Re: More on Sri Lanka fiber outage....
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2004-08-24, at 12.58, Bruce Campbell wrote: On Mon, 23 Aug 2004, Tony Li wrote: Did they arrest the crew? They have grounds on negligence charges... The crew of the ship for having dropped anchor presumably in defiance of 'Undersea cable, Do not anchor here' signs, or the telco for having sited a critical communications cable near/beneath a busy port ? if that was the criteria, all of the UK would only be connected to the US. And having worked for someone who owned sea-cables mainland-UK, that was occasionally a tempting idea :-) - - kurtis - / Running -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQTWAgqarNKXTPFCVEQJhtgCdG3eI4xc5mYfvfJzGwTcQ2Qbi5pQAoN8c pnIJTv7irT+Hd5J21rqU04YM =mwOD -END PGP SIGNATURE-
re: Senator Diane Feinstein Wants to know about the Benefits of P2P
In article [EMAIL PROTECTED], Brian Battle [EMAIL PROTECTED] writes Akamai or not, microsoft is overwhelmed by the demand for SP2, and today is giving the message listed below on windowsupdate: Download and install it now - Currently not available We are currently experiencing a high level of demand for Windows XP Service Pack 2, so please check back later for availability. We apologize for any inconvenience. If you prefer to obtain SP2 another way, the easiest way to get Service Pack 2 is to turn on the Automatic Updates feature in Windows XP and it will be downloaded when you are connected to the Internet without you having to take any further action. So then I thought about getting it from the torrent at sp2torrent.com, but sadly microsoft has made them remove the torrent... I have a solution, but it's expensive. A url for the whole 266MB download (and not the smaller selective download that Windows Update would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. -- Roland Perry
Re: optics pricing (Re: Weird GigE Media Converter Behavior)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2004-08-29, at 15.58, Robert E. Seastrom wrote: If you find the prices staggering, it's likely that you and your organization don't need this product. Arguments about price gouging on memory, GBICs, power cords, and other commodity items that your organization actually *does* need are orthogonal to this discussion. didn't we have this discussion when the T640 came out. How many have one? - - kurtis - -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQTWI9qarNKXTPFCVEQIXDQCcCBnI+QMGSbojRDqGi1rN854/AHEAoLFY jusxejesCvB+3OA4AImajpmO =CVTQ -END PGP SIGNATURE-
re: Senator Diane Feinstein Wants to know about the Benefits of P2P
quote who=Roland Perry I have a solution, but it's expensive. A url for the whole 266MB download (and not the smaller selective download that Windows Update would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0-73cf11fdcdf8/WindowsXP-KB835935-SP2-ENU.exe linked from: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx (well, click get the service pack and then download) Just because sp2torrent.com is down doesn't mean the rest of the torrent world is. Supernova.org seems to have some links to an SP2 torrent or two. as usual, ymmv, davidu David A. Ulevitch - Founder, EveryDNS.Net http://david.ulevitch.com -- http://everydns.net
Re: Senator Diane Feinstein Wants to know about the Benefits of P2P
In article [EMAIL PROTECTED], David A. Ulevitch [EMAIL PROTECTED] writes Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0-73cf11fdcdf8/WindowsXP-KB835935-SP2-ENU.exe linked from: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx (well, click get the service pack and then download) I suppose my beef here is that they go on to say: DO NOT CLICK DOWNLOAD IF YOU ARE UPDATING JUST ONE COMPUTER: A smaller, more appropriate download is now available on Windows Update. Except it isn't. (Nor was it a week ago). I'm an IT professional, but only one of my PCs is running XP. And it's a full-price retail copy, not a bundled-OEM or upgrade. Hence me feeling left out when I'm told that IT professionals have already been allowed their Windows-update. As we are told that this is in part a security update, anyone running a network should be worried at the difficulty some of their users are having getting hold of it. -- Roland Perry
Re: Senator Diane Feinstein Wants to know about the Benefits of P2P
Michel Py wrote: 2) Make audio CD's unreadable in a computer so nobody can rip the .wav tracks to .mp3. Totally stupid: 2.a) Remember the last ones that tried (namely Sony)? Their protection scheme could be defeated in 2 seconds with a sharpie. I'm still laughing at it. Hara-kiri comes to mind. ... 2.c) Anyway, given the audio quality of standard gear today, a single digital.wav - analog - digital.mp3 pass is not going to degrade the audio quality enough to bother anybody. In other words: connect a good CD player to a PC with a good soundcard with a grounded gold-plated cable and rip to .mp3 from the analog input, nobody will know that it's not a direct CD audio track to .mp3 rip. If it can come out the speaker or the screen *and* we don't collectively submit to some in-body DRM tech, then it can be copied and redistributed. Any sane media exec (and I use the word in a general sense, not clinical) person would have realised that copy protection is only putting another row of sandbags ontop of the old to stop the eventual innundation. These folks are playing the long game, and are using recent P2P illegal distribution stories (in a mass media that they control, ipso facto) as the straw man to buy better laws for themselves for the future. Reality is something that can be legislated against, at least that appears to be the gist of it. 3. Finally, and although it is true that copyright infringement is very often associated with P2P, I found myself downloading a lot of .mp3 files that I actually own on LP, simply because it's faster to download the file than it is to rip it from the LP (I know because I tried: I actually have a few CDs that I ripped myself from the LP). I bought the 33 1/3 album, I am entitled to a backup on another media. My personal reasons for any downloading of audio, specifically, in it's unavailability through retail channels. I keep picking up references to older stuff that has been dumped by the pop-bods many years ago and cannot be bought for love nor money. I may be breaking some law, but in these cases I do not feel a moral problem. If I could find the artist, in many cases I would even pay them the equiv. of the CD price directly. Perhaps the new business models that will have to be rolled out, either by the existing companies or new, will allow for the full back catalogues to be availale to those of us willing to pay - and then my minor infractions can stop. Back closer to topic, networks. P2P is a bandwidth spiral as we all know - more broadband, more sharing. Will it ever slow down ? Not in our career lifetimes I think. Whether legal or not, content is going to be doing this merry-go-round for the forseeable future, and the best we can hope for is to build and maintain the networks while it happend. Peter
XP SP2 other than windows update
On Wed, 1 Sep 2004, David A. Ulevitch wrote: would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0-73cf11fdcdf8/WindowsXP-KB835935-SP2-ENU.exe CompUSA is offering to install XP SP2 on any Windows XP computer for free if you bring your computer to any of their stores. Expect them to use the opportunity to try to sell you some upgrades or security software. You can order a Free CD on the Microsoft web site. Although it says 4-6 weeks, people report they are getting a CD in the mail in about a week. There has been talk about Microsoft XP SP2 CD's being distribued through various consumer and business electronics stores. But I haven't seen any yet.
