Re: Yet another Quadruple DNS?

[Aftab Siddiqui]

Here is the update from Geoff himself. I guess they didn't want to publish
it on April 1st (AEST).
https://blog.apnic.net/2018/04/02/apnic-labs-enters-into-a-research-agreement-with-cloudflare/

On Mon, 2 Apr 2018 at 09:51 Stephen Satchell  wrote:

> On 04/01/2018 01:03 PM, Paul Ebersman wrote:
> > And yes, running your own resolver is more private. So is running your
> > own home linux server instead of antique consumer OSs on consumer grade
> > gear and using VPNs. But how many folks can do that?
>
> 
>
> I gave up on Microsoft desktop products more than 15 years ago.  Mac
> products more than 7 years ago.  (When Apple refused to fix my broken
> MacBook screen, that was it for Apple.)
>
> Why do I run my own servers, including a mail server?  Court subpoenas.
> When I was working at a Web host company, I got several of these things,
> complete with gag orders.  Mail captures, mostly.
>
> One time the Nevada Gaming Commission wanted to take an image of a colo
> customer's hard drive.  The fool they brought was a MSCE, and knew
> *nothing* about Unix and Linux.  Ended up having to do the mirror
> myself, and sign an affidavit to boot.  (Customer was running an on-line
> poker service without a license, which is unlawful in Nevada.)
>
> I want to know when a LEO gets access to my data.
>
-- 
Best Wishes,

Aftab A. Siddiqui

Re: Yet another Quadruple DNS?

[Stephen Satchell]

On 04/01/2018 01:03 PM, Paul Ebersman wrote:

And yes, running your own resolver is more private. So is running your
own home linux server instead of antique consumer OSs on consumer grade
gear and using VPNs. But how many folks can do that?




I gave up on Microsoft desktop products more than 15 years ago.  Mac 
products more than 7 years ago.  (When Apple refused to fix my broken 
MacBook screen, that was it for Apple.)


Why do I run my own servers, including a mail server?  Court subpoenas. 
When I was working at a Web host company, I got several of these things, 
complete with gag orders.  Mail captures, mostly.


One time the Nevada Gaming Commission wanted to take an image of a colo 
customer's hard drive.  The fool they brought was a MSCE, and knew 
*nothing* about Unix and Linux.  Ended up having to do the mirror 
myself, and sign an affidavit to boot.  (Customer was running an on-line 
poker service without a license, which is unlawful in Nevada.)


I want to know when a LEO gets access to my data.

Re: Yet another Quadruple DNS?

[Paul Ebersman]

mhoppes> Why not just implement recursive cache severs on end user
mhoppes> routers?

Because who ever saw problems with old, unpatched code or misconfigured
CPE routers? And they all use the best possible hardware and are at the
end of uncongested, close to the core connections. Not. ;)

mhoppes>> Why does an end user CPE need to query one or two specific DNS
mhoppes>> servers?

Better cache hit rates, professionally run and maintained DNS servers,
better connectivity, all resulting in better performance.

Yes, geo-ip is a bit off but in most large ISPs, caching recursive
servers are very close to the same exit point for consumer connections
and the CDN folks keep close track of this. And EDNS client subnet
mostly works.

And yes, running your own resolver is more private. So is running your
own home linux server instead of antique consumer OSs on consumer grade
gear and using VPNs. But how many folks can do that?

This also ignores the shift if every house in the world did its own
recursion. TLD servers and auth servers all over the world would have to
massively up their capacity to cope. And you'd wind up consolidating
small domain owners onto folks like godaddy, etc. because they couldn't
run their own and survive. Large caches are a win for both users and
auth DNS servers.

None of these are bad or good. They all have tradeoffs.

As long as ISPs don't actually disallow running of recursive servers (or
do opt-in like some ISPs do with running your own MX), there are folks
that will want to run their own. Some will want the ISP resolvers, some
will want to use some of the well run public resolvers (like google,
opendns, quad9, cloudflare).

Choices aren't a bad thing.

Re: IPv6 addressing plan spreadsheet issue

[Pete Baldwin]

Each file can only contain a single IP address in order to upload to the 
cloud spreadsheet.  You'll need to split each entry into it's own file 
and then it should work.  Good luck!


