Re: no whois info ?
On Sun, 12 Dec 2004, Janet Sullivan wrote: > I'm confused. You never try to contact the owners of a domain which > appears to be the source of abuse, but insist that domains can't be > anonymous? All rhetoric aside, this appears to be a question of what it means to have a domain. Once upon a time, domain names were (somewhat) hard to get, and were given to organizations important enough to merit Internet connectivity (which was also somewhat hard to get). If you saw abuse coming from somewhere, you could look at the host the abuse was coming from, find the contact information for their domain, and contact their employer's or university's IT department to complain. To make matters even easier, the Internet was small enough at that point that dealing with such complaints wasn't all that overwhelming. That was ten or fifteen years ago. Now, domain names can be gotten by anybody with a few dollars, and having your own domain name is required if you want to be able to take your e-mail address with you when switching e-mail providers. Since lots of people want their e-mail addresses to be portable, there are lots of domains out there. I don't have actual stats on this, but I'm guessing that the percentage of domains that have hosts in them, and are therefore capable of being the source of abuse, is probably pretty small. A domain name is therefore now more like a phone number. Perhaps this is a mistake. Perhaps domain names are far too important to be wasted on individual conveninece. But if so, we're several years too late for that argument to be very useful. At this point, IP addresses tend to be a much better identifier of the party responsible for a network user than their domain name. If you're looking for a useful contact to talk to about a network problem, rather than some poor end user to harrass, you're probably much better off contacting the ISP or organization and that contact information is far more likely to be associated with the IP address than the domain name. Of course, there's also the question about whether the listed contact information on a static IP address should be the ISP's or the end user's, but that's much better discussed on the ARIN public policy mailing list and its equivalents than here. My question at this point is whether contact information for domains (or at least, for domains which aren't themselves criticial infrastructure) has any useful purpose at all. Domains without hosts in them aren't going to have technical problems (unless the lack of hosts is itself a technical problem) or abuse problems (except in terms of forgeries, which are really somebody else's problem). Domains with only an MX record strike me as the responsibility of whoever is providing the MX or DNS service. Domains with actual hosts in them are probably the most similar to the domains of a decade ago, but even there the IP addresses involved may be a better indicator of who to talk to about things. -Steve
RE: New Edge Brokenness?
We have seen a few strange drop outs, nothing I could put my finger on but enough to be annoying. Eric Eric Kagan Access Northeast 508-281-7600 x204 [EMAIL PROTECTED] > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jason Slagle > Sent: Saturday, December 11, 2004 11:49 PM > To: [EMAIL PROTECTED] > Subject: New Edge Brokenness? > > > > > Has anyone else noticed an increase in layer 3 downtime in newedges > network since the "big meltdown"? I'm now losing > connectivity several > times a day, and only layer 3. Attempts to go through the > normal support > channels have resulted in runarounds and layer one/two tests. > > Jason > > -- > Jason Slagle - CCNP - CCDP > /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > . . . . . . > \ / ASCII Ribbon Campaign . > X - NO HTML/RTF in e-mail . > / \ - NO Word docs in e-mail . >
Re: (newbie) BGP For Dummies?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To my mind, John Stewart's "BGP4: Inter-Domain Routing on the Internet" is the best networking book ever. Unfortunately, it is also one of those books (just like "A Brief History of Time) that one leant is never returned. I must have bought around 10-12 copies of it by now. It is well written, concise (around 150 pages) and deals with real world scenarios. I strongly recommend it, Warren. - -- Never criticize a man till you've walked a mile in his shoes. Then if he didn't like what you've said, he's a mile away and barefoot. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iD8DBQFBvQJAHSkNr4ucEScRAuTLAJ9R98NhpIzg5QZHUL0/xN0BZ7suewCfQNrs TPiA2myhTI9XNLV0QlaQccc= =TuYo -END PGP SIGNATURE-
Re: no whois info ?
Rich Kulawiec wrote: And the other side of it is: I don't think an Internet with anonymous people controlling operational resources is workable. OK, how many anonymous domains (ala domainsbyproxy) have you been unable to contact? I *never* attempt to contact the owners of a domain which appears to be the source of abuse, anonymous or otherwise. I'm confused. You never try to contact the owners of a domain which appears to be the source of abuse, but insist that domains can't be anonymous?
