(Corrected) Call for Presentations - NANOG 37 - June 4-7, 2006

[Steve Feldman]

The North American Network Operators' Group (NANOG) will hold its
37th meeting June 4-7, 2006, in a location TBA.  The meeting will
be hosted by UltraDNS.

NANOG conferences provide a forum for information exchange among
network operators, engineers, and researchers.  Meetings are held
three times each year, and include panels, presentations, tutorial
sessions, and BOFs.

NANOG solicits presentations highlighting issues relating to
technology already deployed or soon to be deployed in the Internet.
The NANOG community is invited to attend and participate in this
forum, which offers numerous opportunities to share ideas, explore
research and development, and interact with leaders in this important
field of network operations.  Vendors are encouraged to work with
operators to present deployment experiences with the vendor's
products and interoperability.

General Session
===
The community is invited to develop panel sessions or present talks on
topics relevant to the NANOG community, including:

Network Operations
Present-day operational case studies
Everyday life in the NOC and tools of interest
Exchange point technologies and implementation
Peering/colocation coordination issues
Content provider issues
Security attacks/mitigation, tools, and analysis
State of OAM tools for IP and MPLS networks
Disaster recovery and planning
Deployment Experience
Mergers and their impact on interconnected networks
Alternative and emerging last-mile technologies
  (metro/rural, broadband, radio, optical, etc.)
VoIP deployment, architecture, peering, and interconnect
Anycast
IPTV
Large-scale wireless
Fiber and wavelength use by enterprises
Research, Policy, and New Technology
Approaches to securing the global routing system
  (e.g., s*BGP and/or other tools)
Routing system scalability
Capacity planning standards and tools
Inter-provider MPLS/QoS/PCE
RIR policy (e.g., implications of HD ratio)
Active standards organizations and areas of interest
IPv6: economics, deployments, and adoption rates
Approaches to IPv6 scalability, e.g., Shim6

Panels
==
Panel selection will be based on the importance, originality,
focus and timeliness of the topic; expertise of proposed
panelists; as well as the potential for informative and
controversial discussion.  The panel leader should provide an
abstract describing the panel theme, list of panelists, and
an outline of how the panel will be organized.  After acceptance,
the panel leader will be given the option to invite panel
authors to submit their presentations to the NANOG Program
Committee for review.  Until then authors should not submit
their individual presentations for the panel.

Lightning Talks
===
Topics for short (10-20 minute) lightning talks will be solicited
on-site at the meeting.  "Technologies to Watch" topics will be
appropriate for this session.  Lightning talks were a hit in Dallas
so collect your thoughts early!

Research Forum
==
Researchers are invited to present short (10-minute) summaries of
their work for operator feedback.  Topics include routing, network
performance, statistical measurement and analysis, and protocol
development and implementation.  Studies presented may be works in
progress.  Researchers from academia, government, and industry are
encouraged to present.

Tutorials
=
Proposals are also invited for tutorial sessions from the introductory
through advanced level on all related topics, including:

Disaster Recovery Planning
Troubleshooting BGP
Best Practices for Determining Traffic Matrices
Options for Blackhole and Discard Routing
BGP/MPLS Layer 3 VPNs

How to Present
==
Submit an abstract and draft slides for the presentation in email
to [EMAIL PROTECTED]  See this web page for submission
guidelines. Your submission should include:

Author's name(s)
Preferred contact email address
Submission category (General Session, Panel, Tutorial, Research Forum)
Presentation title
Abstract
Slides (attachment or URL), in PDF (preferred) or Powerpoint format

We are also developing an online submission system, and hope to
have it available shortly.  Check the NANOG main page for updates.

The deadline for proposals is April 17, 2006.  While the majority
of speaking slots will be filled by April 17, a limited number of
slots may be available after that date for topics that are exceptionally
timely, important, or critical to the operations of the Internet.
Submissions will be reviewed by the NANOG Program Committee, and
presenters will be notified of acceptance by May 8.  Final drafts
of presentation slides are due by May 24, and final versions May 31.