-

Pete Baldwin
Tuckersmith Communications
(P) 519-565-2400
(C) 519-441-7383

On 04/01/2018 07:09 AM, Job Snijders wrote:

Hi all,

I made a list of the IPv6 addresses in my home LAN, but have trouble
copy+pasting the list into a cloud spreadsheet. My address list is here:
http://pete.meerval.net/~job/

How do other folks do this? Just administrate things in text files?

Kind regards,

Job

Re: Yet another Quadruple DNS?

[Youssef Bengelloun-Zahr]

Hi,

Maybe this links will help :

https://blog.cloudflare.com/dns-resolver-1-1-1-1/

https://blog.cloudflare.com/announcing-/

Best regards.



> Le 1 avr. 2018 à 19:05, Mike Hammett  a écrit :
> 
> Unless you want optimum CDN performance, then your recursive servers belong 
> pushed back in your network until there are no more diverse upstream\peer 
> paths to choose from. 
> 
> Yes, I know there's an extension to DNS to help remove this need, but until 
> that's universally supported, you can't abandon the old way. 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> http://www.ics-il.com 
> 
> Midwest-IX 
> http://www.midwest-ix.com 
> 
> - Original Message -
> 
> From: "Stephen Satchell"  
> To: nanog@nanog.org 
> Sent: Sunday, April 1, 2018 11:22:10 AM 
> Subject: Re: Yet another Quadruple DNS? 
> 
>> On 04/01/2018 08:18 AM, Matt Hoppes wrote: 
>> Why not just implement recursive cache severs on end user routers? 
>> Why does an end user CPE need to query one or two specific DNS 
>> servers? 
> Recursive lookups take bandwidth and wall time. The closer you can get 
> your recursive DNS server to the core of the internet, the faster the 
> lookups. This is particularly true of mobile and satellite. 
> 
> Implementing large caches in that close-to-the-core DNS server can add 
> another benefit: lookups to common and popular endpoints, such as 
> Google, would require far less real time to resolve. As the traffic 
> tides change, the cache would change with it, so flash-in-the-pan sites 
> would be served from cache, and forgotten in time when said sites drift 
> back to obscurity. 
> 
> (I wonder if the Internet Systems Consortium has considered adding a 
> cache-hit counter, or even a very coarse heat map (say, four 16-bit 
> counters cycled every five minutes), to DNS entries, to figure out the 
> best ones to drop? It would increase the complexity of BIND, but the 
> benefit for a BIND server serving a largish customer population could be 
> significant. If I were younger, I might try to model such a change. 
> Sort by hits, then by time-to-die. Drop the oldest 250 or so entries 
> when the cache is full. That way, the oldest least-used cache entries 
> get dropped.) 
> 
> ISPs provide to their customers DNS addresses to servers that, 
> allegedly, are closer to the core than the customers are. (Pipe dream, 
> I know; which is why so many ISPs have decided to specify 8.8.8.8 and 
> 8.8.4.4, because Google is closer to the core than the ISP is.) 
> 
> I've not personally measured the number of times a look-up could be 
> satisfied from a cache in a production environment; it's been 15 years 
> since I worked in such a job. It would be interesting to see if someone 
> has taken the time to gather those statistics and published them. 
> 
> The main reason for *not* implementing recursion exclusively in CPE is 
> that a recursive lookup is a complex operation, and I have my doubts if 
> BIND or equivalent could be maintained properly in, say, a wireless 
> access point (router) -- how would you update a hints table? 
> 

Re: Yet another Quadruple DNS?

[Mike Hammett]

Unless you want optimum CDN performance, then your recursive servers belong 
pushed back in your network until there are no more diverse upstream\peer paths 
to choose from. 

Yes, I know there's an extension to DNS to help remove this need, but until 
that's universally supported, you can't abandon the old way. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Stephen Satchell"  
To: nanog@nanog.org 
Sent: Sunday, April 1, 2018 11:22:10 AM 
Subject: Re: Yet another Quadruple DNS? 

On 04/01/2018 08:18 AM, Matt Hoppes wrote: 
> Why not just implement recursive cache severs on end user routers? 
> Why does an end user CPE need to query one or two specific DNS 
> servers? 
Recursive lookups take bandwidth and wall time. The closer you can get 
your recursive DNS server to the core of the internet, the faster the 
lookups. This is particularly true of mobile and satellite. 

