ML Admin Panel
you may remember that steve gibbard asked to step down from the nanog mailing list admin panel. two weeks ago, the steering committee, with the ml panel, issued a call for volunteers to replace steve. the deadline was today. there were four volunteers, all of whom deserve our thanks for offering to serve, and in a difficult and rarely pleasant role at that. they were David Barak <[EMAIL PROTECTED]> Marlon Borba <[EMAIL PROTECTED]> Josh Richesin <[EMAIL PROTECTED]> Stephen Wilcox <[EMAIL PROTECTED]> the sc invited the ml panel to our semi-weekly conference call to get their input on the candidates. all ml panel attended except one. the ml panel then left the call, and the steering committee discussed qualifications in general (see appended), the candidates, the ml panel recommendations, and made our decision. stephen wilcox has been asked to serve on the ml admin panel replacing steve gibbard. stephen, thanks for volunteering. the sc, and probably nanog as a whole, deeply appreciates the willingness of all of the volunteers to serve. we hope those not chosen will come back next time. considering the onerous nature of the job, this may be sooner than we all might wish. and steve gibbard, you have been a hero. you were a calm and helpful presence in the nanog evolution process, and then worked long and patiently on the ml panel. we all really owe you deep and wide thanks for your work. randy, for the sc --- interesting and relevant excerpt from the *draft* minutes of today's sc conf call o ML Panel Candidate choice after ML Panel left call It was discussed whether the position should be filled by someone from other than North America. It was generally felt that NANOG is open to all and all should be able to be represented. All should be encouraged to participate in all committees and be judged on the merit of their contributions not where they reside. There was discussion of whether such positions should require having attended NANOG meetings, but rather be on merit and contribution to and understanding of the culture. -30-
Re: [Latest draft of Internet regulation bill]
On Thu, 17 Nov 2005, Stephen Sprunk wrote: > Other than references to spam and a couple other minor things, there's a > remarkable lack of discussion of content, either good or bad, in this draft. > If anything, this appears to be the exact opposite of what SBC et al want. > Given all the fuss about content and access to eyeballs, I'm actually pretty > shocked about the complete turnaround here. Maybe previous drafts got too > hot a reception? Be careful what you ask for, you might just get it. Some people think the carriers make more money when customers use the network more, even if the user didn't intend to use the network a lot. Abuse departments and policing users costs money. If they had the legal cover of law prohibiting them from interfering with customer content, would the carriers just fire their abuse departments and charge customers for the bandwidth they use, regardless of the content? If your computer gets infected and starts spewing terabytes of traffic a month, will the carrier send you a bill at the end of the month for 10 Terabytes used, please pay $1,000,000? If your computer marked the packets as DSCP EF, could the carrier charge you a premium fee for those packets even if your computer was infected? If the law prohibits carriers from interfering with customer content, will the carrier just sit back and bill customers for bits regardless of what's in those bits? In the telephone world, if a phreaker breaks into a PBX and makes lots of toll phone calls, the PBX owner has to pay for the calls. Is Vint Cerf willing to take the bad, as well as the good from the telephone world? ISP terms of service are mostly about things ISP's don't permit customers to do, even if a legislature has not yet written specific laws prohibiting it. ISP terms of service have grown over the years in response to customer complaints about other users' activities.
RE: What do we mean when we say "competition?"
> So... Microsoft has a monopoly on Windows and the basic OS costs > you $299 with virtually no server capabilities. > > In the POSIX-style OS world, where you have multiple competitors, > prices range from $0 to $179. Either these products are comparable or they are not. If they are comparable, then Microsoft has no monopoly and the prices are low, as low as $0. If they are not comparable, then the fact that one is cheaper says nothing. > True, but, this one does. There are multiple ways to skin a cat, > and, multiple versions of Windows pricing. Any way you slice it, > MicroSoft remains the most expensive OS in the market. > Everyone elses OS prices have come down since the days of Win 3.1, > Microsoft's have gone up (about 600% -- $49 to $299). Which proves that Microsoft has been *unable* to keep prices high. OS prices have fallen despit Microsoft's effort to keep prices high. > > Microsoft hardly has a monopoly on servers. If their > > prices are too high, use something else. > Microsoft has a monopoly on Active Directory servers. > Microsoft has a monopoly on Exchange servers. > > If you are unfortunate enough to need either of these things > (I thank my lucky stars every day that I am not), you have to > buy them from Micr0$0ft. Every company has a monopoly on its proprietary technologies. If you need either of them, thank your lucky stars Microsoft makes them available to you. > Agreed. Instead of granting further monopoly positions and first-arrival > advantages and again allowing the first provider into the market to > prevent all future comers, let's avoid the fight and separate the > LMI from the overlying service. Except it may be that the right and best business model is combined LMI and overlying service. It may be that some infrastructure is too expensive to provide without the added revenue from an overlying service monopoly. What is your solution to that problem? Subsidy? Or live without? > If you limit it to the scope I speak of, you are limited to an area where > very little innovation has occurred in the last 50 years, or, is likely to > occur in the next 50. Category 3 UTP hasn't changed in more than > 50 years. > Fiberoptics date back to the 1840s with singlemode being > introduced in 1961 > and adapted for telecommunications in 1966 and it's current form being > perfected around 1970. 