Re: Yahoo and IPv6
Subject: Re: Yahoo and IPv6 Date: Tue, May 17, 2011 at 04:22:54AM + Quoting Paul Vixie (vi...@isc.org): From: Owen DeLong o...@delong.com Date: Mon, 16 May 2011 16:12:27 -0700 ... It's not like you can even reach anything at home now, let alone reach it by name. that must and will change. let's be the generation who makes it possible. I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-) -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 HELLO KITTY gang terrorizes town, family STICKERED to death! pgp1BsNhT9zoS.pgp Description: PGP signature
Re: Yahoo and IPv6
Subject: Re: Yahoo and IPv6 Date: Tue, May 17, 2011 at 12:56:37PM + Quoting Paul Vixie (vi...@isc.org): :-). to be clear, the old pre-web T1 era internet did not have much content but what content there was, was not lopsided. other than slip and ppp there weren't a lot of networks one would call access and a smaller number of networks one would call content. i am not wishing for that, i like the web, i like content, i know there will be specialized networks for access and content. but i also think (as jim gettys does) that we ought to be able to get useful work done without being able to reach the whole internet all the time. that's going to mean being able to reach other mostly-access networks in our same neighborhoods and multitenant buildings and towns and cities, directly, and by name. it does not mean being able to start facebook 2.0 out of somebody's basement, but it does mean being able to run a personal smtp or web server in one's basement and have it mostly work for the whole internet and work best for accessors who are close by and still work even when the upstream path for the neighborhood is down. Now I seem to have got time enough to fully agree with you. The next facebook will start in a low-price datacenter. These facilities did not exist as products before, and it can be argued that the access/content separation does drive that market -- as long as I had working Internet (as opposed to access class Internet ) at home, I had no use for a colo. Still, the centralization of content into a few networks does raise a number of issues -- mostly regarding stability. Do note here that several factors negatively impact stability, be they technical, economical or legal. Peter Löthberg long ago advocated a network interconnection model that was pretty local (and I believe he still does). Peer often and everywhere. That would take care of packets getting through (as long as we all have unique addresses to point at; v6 fixes this) The services that take the Net from being a graph problem for nerds with BGP CLI access into what it has become need to undergo similar fine-graining to keep up. Oh, sorry, got carried away. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 My life is a patio of fun! pgpPZGnyjJ3MI.pgp Description: PGP signature
Re: ICANN approves .XXX red-light district for the Internet
Subject: RE: ICANN approves .XXX red-light district for the Internet Date: Sat, Mar 26, 2011 at 10:07:08PM -0400 Quoting Stefan Fouant (sfou...@shortestpathfirst.net): From: Marshall Eubanks [mailto:t...@americafree.tv] even more snake oil now. And I'm afraid we'll be seeing a whole heckuva lot more of this snake oil once ICANN finalizes the Generic TLD process in June: The only possible thing that could save anyone with a valuable meatspace (tm) from having to buy its string representation in all the new TLDen is to make TLDen ubiquitous to a degree where the TLD can't be assumed anymore. A root zone with several thousand TLDen is no technical problem. I wonder when the effect kicks in. If it does. A positive side-effect would be to enable the altroot kooks to buy a TLD (.altroot -- under which they can run their own mini-Internets) of their own, which would disable some, if not all of them. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 An Italian is COMBING his hair in suburban DES MOINES! pgpoVJj6JXiNw.pgp Description: PGP signature
Re: Sunday Funnies: Using a smart phone as a diagnostic tool
Subject: Sunday Funnies: Using a smart phone as a diagnostic tool Date: Sun, Feb 27, 2011 at 09:00:18PM -0500 Quoting Jay Ashworth (j...@baylink.com): Do you have a smartphone? Blackberry? iPhone? Android? Do you use it as a technical tool in your work, either for accessing devices or testing connectivity -- or something else? If so, what kind of phone, and what (if you don't mind letting on) are your magic apps for this sort of work? Nokia n900. The only apps I installed was a sudo and vpnc; the rest IIRC is in there already. With Nokia shoving its collecitve head into the dark rear end of Microsoft, I have few if any hopes for a successor from Esbo[0]. My guess would be a r00ted Androidish device next time around. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 The FALAFEL SANDWICH lands on my HEAD and I become a VEGETARIAN ... [0] Swedish for Espoo, the small suburb west of Helsingfors (Helsinki) where the HQ is. pgpYnolBFBJTo.pgp Description: PGP signature
Re: NIST and SP800-119
Subject: Re: NIST and SP800-119 Date: Tue, Feb 15, 2011 at 05:46:01PM +0100 Quoting Mohacsi Janos (moha...@niif.hu): All modern TCPs support it; many firewalls are configured to block the necessary ICMPs. Then probably blackholing themselves the firewall operators And the replies when you try to fix it simmer with contempt for those so unresponsible as to even contemplate allowing any ICMP at all. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Where's the Coke machine? Tell me a joke!! pgpjaB1Ovjk5O.pgp Description: PGP signature
Re: AltDB?