Re: XP SP2 other than windows update
The CD's are supposed to hit Comp USA and Best BUy within the next month or two for SP2. The download link in this email should work fine for you even though it is the large network install if you really need it and have broadband go for it. On Wed, 2004-09-01 at 03:59, Sean Donelan wrote: On Wed, 1 Sep 2004, David A. Ulevitch wrote: would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0-73cf11fdcdf8/WindowsXP-KB835935-SP2-ENU.exe CompUSA is offering to install XP SP2 on any Windows XP computer for free if you bring your computer to any of their stores. Expect them to use the opportunity to try to sell you some upgrades or security software. You can order a Free CD on the Microsoft web site. Although it says 4-6 weeks, people report they are getting a CD in the mail in about a week. There has been talk about Microsoft XP SP2 CD's being distribued through various consumer and business electronics stores. But I haven't seen any yet. Thornton Cierra Group www.cierragroup.com Efficient Licensing and Consulting
Re: XP SP2 other than windows update
In article [EMAIL PROTECTED], Sean Donelan [EMAIL PROTECTED] writes You can order a Free CD on the Microsoft web site. Although it says 4-6 weeks, people report they are getting a CD in the mail in about a week. Is distribution from all their worldwide offices, or will users outside the USA have to wait for international delivery? -- Roland Perry
Re: XP SP2 other than windows update
They will have to wait for international delivery. On Wed, 2004-09-01 at 04:18, Roland Perry wrote: In article [EMAIL PROTECTED], Sean Donelan [EMAIL PROTECTED] writes You can order a Free CD on the Microsoft web site. Although it says 4-6 weeks, people report they are getting a CD in the mail in about a week. Is distribution from all their worldwide offices, or will users outside the USA have to wait for international delivery? Thornton Cierra Group www.cierragroup.com Efficient Licensing and Consulting
Re: Senator Diane Feinstein Wants to know about the Benefits of P2P
Not that I'm trying to put words in your mouth, but I believe you meant suprnova.org which is a BitTorrent site (supernova.org is not a bittorrent site). Check out this link for a list of other BitTorrent sites and applications: http://kevinrose.typepad.com/kr/2004/07/darktip_the_bes.html -- Jeff Wheeler Postmaster, Network Admin US Institute of Peace On Sep 1, 2004, at 4:33 AM, David A. Ulevitch wrote: quote who=Roland Perry I have a solution, but it's expensive. A url for the whole 266MB download (and not the smaller selective download that Windows Update would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0 -73cf11fdcdf8/WindowsXP-KB835935-SP2-ENU.exe linked from: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/ winxpsp2.mspx (well, click get the service pack and then download) Just because sp2torrent.com is down doesn't mean the rest of the torrent world is. Supernova.org seems to have some links to an SP2 torrent or two. as usual, ymmv, davidu David A. Ulevitch - Founder, EveryDNS.Net http://david.ulevitch.com -- http://everydns.net
RE: XP SP2 other than windows update
Roland Perry wrote: I'm an IT professional, but only one of my PCs is running XP. And it's a full-price retail copy, not a bundled-OEM or upgrade. Hence me feeling left out when I'm told that IT professionals have already been allowed their Windows-update. Every IT professional I know has had SP2 available three different ways for two weeks: 1) Somewhere on a server for support staff to begin to experiment with and for a small set of guinea pig users to install. 2) On a CD made after the download. On my CD I also have SP1 for Office 2003. Part of being an IT professional includes maintaining an updated set of CDs carried at all times. 3) On a slipstreamed install CD for new installs. Optionally, 4a) On an SP2 image on a RIS server 4b) On a ghost images The final SP2 has been available on M$ site even for people that don't have an MSDN subscription. Anyone that wants to call themselves an IT professional _does_ download and try major updates _before_ they are made available to end users, period. Michel.
RE: Senator Diane Feinstein Wants to know about the Benefits of P2P
Peter Galbavy wrote: My personal reasons for any downloading of audio, specifically, in it's unavailability through retail channels. I keep picking up references to older stuff that has been dumped by the pop-bods many years ago and cannot be bought for love nor money. I may be breaking some law, but in these cases I do not feel a moral problem. If I could find the artist, in many cases I would even pay them the equiv. of the CD price directly. Perhaps the new business models that will have to be rolled out, either by the existing companies or new, will allow for the full back catalogues to be availale to those of us willing to pay - and then my minor infractions can stop. ACK, same here. Back closer to topic, networks. P2P is a bandwidth spiral as we all know - more broadband, more sharing. Will it ever slow down ? Not in our career lifetimes I think. Whether legal or not, content is going to be doing this merry-go-round for the forseeable future, and the best we can hope for is to build and maintain the networks while it happend. While I generally agree, there is a phenomenon that we might want to consider in some years: everyone having a local copy of every movie and music they want to see or hear. For music, this is already possible: some people have thousands and sometimes tens of thousands of files, and more and more get a jumpstart in building their library by massive dumps of buddies hard disks. For movies, terabyte disks are not far away and it's only a matter of time. In other words: as of today a large part of the bandwidth is allocated to building everyone's collection of files. This might gradually change to become bandwidth being used only for incremental updates as huge local file libraries become common place. Michel.