75 ohm TV Co-Ax has also been pretty standard > for a very long time (RG58 is, I believe, the most common) I think this is a deceptive argument. There has been lots of innovation in last miles. Fiber to the home, IP over powerline, wireless, over cable, via satellite, and so on. A subsidized way of doing the last mile could damage this innovation. And I don't think you can regulate without subsidizing. (See my other posts for the arguments why regulation will compel either subsidy or shortage.) > Given universal household access to singlemode, UTP3, and RG58, I don't > believe > there is a single terrestrial facilities based communications service > available > today that would be impossible (obviously, the current cost of > DWDM hardware > and supporting backbone equipment makes OC-192 to the home impractical > today, > but, not impossible given the facilities above). And if you decide that what we have today is good enough and compel or subsidize it, then there will be no reason to develop newer technologies. This is looking at where we are and ignoring how we got here. > I cannot deny that there is a possibility someone will come up with some > super-innovative media for terrestrial facilities-based transmission, but, > I can say that there is very little effort being put into such research > at this time because single-mode fiber is so economical at this point that > nobody really feels there is a need for or significant benefit to such > an improvement. Were a compelling new media to come along, I'm sure that > someone would deploy it. If it's so economical, why can't five companies bring it to my house? How can you argue it's super-economical and a natural monopoly because of expense at the same time? How do you know that the alleged natural monoply isn't a technical problem with a solution around the corner? > Bottom line, we have achieved market competition and fair access to all > other portions of the network. LMI at layer 1 has proven to be the sticky > wicket that remains a natural monopoly no matter how hard we try to change > that. As such, I think it is time to accept the fact and deal with it > accordingly, instead of continuing to allow it to preserve destructive > monopolies in other areas. In other words, single-mode fiber to the home is *NOT* so economical. It is funny how the advocates of regulation always have to argue both sides of every issue to try to find some traction. "Monopoly means higher prices." But the prices are lower. "Well then, monopoly means lower price
Re: [Latest draft of Internet regulation bill]
Thus spake "Christopher L. Morrow" <[EMAIL PROTECTED]> On Thu, 10 Nov 2005, Blaine Christian wrote: Since port 80 and port 25 are lawful services everyone offering broadband will have to drop filters and provide full routing! Can you hear me now? Why yes, port 80 and port 25 are open, of course I can hear you. Interesting, the filtering in question (for uunet atleast, SBC is in a slightly different position) is put in place at request of the customer, who might be 'protecting' their customer (radius port 25 filtering). I wonder who's responsibility this situation covers? ---snip- SEC. 104. ACCESS TO BITS. (a) DUTIES OFPROVIDERS.—Subject to subsection2 (b), each BITS provider has the duty—3 (1) not to block, impair, or interfere with the4 offering of, access to, or the use of any lawful con-5 tent, application, or service provided over the Inter-6 net;7 --end snip Section 104(b)(1)(B) certainly allows blocking as long as the consumer is provided clear notice and a means to either refuse or disable such. I really doubt you'll find many consumers that would refuse virus or spam protection, but as long as there's a way to turn it off, it seems fine to have it on by default. And, if that's not enough, right below that we see: SEC. 104. ACCESS TO BITS. ... (b) PRESERVED AUTHORITIES.—Notwithstanding paragraphs (1) and (2) of subsection (a), a BITS provider is permitted to— ... (2) take reasonable measures to— (A) protect the security and reliability of its network and broadband Internet transmission services; or (B) prevent theft of BITS or other unlawful conduct; or A reasonable reading of that section says that a provider could, even without customer consent, block spam, worms, virii, etc. since they arguably constitute theft of services and/or impinge upon the security and reliability of the network. I'm curious what would happen if an ISP tried blocking P2P apps under that section, however. Sure, a lot of it's illegal, but not all of it. Could "gross overuse of bandwidth" be considered a threat to the network's reliability, or would the statement of minimum capacity required in Sec 104(b)(1)(A) mean the ISP can't complain about how the customer uses their bandwidth? The courts will have fun with that one. What about outside the boundaries of the USofA? Hrm... good thing all that legislation we put in place is cleaning up the 'bad content' all over the Internet... Wait, it's not :( Legislation isn't the answer to this problem, unfortunately the gov't hasn't realized this completely :( Other than references to spam and a couple other minor things, there's a remarkable lack of discussion of content, either good or bad, in this draft. If anything, this appears to be the exact opposite of what SBC et al want. Given all the fuss about content and access to eyeballs, I'm actually pretty shocked about the complete turnaround here. Maybe previous drafts got too hot a reception? Oh, did anyone notice that Sec 103(a) requires interconnection? No more Level3/Cogent style issues, hopefully. Of course, since everyone is now _required_ to interconnect either directly or indirectly with everyone else, the "negotiation" will be a bit more interesting since nobody is allowed to walk away from the table. That doesn't sound good for prices... On the plus side, the requirements for processing complaints to the FCC and PUCs and other consumer protections will be nice, and it seems fairly tough for the FCC to revoke a registration if the ISP is even reasonably competent. I can't follow a lot of the privacy protection stuff, but it appears to prohibit my ISP from sniffing my traffic and selling the info to someone else or using it for marketing, which is probably bad news for GoogleNet. That's nice for me, but I'm sure there's a loophole I can't see. The mandated ISP access to ROW is a very interesting twist, one which I hadn't expected at all. It appears, however, that only electric utilities have the right to refuse access for capacity or safety reasons -- does that mean if I want to lay fiber in the ILEC's pipes, they have to make them bigger if there's not enough room? Odd that they singled out electric utilities there. I'm also curious why the FCC is given specific permission to recognize relevant standards bodies, e.g. the IETF. Do they not have the power to do so otherwise? Preempting state prohibitions on public carriers is interesting -- hopefully we'll see a lot of those emerge in states (like mine) that currently ban them. Last (I swear), the definition of BIT/BITS/etc seems to cover any public network using IP, which is misleading since people wouldn't naturally think that anything from dialup to OC192 transit to colo is "broadband". Is that just a gratuitous word here to make a funny acronym? S Stephen Sprunk"Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themse
Network Access Solutions -- Anything left of them
Does anyone know if there is anything left of Network Access Solutions (NASC.OB)? I know DSL.NET bought their DSL customer base, but are they still around doing something else?