Subject: Re: AltDB? Date: Sun, Jan 09, 2011 at 06:09:13PM + Quoting John Curran (jcur...@arin.net): On Jan 9, 2011, at 2:09 AM, Jeff Wheeler wrote: Please suggest your preferred means of IRR authentication to the ARIN suggestion process: https://www.arin.net/participate/acsp/index.html Alternatively, point to a best practice document from the operator community for what should be done here. ARIN's work plan is very much driven by community input, so that's what is needed here. Just do as the other RIRen, for starters. The database sw is available, and ARIN coming up to the standards of the others would be a real improvement. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 My mind is a potato field ... pgpnj4PNLytDd.pgp Description: PGP signature
Re: IPv6 6to4 and dns
Subject: IPv6 6to4 and dns Date: Thu, Nov 18, 2010 at 04:43:12PM -0800 Quoting Jeroen van Aart (jer...@mompl.net): What would be the best way to configure your dns once you've set up IPv6 6to4? Separate the IPv4 and IPV6 domains or let them be the same? The same. Separation would be unnecessary influence from a lower layer. That is, use something like example.com for your existing IPv4 address and something like 6.example.com for IPv6 (and www.6.example.com etc.)? Useful for debugging. And no more. Or is it safe to have both A and records for the same domain name? Once a node is enough reachable (according to SLAen etc) to warrant inclusion in DNS, the Internet Protocol number is just an indication of which way to reach it. It is perfectly safe, and I do it all the time. When my Internets break, I suffer. Of course. But that has nothing to do with ipv4 vs ipv6. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 I appoint you ambassador to Fantasy Island!!! pgpabZGOwmeaT.pgp Description: PGP signature
Re: RINA - scott whaps at the nanog hornets nest :-)
Subject: RE: RINA - scott whaps at the nanog hornets nest :-) Date: Sun, Nov 07, 2010 at 12:34:56AM -0700 Quoting George Bonser (gbon...@seven.com): Yes, I really don't understand that either. You would think that the investment in developing and deploying all that SONET infrastructure has been paid back by now and they can lower the prices dramatically. One would think the vendors would be practically giving it away, particularly if people understood the potential improvement in performance, though the difference between 1500 and 4000 is probably not all that much except on long distance ( 2000km ) paths. Even if larger MTUen are interesting (but most of the time not worth the work) the sole reason I like SDH as my WAN technology is the presence of signalling -- so that both ends of a link are aware of its status near-instantly (via protocol parts like RDI etc). In GE it is legal to not receive any packets, which means that oblivious is a possible state for such a connection. With associated routing implications. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Is this the line for the latest whimsical YUGOSLAVIAN drama which also makes you want to CRY and reconsider the VIETNAM WAR? pgpKowh41ld3j.pgp Description: PGP signature
Re: RINA - scott whaps at the nanog hornets nest :-)
Subject: RE: RINA - scott whaps at the nanog hornets nest :-) Date: Mon, Nov 08, 2010 at 08:53:47AM -0800 Quoting George Bonser (gbon...@seven.com): Even if larger MTUen are interesting (but most of the time not worth the work) the sole reason I like SDH as my WAN technology is the presence of signalling -- so that both ends of a link are aware of its status near-instantly (via protocol parts like RDI etc). In GE it is legal to not receive any packets, which means that oblivious is a possible state for such a connection. With associated routing implications. I wasn't talking about changing anything at any of the edges. The idea was just to get the middle portion of the internet, the peering points to a place that would support frames larger than 1500. It is practically impossible for anyone to send such a packet off-net until that happens. Know what? We have not one, but five or so Internet Exchange points in Sweden, where there are 802.1q VLANS setup for higher MTU (4470 for hysterical raisins) . My impression is that people use them, but I'm also being informed by statistics that there is a _very_ steep drop in packet count vs size once 1500 is reached. It is setup, but the edge is where packets are made, not the core. Thus, noone can send large packets. Anyway. I'd concur that links where routers exchange very large routing tables benefit from PMTUD (most) and larger MTU (to some degree), but I'd argue that most IXPen see few prefixes per peering, up to a few thousand max. The large tables run via PNI and paid transit, as well as iBGP. There, I've seen drastical improvements in convergence time once PMTUD was introduced and arcane MSS defaults dealt with. MTU mattered not much. Given this empirical data, clearly pointing to the fact that It Does Not Matter, I think we can stop this nonsense now. