrote: Greetings all I have a customer running with a Cisco 5500 series firewall. What were seeing (as a problem) is that there is a bit being flipped by the firewall in the packet header. The bit in question is the Congession Window Reduced or CWR bit. Under heavy load the target server is getting this bit as high and since (I am guessing) its that way dropping the session yet its not near capacity. It?s a Microsoft server as well. Not that I am knocking that but. Under the same situation a Linux/Apache server doesn't seem to care, and goes about its business. Anyone heard of this? I did searches regarding this but found (as per usual) tons of usless info. I'm not sure why the packets are being changed by the ASA. I know there not hitting the firewall this way (Packet capture) but they are getting changed. Config mishap? Is the ASA throttling down stuff, and if so why not at the requesting party? Dunno. Completely baffled. Thanks In Advance! -Joe -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ+e6DpbZvCIJx1bcRAiYcAKDsGJd2H4QNSB7Leqqc5LwX8Bu78ACgo43T j6t3fKOELjTbgkP0qhBzzwg= =krtL -END PGP SIGNATURE-
Re: one shot remote root for linux?
On Thu, Apr 30, 2009 at 10:28 AM, Paul Jakma p...@jakma.org wrote: On Tue, 28 Apr 2009, Gregory Boehnlein wrote: It is a common misconception that the ESX Hypervisor is Linux based, but that is an urban legend. Is the ESX Hypervisor useful without the Linux layer? Then, to what extent do based on and depends on differ in the context of software? ESXi doesn't require much Linux (just busybox), but I think the point is that the VMkernel (the hypervisor) and the service console (Linux) are separate entities. The SC is really a VM, so it depends more on VMkernel than VMkernel depends on it. dre
Re: one shot remote root for linux?
On Thu, 30 Apr 2009, Andre Gironda wrote: ESXi doesn't require much Linux (just busybox), but I think the point is that the VMkernel (the hypervisor) and the service console (Linux) are separate entities. The SC is really a VM, so it depends more on VMkernel than VMkernel depends on it. So it's a VM, which is required to be booted in order to be able to load the hypervisor? Seems an unusual definition of VM to me.. Also, which code handles the I/O to load the other, less special, VMs? The Linux fs and block layer, or the VMWare hypervisor? Anyway, I fear we're about to be kicked into touch by the moderators.. regards, -- Paul Jakma p...@clubi.ie p...@jakma.org Key ID: 64A2FF6A
Beware surfers: cyberspace is filling up
'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply from as early as next year because of more people working online and the soaring popularity of bandwidth-hungry websites such as YouTube and services such as the BBC’s iPlayer. It will initially lead to computers being disrupted and going offline for several minutes at a time. From 2012, however, PCs and laptops are likely to operate at a much reduced speed, rendering the internet an “unreliable toy”.' http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6169488.ece (I don't even know where to start.) -- J.D. Falk Return Path Inc http://www.returnpath.net/
Re: Beware surfers: cyberspace is filling up
J.D. Falk wrote: 'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply from as early Can you re-send. Something seems to have stopped your entire message from reaching my inb
Re: Beware surfers: cyberspace is filling up
'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply from as early as next year because of more people working online and the soaring popularity of bandwidth-hungry websites such as YouTube and services such as the BBCs iPlayer. It will initially lead to computers being disrupted and going offline for several minutes at a time. From 2012, however, PCs and laptops are likely to operate at a much reduced speed, rendering the internet an unreliable toy.' http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6169488.ece (I don't even know where to start.) You can start by buying your PC a life vest, that way, if something bad should happen while you're surfing, at least it won't drown. Don't you just hate ignorant technobabble. Some idiot has been reliably making this prediction at least every year for the past two decades. Dear author: HEY JERKFACE, APRIL 1 IS THE FIRST DAY OF THE MONTH, NOT THE LAST. GET A CLUE AND FIND SOMETHING TRUE TO SAY. :-) ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: Beware surfers: cyberspace is filling up
