Re: Google wants to be your Internet
On Mon, 22 Jan 2007, Travis H. wrote: On Sun, Jan 21, 2007 at 06:41:19AM -0800, Lucy Lynch wrote: sensor nets anyone? The bridge-monitoring stuff sounds a lot like SCADA. //drift IIRC, someone representing the electrical companies approached someone representing network providers, possibly the IETF, to ask about the feasibility of using IP to monitor the electrical meters throughout the US. Presumably this would be via some slow signalling protocol over the power lines themselves (slow so that you don't trash the entire spectrum by signalling in the range where power lines are good antennas - i.e. 30MHz or so). The response was yeah, well, maybe with IPv6. I've heard tha's pretty close to how IPv6 ends up being used as far as current public production installation use go (not counting those done for research, etc). For example apparently some railroad in europe setup ipv6 for use in the rail sensors. Then we also recently heard of large ISP using ipv6 for creating management subnet for all their network equipment, etc. -- William Leibzon Elan Networks [EMAIL PROTECTED]
CDN ISP (was: Re: Google wants to be your Internet)
Hi Adrian, I've had a few ISPs out here in Australia indicate interest in a cache that could do the normal stuff (http, rtsp, wma) and some of the p2p stuff (bittorrent especially) with a smattering of QoS/shaping/control - but not cost upwards of USD$100,000 a box. Lots of interest, no commitment. Here in central europe we had caching friendly environment from 1997 till 2001 due of transit lines pricing. Few yaers ago prices for upstream connectivity fell and from this time there is no interest for caching. I've discussed this with several nationwide ISPs in .cz and found these reasons: a) caching systems are not easy to implement and maintain (another system for configuration) b) possible conflict with content owners c) they want to sell as much as possible of bandwidth d) they want to have their network fully transparent I don't want to judge these answers, just FYI. It doesn't help (at least in Australia) where the wholesale model of ADSL isn't content-replication-friendly: we have to buy ATM or ethernet pipes to upstreams and then receive each session via L2TP. Fine from an aggregation point of view, but missing the true usefuless of content replication and caching - right at the point where your customers connect in. Same here. (Disclaimer: I'm one of the Squid developers. I'm getting an increasing amount of interest from CDN/content origination players but none from ISPs. I'd love to know why ISPs don't view caching as a viable option in today's world and what we could to do make it easier for y'all.) Please see points (a)-(d). I think there can be also point (e). Some telcos want to play triple-play game (Internet, telephony and IPTV). They want to move their users back from the Internet to relativelly safe revenue area (television channel distribution via IPTV). Regards Michal Krsek
Re: CDN ISP (was: Re: Google wants to be your Internet)
On Mon, 22 Jan 2007, Michal Krsek wrote: For broad-band ISPs, whose main goal is not to sell or re-sell transit though... a) caching systems are not easy to implement and maintain (another system for configuration) b) possible conflict with content owners c) they want to sell as much as possible of bandwidth d) they want to have their network fully transparent Only a, b apply. d I am not sure I understand.
Re: DNS Query Question
On 18 Jan 2007, at 17:39, Dennis Dayman wrote: What they have discovered is their current DNS service has a 1% failure/timeout rate. Is the request even hitting their DNS servers ? If the problem is actually connectivity, then moving DNS off-network will improve dns performance, but everything else will still lose a few percentage of inbound packets ... Unless you want to outsource your entire hosting to someone on the list. ;-) -- Regards, Andy Davidson http://www.devonshire.it/ - 0844 704 704 7 - Sheffield, UK
Re: DNS Query Question
Andy Davidson wrote: Is the request even hitting their DNS servers ? If the problem is actually connectivity, then moving DNS off-network will improve dns performance, but everything else will still lose a few percentage of inbound packets ... not sure at this time. all I know is the test I made against their's showed some inconsistent results. Unless you want to outsource your entire hosting to someone on the list. ;-) *snicker* I will mention it to my customer ;) -Dennis
Re: Anyone from BT...
