Richard,
You're not lying when you say the resolvers are spitting out different
results every minute, now the Cox uplink here goes from Dallas to San
Jose to and endpoint in Tokyo.
*Insert obligatory Microsoft expletive here*
JWP
On 8/3/05, Richard A Steenbergen [EMAIL PROTECTED] wrote:
On
) asymm 10
51.997ms
15: no reply
16: no reply
17: no reply
18: no reply
O.o
Tim Rainier
Larry Smith [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
08/03/2005 02:19 PM
To
Fergie (Paul Ferguson) [EMAIL PROTECTED], nanog@merit.edu
cc
Subject
Re: Problems at Microsoft?
On Wednesday
On July 7, 2005, NeuStar received a handful of reports that DNS
resolvers were unable to resolve dotUS domains, plus the mention of
the problem on the NANOG list. From the reports received, the DNS
problem seemed to impact a limited number of independent
organizations but was not
By any chance, are any of you seeing any problems with Qwest frame relay
or iQ in Colorado? We just had a whole bunch of frame relay PVCs all
over the area go down. I've opened a ticket with Qwest, of course, but I
haven't heard back from them since I opened it and I'm now on eternal
hold
On Mon, 23 May 2005, Tony Li wrote:
Which is EXACTLY why we need to remember that we are NOT trying to come
up with the perfect solution. We have operational issues *TODAY* that
we are trying to address.
- We have people (admittedly accidentally) advertising prefixes that
they do not own and
Let's look at Tony's points above. These solutions cannot deal with the
last case, i.e., the owner of the prefix decides to advertise more
specifics (and the ISPs pass that crap through). Then we're left with
attacks where someone else advertises an equal route, or someone
advertises a
Pekka Savola wrote:
On Mon, 23 May 2005, Tony Li wrote:
Which is EXACTLY why we need to remember that we are NOT trying to come
up with the perfect solution. We have operational issues *TODAY* that
we are trying to address.
- We have people (admittedly accidentally) advertising prefixes
On Tue, 24 May 2005, Pete Templin wrote:
Let's take RIPE, RADB, etc. databases as an example. Apparently we can't
count on the ISPs filtering out crap from their customers, because
otherwise we'd never have had these attack. Also apparently, we can't
count on the transit ISPs from weeding
Pekka,
First of all, if you are assuming that NO ISPs make use of prefix
filters, then you would be incorrect. There are those that try very
hard to make use of such filters. However, we do not have 100%
deployment of those filters.
Since we will never see 100% deployment of such filters,
Hank Nussbacher wrote:
I really like Google. I like what they do. But lately, their security
team is a joke. I had a problem with their POP Gmail service and the
advise I got from their Gmail team was to turn off my CA EZ antivirus
and my ZApro firewall and to try again and see if the
If you're not part of the solution
Precisely. Please review the data before posting 'omg google
was hacked!' to public mailing lists.
bingo! from all appearances
o google made a dns boo boo which partially damaged their own
service for somewhat less than an hour. and they
At 02:18 AM 08-05-05 +, Fergie (Paul Ferguson) wrote:
Does anyone else think that its a bit odd that if it were simply
DNS problems that a redirect for www.google.com would end up
at a location which provided this:
http://img179.echo.cx/img179/7959/googlehacked7to.jpg
[or]
http://img241
Hank Nussbacher wrote,
I really like Google. I like what they do. But lately, their security
team is a joke. I had a problem with their POP Gmail service and the
advise I got from their Gmail team was to turn off my CA EZ antivirus and
my ZApro firewall and to try again and see if the
On 5/8/05, aljuhani [EMAIL PROTECTED] wrote:
Well I am not a DNS expert but why Google have the primary gmail MX record
without load balancing and all secondaries are sharing the same priority
level.
Has it occured to you that there are other ways of load balancing
mailserver clusters than
Suresh Ramasubramanian wrote:
On 5/8/05, aljuhani [EMAIL PROTECTED] wrote:
Well I am not a DNS expert but why Google have the primary gmail MX record
without load balancing and all secondaries are sharing the same priority
level.
Has it occured to you that there are other ways of load
On 8 May 2005, at 17:07, aljuhani wrote:
Well I am not a DNS expert but why Google have the primary gmail MX
record
without load balancing and all secondaries are sharing the same
priority
level.
Huh ?
[...]
