Re: "Permanent" DST

2022-03-15 Thread William Astle 



On 2022-03-15 14:37, Eric Tykwinski wrote:

What I don’t understand, is why change time, just change working hours.
I’m all for giving up the time change, but the standard should probably 
still be UTC offset.
If you work 9-5, change it to 10-6.  Every company can post working 
hours on their website.

Obviously for most of us, it’s a moot point.


That requires a behaviour change from "the people" who are not known for 
changing behaviour in any sort of useful manner. The time change yields 
the behaviour change without "the people" realizing that's what 
happened, so they go on about their day blithely complaining about the 
time change but none the wiser about what really happened.


P.S.  Anyone working at NIST or a similar org probably needs a raise for 
dealing with all the exceptions.


Insert the Tom Scott rant about time zones from Computerphile.

Re: Clueful contact at Microsoft needed

2017-05-10 Thread William Astle 

Thank you for that. The problem is resolved now.

On 2017-05-09 05:58 PM, Christian Kuhtz via NANOG wrote:

William,

I just got word from an internal team I had reached out to yesterday, and they 
told me they've just sent you an email to see how to resolve.  Hope that gets 
you on the path to resolution.

Best regards,
Christian

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Astle
Sent: Monday, May 8, 2017 11:00 AM
To: nanog@nanog.org
Subject: Clueful contact at Microsoft needed

Apologies if this is off topic for NANOG. I need to contact someone at 
Microsoft who can correct problems with Microsoft accounts.

I've been trying unsuccessfully to disavow a Microsoft account for some time. 
Note this an account someone has managed to associate with one of my email 
addresses. The Microsoft account does not belong to me.

I've been unable to contact the account holder. I've been through their support 
site and system which has been singularly unhelpful (and also requires a 
Microsoft account just to contact anyone). It's clear the support people don't 
understand the problem. I mean, how does logging into the settings on my 
(non-microsoft) email account help solve a problem with the settings on a 
Microsoft account?

Clueful contact at Microsoft needed

2017-05-08 Thread William Astle 
Apologies if this is off topic for NANOG. I need to contact someone at 
Microsoft who can correct problems with Microsoft accounts.


I've been trying unsuccessfully to disavow a Microsoft account for some 
time. Note this an account someone has managed to associate with one of 
my email addresses. The Microsoft account does not belong to me.


I've been unable to contact the account holder. I've been through their 
support site and system which has been singularly unhelpful (and also 
requires a Microsoft account just to contact anyone). It's clear the 
support people don't understand the problem. I mean, how does logging 
into the settings on my (non-microsoft) email account help solve a 
problem with the settings on a Microsoft account?

Re: IPv6 deployment excuses

2016-07-02 Thread William Astle 
There's one other major issue faced by stub networks which I have 
encountered at $DAYJOB:


- My upstream(s) refuse(s) to support IPv6

This *is* a deal breaker. The pat response of "get new upstreams" is not 
helpful and shows the distinct bias among this community to the large 
players who actually have budgets to work with. It's not always possible 
to change to a better upstream and even when it is, it is often 
prohibitively expensive. This is particularly the case with colocation 
where the cost of changing providers is huge as it requires physically 
relocating equipment. That either requires doubling up (very expensive) 
or non-trivial downtime (also likely very expensive). This is an 
especially sad state of affairs given that at least one very large 
network (AS701) has pulled this refusal at some data centres on their 
network. Their specific excuse du jour changes every few months but it 
usually boils down to "we don't want to put any effort or resources into 
updating anything".


On 16-07-02 09:35 AM, Ruairi Carroll wrote:

Issues I've faced in the past with v6 deployments, from the point of view
of stub networks. Feel free to pick/choose as you wish:

- Badly understood (By the team) methods to assign addressing to servers.
- Poor tooling in regards to log processing/external providers.
- Unknown cost in dev time to debug badly written applications (ie: cheaper
to buy v4 space than assign dev time, which is inherently expensive)
- PMTUD issues (Mostly around PTB handling)
- ECMP issues (Mostly around flow labels and vendor support for that, also
feeds back into PMTUD issues)
- Cogent/HE "spat" causes legitimate concerns about reachability (ie: why
should I buy an extra transit because someone else is playing silly buggers)
- Lack of backbone forces stubs to de-aggregate to much annoyance (but 0
choice) of everyone else
- Maintaining 2x IP stacks is inherently expensive Vs 1


Of course, you can say "v4 has these issues too" to some of these, and call
bullshit on others. That's not the point, I'm just airing some issues that
can be deal breakers.

I would imagine that as v4 becomes more expensive, most of the list will no
longer be an issue.

/Ruairi





On 2 July 2016 at 13:44, Mike Jones  wrote:


Thanks guys, this is what I have come up with so far. Next week i'll
put together a web page or something with slightly better write-ups,
but these are my initial ideas for responses to each point. Better
answers would be welcome.

"We have NAT, therefore we don't need IPv6."
"We still have plenty of IPv4 addresses"
"IPv4 works so we don't need IPv6."