Re: OT: Xen

[Christopher L. Morrow]

On Tue, 4 Apr 2006 [EMAIL PROTECTED] wrote:

> On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:
>
> > Best is: You dont run anything that is not needed. If you run only a
> > single application, your system is not worth the time it takes to hack it :)
>
> For the benefit of people reading the archives in search of clue: There's
> a smiley on that, because Peter knows full well that the single biggest
> security problem on the Internet is boxes that are running one application,
> or end-user boxes, that aren't run in a secure manner because there's nothing
> of interest on the box.
>

though one application means a very simple host, firewall, audit:
1) its running smtp
2) its filtered to permit any -> tcp/25 tcp/25 -> any
3) its log auditor (offline on the log host of course) flags anything NOT
smtp

presume that smtpd is, of course, hardened and patched and looked-after
properly... Sean is right, anything with an ip address is a target,
perhaps not a focused target, but a target none-the-less.

If it's on the internet take proper precautions.

> If the box has an IP address, and an Internet connection, it's *always* of
> interest, if only as a zombie or a steppingstone box to launder a connection.

oh zombies... where would we be without thee?

Re: OT: Xen

[Valdis . Kletnieks]

On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:

> Best is: You dont run anything that is not needed. If you run only a
> single application, your system is not worth the time it takes to hack it :)

For the benefit of people reading the archives in search of clue: There's
a smiley on that, because Peter knows full well that the single biggest
security problem on the Internet is boxes that are running one application,
or end-user boxes, that aren't run in a secure manner because there's nothing
of interest on the box.

If the box has an IP address, and an Internet connection, it's *always* of
interest, if only as a zombie or a steppingstone box to launder a connection.


pgpcNGxvH6xTD.pgp
Description: PGP signature

New BGP noise analysis

[Stephan Millet]

All,

I hope this isn't too off topic for you, however I have just come across a new 
BGP analysis page (more for the fine people at potaroo.net) which provides a 
breakdown of the noisiest (in BGP terms) prefixes and AS's. 
This seems to be a live analysis of some work presented on at the recent 
APRICOT/APNIC conference in Perth.

http://bgpupdates.potaroo.net

Hope this provides some valuable info to you.

Cheers

Stephan Millet
Telstra Internet Direct

Re: OT: Xen

[Matthew Palmer]

On Mon, Apr 03, 2006 at 08:50:51AM -0700, Eric Frazier wrote:
> Xen can be.  So one thing I am wondering, with Zones you can setup a new 
> instance that is a copy of another pretty much instantly. Does Xen offer 
> the same thing? Or do you still have to go through an install process for 
> example? I am esp wondering about this with something like XP..

Xen itself: no.  But LVM is a wonderful thing.

- Matt

Re: OT: Xen

[Matthew Palmer]

On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote:
> machine for stuff I know could lead to problems like that. But that brings 
> up another question, how far isolated are different instances from each 
> other really?

Fairly well -- a lot better than (eg) vservers, and almost certainly better
than UMLs.  To get into the host, you'd need to subvert one of the backend
drivers via the guest in such a way that you got the ability to run some
sort of subversive command in the host.  The possibility of a DoS (crash) is
much higher than a take-over compromise, but even then it's not something
I'd be inclined to worry about deeply.

- Matt

Re: OT: Xen

[Peter Dambier]

Todd Vierling wrote:

This is now straying really OT.  I answered some of this offlist, but
generally, the best place for technical background on Xen is its home:

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/


This forum is about operating.

I guess if some bad operators separated their poorly managed systems with
things like Xen, then Gadies drone armies would drown.

Suppose you have the users 'root', 'morone' and 'monkey'.

Guess who root is?

monkey is running an old and buggy forum software - gets hacked everyday ...

morone is running an ftp-server with anonymous access.

Neither morone nor monkey can bring the system down because neither of
them has root access. Both are chrooted as seen from 'root'

If morone gets hacked then his ftp-server is gone but the hackers cannot
deface monkeys html-site.

If the hackers get monkey they dont have a clue about morone's ftp-servers.

The guys are splendidly isolated and root has an undesturbed sleep.

Best is: You dont run anything that is not needed. If you run only a
single application, your system is not worth the time it takes to hack it :)


Cheers
Peter and Karin Dambier

--
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/

RE: Hi United! -> Chase.US Was:Re: abuse.clue @ Sprint? (phish in barrel, pictures @ 11:00)

[Pawloski, Kevin]

I'll see to it that this domain is shutdown from our service.