1888 (97%) messages were gated through Gmail's Primary mail server
On 8 May 2005, at 21:13, Andy Davidson wrote:
gmail-smtp-in.l.google.com is at least two machines, but much more
likely to be at least two clusters of machines ... :
;; ANSWER SECTION:
gmail-smtp-in.l.google.com. 232 IN A 64.233.185.27
gmail-smtp-in.l.google.com. 232 IN A
Does anyone else think that its a bit odd that if it were simply
DNS problems that a redirect for www.google.com would end up
at a location which provided this:
http://img179.echo.cx/img179/7959/googlehacked7to.jpg
[or]
http://img241.echo.cx/img241/6208/googlemsn3lp.png
Seems more than
On Sun, May 08, 2005 at 02:18:19AM +, Fergie (Paul Ferguson) wrote:
Does anyone else think that its a bit odd that if it were simply
DNS problems that a redirect for www.google.com would end up
at a location which provided this:
All of the hack evidence is from people looking
that its a bit odd that if it were simply
DNS problems that a redirect for www.google.com would end up
at a location which provided this:
All of the hack evidence is from people looking at a whois
query and fretting over:
Server Name: GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
IP
On Sun, May 08, 2005 at 03:09:40AM +, Fergie (Paul Ferguson) wrote:
Well, Matthew, my boy, it appears to have been more than a
simple spyware incident on a Mac or two.
If you're not part of the solution
Precisely. Please review the data before posting 'omg google was hacked!'
to
something *very* strange is going on. the worldnic servers have
been giving delayed or no results for days now. and nsi is hoping
we and the wsj/nyt won't notice.
I agree 100%.
but it's probably time for us all to dump symptoms here and figure
it out as a community, as the dog with the bone
On Mon, 25 Apr 2005 22:19:51 PDT, william(at)elan.net said:
Perhaps a solution is to specifically enable ipv6 dns resolution as
preferable to ipv4 or the other way around. This could perhaps be
switch in resolv.conf or nsswitch.conf. Something like:
/etc/resolv.conf
search example.com
Have to say we see no issues here with the worldnic.com nameservers, other
than they appear to be located on the same physical network.
I think people should post queries that fail, including date/time, and full
dig output for that query from the server they used, and the version of
recursive
Suresh Ramasubramanian wrote:
I'd say fix the resolver to not try resolve v6 where there exists no
v6 connectivity
I'd say fix the broken v6 connectivity.
- Kevin
On Tue, 26 Apr 2005, Simon Waters wrote:
Have to say we see no issues here with the worldnic.com nameservers, other
than they appear to be located on the same physical network.
I think people should post queries that fail, including date/time, and full
dig output for that query from the
lots of folk sent email to me and not the list. most report
worldnic responding with tcp 53 and not udp. would love to
hear confirmation on list. can think of a number of causes,
one possible, but just a stab in the dark, would be an
intentional hack as a defense to a spoofed-ip attack.
what
At 21:34 -0700 4/25/05, Rodney Joffe wrote:
The culprit is dig.
Ahh, dig. What version? You have to be running the latest at all
times these days...so many changes...
In my experiences with v6 the problems I have come down two are:
1) Broken testing tools. (See change 1610 in the BIND CHANGES
Randy Bush [EMAIL PROTECTED] wrote:
lots of folk sent email to me and not the list. most report worldnic
responding with tcp 53 and not udp. would love to hear confirmation
on list. can think of a number of causes, one possible, but just a
stab in the dark, would be an intentional hack as a
hack as a defense to a spoofed-ip attack.
what are some names known to be hosted on worldnic?
we had problems reported with:
www.calairmail.com
www.holidaycardwebsite.com
I did some poking around lastnight with dig and some local unix hosts that
I hadn't tried this before on and got no change
On Tue, 26 Apr 2005, Brett Frankenberger wrote:
On Tue, Apr 26, 2005 at 01:22:41PM +, Christopher L. Morrow wrote:
On Tue, 26 Apr 2005, Simon Waters wrote:
The worldnic.com and worldnic.net appear to use the MMDDVV convention
for
SOA serial numbers, and so it would
possible, but just a stab in the dark, would be an
intentional hack as a defense to a spoofed-ip attack.
what are some names known to be hosted on worldnic?
we had problems reported with:
www.calairmail.com
www.holidaycardwebsite.com
I did some poking around lastnight with dig and some local unix
- Original Message -
From: Randy Bush [EMAIL PROTECTED]
To: Christopher L. Morrow [EMAIL PROTECTED]
Cc: nanog@merit.edu
Sent: Tuesday, April 26, 2005 16:35
Subject: Re: Problems with NS*.worldnic.com
lots of folk sent email to me and not the list. most report
worldnic responding
I saw some mention of this in a previous thread. Is anyone else still
experiencing problems? We're seeing general slowness and the use of the
truncate bit in responses, forcing to TCP mode.