They said similar things about IPX, DECNET, Appletalk but they
eventually realised it was easier to move to IP than to keep making
excuses for why their network can't connect to anything.

"we want NAT for IPv6 for security reasons"

NAT does not provide any security, typically a NAT will also include a
stateful firewall which provides the security. You can deploy a
stateful firewall for your IPv6 network if you like, however it isn't
required as much as you probably think it is - see below.

"IPv6 is just another way for hackers to get in."

There is no difference between IPv4 and IPv6 when it comes to
firewalls and reachability. It is worth noting that hosts which
support IPv6 are typically a lot more secure than older IPv4-only
hosts. As an example every version of Windows that ships with IPv6
support also ships with the firewall turned on by default.

"End users don't care about IPv6"

Are you saying this in response to someone asking for IPv6? because
that would be contradictory. I am an end user and I care about IPv6!

"But it isn't a priority and we have other stuff to do"

Reconfiguring every router on your network is not something you want
to rush when you realise you needed IPv6 yesterday, early adopters
have the advantage that they can gain experience with running IPv6 and
test their infrastructure without worrying about critical traffic
being IPv6-only.

"None of the software vendors support IPv6."

If your software vendors were following best practices and writing
decent code then this would not be a problem, I suggest pushing your
vendors to fix their code. If you only have 1 of two systems that are
IPv4-only then you can always "special case" them. See NAT64 for
information about one way of reaching IPv4 hosts from an IPv6 network.
If you dual stack then it doesn't matter and you can just use IPv4 for
those few services than require it until you get a fix from the
vendor.

"None of our staff understand IPv6."

Do your staff understand IPv4? because it's not that different...

"IPv6 addresses are too long to remember"

You shouldn't need to remember IP addresses, that's what DNS is for.
However I will say that in my experience and many other peoples having
the extra bits to structure your network in a logical fasion can make
addresses more obvious and easier to remember. You have a single
prefix to

Re: ARIN Region IPv4 Free Pool Reaches Zero

2015-09-24 Thread William Astle 

On 2015-09-24 10:49, Dovid Bender wrote:

The issue now is convincing clients that they need it. The other issue is many 
software vendors still don't support it.

Regards,

Dovid


Actually, the issue now is convincing certain big providers to actually 
make IPv6 service available to their customers in data centres and the 
like across their *whole* networks rather than giving people the 
"there's no demand so we can't justify the cost" run around. (I'm 
looking at you AS701.)


For that matter, it would also help if certain large end user providers 
would make IPv6 available rather than giving a standard "we have no 
information at this time" type response. (I'm looking at you, Shaw.)

Re: ARIN just subdivided their last /17, /18, /19, /20, /21 and /22. Down to only /23s and /24s now. : ipv6

2015-06-26 Thread William Astle 

On 15-06-26 09:47 PM, tqr2813d376cjozqa...@tutanota.com wrote:

27. Jun 2015 03:06 by j...@baylink.com:


And that's the ballgame.

http://www.reddit.com/r/ipv6/comments/3b5p3i/arin_just_subdivided_their_last_1718192021_and_22



And here's to another eternity of shitty ISPs not implementing IPv6 because
'they have enough v4 already'.


Not necessarily just shitty ISPs either. Like certain data centers 
attached to AS701 in Canada. Been getting the runaround from them on 
that for far too many years. Last answer was we can but we're not going 
to because effort.

Re: Canada and IPv6

2014-06-19 Thread William Astle 

On 14-06-18 06:16 PM, Sadiq Saif wrote:

On 6/18/2014 14:25, Lee Howard wrote:

Canada is way behind, just 0.4% deployment.


Any Canadian ISP folk in here want to shine a light on this dearth of
residential IPv6 connectivity?


For that matter, how about on the other side of the equation. Why is it 
that certain large networks operating data centres in Canada do not 
provide IPv6 to all of said data centres? (I'm looking at you, AS701.)

Re: Color vision for network techs

2012-08-31 Thread William Astle 

On 12-08-31 08:15 AM, Berry Mobley wrote:

Hello,

Do any of you do any color vision screening in your interview process?
How do those of you with color vision impairments compensate? I'd never
considered this until I was in one of our facilities with my son (who
has limited color vision) and we had a discussion about the LEDs. He
could only determine on/off - not amber/red/green on the equipment we
had. I'm wondering if we need a color vision requirement (or test) as
part of our hiring requirements.


I'm red/green deficient. It's not total - I can identify high saturation 
reds and greens that cover a large enough area. However, it is enough 
that when I look at a multi-colour status indicator, I'm left scratching 
my head. Many times, I've said to myself, There ought to be a law 
against using only the colour of light to indicate status. Of course, 
you know what they say about there ought to be a law


Screening for colour vision is dubious, no matter how much it would help 
with grokking the status lights. Even without the discrimination angle, 
consider that a very nontrivial proportion of men are colour deficient 
(on the order of 5% if my information is correct). You would be reducing 
your possible talent pool.


