- [EMAIL PROTECTED]
--
Paul Vixie
: freeworldialup.com)
mail: [EMAIL PROTECTED]
http://iason.site.voila.fr
http://www.kokoom.com/iason
--
Paul Vixie
?
--
Paul Vixie
Here's hoping the worst doesn't happen.
according to my reading of http://www.goes.noaa.gov/GSSLOOPS/ecwv.html,
the worst is looking pretty likely.
--
Paul Vixie
''.
--
Paul Vixie
words it's sort of like defcon's wall of sheep. i like the approach.
--
Paul Vixie
to how much will it hurt to manage and monitor it?
--
Paul Vixie
Every public root experiment that I have seen has always
operated as a superset of the ICANN root zone.
not www.orsn.net.
--
Paul Vixie
# You are playing with words. ORSN serves the same data as ICANN. So,
# it is a superset, albeit a strict one.
#
# (The excellent readers of NANOG already saw the bug by themselves, I
# presume.) I wanted to say that ORSN is *not* a strict superset but is
# nevertheless a superset.
for those
, hosting,
on-net, and transit markets.
--
Paul Vixie
chance of getting me off this hook was #952. ergo, _ had to die in
order that my inbox might live.
but it was wrong, and the need for it is past, and it's time for redress.
--
Paul Vixie
because you're pointed to by an MX RR doesn't make you a mailname.
(what a relief to finally be able to say that.)
--
Paul Vixie
of those requests on NXDOMAIN?
yes. but we isn't nanog. can you take your bind-specific questions
to a bind-related mailing list or newsgroup? www.isc.org has pointers.
--
Paul Vixie
it or make
any comments on how it ought to have been writ differently.
and when you're ready to ask such questions or make such comments, please
make them on namedroppers@ops.ietf.org rather than on NANOG.
--
Paul Vixie
, containing an
A/127.0.0.1 for every name you're seeing queries for. that'll get action
by whoever made the mistaken delegation toward your server... (i promise.)
--
Paul Vixie
.
not to me. RFC 1535 is VERY widely deployed, perhaps even universally so.
--
Paul Vixie
[EMAIL PROTECTED])
--
Paul Vixie
does achieve, excellent DNS coherence.
--
Paul Vixie
asking you all to please show a
little discipline before you hit the FlameCrackpot key.
--
Paul Vixie
, and they ~know it.
--
Paul Vixie
i wrote:
see http://www.isc.org/personalcolo/ for the longer version of this rant,
and clearly my espresso hadn't hit yet, because that was wrong. someone said:
Hey Paul,
FYI, that link doesn't work. :)
and of course, the real link is http://www.vix.com/personalcolo/. sorry!
that simpler?)
Game theory is fun, folks! With real money on the line, its also very
interesting.
yes indeed.
--
Paul Vixie
a local anycast instance of these servers,
but I can think of lots of good reasons why this might be bad.
more is better.
--
Paul Vixie
.
Well, Paul Vixie wrote bind
nope. kevin dunlap and other folks at U C Berkeley wrote BIND originally.
all i did was fork the code base at 4.8.3, produce King James BIND, then
BIND 4.9 through BIND 8.1, and along the way co-founded ISC with rick
adams. also along the way i won the most cert
referring to believed that they were extending
the existing mo/dem specification. authors of BIND9 and tinydns each believe
that they are implementing what's written in RFC 1035. so, different.
--
Paul Vixie
, and/or being part of
the BIND Forum. however, let me mix a metaphor and throw open the
gauntlet-- if you know of a way that BIND can be improved, please tell us!
(there's probably no need to cc nanog@ on such suggestions, but suit yourself.)
--
Paul Vixie
needs an axis of evil to keep it focused.
--
Paul Vixie
of known horizion variability.)
--
Paul Vixie
:
no.
Bind people don't ack djb points and vice versa.
i don't ack djb's existence, not merely his points.
i'm happy to ack your points, and debate them, though.
--
Paul Vixie
patches and apply them every year or two since no vendor will ever
be able to guaranty this. If you want help staying patched, talk to
ISC about BIND support, or talk to your operating system vendor, or
talk to your ISP. Help is out there.
...
--
Paul Vixie
popular it is, if you are a true
techie, should be close to the bottom of that list.
amen.
--
Paul Vixie
1200 DNS TCP connections/sec,
which appear to be mostly TKEY queries.
- Today the busiest source IP address is sending
50 PTR queries/sec. Number two is 30/sec.
...all of which those among you who are OARC members already know :-).
