Well, a particular router doesn't get to set its dampening according
to its 'view' today, and that view is going to vary depending on
prefix.
I would like to argue that how we define flapping today is simply a
broken concept. We count up/down/path change transitions, but such
transitions
On 21-dec-04, at 9:16, Jerry Pasker wrote:
IF there's a connection problem, or implementation difference that
makes a lot of up/down, then dampening could occur close to the
problem but it will be contained close, and won't spread to the rest
of the internet.
Today's AS hierarchy is quite flat,
Jerry,
i've been wondering, since most people aren't using a
25xx class router for bgp anymore, and the forwarding planes
are able to cope more when 'bad things(tm)' happen, what the value
of dampening is these days.
ie: does dampening cause more problems than it tries to
An even more important consideration is whether our current paradigm
of flap dampening actually is the behavior that we want to penalize.
If a single link bounces just once, then thanks to our mesh,
confederations, differing MRAI's etc., we can see many many changes
to the AS path, resulting
Aside from the general discussion I seem to have provoked - most of which may
not be relevant to my problem anyway :(
Has anyone any idea if @verizon.net email accounts will accept email from the
UK ever again?
Enquiring postmasters want to know.
Still seeing intermittent issues with hotmail
Or just register our-name. and be done with it?
Not so farfetched http://www.2idi.com
Seems to me that DNS already has n+12 redundancy
available. But the world is big enough to believe
that perhaps 12 extra servers is not enough for
everyone everywhere and that it may not be a trivial
problem
On 14.12 09:39, Todd Vierling wrote:
That's definitely true, though it can be used successfully -- if there's a
very reliable kill-switch to withdraw the advertisement in a moment, or some
kind of fallback mechanism in place to handle gross failures.
Using this as the *only* remedy for
On 16-dec-04, at 12:52, Daniel Karrenberg wrote:
That's definitely true, though it can be used successfully -- if
there's a
very reliable kill-switch to withdraw the advertisement in a moment,
or some
kind of fallback mechanism in place to handle gross failures.
Using this as the *only* remedy
On Thu, 16 Dec 2004 10:33:27 PST, just me said:
and be done with it? Look. Some folks think that $technology is a good
solution for $application. Some don't. The great thing about teh
internat is that differing solutions to common problems are embraced.
Better solutions reap their
On Thu, 16 Dec 2004 [EMAIL PROTECTED] wrote:
On Thu, 16 Dec 2004 12:24:56 PST, just me said:
So the competing .org provider deploys their better solution and
survives, how, exactly?
Are there not a variety of other registries?
It's not a registry problem.
On Thu, 16 Dec 2004 12:24:56 PST, just me said:
So the competing .org provider deploys their better solution and
survives, how, exactly?
Are there not a variety of other registries?
It's not a registry problem.
% dig org. ns
and ponder all the competition.
pgputEARn6nGr.pgp
On Thu, 16 Dec 2004 12:35:09 PST, just me said:
is org the sole delegation from .
If you're trying to register in .org, yes.
If you want to claim but the organization looking to register under .org
can go register under .com or .net or .biz, ask yourself why we bother having
TLD's at all? Why
Steve Gibbard wrote:
On Thu, 16 Dec 2004, Iljitsch van Beijnum wrote:
Having just two addresses is the main problem, the fact that they're
also anycast just makes it even worse under certain circumstances.
How does anycast make it worse?
If both anycast routes converges to the same
If both anycast routes converges to the same broken pod somehow(damping?).
And troublshooting that when it only happens in AS sounds like it
would be a bit more difficult.
That's not an anycast problem, that's just a misconfiguration.
-Bill
On Thu, Dec 16, 2004 at 01:43:25PM -0800, Bill Woodcock wrote:
If both anycast routes converges to the same broken pod
somehow(damping?).
And troublshooting that when it only happens in AS sounds like it
would be a bit more difficult.