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 I was making donuts and now I'm on a bus! pgp3C76fClvkv.pgp Description: PGP signature
Re: RINA - scott whaps at the nanog hornets nest :-)
Subject: Re: RINA - scott whaps at the nanog hornets nest :-) Date: Mon, Nov 08, 2010 at 10:08:53PM + Quoting Nick Hilliard (n...@foobar.org): On 08/11/2010 21:51, valdis.kletni...@vt.edu wrote: So there's empirical data that It Does Indeed Matter (at least to some people). Anyway, all of the arguments for it, both pro and con, have been rehashed on this thread. The bottom line is that for most companies, it simply isn't worth the effort, but that for some NRENs, it is. And NREN-NREN traffic typically does not traverse commercial IXen. (Even though ISTR Sunet and Nordunet having peerings configured on Netnod). Instead, from empire-building reasons or job security or No research project is complete unless the professor gets a new laptop and a wavelength to CERN (or in USA, pick a DoE site) from the project money, NRENs build their own... I am convinced that some applications actually benefit from this, though. Let's move on now. Indeed. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Yow! I want my nose in lights! pgpD2gcXRIWrL.pgp Description: PGP signature
Re: RINA - scott whaps at the nanog hornets nest :-)
Subject: RE: RINA - scott whaps at the nanog hornets nest :-) Date: Sat, Nov 06, 2010 at 08:38:33PM -0700 Quoting George Bonser (gbon...@seven.com): No wonder there is still so much transport using SONET. Using Ethernet reduces your effective performance over long distance paths. The only reason to use (10)GE for transmission in WAN is the completely baroque price difference in interface pricing. With todays line rates, the components and complexity of a line card are pretty much equal between SDH and GE. There is no reason to overcharge for the better interface except because they (all vendors do this) can. We've just ordered a new WAN to be built, and we're going with GE over (mostly) WDM because the interface prices are like six times higher per megabit for SDH. (which would have cost roughly equally per line given that it is quite OK to run SDH without the SDH equipment, just using WDM) Oh, s/SDH/SONET/ on above, but I'm in Europe, so.. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 If I am elected, the concrete barriers around the WHITE HOUSE will be replaced by tasteful foam replicas of ANN MARGARET! pgpWOvubncflf.pgp Description: PGP signature
Re: RINA - scott whaps at the nanog hornets nest :-)
Subject: RINA - scott whaps at the nanog hornets nest :-) Date: Fri, Nov 05, 2010 at 03:32:30PM -0700 Quoting Scott Weeks (sur...@mauigateway.com): It's really quiet in here. So, for some Friday fun let me whap at the hornets nest and see what happens... ;-) http://www.ionary.com/PSOC-MovingBeyondTCP.pdf This tired bumblebee concludes that another instance of Two bypassed computer scientists who are angry that ISO OSI didn't catch on gripe about this, and call IP esp. IPv6, names in effort to taint it. isn't enough to warrant anything but a yawn. More troubling might be http://www.iec62379.org/ and what they (I think they are ATM advocates of the most bellheaded form) are trying to push into ISO standard. Including gems like Research during the decade leading up to 2010 shows that the connectionless packet switching paradigm that is inherent in Internet Protocol is unsuitable for an increasing proportion of the traffic on the Internet. Sic! Now that is something to bite into. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Do I have a lifestyle yet? pgp9cmL3CjmdV.pgp Description: PGP signature
Re: Terminology Request, WAS: Enterprise DNS providers