Re: Halo 2 and broadband traffic
Bob Snyder wrote: And oddly enough, Sandvine offers a box that does this! :-) They're jumping on the press coverage of Halo 2 to try and raise awareness of their product line. Not that what's being said doesn't have merit, but it's definately a PR push, and definately not a "End of the net predicted, film at 11" moment. To quote Daniel Golding from a few months ago, one of my favourite ones: It has become trendy, in some circles, to lament the Internet's poor performance/congestion/non-deterministic nature/lack of security/. After firmly denouncing the Internet, the company or individual then touts their product, which will fix/replace/augment the Internet. It's somewhat longer road without making the tabloid headlines, but I'd be happy to introduce interested parties to solutions we feel are elegant and seamlessly fit operational practises of ISPs. Pete
Anyone holding pre-Route Views RIBs?
Looking for "show ip bgp" or mrt format RIB files from prior to November, 1997, for academic research. Thanks! Tom
Re: no whois info ?
Rich, You have an opinion, but I'm unable to detect a basis for that opinion. Allocations of string-space do not give rise to control over any resource other than (conditionally) the string. Publication of association(s) between strings and addresses, as well as the formation of an association subject to a publication policy, involves zero or more parties other than a "registrant", and there are several orders of magnitude fewer entities other than "registrants" that participate in address association and association publication. It wouldn't hurt you to read our spec, if only for the nomenclature. If you read some EU data directives, so much the better. You may want to look at the whois policies of the RIRs and some of the ccTLD operators. See also http://www.imc.org/ietf-whois/mail-archive/msg00218.html and rfc3912 Eric
Re: (newbie) BGP For Dummies?
I recommend such thing (remembering, how we learned BGP ourself many years ago, and then participated in edition of the book about BGP). But it all depends of complexity. 2 uplink multihome site - simple case; 100 node backbone with reflectors and private AS-es - another one. > > On Fri, 2004-12-10 at 21:35, David E. Smith wrote: > > "Hi, long-time listener, first-time caller..." > > > > Can anyone recommend a good forum for BGP questions? I've got my copy of the > > O'Reilly book handy, but having never really worked with BGP before, I find > > it's not really the best novice-level work. > > Within the E-Next network of excellence, we organised two weeks ago a > two-days tutorial on BGP. This tutorial assumes that the attendees have > a basic understanding of IP routing works but no prior knowledge of BGP > is assumed. The tutorial has a theoretical part covering the behaviour > of the BGP protocol and a practical part with the C-BGP simulator > (http://cbgp.info.ucl.ac.be) whose syntax is close to Cisco routers. > > Upon request from some attendees of the tutorial who intend to deliver > BGP courses within their universities, we have released all the training > material under a creative commons licence, see : > http://totem.info.ucl.ac.be/bgp.html > > Suggestions and comments on improvements to this training material are > welcome > > Best regards, > > Olivier Bonaventure > -- > CSE Dept. UCL, Belgium - http://www.info.ucl.ac.be/people/OBO/ >
Re: The Cidr Report
[This was started last month. been a little busy. unsuprisingly I only had to *add* an incident and it still works.] On Fri, Nov 12, 2004 at 02:47:30PM -0800, Randy Bush wrote: [snip] Yes it means what you think. No, I don't see anyone giving a rat's patootie about aggregation. I was starting to think I was the only one still reading the reports. Had a half-written rant each time interesting events happened, just been too busy. In recent months: - on the 4th->5th of November, the (reported) table bloated by ~9k pfefixes overnight. not an eyebrow raised. - when the table bloated over 140k, just this last July, the report was hosed at the end of a cycle obviously hit its own MAXINT. Not a comment from regular report readers, nor even a mocking Nelson "Ha-Haw" post by those taking the actions. - this month, another knee was at 150k [Dec 4th] and similarly garbled results came out. Again, no response. ...in this one year we've seen the shape of the climb return to the curve characterized by two years 99-01. Going for e? I'm not quite sure what the current point of the report is if no-one responds to even it breaking. I never saw a single post following up to to the actual purpose and policy issues from October's "aggregation & table entries" thread. Other than the specifics of multihomed customers and RPF issues, my point about segregation of internal and externaal policies and the reflection in the "announce used" vs "announce allocated" was neither agreed, refuted, nor even commented further. I have seen deaggregators claim 'security' [shred the routing table in response to windows worms scanning their classical-B], or assume that if Some Other Company can base their entire business plan on moving the costs of 'optimized' deaggregation onto the global community (beyond their providers), then why can't they. When I'm feeling conspiracy-minded, it seems that those of a certain size are trying to squeeze the smaller folks out of the business by encouraging the behavior of bloat. But then I correct the angle of my tinfoil beanie and realize they are just lazy. Their laziness does directly cost any newly-multihoming enterprises; some of the networks who are contributing to the garbage still tell customers that full tables will fit into 128M on a