]
To: [EMAIL PROTECTED]
Sent: Monday, April 25, 2005 21:34
Subject: Problems with NS*.worldnic.com
I saw some mention of this in a previous thread. Is anyone else still
experiencing problems? We're seeing general slowness and the use of the
truncate bit in responses, forcing to TCP mode.
I saw some mention of this in a previous thread. Is anyone else still
experiencing problems? We're seeing general slowness and the use of the
truncate bit in responses, forcing to TCP mode.
We're still having a wack of issues with all names on NSI nameservers. Poking
around at other
On Mon, 25 Apr 2005, Graeme Clark wrote:
I saw some mention of this in a previous thread. Is anyone else still
experiencing problems? We're seeing general slowness and the use of the
truncate bit in responses, forcing to TCP mode.
We're still having a wack of issues with all names
something *very* strange is going on. the worldnic servers have
been giving delayed or no results for days now. and nsi is hoping
we and the wsj/nyt won't notice.
i don't think this
roam.psg.com:/usr/home/randy doc -p -w worldnic.net
Doc-2.1.4: doc -p -w worldnic.net
Doc-2.1.4:
On Mon, 25 Apr 2005, Randy Bush wrote:
i don't think this
roam.psg.com:/usr/home/randy doc -p -w worldnic.net
Doc-2.1.4: doc -p -w worldnic.net
Doc-2.1.4: Starting test of worldnic.net. parent is net.
Doc-2.1.4: Test date - Mon Apr 25 14:20:45 HST 2005
;; res_nsend:
Well, the first thing any engineer worth their saly would
ask in a situatin such as this is Were any changes implemented,
concurrent with the appearance of these problems, which would
have possibly account for this?
This problem has fairly wide-spread implications, it would
appear, and the lack
Matt Larson wrote:
a.gtld-servers.net and b.gtld-servers.net have records. Some
applications and stacks try the v6 address first if it's available and
will appear to hang if you don't have v6 connectivity. That may very
well be what's happening here.
Are the records for a
Randy, and others with this issue...
On 4/25/05 5:24 PM, Randy Bush [EMAIL PROTECTED] wrote:
something *very* strange is going on. the worldnic servers have
been giving delayed or no results for days now. and nsi is hoping
we and the wsj/nyt won't notice.
i don't think this
On 4/26/05, Rodney Joffe [EMAIL PROTECTED] wrote:
The culprit is dig.
I am not sure whether the correct solution is to fix dig so that is tries
ipv4, or to get the os fixed on a dual stack capable system so that if
there is not ipv6 connectivity it disables that part of the system. I
On Mon, 25 Apr 2005 21:34:54 PDT, Rodney Joffe said:
I am not sure whether the correct solution is to fix dig so that is tries
ipv4, or to get the os fixed on a dual stack capable system so that if
there is not ipv6 connectivity it disables that part of the system. I
suspect the first is
So how is it supposed to know that it doesn't have an ipv6 connection?
in my case, because
o no interfaces have v6 addresses
o v6 stack is not present
o ...
it should also not use smoke signals, analog voice phone, ...
the chances of a box having a v6 connection to *anything* today
is
On Tue, 26 Apr 2005 [EMAIL PROTECTED] wrote:
On Mon, 25 Apr 2005 21:34:54 PDT, Rodney Joffe said:
I am not sure whether the correct solution is to fix dig so that is tries
ipv4, or to get the os fixed on a dual stack capable system so that if
there is not ipv6 connectivity it disables that part
Hi,
On Apr 17, 2005, at 8:20 PM, Eric A. Hall wrote:
| The maximum amount of memory to use for the server's cache, in
| bytes. [...] The default is unlimited, meaning that records are
| purged from the cache only when their TTLs expire.
That was my first guess too.
Most DNS servers don't even have
A friend in St. Paul left me a comment:
Irritated Comcast customer from St. Paul here. I'm just glad I
didn't wait until Friday to e-file my taxes.
Eric
Several of the servers that were down are not BIND, at least these:
prospero:~/Desktop/fpdns-0.9.1 dgold$ ./fpdns.pl 68.87.66.196
fingerprint (68.87.66.196, 68.87.66.196): Cisco CNR
I ran fpdns against them between outages. They now respond differently.
prospero:~/Desktop/fpdns-0.9.1 dgold$
* Daniel Golding:
I wouldn't rush to blame BIND for this.