Re: XP SP2 other than windows update
In article [EMAIL PROTECTED] ca.us, Michel Py [EMAIL PROTECTED] writes Every IT professional I know has had SP2 available three different ways for two weeks: 1) Somewhere on a server for support staff to begin to experiment with and for a small set of guinea pig users to install. 2) On a CD made after the download. On my CD I also have SP1 for Office 2003. Part of being an IT professional includes maintaining an updated set of CDs carried at all times. 3) On a slipstreamed install CD for new installs. Optionally, 4a) On an SP2 image on a RIS server 4b) On a ghost images The final SP2 has been available on M$ site even for people that don't have an MSDN subscription. Anyone that wants to call themselves an IT professional _does_ download and try major updates _before_ they are made available to end users, period. Perhaps it makes more sense when I say that I only have two users, and one of them is myself (and yes, I do have an SP1 CD). Long ago I used to Microsoft's biggest customer in Europe (I think Olivetti was the second biggest), the first major shipper of Windows /386 in the World, and well aware of the issues when rolling out new software to lots of users. The last couple of months I've been in hospital, and missed most of the hoo-ha over SP2, but now that it's officially released I was really surprised I didn't get an automatic update. -- Roland Perry
RE: XP SP2 other than windows update
Already got mine and it went nice and smooth as far as I can tell. Kudos to MS. Has anyone noticed a real impact on the internet, traffic wise, related to XP2? I'd suspect that some of the tier1's may see the traffic? Maybe not? -M -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sean Donelan Sent: Wednesday, September 01, 2004 7:00 AM To: [EMAIL PROTECTED] Subject: XP SP2 other than windows update On Wed, 1 Sep 2004, David A. Ulevitch wrote: would provide). If anyone's that desperate, email me. I only used it after waiting a week with the Automatic Updates switched on, and nothing arriving. Microsoft isn't hiding the link: http://download.microsoft.com/download/1/6/5/165b076b-aaa9-443d-84f0-73cf11f dcdf8/WindowsXP-KB835935-SP2-ENU.exe CompUSA is offering to install XP SP2 on any Windows XP computer for free if you bring your computer to any of their stores. Expect them to use the opportunity to try to sell you some upgrades or security software. You can order a Free CD on the Microsoft web site. Although it says 4-6 weeks, people report they are getting a CD in the mail in about a week. There has been talk about Microsoft XP SP2 CD's being distribued through various consumer and business electronics stores. But I haven't seen any yet.
Re: XP SP2 other than windows update
I would be surprised if it wasn't on akamai, which would cut down on much of the external traffic. On Wed, 1 Sep 2004 12:01:24 -0400 , Hannigan, Martin [EMAIL PROTECTED] wrote: Already got mine and it went nice and smooth as far as I can tell. Kudos to MS. Has anyone noticed a real impact on the internet, traffic wise, related to XP2? I'd suspect that some of the tier1's may see the traffic? Maybe not? -M -- Steven Susbauer
RE: XP SP2 other than windows update
That URL does resolve to Akamai, but I had heard a rumor they weren't going that route. -M -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Steven Susbauer Sent: Wednesday, September 01, 2004 12:24 PM To: [EMAIL PROTECTED] Subject: Re: XP SP2 other than windows update I would be surprised if it wasn't on akamai, which would cut down on much of the external traffic. On Wed, 1 Sep 2004 12:01:24 -0400 , Hannigan, Martin [EMAIL PROTECTED] wrote: Already got mine and it went nice and smooth as far as I can tell. Kudos to MS. Has anyone noticed a real impact on the internet, traffic wise, related to XP2? I'd suspect that some of the tier1's may see the traffic? Maybe not? -M -- Steven Susbauer
Re: XP SP2 other than windows update
I hadn't heard they were keeping it off akamai. I have heard they're asking ISP's not to mirror it (and any other mirrors), and have shut down bittorrent downloads. That's understandable as they would be blamed if someone downloaded a compromised version (strange how they didn't mind Sp1 mirroring...). On Wed, 1 Sep 2004 12:30:47 -0400 , Hannigan, Martin [EMAIL PROTECTED] wrote: That URL does resolve to Akamai, but I had heard a rumor they weren't going that route. -M Steven Susbauer
RE: XP SP2 other than windows update
Title: Re: XP SP2 other than windows update From: [EMAIL PROTECTED] on behalf of Steven SusbauerSent: Wed 9/1/2004 9:49 AMTo: [EMAIL PROTECTED]Subject: Re: XP SP2 other than windows update I hadn't heard they were keeping it off akamai. I have heard they'reasking ISP's not to mirror it (and any other mirrors), and have shutdown bittorrent downloads. That's understandable as they would beblamed if someone downloaded a compromised version (strange how theydidn't mind Sp1 mirroring...).On Wed, 1 Sep 2004 12:30:47 -0400 , Hannigan, Martin[EMAIL PROTECTED] wrote: That URL does resolve to Akamai, but I had heard a rumor they weren't going that route. -MSteven Susbauer
DNS Anycast as traffic optimizer?