Kevin Pawloski | Security Engineer - United Online | kpawloski at
corp.untd.com | VoIP - kevin at netzero.net 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Martin Hannigan
Sent: Monday, April 03, 2006 1:12 PM
To: NANGO
Subject: Hi United! -> Chase.US Was:Re: abuse.clue @ Sprint? (phish in
barrel, pictures @ 11:00)





At 02:17 PM 4/3/2006, neal rauhauser wrote:



>   Got this forwarded to me by an associate - seems he tried the 
> usual channels and is having no luck. I suppose there are 
> professional phishermen out there but it sure would be nice to cut 
> to the Chase on this one. Heh ... get it ... Chase?
>
>
>--- phish report
>
>
>We got a bunch of e-mails this morning, purporting to be from 
>Chase.com; when you click the link in the message, though, you go to 
>the following site;
>
>hhhttp://cpe-24-221-82-147.mi.sprintbbd.net:81/colappmgr/colportal/pros
pect.php?_n 
>fpb=change_form
>



Hey United guys: chase.us? The registrar is appears absent again. 
Maybe you slam dunk it?
This Chase phish is really getting out of hand. I'm getting them 
daily from 2 to 5 times
in the last week.

They are being very resilient on the page source. They're everywhere.


Phish source:

http://www.fugawi.net/~hannigan/chasephish.txt

Spam:

http://www.fugawi.net/~hannigan/chasespam.txt

NS:

Non-authoritative answer:
chase.usnameserver = authns.lax.mysite.com.
chase.usnameserver = authns.nyc.mysite.com.
chase.usnameserver = authns.iad.mysite.com.

Authoritative answers can be found from:
authns.iad.mysite.com   internet address = 64.136.35.146
authns.lax.mysite.com   internet address = 64.136.28.28
authns.nyc.mysite.com   internet address = 64.136.20.28



-M<







--
Martin Hannigan(c) 617-388-2663
Renesys Corporation(w) 617-395-8574
Member of Technical Staff  Network Operations
[EMAIL PROTECTED]  

Hi United! -> Chase.US Was:Re: abuse.clue @ Sprint? (phish in barrel, pictures @ 11:00)

[Martin Hannigan]

At 02:17 PM 4/3/2006, neal rauhauser wrote:



  Got this forwarded to me by an associate - seems he tried the 
usual channels and is having no luck. I suppose there are 
professional phishermen out there but it sure would be nice to cut 
to the Chase on this one. Heh ... get it ... Chase?



--- phish report


We got a bunch of e-mails this morning, purporting to be from 
Chase.com; when you click the link in the message, though, you go to 
the following site;


hhhttp://cpe-24-221-82-147.mi.sprintbbd.net:81/colappmgr/colportal/prospect.php?_n 
fpb=change_form






Hey United guys: chase.us? The registrar is appears absent again. 
Maybe you slam dunk it?
This Chase phish is really getting out of hand. I'm getting them 
daily from 2 to 5 times

in the last week.

They are being very resilient on the page source. They're everywhere.


Phish source:

http://www.fugawi.net/~hannigan/chasephish.txt

Spam:

http://www.fugawi.net/~hannigan/chasespam.txt

NS:

Non-authoritative answer:
chase.usnameserver = authns.lax.mysite.com.
chase.usnameserver = authns.nyc.mysite.com.
chase.usnameserver = authns.iad.mysite.com.

Authoritative answers can be found from:
authns.iad.mysite.com   internet address = 64.136.35.146
authns.lax.mysite.com   internet address = 64.136.28.28
authns.nyc.mysite.com   internet address = 64.136.20.28



-M<







--
Martin Hannigan(c) 617-388-2663
Renesys Corporation(w) 617-395-8574
Member of Technical Staff  Network Operations
   [EMAIL PROTECTED]  

Re: OT: Xen

[Todd Vierling]

On Mon, 3 Apr 2006, Eric Frazier wrote:

> Now that is what I have in mind. For me this is esp important where I have
> something nasty like a guy hosting a bunch of forums that are always not
> getting updated and getting defaced or worse. Until now I have had a dirty
> machine for stuff I know could lead to problems like that. But that brings up
> another question, how far isolated are different instances from each other
> really?

This is now straying really OT.  I answered some of this offlist, but
generally, the best place for technical background on Xen is its home:

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

-- 
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

Re: OT: Xen

[Eric Frazier]

At 12:01 PM 4/3/2006, [EMAIL PROTECTED] wrote:


> Xen's bigges strength really is in the colocation business.  With
VX-enabled
> machines, it is capable of running instrumented OS's (Linux,
Free/NetBSD) at
> almost native speeds, and non-instrumented OS's (Windows, Solaris) with
a
> couple-% hit.  It's that flexibility that leads to colo as the market
where
> Xen shines.

