RE: optics pricing (Re: Weird GigE Media Converter Behavior)
On Sun, 29 Aug 2004, Michel Py wrote: > 1. Support: sometimes you will need vendor support, and > this is especially true of new products. Putting > Kingston DRAM in a 2600 is one thing; a limited test on > a few routers will quickly show if it works or not, and > the odds of an IOS upgrade that would suddenly trigger > the third-party memory to cause problems are close to > zero, as DRAM as long passed the development stage and > is now a commodity. > > OTOH, you won't have that many OC-192 IRs or LRs to play > with. Maybe you'd try one third party PHY, then another > one if the first one works, and so on. And suddenly > something changes (which does happen with new products) > and your vendor implements the changes on their PHYs but > not on yours. You're screwed. I can see the vendor's concern about support. But it seems pretty hollow when after they lock me into a specific SFP, to "help" me, they mark it up 4x or more--because they can. If it was really about better customer experience, they would "lock" it down to an approved list of 3rd-party products, any of which could be purchased off the open market. Or they would publish a list of approved and/or supported 3rd-party optics, like Cisco used to do. Those customers who wanted to get the endorsed OEM product could buy those. And customers who wanted to cut corners at the risk of losing jobs and lower-quality service could do so. I've not seen any efforts by vendors to do anything about 3rd-party optics other than to prohibit them. So the vendors that still support 3rd-party optics must not be experiencing excruciating pain. As discussed at a recent NANOG, the vendor-specified modifications to the optics are trivial and do not justify the proprietary lock-up or the mark-up (if they did, then you'd expect the vendors to patent them and not have to lock them up). Unfortunately the only way this will change, if it can change, is with customer pressure, and to a very small extent, competitive pressure. Hopefully enough large vendors will allow 3rd-party optics so the threat to buy from the other guy will be credible. Pete.
Re: OT: Novel uses for old hardware?
On Sun, 29 Aug 2004, Ryan Lackey wrote: > The things which I think will help the most: > Old enterprise gear is probably the least useful assistance > available right now, at least in general, but there are probably > exceptions. Shipping is pretty expensive, about USD 4/kg by air. We see a lot of folks on the US side trying to donate 7500s and Cat 5000s, which are next to useless for people in countries without much network, particularly when kitted out with FDDI and ATM blades. What we see a lot of demand for from countries that don't currently have much network are 1760s, 2600s, 3725s, 2950s, and 3500/3550s. Not least because that's what's affordable to ship, and affordable to pay the customs bribes on. Try getting a half-rack piece of gear through customs in a lot of developing countries, and you'll have a bit of work on your hands. > We should have an Iraqi non-profit org soon, but for US tax purposes, > I'm sure there are US non-profits which could be used to channel any > kind of contributions. NSRC (http://www.nsrc.org/) does that, as does PCH. Both are 501(c)(3) non-profit in the US, which means that donations can be written off against taxes at fair market value. I presume that they're a little picky about what they take, as we are. -Bill
RE: Best Practices for Enterprise networks
Of course it can work. My point is that it is a fact of life, nothing more. Pointing out the obvious: Dependent upon who is/are your upstream provider(s), and how specific the prefix announcements are made to their peers (re: your reachability) determines just how symmetric your traffic patterns will be. - ferg -- "Michel Py" <[EMAIL PROTECTED]> wrote: > Asymmetric paths are a fact of life in the Internet. Not for enterprise operators except the largest ones. Asymmetric traffic does happen in the core, where there are no firewalls or NATs; as far as the edge is concerned though I know several companies that multihome to two or more ISPs but only in one location, largely because they don't want to deal with NAT/firewall issues. Although it can work, it requires extra engineering and most of the time a fat pipe to replicate state information between the sites. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED]
RE: Best Practices for Enterprise networks