On Mon, Jan 22, 2007 at 04:09:48AM +, Fergie wrote: ...on the list who might be able to comment on how they/you/BT is detecting downstream clients that are bot-infected, and how exactly you are dealing with them? Which bit of BT? They've got their fingers in quite a lot of pies, and the Clue level varies wildly. Although given you've asked that question, I suspect that you're enquiring about their retail Internet offerings, and my impression is that they don't bother to check for or deal with infected hosts.
Re: [cacti-announce] Cacti 0.8.6j Released (fwd)
Anyone thats seen MRTG (simple, static) on a large network realizes that decoupling the graphing from the polling is necessary. The disk i/o is brutal. Cacti has a slick interface, but also doesn't scale all that well for large networks. I prefer RTG, though I haven't seen a nice interface for it, yet. Chris Owen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jan 21, 2007, at 11:35 PM, Travis H. wrote: That is, most of the dynamically-generated content doesn't need to be generated on demand. If you're pulling data from a database, pull it all and generate static HTML files. Then you don't even need CGI functionality on the end-user interface. It thus scales much better than the dynamic stuff, or SSL-encrypted sessions, because it isn't doing any computation. While I certainly agree that cacti is a bit of a security nightmare, what you suggest may not scale all that well for a site doing much graphing. I'm sure the average cacti installation is recording thousands of things every 5 minutes but virtually none of those are ever actually graphed. Those that are viewed certainly aren't viewed every 5 minutes. Even if polling and graphing took the same amount of resources that would double the load on the machine. My guess though is that graphing actually takes many times the resources of polling. Just makes sense to only graph stuff when necessary. Chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) iD8DBQFFtE/NElUlCLUT2d0RAtbeAJ91qMtm8VtWSLHJ/gLsg3DnqitlwQCeK1pn bqmZZoK821K76KMj/0bxDNk= =Rx6P -END PGP SIGNATURE-
Dubai
yeah, i know, its the _north american_ network operators, but judging by the posts here, and attendance at the NANOG meetings, there is quite the international audience. looking to hook up with operations and systems administrations people in dubai. if you are out there, drop me a note. -- [ Jim Mercerjim@reptiles.org+971 50 436-3874 ] [ I want to live forever, or die trying.]
Re: Anyone from BT...
Peter Corlett wrote: On Mon, Jan 22, 2007 at 04:09:48AM +, Fergie wrote: ...on the list who might be able to comment on how they/you/BT is detecting downstream clients that are bot-infected, and how exactly you are dealing with them? Which bit of BT? They've got their fingers in quite a lot of pies, and the Clue level varies wildly. Although given you've asked that question, I suspect that you're enquiring about their retail Internet offerings, and my impression is that they don't bother to check for or deal with infected hosts. I believe fergdawg referred to bt the platform rather than to BT the provider. Although I have only one contact in the latter, that contact is clueful and attempts to check for infected hosts. As is so often the case, topology and customer-base add complexity to the dealing with part of problems.