Re: Someone from nic.net registrar please contact me off-list
Hannigan, Martin wrote: You know, if people are going to post here as a paging service, it would be nice to put some indication as to why - perhaps the rest of us can assist more quickly? 9 times out of 10 we can since it's usually operator/user error and not necessarily the providers issue. At least that's my experience with "$doofus to the white lobby phone". YMMV. -M< Hi, Sorry, I know nanog is not a paging service... The indication I can give is: we were locked outside of their website, couldnt log in, they didn't reply to our emails, and when I called them (a few international calls, several days), the answering system said their customer care center was closed. Since it is a very specific issue, regarding their own system, and not network/infrastructure trouble, I omitted the details. I decided to mail nanog as a last resort because I really hope that there is someone listening. Interesting enough, one of our folks found out that you can skip their failure someway by indicating you want to buy a domain, not log in... then the system asks you if you got an account and bingo ;) The normal login procedure, however, used to give us coldfusion errors and now gives us 404 errors. Sincere apologies, and I hope you understand the situation. Kind Regards, Evaldo Gardenali
Re: IAB and "private" numbering
On Thu, 17 Nov 2005 17:44:10 +0100 Daniel Karrenberg <[EMAIL PROTECTED]> wrote: > On 15.11 07:38, Mark Smith wrote: > > > > RFC1627, "Network 10 Considered Harmful (Some Practices Shouldn't be > > Codified)" and RFC3879, "Deprecating Site Local Addresses" provide some > > good examples of where duplicate or overlapping address spaces cause > > problems, which is what happens when different organisations use RFC1918 > > addresses, even if they aren't connected to the Internet. > > This is practical engineering, not theoretical science. Practical > engineering is about *trade-offs*. > All I know is that I've had bad experiences with duplicated or overlapping address spaces. One particularly bad one was spending two months developing templates for combinations of NAT / NAPT for Internet / VPN access (e.g. NAT to Internet, not VPN; NAT to VPN, not Internet; NAPT to Internet, NAT to VPN, different "to" address spaces for NAT to the Internet and NAT to the VPN etc. etc.). In addition to developing these solutions I also sat scratching my head for two months asking "why not just give them public address space, restoring uniqueness to their addressing, so I can work on improving the product rather than just developing work arounds ?". Spending time on work arounds, as well as building protocol and other limitations into the network that will be encountered in the future, isn't a good trade-off in my opinion. Regards, Mark. -- "Sheep are slow and tasty, and therefore must remain constantly alert." - Bruce Schneier
Re: Issue AS and Subnet Announcment on BGP - Conflict with a major TelCO - 30h+ of route flapping unresolved
At 05:57 AM 18/11/2005, Jeroen Massar wrote: Geoff Huston wrote: > > Normally I'm rather loathe to send urls around - but in this case you > may find this APNIC work directly relevant to what you are asking for: > > http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf It's really good to see this taking off in the APNIC region, but the big question: is there any movement in RIPE and ARIN!? Well the 'standard' answer is that the way to get your RIR to commit to a service is to actively advocate in the relevant forums in your local region that this is an important member service that needs some level of priority in terms of work schedules. However, it's also the case that this particular item has already attracted some detailed attention across the RIRs and there is considerable levels of liaison within the RIR's based around APNIC's committed schedule of activity. So if the regional policy forums say "its a good thing to do" and the RIR members say "yes, its a really good thing, lets do it" then doubtless you will see schedules and deliverables from all RIRs in relatively short order. So, as with any membership-based organization, its a two-way thing - the members have to also play their part in saying loudly and clearly what they want in terms of services. A joint effort for this would be nice and also allow testing across the world. Also if the certs are deployed in APNIC I am sure that quite some ISP's on this side of the planet want to verify what is getting announced what they don't want to see ;) I found that the sig-ca mailinglist is a closed list. We are certainly not planning for such a restricted outcome, and we at APNIC would definitely like to see this as a complete service across all RIRs, of course. regards, Geoff
Re: Issue AS and Subnet Announcment on BGP - Conflict with a major TelCO - 30h+ of route flapping unresolved
Geoff Huston wrote: > > Normally I'm rather loathe to send urls around - but in this case you > may find this APNIC work directly relevant to what you are asking for: > > http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf It's really good to see this taking off in the APNIC region, but the big question: is there any movement in RIPE and ARIN!? A joint effort for this would be nice and also allow testing across the world. Also if the certs are deployed in APNIC I am sure that quite some ISP's on this side of the planet want to verify what is getting announced what they don't want to see ;) I found that the sig-ca mailinglist is a closed list. Greets, Jeroen PS: For people who didn't see it yet "BGP - The Movie" @ http://www.apnic.net/news/hot-topics/index.html#history signature.asc Description: OpenPGP digital signature
Re: the future of the net