I'm sure there is research out there, but I can't find it, so does anyone know of any research showing how good/bad using DNS anycast is as a kludgey traffic optimiser? (i.e. having multiple datacenters, all anycasting the authoritative name server for a domain, but each datacenters' DNS server resolving the domain name to an IP local to that datacenter, under the assumption that if the end user hit that DNS server first, there is some relationship between that datacenter and good performance for that user.) THe question is, what is that some relationship? 80% as good as Akamai? Terrible? TIA
Re: XP SP2 other than windows update
In article [EMAIL PROTECTED], Steven Susbauer [EMAIL PROTECTED] writes That's understandable as they would be blamed if someone downloaded a compromised version (strange how they didn't mind Sp1 mirroring...). I would have thought that they would have checksummed the file to a known value, so that any kind of corruption during downloading would be detected. -- Roland Perry
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, Steve Francis wrote: I'm sure there is research out there... Why? :-) ...how good/bad using DNS anycast is as a kludgey traffic optimiser? I'd hardly call it a kludge. It's been standard best-practice for over a decade. THe question is, what is that some relationship? 80% as good as Akamai? Terrible? Should be much higher than Akamai, since that's not what they're optimizing for. If you want nearest server, anycast will give you that essentially 100% of the time. Akamai tries to get queries to servers that have enough available capacity to handle the load. Since they're handling bursty, high-bandwidth applications, rather than DNS. -Bill
Linux w/o checking TCP sequence numbers
Not really the right forum for this, but the kindo f thing nanog'ers know: Is there a way to make Linux ignore TCP sequence numbers? My goal is to be able to have a test network with servers that a point real traffic at, mirrored off the live network. Of course, only the live servers will be responding with the SYN-ACKs, etc. The test servers replies won't make it out. So when the client replies, sequence numbers would be wrong on the test servers, and they'd kill the connection. However, I've been told there is a way to make Linux ignore the sequence numbers, and assume the packet is good. I can't find anything on google with all the thousands of patches to Linux about tcp sequence numbers, so anyone have any clues? Thanks
Re: DNS Anycast as traffic optimizer?
Bill Woodcock wrote: On Wed, 1 Sep 2004, Steve Francis wrote: I'm sure there is research out there... Why? :-) Usual - if I build it myself, will it work well enough, or should I pony up for a CDN? ...how good/bad using DNS anycast is as a kludgey traffic optimiser? I'd hardly call it a kludge. It's been standard best-practice for over a decade. I thought it was standard best practice for availability, like for root name servers. I thought it was not a good closest server selection mechanism, as you'll be going to the closest server as determined by BGP - which may have little relationship to the server with lowest RTT. It'd be nice to see some metrics wither way THe question is, what is that some relationship? 80% as good as Akamai? Terrible? Should be much higher than Akamai, since that's not what they're optimizing for. If you want nearest server, anycast will give you that essentially 100% of the time. Akamai tries to get queries to servers that have enough available capacity to handle the load. Since they're handling bursty, high-bandwidth applications, rather than DNS. -Bill
noc/mail admin contact for hotmail.com?
I need to get in touch with RP at hotmail, tried [EMAIL PROTECTED], which is only for consumers of hotmail, as it needs to reference a hotmail account. I tried [EMAIL PROTECTED], but have received no response. Is there a more appropriate known address? This has to do with blocking mail at the server level. Reply off-list as preferred. Kind regards, Dave D +- + Dave Dennis + Seattle, WA + [EMAIL PROTECTED] + http://www.dmdennis.com +-
Re: Linux w/o checking TCP sequence numbers
Steve Francis wrote: Not really the right forum for this, but the kindo f thing nanog'ers know: Is there a way to make Linux ignore TCP sequence numbers? You want to RTFS tcp_data_queue in tcp_input.c. However, even if you get what you ask for you don't get what you wish to accomplish. Pete
Re: DNS Anycast as traffic optimizer?
(Caution: Chris is a chemical engineer, not an anycast engineer) On Wed, 1 Sep 2004, Steve Francis wrote: Bill Woodcock wrote: ...how good/bad using DNS anycast is as a kludgey traffic optimiser? I'd hardly call it a kludge. It's been standard best-practice for over a decade. If I read your original request correctly you were planning on: 1) having presence in multiple datacenters (assume multiple providers as well) 2) having a 'authoritative' DNS server in each facility (or 2/3/4 whatever per center) 3) return datacenter-1-host-1 from datacenter-1-authserver-1, datacenter-2-host-2 from datacenter-2-authserver-1, and so forth. This isn't really 'anycast' so much as 'different A records depending on server which was asked' So, you'd be dependent on: 1) order of DNS requests made to AUTH NS servers for your domain/host 2) speed of network(s) between requestor and responder 3) effects of using caching DNS servers along the route You are not, now, making your decision on 'network closeness' so much as 'application swiftness'. I suspect you'd really also introduce some major troubleshooting headaches with this setup, not just for you, but for your users as well. I think in the end you probably want to obtain PI space from ARIN and use that as the 'home' for your DNS and Application servers, or atleast the application servers. There was some mention, and research I believe(?), about the value of having a partial Anycast deployment, so 3/4ths of your capacity on Anycast servers and 1/4th on 'normal' hosts to guard against route flaps and dampening of prefixes... I'm sure that some of the existing anycast users could provide much mode relevant real-world experiences though. -chris
Re: DNS Anycast as traffic optimizer?
On Wed, 01 Sep 2004, Steve Francis wrote: I'm sure there is research out there, but I can't find it, so does anyone know of any research showing how good/bad using DNS anycast is as a kludgey traffic optimiser? (i.e. having multiple datacenters, all anycasting the authoritative name server for a domain, but each datacenters' DNS server resolving the domain name to an IP local to that datacenter, under the assumption that if the end user hit that DNS server first, there is some relationship between that datacenter and good performance for that user.) I can give you one data point: VeriSign anycasts j.root-servers.net from all the same locations (minus one) where the com/net authoritative servers (i.e., *.gtld-servers.net) are located. An informal examination of query rates among all the J root instances (traffic distribution via BGP) vs. query rates among all the com/net servers (traffic distribution via iterative resolver algorithms, which means round trip time in the case of BIND and Microsoft) shows much more even distribution when the iterative resolvers get to pick vs. BGP. Note that we're not using the no-export community, so all J root routes are global. When examining queries per second, there is a factor of ten separating the busiest J root instance from the least busy, whereas for com/net it's more like a factor of 2.5. Of course, I'm sure a lot of that has to do with server placement, especially in the BGP case. For what it's worth, Matt -- Matt Larson [EMAIL PROTECTED] VeriSign Naming and Directory Services
Re: DNS Anycast as traffic optimizer?