RE: Undersea fiber cut after Taiwan earthquake - PCCW / Singtel / KT e tc connectivity disrupted
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marshall Eubanks Sent: Sunday, January 21, 2007 8:01 AM To: Brian Wallingford Cc: Rod Beck; nanog@merit.edu Subject: Re: Undersea fiber cut after Taiwan earthquake - PCCW / Singtel / KT e tc connectivity disrupted On Jan 21, 2007, at 12:05 AM, Brian Wallingford wrote: That's news? The same still happens with much land-based sonet, where diverse paths still share the same entrance to a given facility. Unless each end can Entrances, ha. Anyone remember that railroad tunnel in Baltimore ? And I am pretty sure that Fairfax County isn't much better. We have a railroad tunnel in Fairfax? On the less snarky side, I suspect that one wrong move by a backhoe along the Dulles Toll Road would screw about half the east coast. Jamie Bowden -- It was half way to Rivendell when the drugs began to take hold Hunter S Tolkien Fear and Loathing in Barad Dur Iain Bowen [EMAIL PROTECTED]
Re: Undersea fiber cut after Taiwan earthquake - PCCW / Singtel / KT e tc connectivity disrupted
Jamie Bowden [EMAIL PROTECTED] writes: Entrances, ha. Anyone remember that railroad tunnel in Baltimore ? And I am pretty sure that Fairfax County isn't much better. We have a railroad tunnel in Fairfax? single points of failure, like f'rinstance collapsed backbone segments on boone blvd. not railroad tunnels. On the less snarky side, I suspect that one wrong move by a backhoe along the Dulles Toll Road would screw about half the east coast. the only fiber that i'm aware of that is actually along the toll road itself belongs to the toll road folks. it would screw up the smart tag transponders for sure, but the ensuing traffic backups are unlikely to affect half the east coast (even though traffic in nova sometimes feels that way). sunrise valley dr. and sunset hills rd. are an entirely different matter though. update your maps before you go to us rentals eh? :-) ---rob Jamie Bowden -- It was half way to Rivendell when the drugs began to take hold Hunter S Tolkien Fear and Loathing in Barad Dur Iain Bowen [EMAIL PROTECTED]
Re: Google wants to be your Internet
Travis H. [EMAIL PROTECTED] writes: IIRC, someone representing the electrical companies approached someone representing network providers, possibly the IETF, to ask about the feasibility of using IP to monitor the electrical meters throughout the US The response was yeah, well, maybe with IPv6. Which is nonsense. More gently, it's only true if you not only want to use IP to monitor electrical meters, but want the use the (global) Internet to monitor electrical meters. I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. Jim Shankland
Re: Google wants to be your Internet
* [EMAIL PROTECTED] (Jim Shankland) [Mon 22 Jan 2007, 18:21 CET]: Travis H. [EMAIL PROTECTED] writes: IIRC, someone representing the electrical companies approached someone representing network providers, possibly the IETF, to ask about the feasibility of using IP to monitor the electrical meters throughout the US The response was yeah, well, maybe with IPv6. Which is nonsense. More gently, it's only true if you not only want to use IP to monitor electrical meters, but want the use the (global) Internet to monitor electrical meters. I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. It's not nonsense. Those elements need to be unique. RFC1918 isn't unique enough (think what happens during a corporate merger). -- Niels.
Fwd: Google wants to be your Internet
On Jan 22, 2007, at 12:15 PM, Jim Shankland wrote: I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. Jim Shankland I also, because I have an important financial proposal to discuss with your electrical meter! Meter L456372-232, attached to the residence of Hafisat Bamaiya, wife of former Nigerian Defense Minister General Musa Bamaiya
Re: Google wants to be your Internet
Jim Shankland wrote: Travis H. [EMAIL PROTECTED] writes: IIRC, someone representing the electrical companies approached someone representing network providers, possibly the IETF, to ask about the feasibility of using IP to monitor the electrical meters throughout the US The response was yeah, well, maybe with IPv6. Which is nonsense. More gently, it's only true if you not only want to use IP to monitor electrical meters, but want the use the (global) Internet to monitor electrical meters. Ah, cool, an advocate of NAT. Or didn't you want to say that one can just make their own IPv4 address space and use that ? Remember that the machines checking the billing most likely has a global address and RFC1918 ain't nice. Barring getting address space, IPv4 and IPv6 will both do fine for it. I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. 1) You are on vacation and want to check if you actually turned on that mini-nuke plant in your garden, so that you will retain some cash on your credit card so that you can still come home. 2) You are still on vacation and want to check if your kids are not over abusing electrical power instead of being 'green' for the environment. 3) You are already on the northpole, Lagos was boring after all, and you want to check about that email you received from the electrical company, to see where the power usage was actually so high. You notice that the power plug in the garden is being used a lot, look at the webcam there and notice that your neighbor is using your power. Oh, only one case eh? :) But I guess it is nonsense. Greets, Jeroen signature.asc Description: OpenPGP digital signature
Re: Google wants to be your Internet
On Jan 22, 2007, at 12:15 PM, Jim Shankland wrote: Travis H. [EMAIL PROTECTED] writes: IIRC, someone representing the electrical companies approached someone representing network providers, possibly the IETF, to ask about the feasibility of using IP to monitor the electrical meters throughout the US The response was yeah, well, maybe with IPv6. Which is nonsense. More gently, it's only true if you not only want to use IP to monitor electrical meters, but want the use the (global) Internet to monitor electrical meters. I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. Perhaps your electrical company has more than 16.7 million electrical meters it needs to address.