Implementing large caches in that close-to-the-core DNS server can add 
another benefit: lookups to common and popular endpoints, such as 
Google, would require far less real time to resolve. As the traffic 
tides change, the cache would change with it, so flash-in-the-pan sites 
would be served from cache, and forgotten in time when said sites drift 
back to obscurity. 

(I wonder if the Internet Systems Consortium has considered adding a 
cache-hit counter, or even a very coarse heat map (say, four 16-bit 
counters cycled every five minutes), to DNS entries, to figure out the 
best ones to drop? It would increase the complexity of BIND, but the 
benefit for a BIND server serving a largish customer population could be 
significant. If I were younger, I might try to model such a change. 
Sort by hits, then by time-to-die. Drop the oldest 250 or so entries 
when the cache is full. That way, the oldest least-used cache entries 
get dropped.) 

ISPs provide to their customers DNS addresses to servers that, 
allegedly, are closer to the core than the customers are. (Pipe dream, 
I know; which is why so many ISPs have decided to specify 8.8.8.8 and 
8.8.4.4, because Google is closer to the core than the ISP is.) 

I've not personally measured the number of times a look-up could be 
satisfied from a cache in a production environment; it's been 15 years 
since I worked in such a job. It would be interesting to see if someone 
has taken the time to gather those statistics and published them. 

The main reason for *not* implementing recursion exclusively in CPE is 
that a recursive lookup is a complex operation, and I have my doubts if 
BIND or equivalent could be maintained properly in, say, a wireless 
access point (router) -- how would you update a hints table? 

Re: Yet another Quadruple DNS?

[Stephen Satchell]

On 04/01/2018 08:18 AM, Matt Hoppes wrote:

Why not just implement  recursive cache severs on end user routers?
Why does an end user CPE need to query one or two specific DNS
servers?
Recursive lookups take bandwidth and wall time.  The closer you can get 
your recursive DNS server to the core of the internet, the faster the 
lookups.  This is particularly true of mobile and satellite.


Implementing large caches in that close-to-the-core DNS server can add 
another benefit: lookups to common and popular endpoints, such as 
Google, would require far less real time to resolve.  As the traffic 
tides change, the cache would change with it, so flash-in-the-pan sites 
would be served from cache, and forgotten in time when said sites drift 
back to obscurity.


(I wonder if the Internet Systems Consortium has considered adding a 
cache-hit counter, or even a very coarse heat map (say, four 16-bit 
counters cycled every five minutes), to DNS entries, to figure out the 
best ones to drop?  It would increase the complexity of BIND, but the 
benefit for a BIND server serving a largish customer population could be 
significant.  If I were younger, I might try to model such a change. 
Sort by hits, then by time-to-die.  Drop the oldest 250 or so entries 
when the cache is full.  That way, the oldest least-used cache entries 
get dropped.)


ISPs provide to their customers DNS addresses to servers that, 
allegedly, are closer to the core than the customers are.  (Pipe dream, 
I know; which is why so many ISPs have decided to specify 8.8.8.8 and 
8.8.4.4, because Google is closer to the core than the ISP is.)


I've not personally measured the number of times a look-up could be 
satisfied from a cache in a production environment; it's been 15 years 
since I worked in such a job.  It would be interesting to see if someone 
has taken the time to gather those statistics and published them.


The main reason for *not* implementing recursion exclusively in CPE is 
that a recursive lookup is a complex operation, and I have my doubts if 
BIND or equivalent could be maintained properly in, say, a wireless 
access point (router) -- how would you update a hints table?

Re: Yet another Quadruple DNS?

[Mehmet Akcin]

Well that isnt optimal for root servers. Every cpe querying root would be
waste really.

Though we can copy root zone into recursive servers (not via DNS) and serve
from CPEs that way.

I think the real problem is restictions of networks who won’t let you run
this on your devices.