That's not an anycast problem,
i've been wondering, since most people aren't using a
25xx class router for bgp anymore, and the forwarding planes
are able to cope more when 'bad things(tm)' happen, what the value
of dampening is these days.
ie: does dampening cause more problems than it tries to solve/avoid
these
On Fri, Dec 17, 2004 at 12:42:21AM +0100, Iljitsch van Beijnum wrote:
On 17-dec-04, at 0:21, Jerry Pasker wrote:
ie: does dampening cause more problems than it tries to solve/avoid
these days.
I don't know what takes more router resources; dampening enabled
doing the dampening
On Thu, Dec 16, 2004 at 11:43:12PM -0500, Jared Mauch wrote:
On Fri, Dec 17, 2004 at 12:42:21AM +0100, Iljitsch van Beijnum wrote:
On 17-dec-04, at 0:21, Jerry Pasker wrote:
ie: does dampening cause more problems than it tries to solve/avoid
these days.
I don't know what takes
On Thu, 16 Dec 2004, Iljitsch van Beijnum wrote:
And that's exactly why UltraDNS' treatment of .org is evil. I really don't
understand why people with .org domains aren't complaining louder about this.
Instead of re-starting this particular perennial thread, can we please
just
On Thu, 16 Dec 2004, Iljitsch van Beijnum wrote:
Having just two addresses is the main problem, the fact that they're
also anycast just makes it even worse under certain circumstances.
How does anycast make it worse?
-Steve
On Thu, 16 Dec 2004 [EMAIL PROTECTED] wrote:
On Thu, 16 Dec 2004 10:33:27 PST, just me said:
and be done with it? Look. Some folks think that $technology is a good
solution for $application. Some don't. The great thing about teh
internat is that differing solutions to common
On 17-dec-04, at 0:21, Jerry Pasker wrote:
ie: does dampening cause more problems than it tries to solve/avoid
these days.
I don't know what takes more router resources; dampening enabled
doing the dampening calculations, or no dampening and constantly
churning the BGP table. I would
On Friday 10 Dec 2004 5:26 pm, Rich Kulawiec wrote:
When an incoming SMTP connection is made to one of Verizon's MX's, they
allow it to proceed until the putative sender is specified, i.e. they
wait for this part of the SMTP transaction:
I don't think this is the issue, as we aren't getting
On Mon, 13 Dec 2004, Simon Waters wrote:
Inspection suggests that the anycast announcements in the UK were
pointing to a server that wasn't accepting email.
I believe here the problem is using anycast, and not providing a backup
system not using anycast. The previous case I'm aware of was
On 13 Dec 2004, at 15:27, Steve Gibbard wrote:
On Mon, 13 Dec 2004, Simon Waters wrote:
Inspection suggests that the anycast announcements in the UK were
pointing to a server that wasn't accepting email.
I believe here the problem is using anycast, and not providing a
backup
system not using
On Mon, 13 Dec 2004 08:50:20 +, Simon Waters [EMAIL PROTECTED] wrote:
Inspection suggests that the anycast announcements in the UK were pointing to
a server that wasn't accepting email.
First I've heard of Verizon using anycast
Or do you mean anycast lookups of .net were broken from
Reply (*long* reply) being sent off-list. If anyone else wants to
see it, rattle my cage.
---Rsk
Hi,
trying to pin down why so much email isn't making it recently.
We see issues with various big ISPs.
The most obvious is none of the three UK ISPs I have ready access to can
connect to port 25 on relay.verizon.net. (MX for all the verizon.net email
addresses). We can ping it (I'm sure it
On Fri, Dec 10, 2004 at 02:43:21PM +, Simon Waters wrote:
The most obvious is none of the three UK ISPs I have ready access to can
connect to port 25 on relay.verizon.net. (MX for all the verizon.net email
addresses). We can ping it (I'm sure it isn't singular?), but we have no more
PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Rich Kulawiec
Sent: Friday, December 10, 2004 9:27 AM
To: [EMAIL PROTECTED]
Subject: Re: verizon.net and other email grief
On Fri, Dec 10, 2004 at 02:43:21PM +, Simon Waters wrote:
The most obvious is none of the three UK ISPs I have ready
On Fri, 10 Dec 2004, Rich Kulawiec wrote:
Verizon has put in place an exceedingly stupid anti-spam system which
does not work, which facilitates DoS attacks, and which provides active
assistance to spammers.