'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply ... Dear author: HEY JERKFACE, APRIL 1 IS THE FIRST DAY OF THE MONTH, ... You know, we have only ourselves to blame. If we taped up the openings and blew all of the cruft out of the network every 1 April like we used to, we wouldn't have this problem. R's, John
Re: Beware surfers: cyberspace is filling up
--- jdfalk-li...@cybernothing.org wrote: From: J.D. Falk jdfalk-li...@cybernothing.org 'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply from as early as next year because of more people working online and the soaring popularity of bandwidth-hungry websites such as YouTube and services such as the BBC’s iPlayer. It will initially lead to computers being disrupted and going offline for several minutes at a time. From 2012, however, PCs and laptops are likely to operate at a much reduced speed, rendering the internet an “unreliable toy”.' http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6169488.ece (I don't even know where to start.) --- I know where to start: HAHAHAHAHAHAHAHA! wipes tears of laughter at the stupidity of it from eyes scott ps. I'm sure there's probably a PC way to say that, but I can't think of it at this time... ;-)
Re: Beware surfers: cyberspace is filling up
J.D. Falk wrote: http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6169488.ece (I don't even know where to start.) I was more partial to: In America, telecoms companies are spending £40 billion a year upgrading cables and supercomputers to increase capacity,... We have supercomputers that need upgrading at the telecoms? And who were the peeps providing all this information which got distorted (or did it?) Jack
Re: one shot remote root for linux?
On Apr 30, 2009, at 1:28 PM, Paul Jakma wrote: Is the ESX Hypervisor useful without the Linux layer? Then, to what extent do based on and depends on differ in the context of software? I needed DR-DOS 3 to make NetWare 3.12 boot, but I wouldn't consider it to be based on DOS.
Re: Beware surfers: cyberspace is filling up
(I don't even know where to start.) You could always do what I did and get an internet surge protector that prevents computers from freezing during rolling data brown-outs. The nice banker from Nigeria I've been working with (I'm helping to recover a large inheritance left by a dead colleague) threw one in for free after I gave him my bank account info so he could wire the money. I'm expecting it to be delivered any day now, although according to my records it should have arrived last week. I'm sure everything will work itself out...
Re: Beware surfers: cyberspace is filling up
On Thu, 30 Apr 2009 13:55:44 MDT, J.D. Falk said: (I don't even know where to start.) Seen in a /etc/motd well over 2 decades ago: /dev/earth is 98% full. Please delete anybody you can. (OK, a tad drastic, I admit. ;) When Sir Tim Berners-Lee, the British scientist, wrote the code that transformed a private computer network into the world wide web in 1989, the internet appeared to be a limitless resource. WTF? I remember cursing the congestion on our T-1 link to Suranet in 1989 a lot more often than I curse our 10G link today. Was *anybody* seeing bandwidth as limitless in 1989? ;) pgptp3m7v5T74.pgp Description: PGP signature
Re: Beware surfers: cyberspace is filling up
Recycled alarmism... now get back to enjoying your bout of swine flu. On Thu, Apr 30, 2009 at 12:55 PM, J.D. Falk jdfalk-li...@cybernothing.orgwrote: 'Experts predict that consumer demand, already growing at 60 per cent a year, will start to exceed supply from as early as next year because of more people working online and the soaring popularity of bandwidth-hungry websites such as YouTube and services such as the BBC’s iPlayer. It will initially lead to computers being disrupted and going offline for several minutes at a time. From 2012, however, PCs and laptops are likely to operate at a much reduced speed, rendering the internet an “unreliable toy”.' http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article6169488.ece (I don't even know where to start.) -- J.D. Falk Return Path Inc http://www.returnpath.net/
Re: Beware surfers: cyberspace is filling up