Mehmet

On Sun, Apr 1, 2018 at 8:18 AM Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:

> Do we? (Need more services like this?)
>
> Why not just implement  recursive cache severs on end user routers?  Why
> does an end user CPE need to query one or two specific DNS servers?
>
> Recursive servers like PowerDNS are extremely simple and light weight.
>
> Is there a legitimate reason things don’t just query the root servers
> directly?  Or at least have that option?
>
> > On Apr 1, 2018, at 11:05, Mehmet Akcin  wrote:
> >
> > https://1.1.1.1 link has details of the service.
> >
> > No official announcement from APNIC (though Geoff replied my direct email
> > inquiry privately)
> >
> > I don’t know why this prefix was handed over to any company for a service
> > without public consultation but again this may or may not be required. I
> am
> > just suprised to see lack of transparency about this allocation rather
> than
> > anything else.
> >
> > World needs more services like this to make internet better and safer, i
> > don’t think it is important what IPs are , ie: opendns , they might not
> > have fancy ip block but they get the job done!(well done!)
> >
> > Mehmet
> >
> >> On Sat, Mar 31, 2018 at 6:06 PM Jimmy Hess  wrote:
> >>
> >>> On Sat, Mar 31, 2018 at 7:08 PM,   wrote:
> >>>
> >>> From what I can tell, this has not been "allocated" (probably closer to
> >> a LOA)?
> >>> All contacts and maintainers on the inetnum object are still APNIC's,
> >> Cloudflare
> >>> does not have free access to do whatever they want here.
> >>
> >> Did you ask WHOIS?Looks like the  /24  isPortable-Assigned to
> >> a joint project.
> >> I don't know that APNIC is necessarily required to make a public
> >> consultation;.
> >>
> >> If it was from an ARIN block; ARIN wouldn't have to "ask the public
> >> either"...
> >> the  Number Resource Policy allows for /24 micro-allocations for
> >> critical infrastructure,which exactly describes the nature of an
> >> anycasted
> >> /24  for  the service IP of a shared open DNS recursive resolver
> service,
> >> and the RIR could potentially allocate from any block under their
> control
> >> that
> >> were deemed most suitable for the critical infrastructure.
> >>
> >> Then again,  maybe APNIC made a consultation at their February meeting
> >> in Nepal?
> >> One thing i'm sure is they wouldn't have to ask NANOG's permission.
> >>
> >> $ whois 1.1.1.1
> >> % [whois.apnic.net]
> >> % Whois data copyright terms
> http://www.apnic.net/db/dbcopyright.html
> >>
> >> % Information related to '1.1.1.0 - 1.1.1.255'
> >> % Abuse contact for '1.1.1.0 - 1.1.1.255' is 'ab...@apnic.net'
> >>
> >> inetnum:1.1.1.0 - 1.1.1.255
> >> netname:APNIC-LABS
> >> descr:  APNIC and Cloudflare DNS Resolver project
> >> descr:  Routed globally by AS13335/Cloudflare
> >> descr:  Research prefix for APNIC Labs
> >> country:AU
> >> org:ORG-ARAD1-AP
> >> admin-c:AR302-AP
> >> tech-c: AR302-AP
> >> mnt-by: APNIC-HM
> >> mnt-routes: MAINT-AU-APNIC-GM85-AP
> >> mnt-irt:IRT-APNICRANDNET-AU
> >> status: ASSIGNED PORTABLE
> >> remarks:---
> >> remarks:All Cloudflare abuse reporting can be done via
> >> remarks:resolver-ab...@cloudflare.com
> >> remarks:---
> >> last-modified:  2018-03-30T01:51:28Z
> >> source: APNIC
> >>
> >> .
> >>
> >>
> >>
> >> --
> >> -JH
> >>
>

Re: Yet another Quadruple DNS?

[Matt Hoppes]

Do we? (Need more services like this?)

Why not just implement  recursive cache severs on end user routers?  Why does 
an end user CPE need to query one or two specific DNS servers?

Recursive servers like PowerDNS are extremely simple and light weight. 

Is there a legitimate reason things don’t just query the root servers directly? 
 Or at least have that option?