>> Tracy Smith wrote: >> Specifically, to NAT or not to NAT? This is not much of an issue anymore. If you receive IP addresses from your ISP, not natting would be foolish. Even if you do own your own public IP space, the NAT issues are fundamentally no different than the firewall ones and since not having a firewall is not an option, most enterprises will indeed NAT some of their subnets in their firewalls, whether or not they have or could easily obtain public space. > At what point should NAT-ting be performed ... > exclusively at the Egress point If there is only one egress point, indeed (typically at the firewall that's between the outside router and the inside router). If there are multiple egress points it's more interesting. There are multiple designs. > about firewalling - centralized/decentralized? Greatly varies depending the design and requirements of a given enterprise. > Iljitsch van Beijnum wrote: > Fortunately, I've never been in the position > to make such decisions, That's when you understand the real meaning of FUD: when you @55 and/or your job are on the line ;-) > but I can tell you one thing: if you have multiple connections > to the internet, you had better make sure that your NATs and > firewalls are equipped to handle the case where you send a > packet out through connection A and the reply comes back > through connection B. Indeed. > Paul Ferguson wrote: > Asymmetric paths are a fact of life in the Internet. Not for enterprise operators except the largest ones. Asymmetric traffic does happen in the core, where there are no firewalls or NATs; as far as the edge is concerned though I know several companies that multihome to two or more ISPs but only in one location, largely because they don't want to deal with NAT/firewall issues. Although it can work, it requires extra engineering and most of the time a fat pipe to replicate state information between the sites. Michel.
Re: Best Practices for Enterprise networks
On Mon, 30 Aug 2004, Fergie (Paul Ferguson) wrote: > > > Asymmetric paths are a fact of life in the Internet. > engineer your network to deal with that (from the enterprise perspective, not the ISP side) and it's not a problem... we have several customers in this scenario today, all work well. > - ferg > > -- Iljitsch van Beijnum <[EMAIL PROTECTED]> wrote: > > On 30-aug-04, at 0:50, Tracy Smith wrote: > > > Hello. I am tyring to gauge what the Best Practices are for > > Enterprise network connections to the Internet. Specifically, to NAT > > or not to NAT? At what point should NAT-ting be performed ... > > exclusively at the Egress point or at decentralized points? What > > about firewalling - centralized/decentralized? > > Fortunately, I've never been in the position to make such decisions, > but I can tell you one thing: if you have multiple connections to the > internet, you had better make sure that your NATs and firewalls are (aimed at original poster) NAT is normally a decision local to the site... "have enough ips? don't nat" "Don't have enough ips, NAT" or the ever popular: "Want to hide your internal network details, nat" I'm not sure there is a 'best practice' that really covers nat. Perhaps paying for some consulting from some of the larger consulting firms would help you address your particular issues directly?
Re: Best Practices for Enterprise networks
Asymmetric paths are a fact of life in the Internet. - ferg -- Iljitsch van Beijnum <[EMAIL PROTECTED]> wrote: On 30-aug-04, at 0:50, Tracy Smith wrote: > Hello. I am tyring to gauge what the Best Practices are for > Enterprise network connections to the Internet. Specifically, to NAT > or not to NAT? At what point should NAT-ting be performed ... > exclusively at the Egress point or at decentralized points? What > about firewalling - centralized/decentralized? Fortunately, I've never been in the position to make such decisions, but I can tell you one thing: if you have multiple connections to the internet, you had better make sure that your NATs and firewalls are equipped to handle the case where you send a packet out through connection A and the reply comes back through connection B. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED]
Re: FBI bust DDoS 'Mafia'
On Sun, 29 Aug 2004, Thornton wrote: However Guantanamo isn't America. Convenient that, isnt it.. regards, -- Paul Jakma [EMAIL PROTECTED] [EMAIL PROTECTED] Key ID: 64A2FF6A Fortune: Anyone can hold the helm when the sea is calm. -- Publius Syrus
Re: FBI bust DDoS 'Mafia'
On Sun, 29 Aug 2004, Ricardo "Rick" Gonzalez wrote: You know, here in America, we have this concept called "innocent until proven guilty". What country are you from? Ah.. so that's what Guantanemo bay is about. sorry, couldnt resist. regards, -- Paul Jakma [EMAIL PROTECTED] [EMAIL PROTECTED] Key ID: 64A2FF6A Fortune: Friction is a drag.