People seem to be thinking that Xen is only for sharing
a colo machine with somebody else. But it could just as
well be used for one organization to isolate each major
application to a single virtual server, i.e. email server,
general web server, wiki server, hot web app server,
Asterisk server, etc. This way, when one of the applications
justifies its own server, migration is somewhat simpler
because it is not entangled with other applications.


Now that is what I have in mind. For me this is esp important where I have 
something nasty like a guy hosting a bunch of forums that are always not 
getting updated and getting defaced or worse. Until now I have had a dirty 
machine for stuff I know could lead to problems like that. But that brings 
up another question, how far isolated are different instances from each 
other really?





-- Michael Dillon

Re: OT: Xen

[Michael . Dillon]

> Xen's bigges strength really is in the colocation business.  With 
VX-enabled
> machines, it is capable of running instrumented OS's (Linux, 
Free/NetBSD) at
> almost native speeds, and non-instrumented OS's (Windows, Solaris) with 
a
> couple-% hit.  It's that flexibility that leads to colo as the market 
where
> Xen shines.

People seem to be thinking that Xen is only for sharing
a colo machine with somebody else. But it could just as
well be used for one organization to isolate each major
application to a single virtual server, i.e. email server,
general web server, wiki server, hot web app server,
Asterisk server, etc. This way, when one of the applications
justifies its own server, migration is somewhat simpler
because it is not entangled with other applications.

-- Michael Dillon

Re: abuse.clue @ Sprint? (phish in barrel, pictures @ 11:00)

[Michael Painter]

- Original Message - 
From: "neal rauhauser" <[EMAIL PROTECTED]>

To: "NANGO" 
Sent: Monday, April 03, 2006 8:17 AM
Subject: abuse.clue @ Sprint? (phish in barrel, pictures @ 11:00)






  Got this forwarded to me by an associate - seems he tried the usual 
channels and is having no luck. I suppose there are professional 
phishermen out there but it sure would be nice to cut to the Chase on 
this one. Heh ... get it ... Chase?


http://castlecops.com/pirt

Re: OT: Xen

[Todd Vierling]

On Mon, 3 Apr 2006, [EMAIL PROTECTED] wrote:

> Solaris shops are going to find Zones useful.  Linux shops are going to find
> Xen useful. However, I severely doubt that Zones are going to attract any 
> Linux
> shops, or that Xen will be enough to make Solaris shops convert.

Xen's bigges strength really is in the colocation business.  With VX-enabled
machines, it is capable of running instrumented OS's (Linux, Free/NetBSD) at
almost native speeds, and non-instrumented OS's (Windows, Solaris) with a
couple-% hit.  It's that flexibility that leads to colo as the market where
Xen shines.

If it really were an OS-specific issue, then "Linux shops" might as well use
UML.  ( )

-- 
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

abuse.clue @ Sprint? (phish in barrel, pictures @ 11:00)

[neal rauhauser]

  Got this forwarded to me by an associate - seems he tried the usual 
channels and is having no luck. I suppose there are professional 
phishermen out there but it sure would be nice to cut to the Chase on 
this one. Heh ... get it ... Chase?



--- phish report


We got a bunch of e-mails this morning, purporting to be from Chase.com; 
when you click the link in the message, though, you go to the following 
site;


hhhttp://cpe-24-221-82-147.mi.sprintbbd.net:81/colappmgr/colportal/prospect.php?_n 
fpb=change_form


It's been running since about 7 AM Central time.

I've already contacted Chase, as well as Sprint Broadband, but they 
either a)don't care, or b)don't have a clue what to do. Is there any way 
of getting in touch with SOMEONE who can shut this guy down? If my 70 
year old Mom got a message like this, she'd be owned in a matter of 
minutes - it pisses me off that people could be this evil.



--
mailto:[EMAIL PROTECTED] // IM:layer3arts
voice: 402 408 5951
cell : 402 301 9555
fax  : 402 408 6902

Correct dates for NANOG 37

[Steve Feldman]

The dates given for NANOG 37 in the Call for Presentations were  
incorrect.