Subject: Terminology Request, WAS: Enterprise DNS providers Date: Mon, Oct 18, 2010 at 12:36:33AM -0700 Quoting Michael DeMan (na...@deman.com): Hi, I have been following this thread, and am mostly curious - can somebody (or preferably several folks) define what is meant by 'Enterprise DNS' ? Quality DNS operations for people with lots of money and not so lots of operational capacity (dare I say clue?) -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 ... I'm IMAGINING a sensuous GIRAFFE, CAVORTING in the BACK ROOM of a KOSHER DELI -- pgpzgNgU3reCY.pgp Description: PGP signature
Re: DNSSEC and SSL
Subject: Re: DNSSEC and SSL Date: Sun, Aug 22, 2010 at 09:11:43AM -0400 Quoting ML (m...@kenweb.org): On 8/22/2010 2:38 AM, Mikael Abrahamsson wrote: No, because DNSSEC isn't secured all the way from the DNS server to the application, only to the resolver. Both systems have problems, I'd imagine the best security is when they work together. Is a DNSSEC capable stub resolver not in the cards? The best option today is to run a full-service resolver on the host; which is a tad heavy for most desktops, not to speak about the cache misses that would cause root server system load. The latter of course can be avoided by setting forwarders. OTOH: A thicker stub resolver does indeed exist; lwresd in the BIND suite. Calling it from applications does however mean using new API calls; since the traditional resolver API is oblivious to DNSSEC. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 What PROGRAM are they watching? pgpJ6qsHvpwVd.pgp Description: PGP signature
Re: Example RFI for colo provider selection
Subject: Example RFI for colo provider selection Date: Mon, Aug 09, 2010 at 08:48:15PM -0400 Quoting Jason Lixfeld (ja...@lixfeld.ca): I'm researching a list of some colocation providers I have here to find the most suitable one to provide services for a project I'm working on. My thought is to send out an informal RFI, which I believe is something others may have done too. If anyone is able to share, I'd be interested in having a peek at some of these colo-centric RFIs to understand what questions others have asked in the past, as it may help me come up with some questions that I may not have thought of myself. * Most overlooked: Does the backup power system cope with the cooling power requirements? * Several fiber providers connecting the facility, or one heavily multi-pathed. * If you intend to buy transit, number of (and perhaps prefered) transit providers. * If you intend to make your own IP-infrastructure, which transmission providers are present? * Space to grow, price. (ie. where do I leave the underpriced introductory offer and go into more expensive list-price setups) * Power, as previously mentioned. Three-phase is IMNSHO a must. But, then, I'm from Yoorp. In power, several subtopics: - Dual circuits, independently UPS-backed. - Generator backup. - Frequency of full-scale and load tests of power backup systems. Anything less than load test several times per year and at least one full-scale axe-in-mains-feeder -type test per year means that the Diesel promise is a lie. - They should have monitoring and trend watching systems set up to stop accepting new customers once any UPS is at 50% of rated load (What happens when one UPS side commits seppuku and fails to bypass?) - Power protection systems, for overvoltage, spikes, thunderstorms, etc. More could be added and has been. My 0,05 €, this. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 I want a VEGETARIAN BURRITO to go ... with EXTRA MSG!! pgp1unCvr8dgg.pgp Description: PGP signature
Re: Inquiries to Acquire IPs
Subject: RE: Inquiries to Acquire IPs Date: Fri, Jul 02, 2010 at 04:40:07PM -0500 Quoting Aaron Wendel (aa...@wholesaleinternet.net): I sent an inquiry in to ARIN yesterday for a certain ASN that was available and was told that management won't allow them to issue requested numbers. :( RIPE does, correctly prodded ;-) % Information related to 'AS31337' aut-num:AS31337 as-name:ELEET-AS descr: ELEET Network descr: Location: Sweden (Story is, IIRC, that adjacent number was assigned initially, but the confirmation mail was answered with Can I have 31337 instead? which in turn was granted. ) -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Those aren't WINOS -- that's my JUGGLER, my AERIALIST, my SWORD SWALLOWER, and my LATEX NOVELTY SUPPLIER!! pgpnmGSbGbtP2.pgp Description: PGP signature
