86400INNSnameserver2.mc.duke.edu.
> dm.duke.edu.86400INNSnameserver1.mc.duke.edu.
>
> ;; Query time: 76 msec
> ;; SERVER: 152.16.1.12#53(152.16.1.12)
> ;; WHEN: Thu Sep 19 09:57:48 PDT 2024
> ;; MSG SIZE rcvd: 140
>
>
> Fails on
746 ms 20.031 ms 42.526
> ms
> 5 * * *
> 6 * * *
> 7 * * *
> 8 lo-0-v6.ear2.sanjose1.level3.net 15.106 ms 14.454 ms 13.240 ms
> 9 pt.telekomu.edge1.losangeles9.level3.net 15.921 ms 17.188 ms 16.294 ms
> 10 m.root-servers.net 17.032 ms 15.169 ms 14.892 ms
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
There is always talk to the local politician route so it gets raised in the
state legislature.
--
Mark Andrews
> On 23 May 2024, at 06:27, Sam Kretchmer wrote:
>
> Yes, this was mentioned earlier too. I am just worried that the Illinois St
> police don't update their dat
Yep. Look for an upgrade then file a bug report if not fixed by the upgrade.
It should be < 10 minutes work to fix + tests etc.
--
Mark Andrews
> On 16 Mar 2024, at 05:18, Bjørn Mork wrote:
> Dennis Burgess writes:
>
>> Looks like Bjorn was correct, one two many signat
nameserver vendors.
--
Mark Andrews
> On 16 Mar 2024, at 04:33, Bjørn Mork wrote:
>
> Dennis Burgess via NANOG writes:
>
>> So have *.app.linktechs.net that I have been trying to get to work, we
>> have DNSSEC on this, and its failing, but cannot for the life of me
>
missing.
I’m answering from my phone or else I would look it up myself.
--
Mark Andrews
> On 16 Mar 2024, at 04:36, Matthew Pounsett wrote:
>
>
>
>
>> On Fri, Mar 15, 2024 at 11:26 AM Dennis Burgess via NANOG
>> wrote:
>> So have *.app.linktechs.net that I ha
the serial and reload it.
e.g.
e.b.c.2.6.0.7.d.0.2.2.2.ip6.arpa. ns ns1.example.com.
Good luck.
--
Mark Andrews
> On 16 Feb 2024, at 04:48, Stephen Satchell wrote:
>
> Several people in NANOG have opined that there are a number of mail servers
> on the Internet operating with IP
t you could answer most of these by just looking at the email
headers in
your own incoming mail. Email has been delivered over IPv6 for over 2 decades
now.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
n if all zones, delgations and glue was signed.
> --
> Med venlig hilsen / Kind regards,
> Arne Jensen
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> On 8 Feb 2024, at 17:17, Töma Gavrichenkov wrote:
>
> Peace,
>
> On Thu, 8 Feb 2024, 6:39 am Mark Andrews, wrote:
> Given “MUST NOT” is not in RFC 4034, Appendix B, I’d take this with a grain
> of salt.
>
> "Implementations MUST NOT assume that the key tag
answer (SOA SN:
> > 4058856): https://dnsviz.net/d/ru/ZblI8Q/dnssec/
>
> There’s no reason to think that any external parties influenced this.
> Ockham’s razor.
>
> So many euphemisms suggest themselves in a situation like this… Own-goal,
> one-car-accident, etc. Except
If you are using IPv4 address that belong to someone else internally you really
are in a prime position to use IPv6 only internally and use one of the IPv4AAS
mechanisms to reach the IPv4 internet. After a quarter of a century all your
equipment should be IPv6 capable.
--
Mark Andrews
>
o the initial (client cookie only) UDP request with your server
cookie. Identifying real DNS clients has been possible for years now. It’s
not hard.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
The other thing it could be is broken PMTUD / failure fragment at network MTU.
We defined socket options to do this 2 decades ago.
--
Mark Andrews
> On 9 Nov 2023, at 06:00, Matthew Pounsett wrote:
>
> On Wed, Nov 8, 2023 at 2:12 AM Bryan Fields wrote:
>>
>>
>
It’s one broken server or firewall dropping fragmented responses In front of
it. Just open a ticket.
--
Mark Andrews
> On 8 Nov 2023, at 07:29, Owen DeLong via NANOG wrote:
>
>
> 10.159.192.in-addr.arpa
> dnsviz.net
>
>
>
> Seems to report a bunch of error
> On 2 Nov 2023, at 20:25, Stephane Bortzmeyer wrote:
>
> On Thu, Nov 02, 2023 at 04:09:24PM +1100,
> Mark Andrews wrote
> a message of 90 lines which said:
>
>> I also see QNAME minimisation in action as the QTYPE is NS. This
>> could just be a open
much more than
that to make that conclusion.
--
Mark Andrews
> On 2 Nov 2023, at 06:15, Randy Bush wrote:
>
> ya, right, and at a whole bunch of other cctld servers
>
> from a network called domaincrawler-hosting
>
> shall we smoke another?
>
> /home/randy&g
> org:ORG-ABUS1196-RIPE
> country:SE
> admin-c:VIJE1-RIPE
> tech-c: VIJE1-RIPE
> status: ASSIGNED PA
> notify: c+1...@resilans.se
> mnt-by: RESILANS-MNT
> mnt-routes: ETTNET-LIR
> created:2008-04-03T11:21:0
It’s being filtered. Only Charter can tell you why.