--
Paul Vixie
bordering problem,
without causing more harm than good, then you can bet it'll get done.
--
Paul Vixie
no to 1) prolong the pain, 2) beat a horsey.. BUT, why are 1918 ips
'special' to any application? why are non-1918 ips 'special' in a
different way?
i know this is hard to believe, but i was asked to review 1918 before it
went to press, since i'd been vociferous in my comments about 1597. in
IMO, RFC1918 went off the track when both ISP's and registries started
asking their customers if they have seriously considered using 1918 space
instead of applying for addresses. This caused many kinds of renumbering
nightmares, overlapping addresses, near death of ipv6, etc.
just
-to-decide.
--
Paul Vixie
, gcc, linux, freebsd, and everything else i use.
i want that kind of alternative available for my voice communications or
indeed anything i spend money on. 911 is to POTS as MSIE is to Windows--
it helps put the lock in lock-in.
--
Paul Vixie
predict that we'll see more computers doing voice, using
domain names rather than phone numbers for rendezvous.
(speaking of amazon, i found that usb headsets are down to ~$34.94 now. yay!)
--
Paul Vixie
a couple of off-the-wall notes. i'm bouncing off of stephen sprunk here,
but in fact these notes have very little to do with his excellent article:
Toll-quality voice requires ...
...all kinds of things that nobody outside the POTS empire actually
cares about. folks just want to talk.
of that bw 24/7 and is only paying $40 or so for that
pleasure.
i think the right rule is, if you can't make money from it, don't sell it.
--
Paul Vixie
, it indeed is.
--
Paul Vixie
during a power outage or some other event which
makes national news.
sure as hell, we'll see laws requiring every home to have a telephone, to
have that telephone in the kitchen or other main room of the home, and to
be clearly marked. then the POTS tithe comes back, it'll be with vengeance.
--
Paul
of existence... i
really expected this to take a little longer, just for appearance' sake.)
--
Paul Vixie
here.)
--
Paul Vixie
NEW YORK - Bernard Ebbers, the former chief executive of WorldCom and
perhaps the most powerful American businessman ever to face a criminal
trial, was found guilty today of securities fraud, conspiracy and filing
false documents with regulators.
...
to this,
and every P2P or anonymous reputation system will be full of sludge. We
don't have a mature enough system of accountability, anywhere in meatspace,
to account for the kinds of relationship and transactions the Internet
makes possible.
--
Paul Vixie
,
america is open for business!
--
Paul Vixie
i'm trying to understand the supposed dearth of submissions, but i've never
been on the programme committee and so i need some data. if you've submitted
a paper to nanog that was refused -- ever! -- and are willing to share details
(ideally including the reasons you were given for the refusal,
. thus it's only useful
for your own user population, and completely safe to leave open to the world
(as long as your user population keeps their passwords safe, that is.)
--
Paul Vixie
I promised some people that I'd comment publically on the moderation change.
Selecting Steve's message at random as a place to start, let me just quote:
From: [EMAIL PROTECTED] (Steve Gibbard)
Subject: Re: NANOG Changes
Date: Thu, 17 Feb 2005 01:04:51 -0800 (PST)
Speaking only for myself
will *always* be appreciated.
...you really care about botnet reports, then why not subscribe to nsp-sec@
or da@ where such reports are published all damned day long every day. if
you ONLY subscribe to nanog@, you're missing a HUGE number of botnet reports.
--
Paul Vixie
the speakerphone. audio engineers take note -- mute all other
ends plz.
--
Paul Vixie
as co-moderator, i'd like all remote questions/comments to come via
irc, and not via the speakerphone. audio engineers take note --
mute all other ends plz.
Paul, this is the reason I suggested an audio hybrid=ata-186 for
patching the audio to INOC. It doesn't matter if the people on
of you read this forum using a normal e-mail tool.
--
Paul Vixie
those conditions, root operators will be silent.
--
Paul Vixie
/) is still timely.
--
Paul Vixie
paul vixie
(moderators)
overview of history betty burke 15 minutes
history structure
of NANOG
program committee steve feldman 20 minutes
overview
reform proposal dan golding (et al) 15 minutes
paul vixie
(moderators)
program committesteve feldman 20 minutes
overview
reform proposal dan golding (et al) 15 minutes
http://nanog-reform.org/
QA and discussion will follow each presentation
so far Daniel Golding [EMAIL PROTECTED] has asked for a slot
to present a half dozen slides on what he calls a nanog reform proposal,
so the agenda for sunday night is:
---
intro/overview martin hannigan5 minutes
paul vixie
long. so it must be for everybody
here.