cisco. (eg, http://www.sprintlink.net/support/bgp_request.html) It is disappointing and frankly I can't see a way past it. When 2914 finally slid down to the lowest common denominator, the last 'big stick' was gone. 1239 is unapologetically violating their own customer bgp policies in this regard (point 9 on http://www.sprintlink.net/policy/bgp.html). The list goes on and on. Otherwise reasonable people have refuted logic and claim adding more data into the system doesn't increase churn effect and thereby degrade stability. Control theory and structured programming be damned, they say "it hasn't melted yet." Perhaps they want to see if they can make Metcalfe's predict come true, just 10 years too early? The baseline expectation is that the DFZ carries rechability data. Any more-specific data of interest is exchanged between parties who want it, request it, or pay for it. "Being conservative in what you send" also applies to anticipating *others* not being liberal in what they receive. There's a whole lot of non-conservative senders out there, and when they have reachability problems of their own making, with simple and trivial fixes if they had only thought things through in the first place, they have no-one but themselves to blame. Those believing otherwise are encouraged to send real, hard data. There is no meaningful data I can find since the Bellovin/Bush/ Griffin/Rexford 2001 paper. Joe -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
Re: no whois info ?
I'm going to try to keep this short, hence it's incomplete/choppy. Maybe we should take it to off-list mail with those interested. On Sat, Dec 11, 2004 at 10:06:10PM -0700, Janet Sullivan wrote: > Great! So, if you are a vulnerable minority, don't use the internet. I said precisely the opposite. This _in no way_ prevents anyone from doing things anonymously on the Internet: it just means that they can't control an operational resource, because that way lies madness. And anyone who *is* a vulnerable minority should avoid doing this (that is, deliberately exposing themselves by controlling an operational resource) at all costs, because it self-identifies and instantly compromises the very privacy they seek/need/want. This doesn't stop anybody from doing anything they want online -- *except* controlling those resources, which is, like I said earlier, is one of the very last things they should want to do if they're truly concerned about their privacy. And the other side of it is: I don't think an Internet with anonymous people controlling operational resources is workable. > OK, how many anonymous domains (ala domainsbyproxy) have you been unable > to contact? I *never* attempt to contact the owners of a domain which appears to be the source of abuse, anonymous or otherwise. It's a complete waste of time. I use the means at my disposal to ascertain whether it's really them (which, 99% of the time, is blindingly obvious) and then act accordingly. In the remaining 1% of the cases, where substantial doubt remains, I note it and await further developments. Sometimes those further developments include reports/claims of joe-jobs; sometimes they include clinching proof (either way) that eluded me; sometimes they're not forthcoming for a very long time. So be it. But I learned long ago that (modulo some very rare cases) the only thing that can come out of contacting said domain owners is possible disclosure of the means by which the abuse was detected, and the fact that it _has_ been detected, and that's not a good thing. > But, I get less spam, and MUCH less snail mail, with anonymous registrations. Today, perhaps. Do you really think it's going to stay that way? Surely you must know that eventually the spammers WILL get their hands on your "private" domain registration data, WILL use it to spam -- and oh-by-the-way will also make a tidy profit doing a side business in selling it to anyone with cash-in-hand? C'mon, these are people with bags of money to spend. Do you *really* think that the underpaid clerk at J. Random Registrar is going to turn down $50K in tax-free income in exchange for a freshly-burned CD? And of course, once the data's in the wild, it's not like those who are selling it will balk at providing it to customers who have serious axes to grind. Or if you want to believe in the fiction of 100% trustworthy registrars, what happens when one of their [key] systems is zombie'd? Or when somone figures out how to hijack one of the data feeds and snarf all the brand-new domain data as soon as it's created? There is a market for this data. Therefore it will be acquired and sold. And attempts to maintain the pretense that it's otherwise -- while no doubt inflating the profits of those peddling "anonymous" registration -- are disengenuous, and in the long run, potentially very damaging, with the extent of the damage perhaps proportional to the degree on which people rely on it. (More bluntly: some people are going to be burned very badly by this. And the subsequent inevitable litigation won't undo it.) > I agree. But why should it matter if you know the name of the person > controlling an operational resource if they are responsible net citizens? Maybe, but I think where we differ is that I strongly believe that responsibility (for operational resources) _requires_ public identification. [ Oh: please note: content is not an operational resource. F'instance, I have no problem, for instance, with someone running a blog anonymously. I have a serious problem with someone running a network anonymously. ] ---Rsk
Re: verizon.net and other email grief
Reply (*long* reply) being sent off-list. If anyone else wants to see it, rattle my cage. ---Rsk
Re: (newbie) BGP For Dummies?