On Nov 17, 2005, at 12:25 PM, Jeff Rosowski wrote: Oh, the irony - all I get is: Linux Journal Is Currently Unavailable Due to a Denial of Service (DoS) Attack Sorry for any inconvenience. I suppose the bells and the cable providers are DOS'ing them . BTW, it is STILL not clear to me that Vint is referencing the current HR draft. He may have been addressing an earlier version. If anyone knows for sure what draft he is referring to that would be helpful. Regards, Blaine
RE: the future of the net
On Thu, 17 Nov 2005 [EMAIL PROTECTED] wrote: > > > > That's intriguing ... > > Translation: "Linux Journal has been linked to by Slashdot." It took forever for me to pull up the article in Mozilla, but it came up fine otherwise. I'm sure they did get slashdotted. -- Steve Sobol, Professional Geek 888-480-4638 PGP: 0xE3AE35ED Company website: http://JustThe.net/ Personal blog, resume, portfolio: http://SteveSobol.com/ E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307
Re: [Latest draft of Internet regulation bill]
On Thu, Nov 17, 2005 at 01:23:03PM -0500, Steven J. Sobol wrote: > On Tue, 15 Nov 2005, Jared Mauch wrote: > > > > The cable industry claims 91% of households passed with two-way cable. > > > > And zero in my area. And you can't start a telco COOP in this > > state since the iLEC has encouraged laws to make that not legal. The > > two major iLECs in this state (Verizon, SBC) are not doing their FIOS > > nor their "Project Lightspeed" in the state last i knew. > > Which state? Michigan. -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: [Latest draft of Internet regulation bill]
On Tue, 15 Nov 2005, Jared Mauch wrote: > > The cable industry claims 91% of households passed with two-way cable. > > And zero in my area. And you can't start a telco COOP in this > state since the iLEC has encouraged laws to make that not legal. The > two major iLECs in this state (Verizon, SBC) are not doing their FIOS > nor their "Project Lightspeed" in the state last i knew. Which state? -- Steve Sobol, Professional Geek 888-480-4638 PGP: 0xE3AE35ED Company website: http://JustThe.net/ Personal blog, resume, portfolio: http://SteveSobol.com/ E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307
RE: [NANOG]Cogent issues
On Thu, 17 Nov 2005, Edward W. Ray wrote: My cogent traffic is getting routed to my other peers here in Orange County, CA and I cannot access http://www.cogentco.com either. I have routes for it (38.0.0.0/8 from all my transits), but I can't reach www.cogentco.com either. Traces to it die inside Cogent's network. 9. cogent-level3-ge.NewYork1.Level3.ne0%5553 53 55 58 10. p15-0.core02.jfk02.atlas.cogentco.c0%5555 54 56 64 11. p14-0.core02.ord01.atlas.cogentco.c0%4454 54 54 54 12. ??? -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
RE: Issue AS and Subnet Announcment on BGP - Conflict with a major TelCO - 30h+ of route flapping unresolved
Normally I'm rather loathe to send urls around - but in this case you may find this APNIC work directly relevant to what you are asking for: http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-address-certificate.pdf I also did some work a year or so back on the differences between announced vs allocated prefixes. http://www.potaroo.net/presentations/2004-05-01-allocation-vs-announcement.pdf At the time (May 2004) it appeared that the message was getting through and the fragmentation of allocations was decreasing. I have not re-reun the scripts recently to confirm if this is wtill the case. regards, Geoff At 05:06 AM 17/11/2005, Bora Akyol wrote: Maybe they should? Or at least provide a database that is signed so that people can check what is getting announced vs what was really allocated at least off line. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charles Gucker Sent: Tuesday, November 15, 2005 9:06 PM To: Alain Hebert Cc: nanog@merit.edu Subject: Re: Issue AS and Subnet Announcment on BGP - Conflict with a major TelCO - 30h+ of route flapping unresolved . ARIN will not step in here. They allocate resources, they do not police or enforce those resources. charles
RE: [NANOG]Cogent issues
My cogent traffic is getting routed to my other peers here in Orange County, CA and I cannot access http://www.cogentco.com either. Edward W. Ray CISSP, MCSE 2003+Security, P.E., SANS GCIA Gold, SANS GCIH Gold President NetSec Design & Consulting http://www.netsecdesign.com (714) 997-9226
RE: [NANOG]Cogent issues
fyi i can NOT get to http://status.cogentco.com thru xo and savvis in chicago > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > Lyons, Myke > Sent: Thursday, November 17, 2005 10:33 AM > Cc: nanog@merit.edu > Subject: RE: [NANOG]Cogent issues > > > > > > .myke lyons > > -Original Message- > > From: David J. Coulson [mailto:[EMAIL PROTECTED] > > Sent: 17 November 2005 15:54 > > To: M. Aelmans | Synssans B.V. > > Cc: Lyons, Myke; nanog@merit.edu > > Subject: Re: [NANOG]Cogent issues > > > > M. Aelmans | Synssans B.V. wrote: > > > I see very high latency to Cogent London. > > > > My mtr to cogentco.com dies in Boston, and I'm a Cogent customer. > > > > David > > > > -- > > David J. Coulson e-mail: [EMAIL PROTECTED] > > Operations Managerdirect: (216) 920-3026 > > office: (216) 619-2000 > > N2Net, A New Age Consulting Service, Inc. Company > > Cogent has confirmed that a Fiber line was cut in the South eastern part > of the US and they do not have an ETA at this time. > > http://status.cogentco.com > > .myke lyons > >
Re: IAB and "private" numbering