The correct dates are June 4-7:
  Sunday, June 4 - Newcomers Orientation, Community Meeting
  Monday, June 5 - General Session (morning), BOFs/Tutorials  
(afternoon)
  Tuesday, June 6 - General Session (morning), BOFs/Tutorials  
(afternoon)

  Wednesday, June 7 - General Session (morning)

The location will be announced as soon as Merit has a signed hotel
contract in their hands.

I will send a corrected version of the CFP tonight.

Steve Feldman
PC Chair

Re: OT: Xen

[Valdis . Kletnieks]

On Mon, 03 Apr 2006 08:50:51 PDT, Eric Frazier said:

> Speaking of commercial support, I have been looking really closely at using 
> Solaris 10 which includes Zones.
...
> But there has been so much press lately about Xen. And from what I read in 
> Linux mag recently there is HW support that totally changes how efficient 
> Xen can be.

Solaris shops are going to find Zones useful.  Linux shops are going to find
Xen useful. However, I severely doubt that Zones are going to attract any Linux
shops, or that Xen will be enough to make Solaris shops convert.

And the shops that are so totally Java/PHP/Perl/whatever that it doesn't matter
if they're on Solaris or Linux will end up choosing whatever hosting solution
costs them the least per month...



pgpkv73gEdlou.pgp
Description: PGP signature

Re: OT: Xen

[Edward B. DREGER]

TV> Date: Mon, 3 Apr 2006 09:25:40 -0400 (Eastern Daylight Time)
TV> From: Todd Vierling

TV> Note that Xen in particular has major advantages over some similar products
TV> because it eliminates CPU-consuming system trap hackery needed to emulate
TV> hardware devices and page-table mappings.  Xen is not, however, backed with
TV> extensive commercial support (XenSource is still evolving at the moment),

For those not following Xen closely, Google with quotes for

"xensource gets new ceo, direction"

This should be interesting.  Hardly MS/Novell/IBM, but that's not all 
inherently bad...


Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita

DO NOT send mail to the following addresses:
[EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED]
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

Re: OT: April 1st RFC

[John Curran]

At 9:49 AM -0600 4/3/06, John Neiberger wrote:
>Was there no 4/1 RFC this year? I'll be disappointed if no one did one
>this year.

I haven't seen an RFC, but apparently the IAB did make an announcement:
http://bert.secret-wg.org/

/John

Re: OT: April 1st RFC

[Martin Hannigan]

Was there no 4/1 RFC this year? I'll be disappointed if no one did one
this year.

John
--




It looks like this year they did something with Bert, appointing him 
to the IAB. The only problem was Bert doesn't work at a vendor. Yet.


Search @ietf for IAB+Bert


-M<


--
Martin Hannigan(c) 617-388-2663
Renesys Corporation(w) 617-395-8574
Member of Technical Staff  Network Operations
  [EMAIL PROTECTED]

OT: April 1st RFC

[John Neiberger]

Was there no 4/1 RFC this year? I'll be disappointed if no one did one
this year.

John
--

Re: OT: Xen

[Eric Frazier]

Hi,

Speaking of commercial support, I have been looking really closely at using 
Solaris 10 which includes Zones.
I am not so much concerned about the OS games, but very much concerned 
about the HW % utilization issue that this could help solve. From what I 
have found with Solaris Zones it is VERY easy to setup and configure. The 
question that I got flamed on a while back for being off topic, how do you 
get two different DHCP addresses from difference sources on the same 
interface, can be solved by using Zones for example.


But there has been so much press lately about Xen. And from what I read in 
Linux mag recently there is HW support that totally changes how efficient 
Xen can be.  So one thing I am wondering, with Zones you can setup a new 
instance that is a copy of another pretty much instantly. Does Xen offer 
the same thing? Or do you still have to go through an install process for 
example? I am esp wondering about this with something like XP..


Thanks,

Eric



At 07:00 AM 4/3/2006, Todd Vierling wrote:


On Mon, 3 Apr 2006, Chris Adams wrote:

> > Xen is not, however, backed with
> > extensive commercial support (XenSource is still evolving at the moment),
>
> Red Hat has announced that the next rev of their commercial OS offering,
> RHEL 5, will include Xen as a major component.

The point is that decent commercial support is evolving and not quite Here
Right Now.