Try: http://www.itprc.com/routing.htm Look under the "BGP" sub-heading for links to a lot of info. Irwin > From: "David E. Smith" <[EMAIL PROTECTED]> > Reply-To: <[EMAIL PROTECTED]> > Date: Fri, 10 Dec 2004 14:35:34 -0600 > To: <[EMAIL PROTECTED]> > Subject: (newbie) BGP For Dummies? > > > "Hi, long-time listener, first-time caller..." > > Can anyone recommend a good forum for BGP questions? I've got my copy of the > O'Reilly book handy, but having never really worked with BGP before, I find > it's not really the best novice-level work. > > (Or, if questions about weird inter-AS routing scenarios are on-topic here, > I'd > be glad to bounce my problems around on NANOG.) > > Thanks! > > David Smith > MVN.net >
Re: no whois info ?
--On 11 December 2004 12:07 -0500 Rich Kulawiec <[EMAIL PROTECTED]> wrote: I don't want to turn this into a domain policy discussion, Ditto. I'd add one thing though: allowing anonymous registration is not necessarily the same thing as allowing all details of registration to be publicly queryable under all circumstances. In any case (whether happily or sadly) local laws can often get in the way of total openness. The operational aspect of this I think is as follows: if an operator had a problem with a network endpoint in 1995, then there was a good chance whois would reach someone clueful, as the majority of network endpoints were clueful (for some reading thereof); hence whois was useful for network debugging. In 2004, I'd suggest the wider penetration of the internet means whois on its own is not a useful operational tool any more. Even whois -h rir is becoming less useful, and to an extent whois . The argument for people not wanting to put personal information up on domain name registrations is I'd have to say a little similar to the reason some providers don't like having their (true) NOC number on whois ; i.e. they don't want junk calls. Which leaves you in essence with hop-by-hop debugging according to peering agreements. Or "is anyone here from $provider" messages. Alex
Re: no whois info ?
On Sun, 12 Dec 2004, Janet Sullivan wrote: > william(at)elan.net wrote: > > > It matters if we're talking about Tom, John or Susan working for some > > commercial company and contacting me as part of the activity of that > > entity, in that case I'd like to know about the domain and don't want > > to see its whois data hidden. > > I find it somewhat amusing that the whois record for elan.net refers to > a hostmaster role account and a P.O. Box. ;-) That PO Box is registered to the company and as such you can request from USPS a copy of the registration and will find current office address and contact name. Note that if PO Box is used by individual than the address and name are kept confidential unless that individual indicated he's going to use PO Box for business activities. The rules about privacy of information on PO Boxes pretty much supports what I wrote, so thank you for giving me a chance to show our own practical example :) > I do agree that a "one size fits all" rule rarely fits all situations. > Do I support anonymous registrations for non-commercial sites as long as > they can still be contacted? Yes. Do I support them for large > corporations? Not necessarily. Do I support the right of end users to > filter their mail any way they choose? Sure. Do I support the right of > a provider to filter their user's mail any way they choose? Not > necessarily. The last one is same as previous one - you have chosen your provider and as such there is a contractual relationship for getting these services if you do not believe the services meet your needs, you find another provider, So its all the same and is basicly the right of the user to choose how his/hers email would be filters and that maybe direct choice of exactly which mail filters are to be used or it maybe a choice of which company would filter the email or all of that maybe outsourced to ISP. > Unfortunately, there isn't a perfect way to tell if a site is commercial > or not by it's domain name. If somebody sends me an email with morgage offer, I consider it to be a commercial email and expect to come registered mrtgage broker with publickly known address. Same for almost all other offers you receive by unsolicited email. > To me, a false positive is worse than spam getting through. I realize > other people have other opinions. I just don't want to see wide spread > filtering of mail from anonymous (ala domainsbyproxy) whois records. I note that I did not suggest that nor do I see any easy way to implement it (because godaddy has one of the most stict rules about limiting access to whois by automated means). My current project goal is to only use use internic whois data (which means no registrant's or contact names or addresses) and only use it to stop use of domains where registrar has put a hold status on it or where the domain registrations it too new to be in whois (and email would not be denied but simply postponed until more information is known about the registrant and registrar had a chance to decide if their new domain and its use are in violation of their policies or not). The goal is to combat through-away domains and force spammers to use well known names that can be traced to them and their business activities. Then legal and other pressure can be applied to those known business entities to stop their abuse of email infrastructure. -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: no whois info ?