At 13:59 -0800 11/11/05, Tony Tauber wrote: There are some resources, like IP addresses and AS numbers, the proper operation of which hinges on their uniqueness. ... Does this concern make sense? Does this course of action make sense? Is there a(nother) better venue than the IAB? What do people think? (Yeah, I did read the rest of the thread, but am replying to the original message.) I think there are a few dilemmas in this topic. One stems from the RIR's duty to provide stewardship of the number resources they administer. The other is the dividing line between protocol design (IAB) and operations (RIRs). One concern from this is number resources depletion, which is why, in my estimation, there are people measuring things like announced space and time to network with AS numbers. (I'm referring to work Geoff Huston, Tony Hain, and Henk U of RIPE have presented in numerous locations in the past few months.) When a resource is becoming scarce, there's a push to try and be certain that it is being used efficiently, with efficiency measured in terms of time to depletion. With this in mind, if a resource is used privately, why can't it be used publicly too by some deserving? (I ask this rhetorically as an example.) Stewardship also means uniqueness too, or at least uniqueness in some scope. (A 48 bit number could be a "hardware address" or a combination IPv4 and port number, as an example of stretching.) To achieve this, the RIRs would naturally assign an number to anyone deserving, regardless of how the network is connected. Combine that with a third dimension, that the RIRs are run in the context of some sort of public trust, there are folks that will want to check up on them. That's where we get folks probing the exposed data (via whois, say) and seeing what they can get to. I think this is where the assumption of a "public internet" comes from. This is a three-way conflict centered on the RIRs. There's the whole matter of the benefit vs. pain of scoped (as in site local, link local, RFC 1918) addressing. That's a matter for the protocol engineers to figure out, I think that is something the IAB would be concerned about - if not so already. I don't think that you want to have the directory services of the RIRs (whois today) flag addresses as public use or private use, but you do what the defined protocol scope clearly indicated. The reason for not labelling public or private is that there are multiple private (if there is indeed one true public). If you see two private addresses, can they see each other? In as much as we don't want the RIR's in the routers, we shouldn't put the routers into the RIRs. The outcome of this is that folks probing and prodding the data in the RIRs ought to not expect to see all the resources registered therein on the public Internet. It would tempting to say not to worry about unseen resources, to assume they are in the private areas of the world. However, there are probably resources that are "lost" - allocated in the days when IANA was a small part of ISI and things were done on paper. In the effort to stop depletion, these should be reclaimed, but deciding what is lost versus what is in private use is ... a dilemma. My experience in this is tied to DNS and lame delegations. Just like the routing table issue, we have delegations into places that are not reachable. A name server may be situated in a way in which "it can see out" but "we cannot see in." The problem with these seems to be some past implementations of DNS that looped as a result of lame delegations (in this case situations in which the desired name server[s] are not reachable). Maybe this is where the IAB steps in, and looks for documents showing how members of a network, whether the public or a private network, can either protect themselves from trying to reach unreachable areas, or to set up stub or proxy services to absorb ill-fated traffic destined to an unreachable address. I'm not sure this is feasible - the DNSOP WG seems to have killed, or is about to kill a document on "don't publish unreachable things in the DNS." As much as that sounds useful, there was no energy in the group to finish the document. A lack of energy tells me something. Scoped addresses do run afoul of the theory that a network is a collection on mutually reachable endpoints. Once you scope an address, you've lost the theory of the network layer. Still, it does work to do this, so it's not that it's impossible, it's that the theory needs to be, umm, scoped. I've thought far less about this, but that's the kind of thing that the IAB might weigh in on, if there is the energy to do so. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis+1-571-434-5468 NeuStar 3 months to the next trip. I guess it's finally time to settle down and find a groc
Re: the future of the net
Oh, the irony - all I get is: Linux Journal Is Currently Unavailable Due to a Denial of Service (DoS) Attack Sorry for any inconvenience.
Re: IAB and "private" numbering
On 15.11 07:38, Mark Smith wrote: > > RFC1627, "Network 10 Considered Harmful (Some Practices Shouldn't be > Codified)" and RFC3879, "Deprecating Site Local Addresses" provide some > good examples of where duplicate or overlapping address spaces cause > problems, which is what happens when different organisations use RFC1918 > addresses, even if they aren't connected to the Internet. This is practical engineering, not theoretical science. Practical engineering is about *trade-offs*. We were seeing address space requests for huge deployments with a real low probability to ever be routed anywhere beyond a quite local domain. There are huge deployments of this kind now and happily so without unnecessary using finite address resources. The drawbacks were known and discussed. Note that 1627<1918. Clear warnings were written into 1918; it is one of the more "operational" RFCs, certainly at the time. We also discussed the possibility of NATs but it was out-of-scope for 1918; we discussed application layer gateways though; we did not anticipate any NAT deployments beyond a very local scale. Would we rather have run out of unallocated unique IPv4 address space at some point in the past? Would an alternative have been ready by then? (Would we rather run out of unallocated IPv4 address space on -say- 31-Dec-2005? Will IPv6 be ready for prime time then?) Daniel One of the instigators and co-author of RFC1918.