Instead of a colour vision requirement or policy, I would start 
screaming at equipment manufacturers for using only the colour of an 
indicator to show information. A tristate can easily be shown with 
steady, slow blink, and fast blink if there really is some compelling 
reason not to have multiple indicators. If everyone, especially large 
organizations, put pressure on equipment manufacturers, the problem 
could be largely eliminated.

Re: Netsol AAAA glue

2012-07-14 Thread William Astle 

On 12-07-14 09:43 AM, valdis.kletni...@vt.edu wrote:

On Sat, 14 Jul 2012 10:14:08 -0400, Andrew Sullivan said:

This isn't true in ICANN-contracted registries.  The maximum period is
10 years, absolutely, so if you have 10 years to go and you pay for a
transfer you lose the additional year's payment.


Oh, come *on* guys.  How much does a bleeping domain *cost*? Under what
conditions does zomg I'm gonna lose the other 9 years actually outweigh the
aggrivation?

snip

You don't lose the other 9 years. You just don't get an 11th year if the 
new renewal date would then be more than 10 years out. For what it's 
worth, .ca (non-ICANN) works the same way.

Re: IPv6 foot-dragging

2011-05-11 Thread William Astle 
On 2011-05-11 09:10, Mike Tancsa wrote:
 On 5/11/2011 11:03 AM, ja...@jamesstewartsmith.com wrote:
 I have had similar problems with our providers, and these are tier 1 
 companies that should have already been full deployed.  These are also some 
 of the more expensive providers on a per Mb basis.  The one provider that 
 was full IPv6 ready was Cogent.  HE is also IPv6 (although we don't use them 
 atm.)
 
 There are a number of networks in Canada that provide v6 transit both
 big and small.  I have v6 transit from TATA, HE and Cogent out of
 Toronto.  Many Canadian networks peer at Torix which also lists their v6
 status.
 
 http://www.torix.net/peers.php

That highlights another problem I have. I have no presence in Toronto,
nor do I have a business case (or resources) to build a presence there.
The same applies to Vancouver which is the other popular city for such
things.

I do currently employ a tunnel from HE's tunnel broker and, as a result,
I'm reasonably sure I can make IPv6 work when I have proper transit for
it. However, it would be impolite at best to turn up any sort of
production service over such a tunnel.

Speaking from the perspective of a *small* network with very limited
resources, adding a transit provider, even if one is available, is very
expensive. Installation costs tend to dwarf any business gain, often
running well into the 5 figure range. The same applies to switching
transit providers. (Install costs are the same in either case.)

Re: Repeated Blacklisting / IP reputation

2009-09-08 Thread William Astle 

J.D. Falk wrote:

Seth Mattinen wrote:


I was always under the impression that smaller orgs were not allowed to
join the MAAWG club.


I've heard that, too, but have no idea where it comes from.  It's not 
true; there's no size requirement or anything like that.


http://www.maawg.org/ has the membership application and other info.



The $4000/year minimum membership fee is a non-starter for small 
organizations who are already strapped for operating cash as it is. This 
is probably where the perception comes from.


--
William Astle
l...@l-w.ca

Re: Repeated Blacklisting / IP reputation

2009-09-08 Thread William Astle 

O'Reirdan, Michael wrote:

MAAWG is has no size limitations as to members. Yes we do have a $4000 
supporter membership. This has not proved a barrier to many organisations.


Likely because for the ones for whom it is a barrier, they look at the 
cost and don't even bother considering an initial contact. Thus, you 
never hear about it.


Admittedly, most smaller organizations simply don't have the time to 
participate in even a handful of the $bignum industry organizations 
(whether they cost money or not) so that's likely a more substantial 
barrier.


To be completely clear, it's not clear to me that an organization that 
cannot afford $4000/year would actually have the resources to 
participate in a meaningful way anyway. Which is to say that I do not 
necessarily disagree with the fee structure, and that is speaking from 
under my small organization for whom the $4k/year is an insurmountable 
barrier hat.


All that said, I believe I have had my say sufficiently so I will not 
contribute further to the overall noise level on NANOG.




Mike O'Reirdan
Chairman, MAAWG
 


- Original Message -
From: Benjamin Billon bbillon...@splio.fr
To: nanog@nanog.org nanog@nanog.org
Sent: Tue Sep 08 17:17:58 2009
Subject: Re: Repeated Blacklisting / IP reputation

ISPs can be invited and there are specific meetings for them (closed to 
other members).

There're also whitepapers for ISP (and others).

But I agree, hoping ALL the ISPs join MAAWG or even hear about it is 
utopian.


--
Benjamin

William Astle a écrit :

J.D. Falk wrote:

Seth Mattinen wrote:


I was always under the impression that smaller orgs were not allowed to
join the MAAWG club.
I've heard that, too, but have no idea where it comes from.  It's not 
true; there's no size requirement or anything like that.


http://www.maawg.org/ has the membership application and other info.

The $4000/year minimum membership fee is a non-starter for small 
organizations who are already strapped for operating cash as it is. 
This is probably where the perception comes from.







--
William Astle
l...@l-w.ca