Re: Best Practices for Enterprise networks
On 30-aug-04, at 0:50, Tracy Smith wrote: Hello. I am tyring to gauge what the Best Practices are for Enterprise network connections to the Internet. Specifically, to NAT or not to NAT? At what point should NAT-ting be performed ... exclusively at the Egress point or at decentralized points? What about firewalling - centralized/decentralized? Fortunately, I've never been in the position to make such decisions, but I can tell you one thing: if you have multiple connections to the internet, you had better make sure that your NATs and firewalls are equipped to handle the case where you send a packet out through connection A and the reply comes back through connection B.
Best Practices for Enterprise networks
Hello. I am tyring to gauge what the Best Practices are for Enterprise network connections to the Internet. Specifically, to NAT or not to NAT? At what point should NAT-ting be performed ... exclusively at the Egress point or at decentralized points? What about firewalling - centralized/decentralized? Thanks in advance for any feedback! Tracy Smith [EMAIL PROTECTED]
Re: 10 GE WAN PHY status?
On Sun, 29 Aug 2004, Stefan Mink wrote: > But having a look at it doesn't hurt :] Any pointers to vendors of wan > phy xenpaks? http://www.optillion.com/show.php?list_item_id=50&id=19425 80km and DWDM variants are also available in samples: http://www.optillion.com/show.php?id=19417 -- Mikael Abrahamssonemail: [EMAIL PROTECTED]
Re: 10 GE WAN PHY status?
On Sun, Aug 29, 2004 at 02:02:27PM +0200, Mikael Abrahamsson wrote: > Correct, Extreme doesn't sell WAN PHY Xenpaks. On the other hand they > don't code their Xenpaks so WAN PHY xenpaks work in their equipment, > although it's not supported. mhm, I'm still reluctant to use such a combination in a production network if I don't have an officially supported fallback. But having a look at it doesn't hurt :] Any pointers to vendors of wan phy xenpaks? tschuess Stefan -- Stefan Mink, Schlund+Partner AG (AS 8560) Primary key fingerprint: 389E 5DC9 751F A6EB B974 DC3F 7A1B CF62 F0D4 D2BA pgpLAuF89MOre.pgp Description: PGP signature
Re: FBI bust DDoS 'Mafia'
I hate to really comment on this as wellbut this is old news...the SecurityFocus report was released a few days ago and anyone who has actually gotten info from the Southern District of Ohio on the evidence could easily show that this is more than just a "innocent man made to look guilty" sort of case, Paul Ashley (ArGG) was the owner of FooNET / CIT Hosting and he ran all of this right in front of many of our faces on IRC and I know I personally as well as many others have been hit by not directly from him but his counter-parts...Joshua Schichtel (EMP, CIT-Joshua) and Lee Walker (sorCe) I never did get to find out who Jonathan Hall (Rain) was and I suppose that is a good thing as the two above caused enough damage...Joshua Schichtel probably the most...and the ways they are doing this also highly effects our responsabilities to keep our customers machines clean, firewalled and virtually not there in the face of the internet...I wish the great firewall of china actually started filtering this DoS as it does many other things...lets just start with spam. As far as civil liberties go...this was a treasonist act where when you commit treason (If your a citizen such as a couple who are down there were) you loose all rights, I don't care if your now forced to live in solitary confinement for 100 years while you wait for your trial. And those who arn't citizens carried out terrorist attacks and are now PoW's (Hmmm was Al Quida ever at the Geneva Convention..don't think so, so they get no rights either) the PoW's are actually treated better than they would ever be in the home countries. Lets just go ahead and change the pre-amble right now to read "Life, liberty and the persuit of all who threaten it" because I am not backing down to give civil rights and liberties to terrorists...hell where were our rights when they decided to attack us? Joshua Brady On Sun, 29 Aug 2004 01:52:06 -0700, Thornton <[EMAIL PROTECTED]> wrote: > > Yes America defiantly isn't what it used to be or what it was meant to > be. > > However Guantanamo isn't America. Some of them are starting to be tried > now too. > > Sklyarov is on bail. Although I think its time he either be tried or > for them to drop it. > > But as far America, things need to be changed to restore our civil > rights and other injustices that are going on here. > > > On Sun, 2004-08-29 at 01:29, Pekka Savola wrote: > > I shouldn't be feeding a troll but in case this was serious.. > > > > On Sun, 29 Aug 2004, Ricardo "Rick" Gonzalez wrote: > > > > No comments, check the url > > > > > > > > http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ > > > > > > > > I'm happy some of these criminals sent to jail! > > > > > > You know, here in America, we have this concept called "innocent until > > > proven guilty". What country are you from? > > > > The America is not what it used to be. Welcome to the 21st century. > > > > Have those guys rotting at Guantanamo been proven guilty? What was > > the deal with Sklyarov (http://www.freesklyarov.org/)? Etc. > Thornton > Cierra Group > www.cierragroup.com > Efficient Licensing and Consulting > >
RE: optics pricing (Re: Weird GigE Media Converter Behavior)
>> Michel Py wrote: >> Economics 101. Cisco (and many other vendors, BTW) are not >> charities. Their purpose is to make investors and >> shareholders (which includes me) happy. And yes, this >> includes reselling OEM hardware at astronomical >> prices when they can, because it never lasts long. > Richard A Steenbergen wrote: > Obviously. But us folks who run networks aren't charities either FTR, I made the exact same point many times myself. > Obviously it is the job of the vendor to try and squeeze as > much money out of their customers as they possibly can, but > at least smart folks have the CHOICE not to take the bait. It's not that simple, because of two things: 1. Support and 2. The FUD factor. 1. Support: sometimes you will need vendor support, and this is especially true of new products. Putting Kingston DRAM in a 2600 is one thing; a limited test on a few routers will quickly show if it works or not, and the odds of an IOS upgrade that would suddenly trigger the third-party memory to cause problems are close to zero, as DRAM as long passed the development stage and is now a commodity. OTOH, you won't have that many OC-192 IRs or LRs to play with. Maybe you'd try one third party PHY, then another one if the first one works, and so on. And suddenly something changes (which does happen with new products) and your vendor implements the changes on their PHYs but not on yours. You're screwed. 2. FUD: How much revenue do these 4 OC-192s bring? This combined with the multi-million cost of a CRS-1 system, is it worth the risk to save a mere $200k street price or $400k list? Would you put your job on the line for it? > We start to get annoyed when the vendors remove that choice > by engaging in practices like locking down GBIC/SFP modules > by vendor ID codes for no reason other than to force customers > into paying absurd markup for their optics, intentionally > designing interfaces with fixed optics so that you have to > purchase more cards than you might actually need in order > to have the necessary optics, etc. Don't get me wrong: I'm equally annoyed, and I think that some pointing out of the practice and whining about it can be healthy. After all, if nobody whined about memory prices, we would still be facing the choice of buying it at 20x cost with support or at 2x without. The point I was trying to make is that during the initial phase of a product, there is likely nothing we can do about it no matter how loud we whine (which should not stop us to whine). > Robert E. Seastrom wrote: > [..CRS-1..] and nobody, not even certain well known crazy people, > is going to pay money for one to use as a SOHO router). Never say never. 7500s are common soho routers and there are a growing number of us that are GSR wannabes, because we can't stand to see our buddies have one. I do not plan to install it in my WC though. Michel.