RE: [NANOG]Cogent issues
.myke lyons > -Original Message- > From: David J. Coulson [mailto:[EMAIL PROTECTED] > Sent: 17 November 2005 15:54 > To: M. Aelmans | Synssans B.V. > Cc: Lyons, Myke; nanog@merit.edu > Subject: Re: [NANOG]Cogent issues > > M. Aelmans | Synssans B.V. wrote: > > I see very high latency to Cogent London. > > My mtr to cogentco.com dies in Boston, and I'm a Cogent customer. > > David > > -- > David J. Coulson e-mail: [EMAIL PROTECTED] > Operations Managerdirect: (216) 920-3026 > office: (216) 619-2000 > N2Net, A New Age Consulting Service, Inc. Company Cogent has confirmed that a Fiber line was cut in the South eastern part of the US and they do not have an ETA at this time. http://status.cogentco.com .myke lyons
Re: [NANOG]Cogent issues
On Thu, 17 Nov 2005, David Barak wrote: I think you mean http://www.cogentco.com It's up. Their wholesale dialup product appears to be down. A coworker just called it in and was told "multiple fiber cuts" have seriously impacted Cogent's network. Multiple simultaneous fiber cuts...yeah, that seems likely. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: [NANOG]Cogent issues
On 17-Nov-2005, at 10:59, Brian Kerr wrote: On 11/17/05, Eric Gauthier <[EMAIL PROTECTED]> wrote: Just to make analysis easier: Which prefixes should be missing? There seem to be larger problems, http://www.cogent.com returns: That does seem to be a problem for cogent.com. To complete your analysis along those lines, you might also like to check cogentsystems.com, cogent-ssc.com, cogcomp.com, cogent.co.uk. Oh, and don't forget cogentuk.com, "The UK's largest bull stud". Joe
Re: Cogent Issues
I'm going to try this again. It seems like my messages are not going through. Regards, Ryan -- Forwarded message -- Date: Thu, 17 Nov 2005 11:04:29 -0500 (EST) To: nanog@merit.edu Subject: Cogent Issues... (Update) Cogent is experiencing 2 fiber cuts in the north/southeast-US. The locations are: Between Houston and Tampa (Southeast) Ticket #347277 Between Philidelpha and DC (Northeast) Ticket #347375 Customers traversing cogent's network will experience latency and packet loss. You can check the status of the ticket by going to http://status.cogentco.com. Regards, Ryan
Re: [NANOG]Cogent issues
On 11/17/05, Brian Kerr <[EMAIL PROTECTED]> wrote: > There seem to be larger problems, > > http://www.cogent.com returns: > > Error 404 Not found Pay no attention, I apparently don't know what I'm doing.
Re: the future of the net
The URL http://www.linuxjournal.com/article/8673 now leads to the following message: "Linux Journal Is Currently Unavailable Due to a Denial of Service (DoS) Attack Sorry for any inconvenience." That's intriguing ... Most likely incorrect too. They've been /.'d...not just nanog'd. They've apparently mistaken the spike in load for a DoS. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: [NANOG]Cogent issues
--- Brian Kerr <[EMAIL PROTECTED]> wrote: > > On 11/17/05, Eric Gauthier <[EMAIL PROTECTED]> wrote: > > > > Heya, > > > > > Just to make analysis easier: Which prefixes > should be missing? > > There seem to be larger problems, > > http://www.cogent.com returns: > > Error 404 Not found I think you mean http://www.cogentco.com It's up. David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com __ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
RE: [NANOG]Cogent issues
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Brian Kerr > Sent: 17 November 2005 16:00 > To: nanog@merit.edu > Subject: Re: [NANOG]Cogent issues > > > On 11/17/05, Eric Gauthier <[EMAIL PROTECTED]> wrote: > > > > Heya, > > > > > Just to make analysis easier: Which prefixes should be missing? > > There seem to be larger problems, > > http://www.cogent.com returns: > > Error 404 Not found > > The host name in the URL you have requested "www.cogent.com" does not > match any virtual server currently running. This maybe because you > entered the host name incorrectly, or that the necessary server alias > has not been setup. > > Powered by Zeus Web Server > > > > A whois cogent.com returns: > > Registrant: > Cogent Investment Operations Limited >55 Moorgate >London EC2R 6PA >UK > >Domain Name: COGENT.COM > >Administrative Contact: > MOITRIER, Regis [EMAIL PROTECTED] > BNP PARIBAS > 10 Harewood Avenue > 4 R 240 > London NW1 6AA > UK > +44 207 595 6777 fax: +44-207-595-5090 > >Technical Contact: > BNP PARIBAS [EMAIL PROTECTED] > 10 Harewood Avenue - David Gardner 4R305 > London NW1 6AA > UK > +44 207 595 2000 fax: 123 123 1234 > >Record expires on 11-Apr-2012. >Record created on 11-Apr-1999. >Database last updated on 17-Nov-2005 10:57:46 EST. > >Domain servers in listed order: > >NS1.BNPPARIBAS.COM 155.140.125.131 >NS3.DOMIVESTA.NET159.50.101.80 >NS2.BNPPARIBAS.COM 155.140.125.121 >NS4.DOMIVESTA.COM159.50.203.80 > > -Brian I believe their website is www.cogentco.com This was up as of 15:45 GMT
Cogent Issues... (Update)
Cogent is experiencing 2 fiber cuts in the north/southeast-US. The locations are: Between Houston and Tampa (Southeast) Ticket #347277 Between Philidelpha and DC (Northeast) Ticket #347375 Customers traversing cogent's network will experience latency and packet loss. You can check the status of the ticket by going to http://status.cogentco.com. Regards, Ryan
Re: the future of the net
On 16.11 21:33, Bubba Parker wrote: > > Seems to be back up now. At this time I got "Linux Journal Is Currently Unavailable Due to a Denial of Service (DoS) Attack Sorry for any inconvenience." Interesting. At first sight I though that was why Randy posted the URL under "future of the net" ;-) ;-) ;-). Daniel
RE: the future of the net
> The URL > > http://www.linuxjournal.com/article/8673 > > now leads to the following message: > > "Linux Journal Is Currently Unavailable Due to a Denial of > Service (DoS) Attack Sorry for any inconvenience." > > That's intriguing ... Translation: "Linux Journal has been linked to by Slashdot." Andrew Cruse
RE: Cogent issues
Anyone else find it funny that of all the Cogent peering on that chart, only the Cogent to Level 3 link shows green? :-) David > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Ryan A. Krenzischek > Sent: Thursday, November 17, 2005 10:49 AM > To: nanog@merit.edu > Subject: Re: Cogent issues > > > Take a look at this: > > http://scoreboard.keynote.com/scoreboard/Main.aspx?Login=Y&Use > rname=public&Password=public > > I just got off the phone with Cogent. They said there was a > fiber cut in the > eastern-US. The representative did not have specific > details. They said > either in the NY or DC area. > > Ryan > > > On Thu, 17 Nov 2005, Lyons, Myke wrote: > > > For the past hour or so a number of sites that I have with > Cogent have > > been unreachable. Also, I am unable to get through to their support > > line. Is anyone else seeing this? > > > > .myke lyons > > > > > >