On Thu, 30 Apr 2009 14:23:39 PDT, Greg Schwimer said: Recycled alarmism... now get back to enjoying your bout of swine flu. More alarmism: http://blog.wreckandsalvage.com/post/101932705/godaddy-recommends-against-purchasing-tv-domain :) pgpzi6scz9Xvb.pgp Description: PGP signature
180/8 and 183/8 allocated to APNIC
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in April 2009: 180/8 and 183/8. You can find the IANA IPv4 registry at: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.txt Please update your filters as appropriate. Regards, Leo Vegoda Number Resources Manager, IANA -BEGIN PGP SIGNATURE- Version: 9.10.0.500 wj8DBQFJ+iBAvBLymJnAzRwRAq59AKDYIE9QGQAAJQDuqfQ5Qqo5YiZwWwCg1RNg wwnJkpL3STZw9fDOM7zUToM= =PtJl -END PGP SIGNATURE-
Re: Beware surfers: cyberspace is filling up
Guess we should keep a close eye on it here: http://internetstat.us/ On Thu, Apr 30, 2009 at 4:31 PM, Stefan netfort...@gmail.com wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html -- ***Stefan http://twitter.com/netfortius On Thu, Apr 30, 2009 at 4:29 PM, valdis.kletni...@vt.edu wrote: On Thu, 30 Apr 2009 14:23:39 PDT, Greg Schwimer said: Recycled alarmism... now get back to enjoying your bout of swine flu. More alarmism: http://blog.wreckandsalvage.com/post/101932705/godaddy-recommends-against-purchasing-tv-domain :)
how to fix incorrect GeoIP data?
I have a customer who received a new assignment from ARIN, but the GeoIP data is returning Canada rather than the US as the location of the IP prefix. Google redirects to www.google.ca and some other sites aren't working correctly because they expect a US IP. Does anyone have any advice on how to update the GeoIP and other similar databases? Thanks.
Re: how to fix incorrect GeoIP data?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Apr 30, 2009 at 5:51 PM, Chuck Anderson c...@wpi.edu wrote: I have a customer who received a new assignment from ARIN, but the GeoIP data is returning Canada rather than the US as the location of the IP prefix. Google redirects to www.google.ca and some other sites aren't working correctly because they expect a US IP. Does anyone have any advice on how to update the GeoIP and other similar databases? Wouldn't a SWIP for a sub-allocation work? I was under the impression that most of the GeoIP services fed off of WHOIS registration data points. Than again, maybe I have no idea. ;-) - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ+kxwq1pz9mNUZTMRAlPWAKCy9oGUN7W0+7VKmIU0r9xHFbRxbQCg6LYk rsAbW3zuKzYn6pu50KBhA8I= =APDr -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
Re: Beware surfers: cyberspace is filling up
Stefan wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html Hmmm. that leased lines and private WANs that your company can monitor and control from end to end make it easier to retain and improve network performance than relying on the Internet Are 10G leased lines (or even 1G) and private WANs common these days without using MPLS or some form of resource shared with Internet traffic? And what is the point without the ability to communicate with others? I thought we were well past isolated networks. -Jack
Re: Beware surfers: cyberspace is filling up
On Thu, Apr 30, 2009 at 8:57 PM, Jack Bates jba...@brightok.net wrote: Stefan wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html Hmmm. that leased lines and private WANs that your company can monitor and control from end to end make it easier to retain and improve network performance than relying on the Internet Are 10G leased lines (or even 1G) and private WANs common these days without using MPLS or some form of resource shared with Internet traffic? And what is the point without the ability to communicate with others? I thought we were well past isolated networks. -Jack The point of the blog I quoted was that things are not only black, or only white (as some have been tempted to judge - i.e. completely bashing the original article). To your point - we need to communicate with others (Internet - non QoS ...), of course, but the critical production traffic runs for some on top of fully monitored (not necessarily controlled!) networks ... still ... -- ***Stefan http://twitter.com/netfortius
Re: Beware surfers: cyberspace is filling up