Re: Anyone from BT...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Peter Corlett [EMAIL PROTECTED] wrote: On Mon, Jan 22, 2007 at 04:09:48AM +, Fergie wrote: ...on the list who might be able to comment on how they/you/BT is detecting downstream clients that are bot-infected, and how exactly you are dealing with them? Which bit of BT? They've got their fingers in quite a lot of pies, and the Clue level varies wildly. Although given you've asked that question, I suspect that you're enquiring about their retail Internet offerings, and my impression is that they don't bother to check for or deal with infected hosts. Well, thanks for the response :-) but I am looking for anyone who could shed some light on this statement: BT has launched an automated system to identify professional spammers and 'botnet'-infected customers on the BT broadband network. ref: http://www.networkworld.com/news/2006/101306-bt-fires-back-at.html I am curious as to what they're actually doing. Cheers, - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.2 (Build 4075) wj8DBQFFtPjSq1pz9mNUZTMRAnziAJ0dur37zDjC5ji7r+LKz8GwP7w8UgCg8dqH omyWrRvl4I1WffMdZegUEEY= =3jjq -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: Google wants to be your Internet
On Jan 22, 2007, at 9:38 AM, Jeroen Massar wrote: But I guess it is nonsense. This is what ssh tunnels and/or VPN are for, IMHO. It's perfectly legitimate to construct private networks (DCN/OOB nets, anyone? How about that IV flow-control monitor which determines how much antibiotics you're getting per hour after your open-heart surgery?) for purposes which aren't suited to direct connectivity to/from anyone on the global Internet. --- Roland Dobbins [EMAIL PROTECTED] // 408.527.6376 voice Technology is legislation. -- Karl Schroeder
Re: Google wants to be your Internet
Roland Dobbins wrote: This is what ssh tunnels and/or VPN are for, IMHO. It's perfectly legitimate to construct private networks (DCN/OOB nets, anyone? How about that IV flow-control monitor which determines how much antibiotics you're getting per hour after your open-heart surgery?) for purposes which aren't suited to direct connectivity to/from anyone on the global Internet. --- Can this thread now be merged with the Cacti thread and made into Using Cacti for Monitoring your Heart and IV's While Using Your Google Toolbar? -- J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x1383A743 sil . infiltrated @ net http://www.infiltrated.net The happiness of society is the end of government. John Adams smime.p7s Description: S/MIME Cryptographic Signature
Re: Google wants to be your Internet
Roland Dobbins wrote: On Jan 22, 2007, at 9:38 AM, Jeroen Massar wrote: But I guess it is nonsense. This is what ssh tunnels and/or VPN are for, IMHO [..] Of course, for protecting them you should use that and firewalls and other security measures that one deems neccesary. But which address space do you put in the network behind the VPN? RFC1918!? Oh, already using that on the DSL link to where you are VPN'ing in from. oopsy ;) That is the case for globally unique addresses and the reason why banks that use RFC1918 don't like it when they need to merge etc etc etc... Fortunately, for IPv6 we have ULA's (fc00::/7), that solves that problem. /me donates coffee around. Greets, Jeroen signature.asc Description: OpenPGP digital signature
Re: Google wants to be your Internet
On Jan 22, 2007, at 10:49 AM, Jeroen Massar wrote: But which address space do you put in the network behind the VPN? RFC1918!? Oh, already using that on the DSL link to where you are VPN'ing in from. oopsy ;) Actually, NBD, because you can handle that with a VPN client which does a virtual adaptor-type of deal and overlapping address space doesn't matter, because once you're in the tunnel, you're not sending/ receiving outside of the tunnel. Port-forwarding and NAT (ugly, but people do it) can apply, too. That is the case for globally unique addresses and the reason why banks that use RFC1918 don't like it when they need to merge etc etc etc... Sure, and then you get into double-NATting and who redistributes what routes into who's IGP and all that kind of jazz (it's a big problem on extranet-type connections, too). To be clear, all I was saying is that the subsidiary point that there are things which don't belong on the global Internet is a valid one, and entirely separate from any discussions of universal uniqueness in terms of address-space, as there are (ugly, non-scalable, brittle, but available) ways to work around such problems, in many cases. --- Roland Dobbins [EMAIL PROTECTED] // 408.527.6376 voice Technology is legislation. -- Karl Schroeder