Christopher L. Morrow wrote: If I read your original request correctly you were planning on: 1) having presence in multiple datacenters (assume multiple providers as well) 2) having a 'authoritative' DNS server in each facility (or 2/3/4 whatever per center) 3) return datacenter-1-host-1 from datacenter-1-authserver-1, datacenter-2-host-2 from datacenter-2-authserver-1, and so forth. This isn't really 'anycast' so much as 'different A records depending on server which was asked' Well, there'd be one NS record returned for the zone in question. That NS record would be an IP address that is anycasted from all the datacenters. So end users (or their DNS servers) would all query the same IP address as the NS for that zone, but would end up at different datacenters depending on the whims of the anycasted BGP space. Once they reached a name server, then yes, it changes to 'different A records depending on server which was asked' So, you'd be dependent on: 1) order of DNS requests made to AUTH NS servers for your domain/host As there'd only be one NS server address returned, that negates this point. 2) speed of network(s) between requestor and responder Or the closenes (in a BGP sense) b/w the requester and the anycasted DNS server. 3) effects of using caching DNS servers along the route True. But I'm not trying to cope with instantly changing dynamic conditions. I suspect you'd really also introduce some major troubleshooting headaches with this setup, not just for you, but for your users as well. I don't doubt that. :-)
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, Steve Francis wrote: Christopher L. Morrow wrote: If I read your original request correctly you were planning on: 1) having presence in multiple datacenters (assume multiple providers as well) 2) having a 'authoritative' DNS server in each facility (or 2/3/4 whatever per center) 3) return datacenter-1-host-1 from datacenter-1-authserver-1, datacenter-2-host-2 from datacenter-2-authserver-1, and so forth. This isn't really 'anycast' so much as 'different A records depending on server which was asked' Well, there'd be one NS record returned for the zone in question. That NS record would be an IP address that is anycasted from all the datacenters. So end users (or their DNS servers) would all query the same IP address as the NS for that zone, but would end up at different datacenters depending on the whims of the anycasted BGP space. Hmm, why not anycast the service/application ips? Having inconsistent DNS info seems like a problem waiting to bite your behind. I suspect you'd really also introduce some major troubleshooting headaches with this setup, not just for you, but for your users as well. I don't doubt that. :-) which I'd think you'd want to minimize as much as possible, right?
Re: DNS Anycast as traffic optimizer?
This isn't really 'anycast' so much as 'different A records depending on server which was asked' right. Well, there'd be one NS record returned for the zone in question. That NS record would be an IP address that is anycasted from all the datacenters. So end users (or their DNS servers) would all query the same IP address as the NS for that zone, but would end up at different datacenters depending on the whims of the anycasted BGP space. that's generic dns anycast. it's safe if your routing team is very strong. Once they reached a name server, then yes, it changes to 'different A records depending on server which was asked' that's incoherent dns. when i first began castigating people in public for this, i coined the term stupid dns tricks to describe this behaviour. cisco now has products that will do this for you. many web hosting companies offer this incoherence as though it were some kind of feature. akamai at one time depended on it, speedera at one time did not, i don't know what's happening currently, perhaps they've flipflopped. dns is not a redirection service, and incoherence is bad. when you make a query you're asking for a mapping of name,class,type,time to an rrset. offering back a different rrset based on criteria like source ip address, bgp path length, ping rtt, or the phase of the moon, is a protocol violation, and you shouldn't do it. the only way to make this not be a protocol violation is to use zero TTL's to prohibit caching/reuse, which is also bad but for a different reason. I suspect you'd really also introduce some major troubleshooting headaches with this setup, not just for you, but for your users as well. I don't doubt that. :-) not only is it bad dns, it's bad web service. the fact that a current routing table gives a client's query to a particular anycasted DNS server does not mean that the web services mirror co-located with that DNS server is the one that would give you the best performance. for one thing, the client's dns forwarding/caching resolver might have a different position in the connectivity graph than the web client. for another thing, as-path length doesn't tell you anything about current congestion or bandwidth -- BGP is not IGRP (and thank goodness!). if you want a web client to get its web data from the best possible web services host/mirror out of a distributed cluster, then you will have to do something a hell of a lot smarter than incoherent dns. there are open source packages to help you do this. they involve sending back an HTTP redirect to clients who would be best served by some other member of the distributed mirror cluster. -- Paul Vixie
IMP #1
Tomorrow (Sept. 2) it will be 35 years since IMP #1 was plugged in at Len Kleinrock's lab at UCLA. Happy Birthday! Peter
Re: DNS Anycast as traffic optimizer?