On Thu, Apr 30, 2009 at 9:15 PM, Stefan netfort...@gmail.com wrote: On Thu, Apr 30, 2009 at 8:57 PM, Jack Bates jba...@brightok.net wrote: Stefan wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html Hmmm. that leased lines and private WANs that your company can monitor and control from end to end make it easier to retain and improve network performance than relying on the Internet Are 10G leased lines (or even 1G) and private WANs common these days without using MPLS or some form of resource shared with Internet traffic? And what is the point without the ability to communicate with others? I thought we were well past isolated networks. -Jack The point of the blog I quoted was that things are not only black, or only white (as some have been tempted to judge - i.e. completely bashing the original article). To your point - we need to communicate with others (Internet - non QoS ...), of course, but the critical production traffic runs for some on top of fully monitored (not necessarily controlled!) networks ... still ... -- ***Stefan http://twitter.com/netfortius ... and along the same line, but somehow parallel to the original conversation: http://fora.tv/2009/04/15/Empowering_Internet_Users_Two_Ideas_to_Reshape_Broadband#Coming_Soon_Privately_Owned_Fiber_Optics_to_the_Home -- ***Stefan http://twitter.com/netfortius
Re: Beware surfers: cyberspace is filling up
I think it depends on the industry you are in, in the financial industry, no one uses MPLS clouds or VPN's over the Internet, everyone uses either 1G or 10G links. On Apr 30, 2009, at 6:57 PM, Jack Bates wrote: Stefan wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html Hmmm. that leased lines and private WANs that your company can monitor and control from end to end make it easier to retain and improve network performance than relying on the Internet Are 10G leased lines (or even 1G) and private WANs common these days without using MPLS or some form of resource shared with Internet traffic? And what is the point without the ability to communicate with others? I thought we were well past isolated networks. -Jack
Re: Beware surfers: cyberspace is filling up
On Apr 30, 2009, at 11:43 PM, Shane Ronan wrote: I think it depends on the industry you are in, in the financial industry, no one uses MPLS clouds or VPN's over the Internet, everyone uses either 1G or 10G links. I think Jack's point was that many 1G and 10G links are really just MPLS tunnels through someone else's backbone. And even if not, they are certainly sharing the same ADMs, fibers, regen huts, etc. Shared infrastructure has taken on a whole new meaning. -- TTFN, patrick On Apr 30, 2009, at 6:57 PM, Jack Bates wrote: Stefan wrote: hmmm ... http://www.networkperformancedaily.com/2009/04/so_this_is_what_the_australian.html Hmmm. that leased lines and private WANs that your company can monitor and control from end to end make it easier to retain and improve network performance than relying on the Internet Are 10G leased lines (or even 1G) and private WANs common these days without using MPLS or some form of resource shared with Internet traffic? And what is the point without the ability to communicate with others? I thought we were well past isolated networks. -Jack
Re: how to fix incorrect GeoIP data?
What's the allocation? On Thu, Apr 30, 2009 at 8:51 PM, Chuck Anderson c...@wpi.edu wrote: I have a customer who received a new assignment from ARIN, but the GeoIP data is returning Canada rather than the US as the location of the IP prefix. Google redirects to www.google.ca and some other sites aren't working correctly because they expect a US IP. Does anyone have any advice on how to update the GeoIP and other similar databases? Thanks. -- Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: how to fix incorrect GeoIP data?
On Thu, Apr 30, 2009 at 11:57:23PM -0400, Martin Hannigan wrote: On Thu, Apr 30, 2009 at 8:51 PM, Chuck Anderson c...@wpi.edu wrote: I have a customer who received a new assignment from ARIN, but the GeoIP data is returning Canada rather than the US as the location of the IP prefix. Google redirects to www.google.ca and some other sites aren't working correctly because they expect a US IP. Does anyone have any advice on how to update the GeoIP and other similar databases? What's the allocation? 74.112.8.0/21 Google has been contacted and they said it will take a month for stuff to update. The customer has also updated hostip.info.