Fwd: The Internet at 35: Still evolving
"Thirty-five years after computer scientists at UCLA linked two bulky computers using a 15-foot gray cable, testing a new way to exchange data over networks, what would ultimately become the Internet remains a work in progress." http://www.cnn.com/2004/TECH/internet/08/29/internet.birthday.ap/index.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED]
RE: optics pricing (Re: Weird GigE Media Converter Behavior)
Title: RE: optics pricing (Re: Weird GigE Media Converter Behavior) Aha. It appears I was correct in framing my knowledge as out-of-date. :-) It looks like the technology *has* advanced, and that 10GE on MMF or SMF, single-channel, is what the current state of the art is, and at the $2k-3k unit price. In which case, yes, not offering this (and not building cards to use cheaper and/or more flexible component, ie XENPAK), is likely going to be a huge mistake Cisco. Unless they bite the bullet and do whatever it takes to make xenpak-based 10G cards, on at least some flavour of card on any 10G platform. (I don't really expect a xenpak-compatible version of soho routers to show up, although it *would* be nice as an option on most of their switch families.) So, I sit corrected. ;-) BTW, thanks for pointing this out; it's nice to see that things haven't completely stagnated in the last couple of years. Brian P.S. At that price level, I actually *do* expect another Swede will have, or already has, one or more of this class of box at home. In his WC, even. ;-) P.P.S. He's not crazy. But he *should* have a t-shirt that says "I'm with STUPI". ;-) -Original Message- From: Mikael Abrahamsson [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 29, 2004 12:08 PM To: Dickson, Brian Cc: [EMAIL PROTECTED] Subject: Re: optics pricing (Re: Weird GigE Media Converter Behavior) Then why can I purchase 10km 10GE Xenpaks directly from the manufacturer for under $2000? > On the other hand, it'd be nice to see a copper 10GBIC, even if its > max cable length were a few metres. ;-) There is one. It's called CX4 and has a reach of 15 meters. Cisco sold it for $600 list price at first but it has now disappeared from the price list. I don't know why. http://www.cisco.com/en/US/products/hw/modules/ps4835/products_data_sheet09186a008007cd00.html -- Mikael Abrahamsson email: [EMAIL PROTECTED]
Re: optics pricing (Re: Weird GigE Media Converter Behavior)
On Sun, 29 Aug 2004, Dickson, Brian wrote: > do, with current-generation chip-production technology. 10Ghz optics are > old-school lasers, several orders of magnitude larger, much more > power-hungry, delicate, and in all likelyhood, hand-crafted with low yields. > They really are that expensive. Just check out the price on 10G transponders > (eg DWDM equipment) if you don't believe that's the case... Then why can I purchase 10km 10GE Xenpaks directly from the manufacturer for under $2000? > On the other hand, it'd be nice to see a copper 10GBIC, even if its max > cable length were a few metres. ;-) There is one. It's called CX4 and has a reach of 15 meters. Cisco sold it for $600 list price at first but it has now disappeared from the price list. I don't know why. http://www.cisco.com/en/US/products/hw/modules/ps4835/products_data_sheet09186a008007cd00.html -- Mikael Abrahamssonemail: [EMAIL PROTECTED]
Re: optics pricing (Re: Weird GigE Media Converter Behavior)
Title: Re: optics pricing (Re: Weird GigE Media Converter Behavior) Actually, (and this is from memory from a couple of years ago), most of the reason for cost of optics on 10G interfaces is simply *physics* (and the technology of component production at the current state-of-the-art level). (If any of the people questioning the pricing had bothered to look into *cost* (you know, that "input" thing before mark-up), or done any reading (and "light" reading doesn't count ;-)), you'd already know the reasons.) What it boils down to, is that the way solid-state on-chip lasers are made, for 1.0 GHz (really 933 MHz, IIRC), or even 2.5 GHz, fundamentally doesn't work for 10Ghz. It's because they are *lasers*, where component accuracy is really critical, and at 10Ghz, it crosses a threshold that likely won't be solved until someone clever invents some new way of doing things, or until "nanotech" becomes nanotech (without the quotes). And the VSR 10G, is really a misnomer. What it is, is 10 x 1.25 GHz "parallel" interface with fibre-optic ribbon cables. The 10 is so they can build in some hardware redundancy in case of failure, and also to improve the yields and infant mortality rates on production of the chips. Basically, 1.25 GHz (or maybe it's 1.125? It's been too long) are easy to do, with current-generation chip-production technology. 