Re: Google wants to be your Internet
In response to my saying: I'd love to hear the business case for why my home electrical meter needs to be directly IP-addressable from an Internet cafe in Lagos. Jay R. Ashworth [EMAIL PROTECTED] responds, concisely: It doesn't, and it shouldn't. That does *not* mean it should not have a globally unique ( != globally routable) IP address. and Jeroen Massar [EMAIL PROTECTED] presents several hypothetical scenarios. Note that the original goal was for electrical companies to monitor electrical meters. Jeroen brings up backyard mini-nuke plants, seeing how much the power plug in the garden is being used, etc. These may all be desirable goals, but they represent considerable mission creep from the originally stated goal. None of Jeroen's applications requires end-to-end, packet-level access to the individual devices in Jeroen's future (I assume) home. You can certainly argue that packet-level connectivity is better, easier to engineer, scales better, etc., etc.; but it is not *required*. In fact, there are sound engineering arguments against packet-level access: since we've dragged in the backyard nuke plant, consider what happens when everybody has a backyard mini-nuke, with control software written by Linksys, and it turns out that sending it a certain kind of malformed packet can cause it to melt down No matter. Reasonable people can disagree on the question of whether every networkable device benefits from being globally, uniquely addressable. The burden on the proponents is higher than that: there are *costs* associated with such an architecture, and the proponents of globally unique addressing need to show not only that it has benefits, but that the benefits exceed the costs. Coming full circle, the original assertion was that IPv6 was required in order for electric companies to use IP to monitor US electric meters. That assertion is false, and no amount of hand-waving about backyard nuke plants will make it true. The history of IPv6 has been that it keeps receding into the future as people's use of IPv4 adapts enough to make the current benefit of switching to IPv6 smaller than the cost to do so. Perhaps after a decade or so, we're nearing the end of that road. Or perhaps, as F. Scott Fitzgerald once wrote about IPv6, it is: the orgiastic future that year by year recedes before us. It eluded us then, but that's no matter - tomorrow we will run faster, stretch out our arms further And one fine morning - We'll see. Jim Shankland
Re: CDN ISP (was: Re: Google wants to be your Internet)
On Mon, 22 Jan 2007 04:15:44 -0600 (CST) Gadi Evron [EMAIL PROTECTED] wrote: On Mon, 22 Jan 2007, Michal Krsek wrote: For broad-band ISPs, whose main goal is not to sell or re-sell transit though... a) caching systems are not easy to implement and maintain (another system for configuration) b) possible conflict with content owners c) they want to sell as much as possible of bandwidth d) they want to have their network fully transparent Only a, b apply. d I am not sure I understand. I think (d) is all network testing tools showing a perfect path, which sould isolate the fault to the remote web server itself, yet the website not working because the translucent proxy has a fault. -- Sheep are slow and tasty, and therefore must remain constantly alert. - Bruce Schneier, Beyond Fear
Colocation in the US.
Who's getting more than 10kW per cabinet and metered power from their colo provider? Can you possibly email me of list w/ your provider's name... I'm looking for a DR site. Rob