Maybe the leak wasn't in the DNS service, but some other software
component which company policy required on each server (think of
Tivoli, antivirus software, or CSA). Who knows? The possiblities are
endless.
On 4/18/05, Florian Weimer [EMAIL PROTECTED] wrote:
Maybe the leak wasn't in the DNS service, but some other software
component which company policy required on each server (think of
Tivoli, antivirus software, or CSA). Who knows? The possiblities are
endless.
There was, at one time, a
configuration. 8-(
However, it's unlikely that this was the cause of Comcast's problems
because DNS cache overflows would have an impact on a much larger
scale.
that records are
| purged from the cache only when their TTLs expire.
The number of complaints I've heard that DNS resolvers eat *so* much
memory suggests that few people tweak the default configuration. 8-(
However, it's unlikely that this was the cause of Comcast's problems
because DNS cache
Regardless of whether it actually _was_ a memory leak,
or not, it appears that the impact was on a rather
large enough scale.
Have other service providers been affected, too?
Not to my knowledge, or at least, none that has been
publicly acknowledged.
From a Washington Post article yesterday (posted via Yahoo!
News), Comcast said that the problem manifested itself when
they were in the process of upgrading their DNS servers:
In message [EMAIL PROTECTED], Fergie (Paul
Ferguson) writes:
Not to my knowledge, or at least, none that has been
publicly acknowledged.
From a Washington Post article yesterday (posted via Yahoo!
News), Comcast said that the problem manifested itself when
they were in the process of
Steve (and all),
At least in my neighborhood, Comcast appears to be running BIND 9.2.4rc6
Ah... Then there are to possible paths...
1) There was a real memory-leak bug and this was an unfortunate operations
event. The CHANGES file for 9.3.1 and bind-9.2.5rc1 show various big fixes
related
On Sun, 17 Apr 2005, Fergie (Paul Ferguson) wrote:
Not to my knowledge, or at least, none that has been
publicly acknowledged.
From a Washington Post article yesterday (posted via Yahoo!
News), Comcast said that the problem manifested itself when
they were in the process of upgrading
On 4/17/2005 12:29 PM, Florian Weimer wrote:
* Sean Donelan:
Perhaps your DNS software also has a memory leak? Anyone know which
software Comcast was using? Should other ISPs be concerned they might
have the same latent problem in their systems?
Probably yes, especially if they don't
On 4/16/2005 10:03 PM, Sean Donelan wrote:
Should other ISPs be concerned they might have the same latent problem
in their systems?
ps v -C server-process-name will tell you how badly you're hurting
Anybody that does a bunch of lookups -- whether this is forward lookups
for customers or
cases.
A company spokeswoman wouldn't elaborate on the nature of the software
problems, identifying them only as a memory leak. But she said steps
meant to end them roughly coincided with Thursday's erratic outage, which
may have been less severe than the earlier ones, and added the fixes will
likely
domain very slowly...
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Lanny Jason Godsey wrote:
I'm not able to reach Postini.com. Is anyone else having problems
reaching them?
Thanks!
Lanny Godsey
,
(and monitoring them to make sure they keep working :-),
but it can be good for isolating some problems like this.
--
Fergie, a.k.a. Paul Ferguson
Engineering Architecture for the Internet
[EMAIL PROTECTED] or [EMAIL PROTECTED]
ferg's tech blog: http://spaces.msn.com/members/fergdawg/
I'm seeing delays of arounf 5 hours for mail being sent through Postini
at the moment. One of our suppliers complained they hadn't got our
normal call-offs and then it arrived, about 5 hours after had been sent.
FYI, Postini only talks to their customers, not to senders whose mail
they are
I'm not able to reach Postini.com. Is anyone else having problems
reaching them?
Thanks!
Lanny Godsey
On Fri, 15 Apr 2005, Patrick W Gilmore wrote:
Well configured laptops will not put that much pressure on the roots.
A single misconfigured / broken recursive name server puts a lot more
pressure on the roots than lots of well-configured laptops.
I guess one could argue that the chance of
On Apr 15, 2005, at 1:38 AM, Sean Donelan wrote:
On Fri, 15 Apr 2005, Patrick W Gilmore wrote:
Well configured laptops will not put that much pressure on the roots.
A single misconfigured / broken recursive name server puts a lot more
pressure on the roots than lots of well-configured laptops.