--
Paul Vixie
is this at the rio? if so which conf. room?
i refer of course to http://www.nanog.org/mtg-0501/coordination.html,
although there is really only one steve feldman and he does not work for
verisign. martin hannigan, missing from the list of speakers/moderators
as of this moment, actually does
of the protocol, such
that multi-vendor interoperability will be possible even when using advanced
features. this requires a bunch of protocol additions, which are indeed a
lot less easy than just doing vendor-specific extensions.
--
Paul Vixie
bearing in mind there have been issues with org but not . i have
thought in the past there probably should be mroe than two ns records
in ns ..
all i can say is:
i believe that icann/afilias/ultradns would be very receptive to
input from the ietf-dnsop wg on this topic. but it's not cut
[Warning: I've never actually deployed an anycast DNS setup so you are
free to ignore my message.]
i'm not ignoring you because you raised two important issues.
1. There should always be non-anycast alternatives
I believe there is a strong consensus about that. And therefore a
strong
Apparently you also didn't get any pointers to RFCs or other
authoritative sources that say each and every packet injected into
the internet must be delivered in sequence.
er... please quote chapter/verse here.
these are packets and have sequence numbers
-BECAUSE-
but at that point, the only thing anycast would buy you is ddos
resistance and the ability to have more than 13 physical
servers... which is all the
Is that true? I'm failing to see how anycast helps expand a network's
DDoS survivability. At best a dumb attacker would attack the IP
... be vulnerable to congestion based attacks, since a congestion
based attack is against OPN's (other people's networks) where even
infinite point-source provisioning cannot help you.
well, thats practically true, but not theoretically true.
the DNS is running just fine
Since when bad engineering is bad to the big business?
whenever it makes your service less attractive than your competitors.
The world is full of examples to the contrary.
yes, but only where there's a monopoly of some kind.
[EMAIL PROTECTED] (Paul Vixie) (hey, that's me!) wrote:
as i said the other day, all power tools can kill. if you turn
on PPLB and it hurts, then turn it off until you can read the
manual or take a class or talk to an expert. PPLB is a link
bundling technology. if you turn
i don't think iljitsch is in a position to teach an anycast 101 class.
here's my evidence:
From: Paul Vixie [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [dnsop] Re: Root Anycast (fwd)
X-Mailer: MH-E 7.4; nmh 1.0.4; GNU Emacs 21.3.1
Date: Mon, 04 Oct 2004 22:26:18 +
Sender
The Internet is under increasing attacks with unwanted traffic in
the form of spam, distributed denial of service, virus, worms, etc.
Does etc. include pornography and certain forms of poltical speech
which do not conform to local community standards?
not for this conference, no. this
Song, Carnegie Mellon University
Paul Vixie, ISC
Steering Committee
Dina Katabi, MIT.
Balachander Krishnamurthy, ATT Labs--Research.
Deadlines
Submission deadline: March 30, 2005 (11:59 PM EST, HARD)
Acceptance notification: May 3
that thread again
just because it seems desireable (which it is) and technically easy (also).]
--
Paul Vixie
they want to filter.
You are a few years late with that Idea - Paul Vixie had it first, quite
some time back.
indeed. and i believe it's still up and running, see www.mail-abuse.org.
--
Paul Vixie
friend when you're contemplating societal reform.
--
Paul Vixie
[EMAIL PROTECTED] (Alex Rubenstein) writes:
... I think we all agree that RAS and Randy don't fall into the above
category of having to be gotten ridden of. ...
nope.
--
Paul Vixie
[EMAIL PROTECTED] (nanog gonan) writes:
This whole censorship thing has me wondering as to the continued
viability of this list as a place where the clue-heavy hang out and speak
freely. Paul Vixie has been warned, randy Bush has been banned. Who
else has been banned that'd be considered
From: Daniel Golding [EMAIL PROTECTED]
...
Its entirely possible for nanog-l to be self policing, or, failing
that, for users to simply use procmail on those who wander off-topic
(for some definition of off-topic). Putting an [OT] subject banner on
such posts is also nice.
i don't want
And please don't add any more layering violations. It makes implementors
life painful and kills any architectual cleaniess in operating systems.
i have long wished for and sometimes needed a way to renumber a host w/o
killing or restarting its active tcp flows. this isn't a layering
i have long wished for and sometimes needed a way to renumber a host
w/o killing or restarting its active tcp flows. this isn't a
layering violation. tcp should be able to know about
endpoint-renumber events.