Re: [Re: http://tools.ietf.org/search/draft-hain-ipv6-ulac-01]
Subject: Re: [Re: http://tools.ietf.org/search/draft-hain-ipv6-ulac-01] Date: Sun, Apr 25, 2010 at 11:31:06AM +0930 Quoting Mark Smith (na...@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org): So what happens when you change providers? How are you going to keep using globals that now aren't yours? use pi space, request it from your local friendly RIR. I was hoping that wasn't going to be your answer. So do you expect every residential customer to get a PI from an RIR? No, won't be necessary. Typical leases on v4 are extremely stable. I see no reason why they should be less so -- bar implementation hickups -- in v6. My dynamic v4 address of my Telia DSL at home has been the same for over a year. The ISP that messes this up will lose customers. As long as we use self-healing reasonably abstracted means of pointing out where our stuff is we'll easily survive renumbering should it occur. As long as the renumbering is less frequent than the TTL on the DNS records. For DLNA-like stuff, there is always FE80::/10, besides. The uniqueness of the unicast IP address is the key to its value and the means with which it enables us to build new stuff from which we make money. Corrupting the uniqueness requirement is devaluing the real reach and power of the IP address in search of shortsighted futile gains and is a practice any network professional should abstain from. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 As President I have to go vacuum my coin collection! pgpiRLW0QQMJg.pgp Description: PGP signature
Re: New Linksys CPE, IPv6 ?
Subject: Re: New Linksys CPE, IPv6 ? Date: Thu, Apr 01, 2010 at 11:35:32PM +0200 Quoting sth...@nethelp.no (sth...@nethelp.no): What I heard at a recent (within the past six months) conference was that there is no customer demand for v6 so it isn't on the immediate needs list. He said they had a lot of inquiries about v6, but to date not having native v6 wasn't a deal breaker with anyone. Last time we renegotiated transit contracts, we specified IPv6 as an absolute requirement. *Native* IPv6 was an added plus. We went further and required native. At 10GE interconnect speed, one is in the recently-upgraded core or metro access layer of most providers. These parts of the network have been ready (if not set up) for v6 for at least 5 years now. Did not pose a problem. All I need to do now is to set up the peering ;-) Had I been looking for a FE transit I'd had much more issues with v6 connectivity. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 INSIDE, I have the same personality disorder as LUCY RICARDO!! pgpN21DBvt3S1.pgp Description: PGP signature
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
Subject: RE: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU?IPv6 Group] Date: Fri, Feb 26, 2010 at 08:47:57AM -0500 Quoting Brandon Kim (brandon@brandontek.com): Interesting, why is it causing quite a stir? Is it because they are trying to allocate a large pool of addresses? The ITU is sulking because noone cares about them anymore; everybody just runs IP instead of being obedient Phone Company customers and using E.164 numbers. By becoming provider of IPv6 space the ITU hopes to restore the notion of country code addresses and also to again become a power factor in datacom. It is no coincidence that this wacky idea centers around developing countries; since one country -- one vote still is the norm for much ITU work this is a way to move power distribution back from an economy driven model (where actual usage and amount of money invested in operations matter) to a national-state model where Internet-heavy information economies like North Korea or Bangladesh have equal voting rights as USA or Japan. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 Will the third world war keep Bosom Buddies off the air? pgpaVirzJhz2x.pgp Description: PGP signature
Re: Email Portability Approved by Knesset Committee
Just wait till customers start wanting to take their IP address with them when they move... When that happens, I hope there will be a new generation of suckers to fix it. There is PI space, you know ;) -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 This PORCUPINE knows his ZIPCODE ... And he has VISA!! pgplH6bD5DlCh.pgp Description: PGP signature
Re: Anomalies with AS13214 ?