10Ghz optics are old-school lasers, several orders of magnitude larger, much more power-hungry, delicate, and in all likelyhood, hand-crafted with low yields. They really are that expensive. Just check out the price on 10G transponders (eg DWDM equipment) if you don't believe that's the case... On the other hand, it'd be nice to see a copper 10GBIC, even if its max cable length were a few metres. ;-) Keep in mind, I'm following standard NANOG methodology and quoting old information without checking my facts against current reality. :-) Your mileage (or cost) may vary, as they say. -- Brian Dickson Arbinet
Re: optics pricing (Re: Weird GigE Media Converter Behavior)
Mikael Abrahamsson <[EMAIL PROTECTED]> writes: > Is there anyone who can justify this pricing with anything else than > "because we can?" To expand on what I said to you privately, let's follow the money: Assume $200,000/board as the marginal cost of manufacturing one. Assume a minimum of 65 points off for any customer who buys a CRS-1 (hint: large telcos do not pay list price... and nobody, not even certain well-known crazy people, is going to pay money for one to use as a SOHO router). So now we have a strawman marginal profit per board sold of $150,000. Assume that Cisco actually has about a billion dollars into the HFR project (offhand comment by a usually reliable source). That means that ignoring the chassis sales side, we're looking at about 6700 interface cards (> 26500) OC192 IR ports sold to get back the initial engineering investment. That's not figuring in the cost of support for those 6700 cards out in the field; you're probably looking at 8500 or more cards (> 34000 ports) sold in order to hit break-even. Now consider the size of the market. You're not selling PAs for people's 7200s here, and you're selling a card that replaces *four* cards on a lesser platform. Under the circumstances, I'm not sure that Cisco's list price is high enough, but I'll defer judgement on that to the people who run the numbers behind the scenes in San Jose. They're the ones whose jobs are on the line if this product turns out to be $1b bragging rights exercise with no hope for payback. If you find the prices staggering, it's likely that you and your organization don't need this product. Arguments about price gouging on memory, GBICs, power cords, and other commodity items that your organization actually *does* need are orthogonal to this discussion. ---Rob
Re: 10 GE WAN PHY status?
On Sun, 29 Aug 2004, Stefan Mink wrote: > almost all switch vendors sell xenpak solutions, but no wan phy xenpaks > :] (or did I miss something on the Exterme references?) Correct, Extreme doesn't sell WAN PHY Xenpaks. On the other hand they don't code their Xenpaks so WAN PHY xenpaks work in their equipment, although it's not supported. -- Mikael Abrahamssonemail: [EMAIL PROTECTED]
Re: 10 GE WAN PHY status?
On Sat, Aug 28, 2004 at 11:28:02AM +0100, Neil J. McRae wrote: > Most of the current optical DWDM systems that operators use > today [i.e. >2 years old] can't do it and its not just a > connector issue. definitely not, I guess the system basically must have an ethernet switch included which does the conversion and buffering between the faster (asynchronous transport layer) lan phy port and the slower (synchronous transport layer) wan phy port... Some metro DWDM systems (e.g. optera metro) can do it today, but I guess they couldn't do it either two years ago... tschuess Stefan -- Stefan Mink, Schlund+Partner AG (AS 8560) Primary key fingerprint: 389E 5DC9 751F A6EB B974 DC3F 7A1B CF62 F0D4 D2BA pgpJiC0RStwMH.pgp Description: PGP signature
Re: 10 GE WAN PHY status?