Re: [NANOG]Cogent issues
On 11/17/05, Eric Gauthier <[EMAIL PROTECTED]> wrote: > > Heya, > > > Just to make analysis easier: Which prefixes should be missing? There seem to be larger problems, http://www.cogent.com returns: Error 404 Not found The host name in the URL you have requested "www.cogent.com" does not match any virtual server currently running. This maybe because you entered the host name incorrectly, or that the necessary server alias has not been setup. Powered by Zeus Web Server A whois cogent.com returns: Registrant: Cogent Investment Operations Limited 55 Moorgate London EC2R 6PA UK Domain Name: COGENT.COM Administrative Contact: MOITRIER, Regis [EMAIL PROTECTED] BNP PARIBAS 10 Harewood Avenue 4 R 240 London NW1 6AA UK +44 207 595 6777 fax: +44-207-595-5090 Technical Contact: BNP PARIBAS [EMAIL PROTECTED] 10 Harewood Avenue - David Gardner 4R305 London NW1 6AA UK +44 207 595 2000 fax: 123 123 1234 Record expires on 11-Apr-2012. Record created on 11-Apr-1999. Database last updated on 17-Nov-2005 10:57:46 EST. Domain servers in listed order: NS1.BNPPARIBAS.COM 155.140.125.131 NS3.DOMIVESTA.NET159.50.101.80 NS2.BNPPARIBAS.COM 155.140.125.121 NS4.DOMIVESTA.COM159.50.203.80 -Brian
Re: the future of the net
On Wed, 16 Nov 2005, Bubba Parker wrote: > Date: Wed, 16 Nov 2005 21:33:17 -0600 > From: Bubba Parker <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Cc: Gordon Cook <[EMAIL PROTECTED]>, Randy Bush <[EMAIL PROTECTED]>, > nanog@merit.edu > Subject: Re: the future of the net > > > Seems to be back up now. > > > On Thu, Nov 17, 2005 at 03:17:45AM +, [EMAIL PROTECTED] wrote: > > > > and it still is in mine the print edition doesn't have > > clickable links, but is also a fine resource. > > > > --bill The URL http://www.linuxjournal.com/article/8673 now leads to the following message: "Linux Journal Is Currently Unavailable Due to a Denial of Service (DoS) Attack Sorry for any inconvenience." That's intriguing ...
Re: [NANOG]Cogent issues
Heya, > Just to make analysis easier: Which prefixes should be missing? We've got a feed from Cogent out of Boston and we did see a 5 minute drop by about 5k routes in their annoucements. After that, we look as though we're only short by around 400 or so prefixes: 11/17/2005 9:30172,380 11/17/2005 9:35172,375 11/17/2005 9:40172,364 11/17/2005 9:45166,725 11/17/2005 9:50170,978 11/17/2005 9:55171,957 11/17/2005 10:00 171,961 11/17/2005 10:05 171,962 11/17/2005 10:10 171,937 11/17/2005 10:15 171,933 11/17/2005 10:20 171,928 11/17/2005 10:25 171,924 11/17/2005 10:30 171,920 11/17/2005 10:35 171,936 11/17/2005 10:40 171,933 Eric :)
Re: Cogent issues
Take a look at this: http://scoreboard.keynote.com/scoreboard/Main.aspx?Login=Y&Username=public&Password=public I just got off the phone with Cogent. They said there was a fiber cut in the eastern-US. The representative did not have specific details. They said either in the NY or DC area. Ryan On Thu, 17 Nov 2005, Lyons, Myke wrote: For the past hour or so a number of sites that I have with Cogent have been unreachable. Also, I am unable to get through to their support line. Is anyone else seeing this? .myke lyons
Re: [NANOG]Cogent issues
Lyons, Myke wrote: For the past hour or so a number of sites that I have with Cogent have been unreachable. Also, I am unable to get through to their support line. Is anyone else seeing this? .myke lyons I see very high latency to Cogent London. Regards, Melchior
Re: [NANOG]Cogent issues
[EMAIL PROTECTED] (Lyons, Myke) wrote: > For the past hour or so a number of sites that I have with Cogent have > been unreachable. Also, I am unable to get through to their support > line. Is anyone else seeing this? Just to make analysis easier: Which prefixes should be missing? Elmar. -- "Begehe nur nicht den Fehler, Meinung durch Sachverstand zu substituieren." (PLemken, <[EMAIL PROTECTED]>) --[ ELMI-RIPE ]---
RE: [NANOG]Cogent issues
They've got something going on, we've got about a 25% drop in our outbound Cogent traffic at about 9:45 AM EST. David > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Lyons, Myke > Sent: Thursday, November 17, 2005 10:31 AM > To: nanog@merit.edu > Subject: [NANOG]Cogent issues > > For the past hour or so a number of sites that I have with > Cogent have been unreachable. Also, I am unable to get > through to their support line. Is anyone else seeing this? > > .myke lyons > >
[NANOG]Cogent issues
Title: [NANOG]Cogent issues For the past hour or so a number of sites that I have with Cogent have been unreachable. Also, I am unable to get through to their support line. Is anyone else seeing this? .myke lyons
Re: the future of the net
Thought provoking article and the consumer side of the 'net is already heading there i.e. no VPN on many 'broadband' lines unless you pay for 'business' CoS (which I do). Does anyone here remember the Dow Jones Information service in which you are billed by the minute AND the service you access from a business point of view the consumer has had a 'free ride' for too long and it's time to start charging for the access to 'content' and hopefully the content as well. Nevermind that the unmetered pricing model facilitated the growth of the 'net to a point where it was 'commercially viable' all the wall street model rewards is consistent growth quarter over quarter and with a finite number of households eventually growth with slow and eventually stop now the only way to facilitate growth will be to be 'bill by the byte'. The fact that this model has been a commercial failure in the wireless market in the US as the '3G services i.e. internet access. data transport are too expensive at 0.05/cents kbyte even for most business as it is not feasible to 'budget' your data needs. The US will continue to fall further behind the rest of the world as the business community attempts to monetize the innovations. Where the rest of the world will continue to invent new stuff and at the current rate the 'Next Big Thing' will not be from the US. Scott C. McGrath On Wed, 16 Nov 2005, Steven M. Bellovin wrote: > > In message <[EMAIL PROTECTED]>, Warren Kumari wri > tes: > > > >Oh, the irony - all I get is: > > > >Access denied > >You are not authorized to access this page. > > > > Same here. > > --Steven M. Bellovin, http://www.cs.columbia.edu/~smb > >
Re: What do we mean when we say "competition?"