On Wed, Sep 01, 2004 at 08:00:53PM +, Christopher L. Morrow wrote: On Wed, 1 Sep 2004, Steve Francis wrote: Christopher L. Morrow wrote: If I read your original request correctly you were planning on: 1) having presence in multiple datacenters (assume multiple providers as well) 2) having a 'authoritative' DNS server in each facility (or 2/3/4 whatever per center) 3) return datacenter-1-host-1 from datacenter-1-authserver-1, datacenter-2-host-2 from datacenter-2-authserver-1, and so forth. This isn't really 'anycast' so much as 'different A records depending on server which was asked' Well, there'd be one NS record returned for the zone in question. That NS record would be an IP address that is anycasted from all the datacenters. So end users (or their DNS servers) would all query the same IP address as the NS for that zone, but would end up at different datacenters depending on the whims of the anycasted BGP space. Hmm, why not anycast the service/application ips? Having inconsistent DNS info seems like a problem waiting to bite your behind. Which begs the question.. is anyone doing this right now? I've been wondering about the potential issues wrt anycasting tcp applications.. TCP sessions would be affected negatively during a route change.. -J -- James JunTowardEX Technologies, Inc. Technical LeadNetwork Design, Consulting, IT Outsourcing [EMAIL PROTECTED] Boston-based Colocation Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
Re: optics pricing (Re: Weird GigE Media Converter Behavior)
--On onsdag 1 september 2004 10.31 +0200 Kurt Erik Lindqvist [EMAIL PROTECTED] wrote: didn't we have this discussion when the T640 came out. How many have one? Nordunet has one. Nice box. -- Måns Nilsson Systems Specialist +46 70 681 7204 KTHNOC MN1334-RIPE pgphPzBN1wQld.pgp Description: PGP signature
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, James wrote: On Wed, Sep 01, 2004 at 08:00:53PM +, Christopher L. Morrow wrote: On Wed, 1 Sep 2004, Steve Francis wrote: Christopher L. Morrow wrote: Hmm, why not anycast the service/application ips? Having inconsistent DNS info seems like a problem waiting to bite your behind. Which begs the question.. is anyone doing this right now? I've been wondering about the potential issues wrt anycasting tcp applications.. TCP sessions would be affected negatively during a route change.. short-lived tcp is probably ok though (like static webpages or something of that sort) you'll also have to watch out for maintaining state for distributed application servers (I suppose). TCP anycast has many more complicated implications than UDP/DNS things, or so it seems to my untrained/educated eye.
Verizon mail contact
I'm having some issues getting mail out to Verizon accounts from windermere.com. Could a verizon postmaster please contact me? Thanks [EMAIL PROTECTED] 206-315-4357 -- Joe Hamelin Edmonds, WA, US
Re: DNS Anycast as traffic optimizer?
On 2 Sep 2004, at 06:05, Bill Woodcock wrote: If you want nearest server, anycast will give you that essentially 100% of the time. Just to clarify this slightly, since I've known people to misinterpret this point: a clear, contextual understanding of the word nearest is important in understanding this sentence. Here's an example: France Telecom was an early supporter of F-root's anycast deployment in Hong Kong. Due to the peering between OpenTransit and F at the HKIX, the nearest F-root server to OT customers in Paris was in Asia, despite the fact that there were other F-root nodes deployed in Europe. Those OT customers were indeed reaching the nearest F-root node, or maybe they weren't, depending on what you understand by the word near. Another one: where anycast nodes are deployed within the scope of an IGP, topological nearness does not necessarily indicate best performance (since not all circuits will have the same loading, in general, and maybe a short, congested hop is not as near as several uncongested hops). For F, we don't worry too much about which flavour of near we achieve for every potential client: redundancy/diversity/reliability/availability is more important than minimising the time to do a lookup, and the fact that the near we achieve in many cases corresponds to what human users expect it to mean is really just a bonus. However, in the general case it's important to understand what kind of near you need, and to deploy accordingly. Joe
Re: DNS Anycast as traffic optimizer?
On Wed, Sep 01, 2004 at 11:06:16AM -0700, Steve Francis wrote: I'm sure there is research out there, but I can't find it, so does anyone know of any research showing how good/bad using DNS anycast is as a kludgey traffic optimiser? http://www.caida.org/outreach/papers/2002/Distance/ this paper would be somewhat on-topic, as you can infer the performance characteristics that anycast would have. no direct comparisons made to akamai,etc but maybe you can infer those as well. -dre
Re: DNS Anycast as traffic optimizer?
Paul Vixie wrote: not only is it bad dns, it's bad web service. the fact that a current routing table gives a client's query to a particular anycasted DNS server does not mean that the web services mirror co-located with that DNS server is the one that would give you the best performance. for one thing, the client's dns forwarding/caching resolver might have a different position in the connectivity graph than the web client. for another thing, as-path length doesn't tell you anything about current congestion or bandwidth -- BGP is not IGRP (and thank goodness!). I'm aware that web clients are not colocated with the client's name server, and that BGP does not attempt to optimise performance. However, I suspect that in most cases, the client is close enough to the name server, and the BGP best path is close enough to the best path if it were based on latency, that most clients would be happy with the result most of the time. I'm not aiming for 100%, just Good Enough. I'd be interested in seeing any data refuting either of those points, but it looks like I may have to do it, see what I find, and go write my own research paper. :-) (I have found data that client's name servers are incorrect indicators of RTT b/w 2 web locations and clients 21 % of the time, but not how incorrect... http://www.ieee-infocom.org/2001/paper/806.pdf)
Re: IMP #1
I wonder if that was the same IMP that was gathering dust in a corner of the student/staff lounge in Boelter Hall at UCLA? I used to see it when I would pass by there on my way to the library 20 years ago... Joe On 9/1/04 1:40 PM, Peter H Salus [EMAIL PROTECTED] wrote: Tomorrow (Sept. 2) it will be 35 years since IMP #1 was plugged in at Len Kleinrock's lab at UCLA. Happy Birthday! Peter -- Joe McGuckin ViaNet Communications 994 San Antonio Road Palo Alto, CA 94303 Phone: 650-213-1302 Cell: 650-207-0372 Fax: 650-969-2124
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, Steve Francis wrote: Paul Vixie wrote: not only is it bad dns, it's bad web service. the fact that a current routing table gives a client's query to a particular anycasted DNS server does not mean that the web services mirror co-located with that DNS server is the one that would give you the best performance. for one thing, the client's dns forwarding/caching resolver might have a different position in the connectivity graph than the web client. for another thing, as-path length doesn't tell you anything about current congestion or bandwidth -- BGP is not IGRP (and thank goodness!). I'm aware that web clients are not colocated with the client's name server, and that BGP does not attempt to optimise performance. However, I suspect that in most cases, the client is close enough to the name server, and the BGP best path is close enough to the best path if it were based on latency, that most clients would be happy with the result most of the time. I'm not aiming for 100%, just Good Enough. This is not always a good assumption: 1) dial clients sometimes get their DNS info from their radius profile (I believe) sometimes that dns server isn't on the same ASN as the dialup link. 2) many people have hardcoded DNS servers over the years, ones that have drifted from 'close' to 'far' 3) corporations with multiple exit points and larger internal networks might have DNS servers that exit in one country but are queried internally from other countries/states/locations. I think Paul's partly pointing out that you are using DNS for the wrong thing here, and partly pointing out that you are going to increase your troubleshooting overhead/complexity... Users on network X that you expect to use datacenter Y are really accessing datacenter Z because their dns cache server is located on network U :( I'm glad to see Joe/Paul/Bill jump in though... they do know quite a bit more about the practice of anycasting services on large networks.