I
to building scalable distributed configurations of DNS servers
and coordinating them with the DHCP settings that tell customers what
server to use,
(and monitoring them to make sure they keep working :-),
but it can be good for isolating some problems like this.
Thanks; Bill
Could this be relate to the fact that Microsoft nixed the Passport service
back in January?
http://www.theregister.co.uk/2004/12/30/ms_ends_pass/
Andrew
:)
On 3/21/05 10:10 PM, william(at)elan.net [EMAIL PROTECTED] wrote:
I'm trying to investigate strange timeout problems with microsoft
I'm trying to investigate strange timeout problems with microsoft passport.
The problem is that trying to get to any website that uses passport (tried
hotmail.com, groups.yahoo.com) does not work and times out and going
directly to passport.net causes redirect to login.passport.net where
Has anybody here been experiencing any abnormalities with the spamhaus
SBL-XBL lists? I've gotten an alarming number of complains in the last
24 hours regarding mail rejections from IP's that do not appear to be
listed in the SBL-XBL databse.
On Tue, 25 Jan 2005 09:37:46 -0500
Chris Allermann [EMAIL PROTECTED] wrote:
Has anybody here been experiencing any abnormalities with the spamhaus
SBL-XBL lists? I've gotten an alarming number of complains in the last
24 hours regarding mail rejections from IP's that do not appear to be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone have any details on what is going on with AboveNet? Evidently
something major but our support contacts didn't have a lot of details,
said there'd be something out later this afternoon about it. Wondering
if others are experiencing problems
it. Wondering
if others are experiencing problems with them.
We received this totally ambiguous and non-specific message this
morning:
Dear Valued Customer,
We are currently experiencing network
connectivity issues. These issues began at
04:00am (EST). We are investigating the cause
On Fri, 21 Jan 2005, David A.Ulevitch wrote:
We received this totally ambiguous and non-specific message this
morning:
We got the same thing. According to Cricket BGP update graphs, we had
some AboveNet route flapping at about 3:15AM and again from about
4:00-4:30AM EST. There were some
Bethke
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Chris A. Epler
Sent: Friday, January 21, 2005 1:43 PM
To: nanog@merit.edu
Subject: Major AboveNet problems?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone have any details on what
Yesterday radb.net appeared to be offline - today I'm getting a 403.
I could suffice if someone has an As-Set template they can send me.
--
matthew zeier - But if you only have love for your own race, Then you only
leave space to discriminate, And to discriminate only generates hate. - BEP
On 2 Jan 2005, at 14:34, matthew zeier wrote:
Yesterday radb.net appeared to be offline - today I'm getting a 403.
I could suffice if someone has an As-Set template they can send me.
[EMAIL PROTECTED] whois -h whois.ra.net -- '-t as-set'
as-set:[mandatory] [single] [primary/look-up
Any one having packet loss problems with Level3 Chicago? The other day a
L3 router was having a ddos attack but it has been fixed this is a
separate problem, packet loss. Specifically their bb2 router at 111 N
canal.
Best Wishes,
Blake L. Smith
XtremeBandwidth.com, Inc.
949-330-6400 Office
On Fri Nov 19, 2004, Vandy Hamidi wrote:
Problem is fixed.
Looks like a quick patch was put into place.
Who is opentransit.net?
Answering a bit late:
whois -h whois.networksolutions.com opentransit.net
Any issues, please report them to [EMAIL PROTECTED]
Thanks
German
--
Discouragement
My offices that use Sprint are having timeouts and major slowdowns to
www.google.com
Traceroute shows it going through reach.com and that is where the
slowdown is occurring.
See hop 11 below.
Tracing route to www.google.akadns.net [216.239.57.103]
over a maximum of 30 hops:
11 ms1 ms
On Fri, 19 Nov 2004, Vandy Hamidi wrote:
My offices that use Sprint are having timeouts and major slowdowns to
www.google.com
Looks like Akamai thinks you are in Singapore and points you to
singapore-located google instance..;)
-alex
I'm having the same problem, FWIW.
--
Bruce Robertson, President/CEO +1-775-348-7299
Great Basin Internet Services, Inc. fax: +1-775-348-9412
http://www.greatbasin.net
On Fri, 19 Nov 2004 [EMAIL PROTECTED] wrote:
On Fri, 19 Nov 2004, Vandy Hamidi wrote:
My offices that use Sprint are having timeouts and major slowdowns to
www.google.com
Looks like Akamai thinks you are in Singapore and points you to
singapore-located google instance..;)
PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 2:01 PM
Cc: [EMAIL PROTECTED]
Subject: Re: Goofle/Sprint having problems?