> > lacks easy integration into popular UI/control-panel products, and 
requires

> > special kernels for the contained OS's (not such a big deal in practice).
>
> With the right CPUs (late model Intel only at the moment), you can run
> an OS unmodified with a little higher overhead.

It's still some overhead because it's emulating hardware devices, but thanks
to VX, it's not as bad as the classical virtualization trap hacks.  Once AMD
releases their counterpart version of the virtualization extensions en
masse, this will probably get more steam from providers.

If a Xen-instrumented kernel is available for the desired OS, that would
still be preferable, of course.

--
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

Re: OT: Xen

[Todd Vierling]

On Mon, 3 Apr 2006, Chris Adams wrote:

> > Xen is not, however, backed with
> > extensive commercial support (XenSource is still evolving at the moment),
>
> Red Hat has announced that the next rev of their commercial OS offering,
> RHEL 5, will include Xen as a major component.

The point is that decent commercial support is evolving and not quite Here
Right Now.

> > lacks easy integration into popular UI/control-panel products, and requires
> > special kernels for the contained OS's (not such a big deal in practice).
>
> With the right CPUs (late model Intel only at the moment), you can run
> an OS unmodified with a little higher overhead.

It's still some overhead because it's emulating hardware devices, but thanks
to VX, it's not as bad as the classical virtualization trap hacks.  Once AMD
releases their counterpart version of the virtualization extensions en
masse, this will probably get more steam from providers.

If a Xen-instrumented kernel is available for the desired OS, that would
still be preferable, of course.

-- 
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

Re: Foundry Old Switch vs Old Cisco one

[Bjørn Mork]

"Kim Onnel" <[EMAIL PROTECTED]> writes:

> I have this old foundry switch in the warehouse, I have no experience in
> Foundry, i wonder if this switch can be upgraded to a newer OS that will
> support advanced features or shall i consider it dead,

What advanced features?  It's a L4 switch with fixed ports.  There's
really not much to add or remove.

> I want to mainly use it for one customer that wants caching, its L4 i guess
> and i have an old NetApp caching server that will save the customer 10MBs i
> guess.

It should be able to do this without any upgrades at all.  But I guess
you'd want a service contract on it anyway...

> [EMAIL PROTECTED] ver
>  SW: Version 07.3.04T12 Copyright (c) 1996-1999 Foundry Networks, Inc.
>  Compiled on Mar 07 2002 at 11:46:40 labeled as SLB07304
>  HW: ServerIron Switch, serial number 10ac46
>  400 MHz Power PC processor 740 (revision 8) with 32756K bytes of DRAM
>   16 100BaseT interfaces with Level 1 Transceiver LXT975
>2 GIGA Fiber uplink interfaces, SX

As it says, this is a 16-port ServerIron XL with a 2-port SX
gig-module.  It runs a pretty early version of the layer 3 enabled
code for SIs.  Should be OK, I guess.

Documentation can be found at
http://www.foundrynet.com/services/documentation/index.html#SI
and software on
http://www.foundrynet.com/services/support/index.html
(software download requires a service contract)


Bjørn

RE: Foundry Old Switch vs Old Cisco one

[David Hubbard]

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On 
> 
> Dears,
> 
> I have this old foundry switch in the warehouse, I have no 
> experience in Foundry, i wonder if this switch can be 
> upgraded to a newer OS that will support advanced features or 
> shall i consider it dead,
> 
> I want to mainly use it for one customer that wants caching, 
> its L4 i guess and i have an old NetApp caching server that 
> will save the customer 10MBs i guess.

You have a Foundry ServerIron XL:

http://www.foundrynet.com/services/documentation/index.html#SC

David

Foundry Old Switch vs Old Cisco one

[Kim Onnel]

Dears,

I have this old foundry switch in the warehouse, I have no experience
in Foundry, i wonder if this switch can be upgraded to a newer OS that
will support advanced features or shall i consider it dead,

I want to mainly use it for one customer that wants caching, its L4 i
guess and i have an old NetApp caching server that will save the
customer 10MBs i guess.