Eric, On Sat, Aug 28, 2004 at 10:18:03AM +0200, Erik Bais wrote: > I know that Extreme Networks already is shipping XENPAK enabled switches. The max > for a single fiberspan according to the specs = 40Km. ( depending on the quality of > the fibers and the attenuation. ) > They have blade's for the Blackdiamond 68 series and the BD10K and the Summit400 has > 2 slots where you can fit them in. almost all switch vendors sell xenpak solutions, but no wan phy xenpaks :] (or did I miss something on the Exterme references?) tschuess Stefan -- Stefan Mink, Schlund+Partner AG (AS 8560) Primary key fingerprint: 389E 5DC9 751F A6EB B974 DC3F 7A1B CF62 F0D4 D2BA pgpE2qXmIiyGt.pgp Description: PGP signature
Re: FBI bust DDoS 'Mafia' - OT!!!!
- Original Message - From: "Thornton" <[EMAIL PROTECTED]> To: "Pekka Savola" <[EMAIL PROTECTED]> Cc: "Ricardo "Rick" Gonzalez" <[EMAIL PROTECTED]>; "John Obi" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, August 29, 2004 6:52 PM Subject: Re: FBI bust DDoS 'Mafia' Yes America defiantly isn't what it used to be or what it was meant to be. I hate to be a party pooper here but: 1) We know not every country's politics agrees with everyone else from other countries or even in the same country so we aren't going to get a nice conclusion to this thread... SO 2) May we return programming to the usual channel now? PLEASE? Greg.
Re: OT: Novel uses for old hardware?
Over here in Iraq, I've seen people use new SOHO gear ($30 NAT router/switch, etc.), and I've been moving them up to used low-end cisco gear and linux/freebsd PCs for some things. The big contractors bring in expensive cutting-edge gear which doesn't work very well (because it's still so new), especially for VoIP (IP phones on the desktop really are not as well understood as multiline digital PBXes with VoIP CO circuits). The advantage of soho type new equipment, vs. equivalently priced old enterprise gear, is it is a LOT easier to train people on it. We're thinking about setting up a proper networking school, maybe trying to do vendor cert prep, since we have 100 or so iraqi engineers (with cs/it SB/SM degrees, often), but that is something for the future. We're a (successful) commercial company, but I'm also very interested in serving unprofitable markets through some kind of non-profit efforts. We have a lot of VSAT experience, and are looking at fixed wireless for some things, so if anyone could help us serve some additional users who we can't justify from a purely business basis, I'd be interested. There are some big organizations like USAID/DAI doing internet cafes across the country, which is great, but I've found some of the best "charity" is grass-roots, inexpensive/free The things which I think will help the most: #1) Moving this country off NAT. I'm trying to get a LIR set up, and once we do that, I am not going to be shy about using public IPs where appropriate. I plan to do some slightly more advanced than default-to-vsat routing at 1000+ sites. Donations of routable IP space would also be appreciated. /19 or so would probably be good for now. I'd be happy to assign space to commercial competitors as well as others on a non-discriminatory basis. #2) Increase in-country peering...right now, almost all sites are little islands with a vsat route back to EU or US, so two systems in the same office might have two vsat hops and a fiber backhaul to peer at somewhere in california. #3) Technical training -- any assistance from vendors in this would be most appreciated. cisco would be particularly good, but even just a general IP/ethernet/open systems, or MCSE even, would be a useful practical program for iraqis with a fair bit of theoretical background. #4) Transponder capacity -- any "interesting"/non-commercial users will end up using very pricey VSAT bandwidth, and I only have a very limited amount of this spare, after commercial customers are taken care of (sat bandwidth for most systems is kept at very high utilization...people will eat all you put in front of them). If there are any companies with "event" transponders, etc. with mideast coverage, I'd be happy to do the ground station work to take advantage of that capacity, on a pre-emptable