Unfortunately this sounds like a good target for people to mess up
for apple and suse and redhat
and sun and microsoft. or is this another straw man thing? certainly
my kids think their mac/os/x machine is as easy to use as a telephone,
and if you asked them how the routing table worked they wouldn't care.
--
Paul Vixie
It would have been nice to make sctp be the standard stream protocol
for ipv6.
yup. or at any rate, SOME kind of improvement in this area.
For most nanog customers, there's still time.
nope.
Those places that have already seen significant ipv6 adoption may
need to upgrade again.
(catching up)
(you missed some stuff.)
On 2004-11-22, at 18.52, Paul Vixie wrote:
(let me put it this way: A6/DNAME was shot down because of
complexity, and it was simpler than this.)
I am not convinced A6/DNAME would have solved all problems, not even
all of the ones you pointed
[...]
Isn't about the same achievable with about two or three lines of
scripting (or a new zone parsing option for bind ;) with a lot less
protocol complexity?
only if you can tolerate short TTL's on all your 's. in the A6/DNAME
model, your A6's could have long TTL's whereas your
..., it seems to me that MULTI6's only option is to make NAT work,
even if you call it site local addressing or even ULA's. ...
there are, and will be in the future, folks that WANT NAT, regardless of
the perceived 'badness' of it...
i know. i've met some. i've been one. please join
not
a home-DSL or home-cable or isp-colo network. routing shouldn't always
follow addressing. we'll need to discover a workable equilibrium unless
we want to encourage NAT in IPv6 the same way we (passively) encouraged it
in IPv4.
--
Paul Vixie
i was waiting and watching and looking and hoping for this. now i have it.
From: Iljitsch van Beijnum [EMAIL PROTECTED]
... We have 128 bits, so we should make good use of them. One way to
do this is to make all subnets and 99% of end-user assignements the
same size. Yes, this wastes
mean working through the RIR system to ensure
that prefixes are only allocated when actually needed/qualified, and that
allocated prefixes are large enough to be worth a slot in the table... yes.
--
Paul Vixie
[EMAIL PROTECTED] (William Allen Simpson) writes:
Have we learned anything in 10+ years?
yes. the best way to do something is to DO it.
--
Paul Vixie
a lot more addresses, let's just do away with ever having any one
address used by any one endpoint for very long. i guess i understand that,
even though it makes no sense. sort of a catch-22 thing, right?
--
Paul Vixie
you are drastically misunderstanding my hopes, my goals, and my role.
Please explain them then.
briefly, because i consider myself off-topic and sue probably does also.
the problem statement answered by the ipngwg was wrong. they thought they
were supposed to solve the shortage of address
none of those three things is acceptable, not even as a compromise.
The current solution I see for this is still IPv6. Except that one moves
the complete 'Independence' problem a layer higher. Enter:
HIP: Host Identity Protocol:
http://www.ietf.org/html.charters/hip-charter.html
this
the tyres on this this thread are getting threadbare. let's finish soon.
(let me put it this way: A6/DNAME was shot down because of complexity, and
it was simpler than this.)
Wasn't it more because a single A6 lookup could cause one (the resolver
that is ;) to have to follow a overly
It's wrong if these issues that have global impact are decided
regionally.
yes. i understand that the acid rain people, the ozone layer
people, the ice cap people, the whale people, and the ocean oxygen
level people, all have that same complaint. human nature on a grand
scale
to the table. they aren't so willing to spend a slot on
helping wal-mart or ford avoid a renumbering penalty.
fortunately or unfortunately, the great collective of which i speak has no
voice (or actually it has too many voices, which comes to the same thing).
--
Paul Vixie
starting assumptions weren't and aren't
my point of disagreement.
--
Paul Vixie
for all these reasons, large or multihoming endsystems will need V6
PI allocations and at some point the RIRs are going to have to
define/allow this.
I find your attitude in this regard disturbing, especially as:
(note that i'm not speaking for arin, nor as a member-elect of
arin's
even see.
--
Paul Vixie
How much would it add to the pain of the v4-v6 transition, to just bite
the bullet and do tcp-sctp at the same time? I'd sure rather be a
network troubleshooter going through that than living with NAT forever.
it's the delta between the finite and the infinite. sctp requires a flag
day
an endpoint-renumber event using in-band control messages.
alas, this approach was deemed overly complex, so TCP went unchanged.
--
Paul Vixie
201 - 300 of 738 matches
Mail list logo