[EMAIL PROTECTED] ver
 SW: Version 07.3.04T12 Copyright (c) 1996-1999 Foundry Networks, Inc.
 Compiled on Mar 07 2002 at 11:46:40 labeled as SLB07304
 HW: ServerIron Switch, serial number 10ac46
 400 MHz Power PC processor 740 (revision 8) with 32756K bytes of DRAM
  16 100BaseT interfaces with Level 1 Transceiver LXT975
   2 GIGA Fiber uplink interfaces, SX
 256 KB PRAM and 8*2048 CAM entries for DMA 1, version 0807
 256 KB PRAM and 8*2048 CAM entries for DMA 2, version 0807
 256 KB PRAM and 4*1024 CAM entries for DMA 4, version 0104, SEEQ GIGA MAC 8101
 256 KB PRAM and 4*1024 CAM entries for DMA 5, version 0104, SEEQ GIGA MAC 8101
 128 KB boot flash memory
4096 KB code flash memory
2048 KB BRAM, BM version 02
 128 KB QRAM
 512 KB SRAM
Octal System, Maximum Code Image Size Supported: 1965568 (0x001dfe00)
The system uptime is 2 days 5 hours 24 minutes 5 seconds
The system : started=cold start

Please redirect me to technical documentation/OS upgrade webpages for this, if there is any.

If it wont fit, i'll have to buy a new Cisco one perhaps.

Re: OT: Xen

[Chris Adams]

Once upon a time, Todd Vierling <[EMAIL PROTECTED]> said:
> Xen is not, however, backed with
> extensive commercial support (XenSource is still evolving at the moment),

Red Hat has announced that the next rev of their commercial OS offering,
RHEL 5, will include Xen as a major component.

> lacks easy integration into popular UI/control-panel products, and requires
> special kernels for the contained OS's (not such a big deal in practice).

With the right CPUs (late model Intel only at the moment), you can run
an OS unmodified with a little higher overhead.  This means you can run
Windows on the same box as Linux on the same box as *BSD, all at the
same time.  Later this year, AMD's CPUs will add a similar (but
different) extension.

-- 
Chris Adams <[EMAIL PROTECTED]>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Re: OT: Xen

[Todd Vierling]

On Sat, 1 Apr 2006, David Lesher wrote:

> Panix is offering Xen-based virtual servers.  I mention same here
> only because I've seen almost no discussion of virtualized servers,
> and hope to learn from the surely-resulting flameware
>
>http://www.panix.com/corp/virtuals/

Xen and similar solutions are gaining popularity because they work on a
similar model as that used for ADSL:  most users don't use all the resources
all the time.  By virtualizing, the provider can offer "dedicated
colocation" at a somewhat lower cost to the user, and a *much* lower cost to
the provider.  If properly provisioned, by distributing more heavily loaded
virtual machines appropriately, you can probably attain virtualization of
20-30 or more per 2-way or 2-dual-core SMP box and still have CPU left over.

Note that Xen in particular has major advantages over some similar products
because it eliminates CPU-consuming system trap hackery needed to emulate
hardware devices and page-table mappings.  Xen is not, however, backed with
extensive commercial support (XenSource is still evolving at the moment),
lacks easy integration into popular UI/control-panel products, and requires
special kernels for the contained OS's (not such a big deal in practice).

The current problems haven't stopped some early adopters from trying out
Xen.  By and large, those who were once using UML[*] and have now tried Xen
have switched and not looked back.

[*] User Mode Linux, which I went out of my way to heckle (with technically
sound arguments, mind you) at an IETF when it was proposed as a method
of virtualization.  The sad part is, some folks bought the drivel and
actually set up businesses using UML as a virtualization layer.

-- 
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

Re: Could someone from the U.S. DoD contact me.

[Luke Gill]

http://www.us-cert.gov/Go there and use the Report Incident or Report Vulnerability buttons.  And yes, they handle DoD systems also. On Apr 2, 2006, at 6:00 PM, L. Jason Godsey wrote:Could someone from U.S. DoD contact me off list?I've been trying to report what looks like a security problem.  I keepgetting the run around and transfered to public affairs type mail boxeswhich end up not working or being full. =

Re: OT: Xen

[Chris Adams]

Once upon a time, Stephane Bortzmeyer <[EMAIL PROTECTED]> said:
> On Sat, Apr 01, 2006 at 04:51:09PM -0600,
>  Chris Adams <[EMAIL PROTECTED]> wrote 
>  a message of 17 lines which said:
> > unixshell.com claims more service (RAM, disk, monthly transfer) for less
> > per month:
> > 
> > http://www.unixshell.com/
> 
> Apparently, it is no based on Xen which you may find a good or a bad
> thing, depending on your requirments. (For instance, Unixshell's offer
> is limited to Linux, while Panix allows NetBSD.)