Windows 98 price (in 1997) -> $209 Office 97 Standard (in 1997) -> $689 Windows XP price (now) -> $199. Office 2003 (now) -> $399. Verizon Retail 768k DSL, $14.95/month (includes everything) Verizon Wholesale 768k DSL, $13.95/month + DS3 ATM + IP + support + e- mail Verizon CLEC 2W DSL Conditioned loop, $15-18/month + COLO + DSLAM + Backhaul + IP + Support + e-mail You can't say that Verizon isn't selling DSL below their cost and using monopoly POTS revenue to subsidize the extermination of competition in the DSL market. Now, granted the CLEC can use the 2W DSL conditioned loop to run ADSL2 + and POTS and sell for more $$. Unfortunately in todays era of Wal*mart shoppers people buy on price alone. The problems most people have with microsoft's monopoly status have nothing whatsoever to do with the price of the software which forms the basis of their monopoly (windows + office), but rather their willingness to use the profits from them to subsidize other losing ventures to drive out other competitors. Exactly, Verizon is using the profits from the monopoly to subsidize losing ventures -Matt -- Matthew S. Crocker Vice President Crocker Communications, Inc. Internet Division PO BOX 710 Greenfield, MA 01302-0710 http://www.crocker.com
Re: Our advertising address(125.30.0.0/16) has filtered
Hello, IIJ/AS2497 still sees problems with source address, 125.30.0.0/16. It seems that many ASs and servers are blocking packets from 125.30.0.0/16. We hope you would check your filters again. Two points: 1) route filter (prefix based filters) 2) packet filter (ACLs on interface)<- do not forget please! If you would like to confirm you are accepting packets from 125.30.0.0/16, please test by ping 125.30.127.1. Regards, --- MAMIYA Akihiko <[EMAIL PROTECTED]> Network Engineering and Operations Internet Initiative Japan Inc. > > Hello, > > This is Internet Initiative Japan (IIJ/AS2497) > Network Operations Center from Tokyo, Japan. > > IIJ has started advertising 125.30.0.0/16 from AS2497/IIJ. > Unfortunately, it seems that several ASs are filtering this route. > > Could you confirm that your latest filter permit 125.30.0.0/16? If it > is denying the route, we hope you will update the filter to accept our > new block. > > We have set an equipment at 125.30.127.1 for your conectivity check. > If you confirm that you are able to access 125.30.0.0/16, you can ping > and traceroute to 125.30.127.1. > > Recently, APNIC/JPNIC assigned 125.30.0.0/16 to IIJ. > As a point of reference, you could find the Bogon list Page and > the result of whois. > > http://www.cymru.com/Documents/bogon-list.html > - > Changes in version 2.6 (27 JAN 2005) > 124/8, 125/8 and 126/8 allocated to APNIC (JAN 2005). > Removed from the bogon lists. > --- > > --- 125.30.0.0/16 > > % [whois.apnic.net node-2] > % Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html > > inetnum: 125.30.0.0 - 125.30.255.255 > netname: IIJ > descr:Internet Initiative Japan Inc. > descr:Jinbocho Mitsui Bldg., > descr:1-105 Kanda Jinbo-cho, Chiyoda-ku, > descr:Tokyo, 101-0051 Japan > country: JP > admin-c: JNIC1-AP > tech-c: JNIC1-AP > status: ALLOCATED PORTABLE > remarks: Email address for spam or abuse complaints : [EMAIL PROTECTED] > mnt-by: MAINT-JPNIC > mnt-lower:MAINT-JPNIC > changed: [EMAIL PROTECTED] 20050817 > source: APNIC > > role: Japan Network Information Center > address: Kokusai-Kougyou-Kanda Bldg 6F, 2-3-4 Uchi-Kanda > address: Chiyoda-ku, Tokyo 101-0047, Japan > country: JP > phone:+81-3-5297-2311 > fax-no: +81-3-5297-2312 > e-mail: [EMAIL PROTECTED] > admin-c: SS13-AP > tech-c: SY7-AP > nic-hdl: JNIC1-AP > mnt-by: MAINT-JPNIC > changed: [EMAIL PROTECTED] 20041222 > changed: [EMAIL PROTECTED] 20050324 > source: APNIC > > > best regards, > > --- > MAMIYA Akihiko <[EMAIL PROTECTED]> > Network Engineering and Operations > Internet Initiative Japan Inc.