basis, for community networking. #5) Software -- r-t-l, i18n issues, as well as general http caching proxies, anti-virus proxies and devices to mitigate the effects of viruses/worms on very small, very expensive uplinks, etc. Old enterprise gear is probably the least useful assistance available right now, at least in general, but there are probably exceptions. Good test/measurement gear, training lab equipment, tools, and RF/microwave are probably the main ones. Shipping is pretty expensive, about USD 4/kg by air, but for bulk consolidated shipments, there's probably the land route from Kuwait or Turkey. Iraq is a slightly special case, since there are a lot of big companies operating over here, and a well-educated population which is not actually inherently poor, but I think a lot of this would apply elsewhere. We should have an Iraqi non-profit org soon, but for US tax purposes, I'm sure there are US non-profits which could be used to channel any kind of contributions. The best way to make it successful long-term is to get local tech/business people involved, and basically serve as investors-with-equipment in their project, and reward them (with more equipment, etc.) for meeting certain goals -- either providing specific services, or generating revenue in business which would not be commercially viable without free capital equipment, etc. Quoting John Ferriby <[EMAIL PROTECTED]>: > > Is anyone aware of lists or sites dedicated to novel > uses for old hardware? > > I'm trying to figure out what to do with some old working > gear that is valued practically as scrap. e.g. old lucent/ascend > max 4002 units. Me thinks they are 6 year old antiques. -- Ryan Lackey [RL960-RIPE AS24812] [EMAIL PROTECTED] +1 800 723 0127 OpenPGP DH 4096: B8B8 3D95 F940 9760 C64B DE90 07AD BE07 D2E0 301F
Re: FBI bust DDoS 'Mafia'
Yes America defiantly isn't what it used to be or what it was meant to be. However Guantanamo isn't America. Some of them are starting to be tried now too. Sklyarov is on bail. Although I think its time he either be tried or for them to drop it. But as far America, things need to be changed to restore our civil rights and other injustices that are going on here. On Sun, 2004-08-29 at 01:29, Pekka Savola wrote: > I shouldn't be feeding a troll but in case this was serious.. > > On Sun, 29 Aug 2004, Ricardo "Rick" Gonzalez wrote: > > > No comments, check the url > > > > > > http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ > > > > > > I'm happy some of these criminals sent to jail! > > > > You know, here in America, we have this concept called "innocent until > > proven guilty". What country are you from? > > The America is not what it used to be. Welcome to the 21st century. > > Have those guys rotting at Guantanamo been proven guilty? What was > the deal with Sklyarov (http://www.freesklyarov.org/)? Etc. Thornton Cierra Group www.cierragroup.com Efficient Licensing and Consulting
Re: FBI bust DDoS 'Mafia'
I shouldn't be feeding a troll but in case this was serious.. On Sun, 29 Aug 2004, Ricardo "Rick" Gonzalez wrote: > > No comments, check the url > > > > http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ > > > > I'm happy some of these criminals sent to jail! > > You know, here in America, we have this concept called "innocent until > proven guilty". What country are you from? The America is not what it used to be. Welcome to the 21st century. Have those guys rotting at Guantanamo been proven guilty? What was the deal with Sklyarov (http://www.freesklyarov.org/)? Etc. -- Pekka Savola "You each name yourselves king, yet the Netcore Oykingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
Re: FBI bust DDoS 'Mafia'
> No comments, check the url > > http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ > > I'm happy some of these criminals sent to jail! You know, here in America, we have this concept called "innocent until proven guilty". What country are you from?
FBI bust DDoS 'Mafia'
No comments, check the url http://www.theregister.co.uk/2004/08/27/ddos_mafia_busted/ I'm happy some of these criminals sent to jail! ___ Do you Yahoo!? Express yourself with Y! Messenger! Free. Download now. http://messenger.yahoo.com