Both unixshell and Panix are using Xen.  Both have a limited set of OSes
they offer.  It looks like Panix includes some support, while unixshell
charges extra for support.

> Virtualization solutions are very different and comparing RAM and disk
> is not sufficient.

No, but for companies offering similar services (e.g. Fedora on Xen if
that is what you are looking for), that's a significant thing to note.
-- 
Chris Adams <[EMAIL PROTECTED]>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Paging someone from siemens.com's postmaster staff

[Suresh Ramasubramanian]

Please email me offlist when you have a moment to spare..

thanks
srs
--
Suresh Ramasubramanian ([EMAIL PROTECTED])

Listen to all the companies spin (was Re: AT&T: 15 Mbps Internet connections "irrelevant")

[Sean Donelan]

On Sun, 2 Apr 2006, Randy Bush wrote:
> when you have a giant company with a broken business model,
> send in the lawyers and lobbyists to extend it a few years.
> after all, it's kinda working for the mpa and riaa.

Several companies made presentations at the same Bank of America
investor's conference.  You can listen to their presentations online

Cablevision: 
Comcast: 
Disney: 

SprintNextel: 
Verizon: 
Viacom: 

They may all have broken business models.  But it may be useful to
understand them.

Re: AT&T: 15 Mbps Internet connections "irrelevant"

[Sean Donelan]

On Mon, 3 Apr 2006, Todd Vierling wrote:
> (...The frustrating part about those figures is that I might as well have
> FTTH, because my DSLAM is less than 50 feet from my premises -- it's in a
> green-monster canister on the corner of the block.  The modem says I *could*
> attain better than 9Mbps down and 2Mbps up, were such service available to
> consumer low-lifes like myself.  )

The GigEthernet interface on my PC says I should be able to get 1,000Mbps
too.  There are lots of different bottlenecks in a typical network.
Changing your access link speed may or may not make a performance
difference.

Suppose you hacked your cable modem configuration or your DSLAM
configuration, and opened your access link full throttle. Would you
be able to download 27Mbps cross-country from your favorite server? It
depends where the bottleneck was.

All things being equal, a faster access link usually results in better
performance.  But I would think the people on this list would know
better than most, that things are almost never equal in the network
world. Remember all those debates whether Keynote or other performance
tests were actually valid measurements.

Re: OT: Xen

[Jamie Norwood]

On 4/3/06, Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote:
>
> On Sat, Apr 01, 2006 at 04:51:09PM -0600,
>  Chris Adams <[EMAIL PROTECTED]> wrote
>  a message of 17 lines which said:
>
> > unixshell.com claims more service (RAM, disk, monthly transfer) for less
> > per month:
> >
> > http://www.unixshell.com/
>
> Apparently, it is no based on Xen which you may find a good or a bad
> thing, depending on your requirments. (For instance, Unixshell's offer
> is limited to Linux, while Panix allows NetBSD.)
>
> Virtualization solutions are very different and comparing RAM and disk
> is not sufficient.

According to Unixshell's website, it is, in fact, Xen. Their
technology link goes to:

http://www.unixshell.com/xen.html

Of which the first line is "unixshell# is powered by the Xen
hypervisor engine. "

Re: AT&T: 15 Mbps Internet connections "irrelevant"

[Michael . Dillon]

> and they don't get that complicating the network to get
> service differentiation so they can justify charging
> differentiation will make the business even less profitable.
> see geoff's apricot preso.

No doubt Randy is referring to Geoff Huston's recent presentation
at APRICOT 2006 in Perth, Australia. 
http://www.apricot2006.net/slides/conf/wednesday/2006-02-28-convergence.pdf

--Michael Dillon

Re: OT: Xen

[Stephane Bortzmeyer]

On Sat, Apr 01, 2006 at 04:51:09PM -0600,
 Chris Adams <[EMAIL PROTECTED]> wrote 
 a message of 17 lines which said:

> unixshell.com claims more service (RAM, disk, monthly transfer) for less
> per month:
> 
> http://www.unixshell.com/

Apparently, it is no based on Xen which you may find a good or a bad
thing, depending on your requirments. (For instance, Unixshell's offer
is limited to Linux, while Panix allows NetBSD.)

Virtualization solutions are very different and comparing RAM and disk
is not sufficient.