Subject: Re: Anomalies with AS13214 ? Date: Wed, Jul 29, 2009 at 12:27:56AM +1200 Quoting Nathan Ward (na...@daork.net): On 12/05/2009, at 4:47 AM, David Freedman wrote: Yeah, interesting contact name on this: person: Fredrik Neij address:DCPNetworks address:Box 161 address:SE-11479 Stockholm address:Sweden mnt-by: MNT-DCP phone: +46 707 323819 nic-hdl:FN2233-RIPE source: RIPE # Filtered (yes, it is him.) Dispatch someone from IETF, that is on in Stockholm right now. Won't help. Neij is 12 time zones away. But he is aware of the problem. -- Måns Nilsson
Re: Local Peering and Transit - BGP multihoming
Subject: Re: Local Peering and Transit - BGP multihoming Date: Fri, May 22, 2009 at 10:55:14AM +0200 Quoting Raymond Dijkxhoorn (raym...@prolocation.net): Hi! Yes, i can get sample of configuration via Google search. but i am looking for best practices and from experience people. Then post your suggested config and ask for comments. ...on a suitable list, dedicated to Cisco gear.. -- Måns Nilsson
Re: you're not interesting, was Re: another brick in the wall[ed garden]
Subject: Re: you're not interesting, was Re: another brick in the wall[ed garden] Date: Fri, May 15, 2009 at 10:10:26AM +0100 Quoting John R. Levine (jo...@iecc.com): And what's the next protocol that is going to be stomped on? Anything except http; at which point everything will move to http, and the firewalls are again useless. Um, if you think that http on consumer networks is transparent, I have some really bad news for you. If you change my sentence thusly: s/http/ what can be communicated over http/1;s/http/said channel/2; ..it all makes sense again, even better than before. -- Måns Nilsson
Re: you're not interesting, was Re: another brick in the wall[ed garden]
Subject: Re: you're not interesting, was Re: another brick in the wall[ed garden] Date: Fri, May 15, 2009 at 09:58:32AM +1000 Quoting Mark Andrews (mark_andr...@isc.org): And what's the next protocol that is going to be stomped on? Anything except http; at which point everything will move to http, and the firewalls are again useless. -- Måns Nilsson
Re: Where to buy Internet IP addresses
Subject: Re: Where to buy Internet IP addresses Date: Tue, May 05, 2009 at 10:43:17PM -0400 Quoting Ricky Beam (jfb...@gmail.com): The address space has be carved out; there's no uncutting that pie. (much in the same way the /8 handed out in the early 80's aren't being reclaimed.) I believe Net 14 has been. http://www.ripe.net/ripe/meetings/ripe-55/presentations/vegoda-reclaiming-our.pdf Please do note that a /8 is being eaten every month by todays consumption rate. The flood hasn't started yet. And the ark isn't finished; with enough people bailing water, it might stay afloat. :-) My feet are humid... Not from Python boots. -- Måns Nilsson