william(at)elan.net wrote: It matters if we're talking about Tom, John or Susan working for some commercial company and contacting me as part of the activity of that entity, in that case I'd like to know about the domain and don't want to see its whois data hidden. I find it somewhat amusing that the whois record for elan.net refers to a hostmaster role account and a P.O. Box. ;-) I do agree that a "one size fits all" rule rarely fits all situations. Do I support anonymous registrations for non-commercial sites as long as they can still be contacted? Yes. Do I support them for large corporations? Not necessarily. Do I support the right of end users to filter their mail any way they choose? Sure. Do I support the right of a provider to filter their user's mail any way they choose? Not necessarily. Unfortunately, there isn't a perfect way to tell if a site is commercial or not by it's domain name. To me, a false positive is worse than spam getting through. I realize other people have other opinions. I just don't want to see wide spread filtering of mail from anonymous (ala domainsbyproxy) whois records. I feel it damages an important part of the internet with little long term benefit.
Re: (newbie) BGP For Dummies?
On Fri, 2004-12-10 at 21:35, David E. Smith wrote: > "Hi, long-time listener, first-time caller..." > > Can anyone recommend a good forum for BGP questions? I've got my copy of the > O'Reilly book handy, but having never really worked with BGP before, I find > it's not really the best novice-level work. Within the E-Next network of excellence, we organised two weeks ago a two-days tutorial on BGP. This tutorial assumes that the attendees have a basic understanding of IP routing works but no prior knowledge of BGP is assumed. The tutorial has a theoretical part covering the behaviour of the BGP protocol and a practical part with the C-BGP simulator (http://cbgp.info.ucl.ac.be) whose syntax is close to Cisco routers. Upon request from some attendees of the tutorial who intend to deliver BGP courses within their universities, we have released all the training material under a creative commons licence, see : http://totem.info.ucl.ac.be/bgp.html Suggestions and comments on improvements to this training material are welcome Best regards, Olivier Bonaventure -- CSE Dept. UCL, Belgium - http://www.info.ucl.ac.be/people/OBO/
Re: (newbie) BGP For Dummies?
>> There was excellent docuent on Cisco (better than book). I can search for >> it, if you want. >> > >This one is not too bad .. >Practical BGP (Russ White, Danny McPherson, Srihari Sangli) >http://www.amazon.com/exec/obidos/tg/detail/-/0321127005/103-1122659-1873401?v=glance > I have two books that I'm quite fond of: BGP4: Interdomain Routing in the Internet, by John W. Stewart Internet Routing Architectures, 2nd Edition, by Sam Halabi I found both books to be extremely helpful. Regards, John --
Re: no whois info ?
On Sat, 11 Dec 2004, Janet Sullivan wrote: > Rich Kulawiec wrote: > > > 1. Anyone controlling an operational resource (such as a domain) can't > > be anonymous. This _in no way_ prevents anyone from doing things > > anonymously on the Internet: it just means that they can't control an > > operational resource, because that way lies madness. > > As long as that person is contactable, why should it matter if they are > anonymous? If you get a quick response to > [EMAIL PROTECTED], does it REALLY matter to you if the > person's name is Tom, John, or Susan? > > There seem to be two definitions of "anonymous" floating around here. > One seems to equal "no working contact information", and one seems to > equal "private registration ala domainsbyproxy.net". I can understand > why people might want to take non-existent whois records into account, > but I just don't see the argument against anonymous records. It matters if we're talking about Tom, John or Susan working for some commercial company and contacting me as part of the activity of that entity, in that case I'd like to know about the domain and don't want to see its whois data hidden. Same goes for ip block data used by commercial companies - I do not agree with having this data be hidden or not listing use/allocation of the ip block to some company. So my view of it is the same as current practice and laws (at least in US) which require business (including DBA) registrations in county/state registrar and requirying and making public corporate records, including address of the company and list of its officers. -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: (newbie) BGP For Dummies?
Here is it: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml Very good document.