Re: DNS Anycast as traffic optimizer?
On Sep 1, 2004, at 2:17 PM, Steve Francis wrote: ...how good/bad using DNS anycast is as a kludgey traffic optimiser? I'd hardly call it a kludge. It's been standard best-practice for over a decade. I thought it was standard best practice for availability, like for root name servers. I thought it was not a good closest server selection mechanism, as you'll be going to the closest server as determined by BGP - which may have little relationship to the server with lowest RTT. It'd be nice to see some metrics wither way I don't know any papers, but I have see real world examples where a well peered network was adjacent to 5 or more anycasted server, 3 in the US, one in Europe, and one in Asia. The network was going to the Asian server, because that router had the lowest Router ID. Not exactly sure how that makes it much higher than Akamai, but that's what I've seen. -- TTFN, patrick THe question is, what is that some relationship? 80% as good as Akamai? Terrible? Should be much higher than Akamai, since that's not what they're optimizing for. If you want nearest server, anycast will give you that essentially 100% of the time. Akamai tries to get queries to servers that have enough available capacity to handle the load. Since they're handling bursty, high-bandwidth applications, rather than DNS. -Bill
RE: Colo b/w in Australia
Thanks to all the off-list responses. Really insightful. Short summary : 1. IP back to the US is between $300 and $700 (AU) per month per Mbps. 2. Difficult to peer directly with the 4 big ISPs. Easier (relatively speaking) to find multilaretal peering with the 600-odd smaller ISPs. 3. Equinix Sydney comes highly recommended (used to be Pihana). I will happily mail a digest of all responses to anyone interested in the details or horror stories. Thanks again ! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anshuman Kanwar Sent: Monday, August 30, 2004 9:59 AM To: [EMAIL PROTECTED] Subject: Colo b/w in Australia My company will be setting up presence in a colo in Australia, hopefully Sydney. Business is content heavy-ish. Looking for advice on : 1. Transit back to the US ( low [1-5Mbps] initial commit ). 2. Biggest players in the local DSL/Cable/Broadband market and peering with them. 3. Choice and quality of Colo facilities. I have quotes from vendors, am looking for any personal experience / horror stories. Thanks !
Re: IMP #1
### On Wed, 01 Sep 2004 14:47:26 -0700, joe mcguckin [EMAIL PROTECTED] casually ### decided to expound upon Peter H Salus [EMAIL PROTECTED], NANOG ### [EMAIL PROTECTED] the following thoughts about Re: IMP #1: jm I wonder if that was the same IMP that was gathering dust in a corner of the jm student/staff lounge in Boelter Hall at UCLA? I used to see it when I would jm pass by there on my way to the library 20 years ago... I wasn't there back then but at least I found a copy of this network diagram to help me envision it. It would seem to have been made before the days of Visio... |8^) http://www.neebu.net/~khuon/humour/images/1969_2-node_map.gif -- /*===[ Jake Khuon [EMAIL PROTECTED] ]==+ | Packet Plumber, Network Engineers /| / [~ [~ |) | | --- | | for Effective Bandwidth Utilisation / |/ [_ [_ |) |_| N E T W O R K S | +=*/
Re: IMP #1
Jake, The diagram was attributed to Vint Cerf by Alex McKenzie, who allowed me to copy it for Casting the Net (1995). It's on p. 55. Peter
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, Steve Francis wrote: I'm sure there is research out there... Why? :-) Usual - if I build it myself, will it work well enough, or should I pony up for a CDN? Uh, what about that makes you sure that there's research out there? I thought it was standard best practice for availability, like for root name servers. I thought it was not a good closest server selection mechanism, as you'll be going to the closest server as determined by BGP - which may have little relationship to the server with lowest RTT. And the lowest RTT doesn't necessarily have much to do with what's closest. If you want lowest RTT, that's what the DNS client already does for you, so you don't need to do anything at all. -Bill
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, James wrote: Hmm, why not anycast the service/application ips? Having inconsistent DNS info seems like a problem waiting to bite your behind. Which begs the question.. is anyone doing this right now? Yes, lots of people. Akamai is the largest provider of services based on inconsistent DNS that I know of, and they've been doing it for quite a while. They were by no means a pioneer. Many others before them, they might just be one you've heard of. I've been wondering about the potential issues wrt anycasting tcp applications. TCP sessions would be affected negatively during a route change. Yup, which happens about one hundredth as often as TCP sessions being dropped for other reasons, so it's not worth worrying about. You'll never measure it, unless your network is already too unstable to carry TCP flows anyway. This is also ancient history. I and I assume plenty of other people were doing this with long-lived FTP sessions prior to the advent of the World Wide Web. This is the objection clever people who don't actually bother to try it normally come up with, after they've thought about it for a few (but fewer than, say, ten) minutes. -Bill
Re: IMP #1
On 1-sep-04, at 22:40, Peter H Salus wrote: Tomorrow (Sept. 2) it will be 35 years since IMP #1 was plugged in at Len Kleinrock's lab at UCLA. Happy Birthday! Well, one IMP does not a network make... When did they connect the second one?
Re: DNS Anycast as traffic optimizer?