On Fri, 19 Nov 2004 [EMAIL PROTECTED] wrote:
On Fri, 19 Nov 2004, Vandy Hamidi wrote:
My offices that use Sprint are having timeouts and major
On Fri, 19 Nov 2004, Vandy Hamidi wrote:
Yeah, a visual route just showed my trace going to AUS and then
Singapore.
Hmm... You think Google is going to be pissed when they find out their
site was being routed to Asia?
Heads will roll... (lawsuit?)
NANOG recuring topic thread #4
Gee,
- Original Message -
From: Sean Donelan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, November 19, 2004 5:38 PM
Subject: RE: Goofle/Sprint having problems?
On Fri, 19 Nov 2004, Vandy Hamidi wrote:
Yeah, a visual route just showed my trace going to AUS and then
Singapore
-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Paul G
Sent: Friday, November 19, 2004 2:43 PM
To: [EMAIL PROTECTED]
Subject: Re: Goofle/Sprint having problems?
- Original Message -
From: Sean Donelan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, November 19, 2004 5
complete.
H:\
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Paul G
Sent: Friday, November 19, 2004 2:43 PM
To: [EMAIL PROTECTED]
Subject: Re: Goofle/Sprint having problems?
- Original Message -
From: Sean Donelan [EMAIL PROTECTED]
To: [EMAIL
Hi all,
I did a quick search of the archives and was unable to find any previous
discussions relevant to this topic.
One of our clients has been having problems receiving some legitmate
emails from business associates in China. The client's mailserver is
running qmail. In almost all
--On 18 November 2004 14:01 -0500 Lou Laczo [EMAIL PROTECTED] wrote:
The client's mailserver is
running qmail. In almost all of the cases, the failing email has at least
one attachment and is larger than what might be considered normal.
Have you tried checking the intervening path is clean w.r.t.
] wrote:
Hi all,
I did a quick search of the archives and was unable
to find any previous
discussions relevant to this topic.
One of our clients has been having problems
receiving some legitmate
emails from business associates in China. The
client's mailserver is
running qmail
circuit and the other server uses a
Time Warner Telecom circuit, but they both point to UltraDNS.
This strange behavior continued until roughly 9:00 PM MST and then the
DNS problems cleared up both at home and at work. I haven't seen anyone
else mention it yet but was there some sort of fairly
timeouts on DNS lookups. At the
same time, a friend of mine who also uses Comcast was seeing the same
thing. Approximately a third of my DNS lookups were timing out.
I had lots of problems with Comcast DNS over the weekend. The Comcast
network status said some undefined network maintenance
On Wed, 20 Oct 2004, Chris Moody wrote:
just got a call from MCI, informing me of a catastrophic fiber cut in
the area. The tech indicated that we have a DS3 through them that may
see a considerable performance hit as they are performing the repairs.
Apparently this cut affects MCI,
For example, how many ISPs use TCP MD5 to limit the possibility of a
BGP/TCP connection getting hijacked or disrupted by a ddos attack?
i hope none use it for the latter, as it will not help. more and
more use it for the former. why? becuase they perceived the need
to solve an immediate
Date: Tue, 19 Oct 2004 09:21:46 -0700
From: Randy Bush [EMAIL PROTECTED]
Subject: Re: BCP38 making it work, solving problems
For example, how many ISPs use TCP MD5 to limit the possibility of a
BGP/TCP connection getting hijacked or disrupted by a ddos attack?
i hope none use
On Tue, Oct 19, 2004 at 07:14:32PM +0200, JP Velders scribed:
Date: Tue, 19 Oct 2004 09:21:46 -0700
From: Randy Bush [EMAIL PROTECTED]
Subject: Re: BCP38 making it work, solving problems
For example, how many ISPs use TCP MD5 to limit the possibility of a
BGP/TCP connection
Date: Tue, 19 Oct 2004 13:20:08 -0400
From: David G. Andersen [EMAIL PROTECTED]
Subject: Re: BCP38 making it work, solving problems
[ ... ]
Unless you're worried about an adversary who taps into your
fiber, how is MD5 checksums any better than anti spoofing filters
that protect your BGP
Date: Tue, 19 Oct 2004 13:36:18 +
From: Paul Vixie [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: BCP38 making it work, solving problems
[ ... ]
As it was in the old days: first clean up your own act and then
start pointing at others that they're doing it wrong.
It's
301 - 400 of 854 matches
Mail list logo