> On Apr 1, 2018, at 11:05, Mehmet Akcin  wrote:
> 
> https://1.1.1.1 link has details of the service.
> 
> No official announcement from APNIC (though Geoff replied my direct email
> inquiry privately)
> 
> I don’t know why this prefix was handed over to any company for a service
> without public consultation but again this may or may not be required. I am
> just suprised to see lack of transparency about this allocation rather than
> anything else.
> 
> World needs more services like this to make internet better and safer, i
> don’t think it is important what IPs are , ie: opendns , they might not
> have fancy ip block but they get the job done!(well done!)
> 
> Mehmet
> 
>> On Sat, Mar 31, 2018 at 6:06 PM Jimmy Hess  wrote:
>> 
>>> On Sat, Mar 31, 2018 at 7:08 PM,   wrote:
>>> 
>>> From what I can tell, this has not been "allocated" (probably closer to
>> a LOA)?
>>> All contacts and maintainers on the inetnum object are still APNIC's,
>> Cloudflare
>>> does not have free access to do whatever they want here.
>> 
>> Did you ask WHOIS?Looks like the  /24  isPortable-Assigned to
>> a joint project.
>> I don't know that APNIC is necessarily required to make a public
>> consultation;.
>> 
>> If it was from an ARIN block; ARIN wouldn't have to "ask the public
>> either"...
>> the  Number Resource Policy allows for /24 micro-allocations for
>> critical infrastructure,which exactly describes the nature of an
>> anycasted
>> /24  for  the service IP of a shared open DNS recursive resolver service,
>> and the RIR could potentially allocate from any block under their control
>> that
>> were deemed most suitable for the critical infrastructure.
>> 
>> Then again,  maybe APNIC made a consultation at their February meeting
>> in Nepal?
>> One thing i'm sure is they wouldn't have to ask NANOG's permission.
>> 
>> $ whois 1.1.1.1
>> % [whois.apnic.net]
>> % Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html
>> 
>> % Information related to '1.1.1.0 - 1.1.1.255'
>> % Abuse contact for '1.1.1.0 - 1.1.1.255' is 'ab...@apnic.net'
>> 
>> inetnum:1.1.1.0 - 1.1.1.255
>> netname:APNIC-LABS
>> descr:  APNIC and Cloudflare DNS Resolver project
>> descr:  Routed globally by AS13335/Cloudflare
>> descr:  Research prefix for APNIC Labs
>> country:AU
>> org:ORG-ARAD1-AP
>> admin-c:AR302-AP
>> tech-c: AR302-AP
>> mnt-by: APNIC-HM
>> mnt-routes: MAINT-AU-APNIC-GM85-AP
>> mnt-irt:IRT-APNICRANDNET-AU
>> status: ASSIGNED PORTABLE
>> remarks:---
>> remarks:All Cloudflare abuse reporting can be done via
>> remarks:resolver-ab...@cloudflare.com
>> remarks:---
>> last-modified:  2018-03-30T01:51:28Z
>> source: APNIC
>> 
>> .
>> 
>> 
>> 
>> --
>> -JH
>> 

Re: Yet another Quadruple DNS?

[Mehmet Akcin]

https://1.1.1.1 link has details of the service.

No official announcement from APNIC (though Geoff replied my direct email
inquiry privately)

I don’t know why this prefix was handed over to any company for a service
without public consultation but again this may or may not be required. I am
just suprised to see lack of transparency about this allocation rather than
anything else.

World needs more services like this to make internet better and safer, i
don’t think it is important what IPs are , ie: opendns , they might not
have fancy ip block but they get the job done!(well done!)

Mehmet

On Sat, Mar 31, 2018 at 6:06 PM Jimmy Hess  wrote:

> On Sat, Mar 31, 2018 at 7:08 PM,   wrote:
>
> > From what I can tell, this has not been "allocated" (probably closer to
> a LOA)?
> > All contacts and maintainers on the inetnum object are still APNIC's,
> Cloudflare
> > does not have free access to do whatever they want here.
>
> Did you ask WHOIS?Looks like the  /24  isPortable-Assigned to
> a joint project.
> I don't know that APNIC is necessarily required to make a public
> consultation;.
>
> If it was from an ARIN block; ARIN wouldn't have to "ask the public
> either"...
> the  Number Resource Policy allows for /24 micro-allocations for
> critical infrastructure,which exactly describes the nature of an
> anycasted
> /24  for  the service IP of a shared open DNS recursive resolver service,
> and the RIR could potentially allocate from any block under their control
> that
> were deemed most suitable for the critical infrastructure.
>
> Then again,  maybe APNIC made a consultation at their February meeting
> in Nepal?
> One thing i'm sure is they wouldn't have to ask NANOG's permission.
>
> $ whois 1.1.1.1
> % [whois.apnic.net]
> % Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html
>
> % Information related to '1.1.1.0 - 1.1.1.255'
> % Abuse contact for '1.1.1.0 - 1.1.1.255' is 'ab...@apnic.net'
>
> inetnum:1.1.1.0 - 1.1.1.255
> netname:APNIC-LABS
> descr:  APNIC and Cloudflare DNS Resolver project
> descr:  Routed globally by AS13335/Cloudflare
> descr:  Research prefix for APNIC Labs
> country:AU
> org:ORG-ARAD1-AP
> admin-c:AR302-AP
> tech-c: AR302-AP
> mnt-by: APNIC-HM
> mnt-routes: MAINT-AU-APNIC-GM85-AP
> mnt-irt:IRT-APNICRANDNET-AU
> status: ASSIGNED PORTABLE
> remarks:---
> remarks:All Cloudflare abuse reporting can be done via
> remarks:resolver-ab...@cloudflare.com
> remarks:---
> last-modified:  2018-03-30T01:51:28Z
> source: APNIC
>
> .
>
>
>
> --
> -JH
>

Re: IPv6 addressing plan spreadsheet issue

[Paul Ebersman]

job> Hi all, I made a list of the IPv6 addresses in my home LAN, but
job> have trouble copy+pasting the list into a cloud spreadsheet. My
job> address list is here: http://pete.meerval.net/~job/

job> How do other folks do this? Just administrate things in text files?

I just put all my v6 addrs into an emoji-based DNS zone file. Then I
altered all system files, including ifconfig, iptables, etc. to use DNS
instead of raw IP addrs.

I'm in the midst of uploading it all into route 53. I'm sure it will be
finished soon.

Problem solved.

Re: IPv6 addressing plan spreadsheet issue

[Jens Link]

Job Snijders  writes:

Hi, 

> I made a list of the IPv6 addresses in my home LAN, but have trouble
> copy+pasting the list into a cloud spreadsheet. My address list is here:
> http://pete.meerval.net/~job/
>
> How do other folks do this? Just administrate things in text files?

If the standard IPAM tool (aka. Excel) can't handle your address plan
maybe it's not the fault of the spreadsheet but the fault of the
protocol.

After almost 3.500 days using IPv6 I decided to turn it of! Nobody uses
it and nobody needs it! I'll to the same with DNSSEC! 

Jens
-- 

| Foelderichstr. 40   | 13595 Berlin, Germany   | +49-151-18721264 |
| http://blog.quux.de | jabber: jensl...@quux.de| ---  | 

RE: IPv6 addressing plan spreadsheet issue

[Tim Warnock]

> Hi all,
> 
> I made a list of the IPv6 addresses in my home LAN, but have trouble
> copy+pasting the list into a cloud spreadsheet. My address list is here:
> http://pete.meerval.net/~job/
> 
> How do other folks do this? Just administrate things in text files?
> 
> Kind regards,
> 
> Job

Length: unspecified [text/plain]
Saving to: '/dev/null'

Thanks for the speed test file! :)

ps: phpIPAM is pretty good.

Re: IPv6 addressing plan spreadsheet issue

[Sascha Pollok]

Hi Job,

I quickly went through your whole list and looking at the totally random 
addresses I think it is best if you render a multi-page TIFF file from each 
address and put them into a binary field of an MS Access database. That 
might sound unusual but you could easily access them from Excel and make 
notes for each address.


Thank me later!

Groet
Sascha

Am 1. April 2018 13:09:33 schrieb Job Snijders :


Hi all,

I made a list of the IPv6 addresses in my home LAN, but have trouble
copy+pasting the list into a cloud spreadsheet. My address list is here:
http://pete.meerval.net/~job/

How do other folks do this? Just administrate things in text files?

Kind regards,

Job

IPv6 addressing plan spreadsheet issue

[Job Snijders]

Hi all,

I made a list of the IPv6 addresses in my home LAN, but have trouble
copy+pasting the list into a cloud spreadsheet. My address list is here:
http://pete.meerval.net/~job/

How do other folks do this? Just administrate things in text files?

Kind regards,

Job