Bill Woodcock wrote: On Wed, 1 Sep 2004, Steve Francis wrote: I'm sure there is research out there... Why? :-) Usual - if I build it myself, will it work well enough, or should I pony up for a CDN? Uh, what about that makes you sure that there's research out there? Oops, sorry, misread the question. I should have said I expect there is research... I was answering why I wanted to know, not why I expect there is research... I thought it was standard best practice for availability, like for root name servers. I thought it was not a good closest server selection mechanism, as you'll be going to the closest server as determined by BGP - which may have little relationship to the server with lowest RTT. And the lowest RTT doesn't necessarily have much to do with what's closest. If you want lowest RTT, that's what the DNS client already does for you, so you don't need to do anything at all. Excellent point, thanks. So there is no need to anycast the DNS servers and rely on BGP topology for selection. Instead use bind's behaviour so that each resolving nameserver will be querying the authoritative nameserver that responds the fastest. If I have inconsistest replies from each authoratitive name server, where each replies with the virtual IP of a cluster colocated with it, I will have reasonably optimised client's nameserver to web farm RTT. Whether that is good for the client, remains to be seen, but it seems to be all that (most) commercial CDNs do. That just makes it too easy Am I missing something else, or is it really that simple to replicate a simple CDN? -Bill
Re: IMP #1
Cc: [EMAIL PROTECTED] From: Iljitsch van Beijnum [EMAIL PROTECTED] Subject: Re: IMP #1 Date: Thu, 2 Sep 2004 01:19:36 +0200 To: Peter H Salus [EMAIL PROTECTED] On 1-sep-04, at 22:40, Peter H Salus wrote: Tomorrow (Sept. 2) it will be 35 years since IMP #1 was plugged in at Len Kleinrock's lab at UCLA. Happy Birthday! Well, one IMP does not a network make... When did they connect the second one? Dunno when they connected the second one, but #10 (Univ of Utah) was connected sometime during the academic year in 1970-71... That's when I was hired as a research assistant to implement some initial RFCs (like FTP...) Regards, Gregory Hicks --- Gregory Hicks| Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3400 San Jose, CA 95134 | Internet: [EMAIL PROTECTED] I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision. - Benjamin Franklin The best we can hope for concerning the people at large is that they be properly armed. --Alexander Hamilton
Re: DNS Anycast as traffic optimizer?
So there is no need to anycast the DNS servers and rely on BGP topology for selection. Instead use bind's behaviour so that each resolving nameserver will be querying the authoritative nameserver that responds the fastest. However, note that only BIND does this. djbdns always selects nameservers randomly and the Windows selection algorithm is somewhat of a mystery. See http://www.nanog.org/mtg-0310/wessels.html Duane W.
RE: IMP #1
Here's the answer, and a photo of the IMP. http://www.lk.cs.ucla.edu/LK/Inet/birth.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Iljitsch van Beijnum Sent: Wednesday, September 01, 2004 6:20 PM To: Peter H Salus Cc: [EMAIL PROTECTED] Subject: Re: IMP #1 On 1-sep-04, at 22:40, Peter H Salus wrote: Tomorrow (Sept. 2) it will be 35 years since IMP #1 was plugged in at Len Kleinrock's lab at UCLA. Happy Birthday! Well, one IMP does not a network make... When did they connect the second one?
Cyclades KVM/Net
If anybody is currently using a Cyclades KVM/Net please contact me off list. Thanks.
Re: IMP #1
Sorry, Karl. IMP #2 went into Englebart at SRI; IMP #3 to UC-Santa Barbara; IMP #4 to University of Utah. That was it in 1969: a four-note ARPAnet. Peter
force10 gear experiences/thoughts/comments
folks, looking to continue the week whichhas beengoing strong so far with no mention of gmail, verisign and bad analogies, i have these questions i'm hoping someone can chime in on: * any good/bad experiences with force10 gear in general? * thoughts on usage in a relatively simple multi-homed bgp environment? * general commercial experience with their sales, support etc? cheers, paul
RE: XP SP2 other than windows update
Steven Susbauer wrote: I hadn't heard they were keeping it off akamai. Me neither. Although I had it for a while I downloaded it from the Microsoft web site again twice today (did not bother to look where it resolved), from home and office, and it came each time in less than 15 minutes for the full network install file. Maybe there's something wrong with the incremental download (which I never use, even for home) but the full download worked full speed for me each and every time I tried. I have heard they're asking ISP's not to mirror it (and any other mirrors), and have shut down bittorrent downloads. That's understandable as they would be blamed if someone downloaded a compromised version (strange how they didn't mind Sp1 mirroring...). I can understand whu also, but it's all over eDonkey though and a little bird has emailed me several working bittorents for it (don't ask me even privately). Purely for educational purposes, I connected to eDonkey and started to download it about an hour ago. Currently I am downloading at 73kBytes/sec from 11 simultaneous sources out of 596 possible ones. http://home.pacbell.net/arn-py/photos/sp2.JPG It's not nearly as fast as downloading directly from Microsoft/Akamai though, but don't tell me that it's hard to get. When the download completes I will do a binary comparison with the one I downloaded from M$. Stay tuned. Bottom line: If you have a dial-up modem it does not matter where you get it from as it will take all night anyway, so get it from Microsoft there are less unknowns about the authenticity. If you have broadband, bittorrents gets nuked all the time and eDonkey is not as fast as Akamai, so also get it from Microsoft also. Michel.
Re: DNS Anycast as traffic optimizer?
On Wed, 1 Sep 2004, Steve Francis wrote: I thought it was standard best practice for availability, like for root name servers. I thought it was not a good closest server selection mechanism, as you'll be going to the closest server as determined by BGP - which may have little relationship to the server with lowest RTT. It'd be nice to see some metrics wither way For anycast within an organisation, it will be as determined by the IGP, not BGP. regards, -- Paul Jakma [EMAIL PROTECTED] [EMAIL PROTECTED] Key ID: 64A2FF6A Fortune: Genius, n.: A chemist who discovers a laundry additive that rhymes with bright.