The technique discussed is called callback verification and I do not
agree that
- Original Message -
From: Roy [EMAIL PROTECTED]
To: Rich Kulawiec [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Friday, December 10, 2004 2:23 PM
Subject: RE: verizon.net and other email grief
While I can't speak to what Verizon is using, Both Exim and Postfix have
the
very same
--On Friday, December 10, 2004 12:30 -0800 Paul Trebilco
[EMAIL PROTECTED] wrote:
Christopher X. Candreva wrote:
That would be 1000's of other people's servers getting traffic from you
because someone forged their address in the spam. You are effectively
doubleing the total load spam places on
--On Friday, December 10, 2004 15:38 -0500 Paul G [EMAIL PROTECTED] wrote:
- Original Message -
From: Paul Trebilco [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 10, 2004 3:30 PM
Subject: Re: verizon.net and other email grief
How so? Are you maybe confusing reject
- Original Message -
From: Paul Trebilco [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 10, 2004 3:30 PM
Subject: Re: verizon.net and other email grief
How so? Are you maybe confusing reject with bounce? If address
verification takes place while the SMTP connection
Paul G [EMAIL PROTECTED] wrote:
[...] they also have what they call 'callout verification', which is
equivalent to what is being discussed, but the documentation makes
the drawbacks painfully clear and suggests that it only be used
against hosts within the same organization.
No, that caveat
on Fri, Dec 10, 2004 at 12:36:12PM -0800, william(at)elan.net wrote:
On Fri, 10 Dec 2004, Rich Kulawiec wrote:
Verizon has put in place an exceedingly stupid anti-spam system which
does not work, which facilitates DoS attacks, and which provides active
assistance to spammers.
The
On Fri, 10 Dec 2004 12:36:12 PST, william(at)elan.net said:
They are correct in this case. The address entered in RFC2821 MAIL FROM
is Bounces-To address and it must accept bounced email and as such it
must accept incoming emails. If the address does not accept traffic as
you indicated
Krzysztof Adamski wrote:
On Fri, 10 Dec 2004, Jeffrey I. Schiller wrote:
On Fri, Dec 10, 2004 at 12:26:59PM -0500, Rich Kulawiec wrote:
One thing that's not clear is whether or not Verizon caches any of
this information.
It appears that they do some amount of caching.
On Fri, 10 Dec 2004, Roy wrote:
While I can't speak to what Verizon is using, Both Exim and Postfix have the
very same feature called address verification. Its in use at a number of
ISPs. My systems reject 1000's of messages every day because of
verification failures.
That would be 1000's
On Fri, Dec 10, 2004 at 12:26:59PM -0500, Rich Kulawiec wrote:
One thing that's not clear is whether or not Verizon caches any of
this information.
It appears that they do some amount of caching.
-Jeff
Christopher X. Candreva wrote:
That would be 1000's of other people's servers getting traffic from you
because someone forged their address in the spam. You are effectively
doubleing the total load spam places on the net.
This doesn't scale.
How so? Are you maybe confusing reject with bounce?
On Fri, 10 Dec 2004, Christopher X. Candreva wrote:
That would be 1000's of other people's servers getting traffic from you
because someone forged their address in the spam. You are effectively
doubleing the total load spam places on the net.
That is already what happens when spammer
On Fri, 10 Dec 2004, Jeffrey I. Schiller wrote:
On Fri, Dec 10, 2004 at 12:26:59PM -0500, Rich Kulawiec wrote:
One thing that's not clear is whether or not Verizon caches any of
this information.
It appears that they do some amount of caching.
-Jeff
It does not
On Fri, Dec 10, 2004 at 06:03:11PM -0500, Krzysztof Adamski wrote:
It does not appear that they are caching it, here is a sample from my log
file:
...
Well when I tested it (3 hours ago) I connected to them manually while
watching my incoming milter log. Indeed they visited immediate and
45 matches
Mail list logo