--
Mark Andrews
> On 26 Oct 2023, at 05:07, Jason J. Gullickson via NANOG
> wrote:
>
>
> I've been working for a week or so to solve a problem with DNS resolution for
> Charter customers for our domain bonesinjars
> On 13 Oct 2023, at 08:31, scott wrote:
>
>
>
>
> On 10/11/23 7:47 PM, Mark Andrews wrote:
>> Virtually no home network on the planet has fully functional IPv4 available
>> to it.
>
>
> Hawaiian Telcom customers have it. No blocks at all.
So
> On 12 Oct 2023, at 06:51, Delong.com wrote:
>
>
>
>> On Oct 11, 2023, at 12:47, Mark Andrews wrote:
>>
>> It is no different to deploying PNAT44 in every CPE box in the world to
>> allow you to connect to the global IPv4 internet today. Virtually n
through a transition box today.
If the router modifies the source or destination addresses or the ports of the
packet it is a transition box. It is the border between two internets.
--
Mark Andrews
> On 12 Oct 2023, at 06:07, Delong.com wrote:
>
>
>
>>> On Oct 10,
that can’t talk IPv6 there is a solution space
that allows it to talk to the IPv6 internet. You need to install it however.
Adding DNS46 to a nameserver is about a days if you already have a DNS64 model.
The hard bit is working out how to talk to the NAT64 implementation. A good
project t
The implication would look at the terminal characteristics and enable as
required.
--
Mark Andrews
> On 23 Sep 2023, at 08:33, Michael Thomas wrote:
>
>
>> On 9/22/23 1:54 PM, Mark Andrews wrote:
>> Telnet sessions where often initiated from half duplex terminals.
Telnet sessions where often initiated from half duplex terminals. Pushing
that flow control across the network helped those users.
--
Mark Andrews
> On 23 Sep 2023, at 06:25, Michael Thomas wrote:
>
>
>> On 9/22/23 9:42 AM, Jay Hennigan wrote:
>>> On 9/21/23 17:
n
> keep using GPS as well. If GPS goes bananas on timing, that source will just
> be disregarded (one of the features of the NTP architecture that has been
> pointed out over and over in this thread and you keep ignoring it).
>
> Rubens
--
Mark Andrews, ISC
1 Seym
Which you can do with DNSSEC but the key management will be enormous.
--
Mark Andrews
> On 21 Jun 2023, at 15:39, Masataka Ohta
> wrote:
>
> Matt Corallo wrote:
>
>>> As PKI, including DNSSEC, is subject to MitM attacks, is
>>> not cryptographically se
ve than, say, satellite tv dishes? I can see
>> marginally more because of the LEO aspect, but isn't that mainly just
>> software? It wouldn't surprise me that the main cost is the truck roll.
>>>>>
>>>>> Mike
>>>>>
>>>&g
ET, H.ROOT-SERVERS.NET,
J.ROOT-SERVERS.NET, K.ROOT-SERVERS.NET and
M.ROOT-SERVERS.NET.
2255. [maint] L.ROOT-SERVERS.NET is now 199.7.83.42.
1567. [maint] B.ROOT-SERVERS.NET is now 192.228.79.201.
1397. [maint] J.ROOT-SERVERS.NE
ere's no point in having DS records on host
> records, if the parent domain doesn't have them too.
>
> I wouldn't bother if it was one or two entries, but it looks like the whole
> domain is affected and this probably is a fairly widely utilised domain.
>
local resolver to resolve cob.cms.hhs.gov
>> <http://cob.cms.hhs.gov>, it works. Any thoughts on why this is the case?
>
> Because it's getting the answer from the child zone (cms) like it should.
>
> I'm sort of curious about what `dig +trace` results you received originally
> that made you believe that you weren't getting the right response. Are you
> currently seeing what you expect to see?
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
b582c8d51b5d3a25c (good)
;; QUESTION SECTION:
;355.dhhs.gov. IN A
;; AUTHORITY SECTION:
dhhs.gov. 3600 IN SOA rh120ns1.368.dhhs.gov. hostmaster.psc.hhs.gov. 2023021759
1200 300 2419200 3600
;; Query time: 246 msec
;; SERVER: 158.74.30.99#53(158.74.30.99) (TCP)
;; WHEN: Wed Apr 12 16:43:07 AES
s it looks like the NS for hhs.gov
> does not seem to resolve the hostname.
>
> However dig +trace cms.hhs.gov resolves and so does dig +trace
> eclkc.ohs.acf.hhs.gov
>
> However if I simply ask my local resolver to resolve cob.cms.hhs.gov, it
> works. Any thoughts on why this is the case?
>
> Thanks,
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
are getting the data. I do not know
> how to characterise this as anything but unethical.
>
> https://community.cloudflare.com/t/1-1-1-1-wont-resolve-www-moi-gov-cy-in-lca-235m3/487469
> https://community.cloudflare.com/t/1-1-1-1-failing-to-resolve/474228
>
> If you can't
sses that way
> was that if the downstream customer had more than one ISP, it would be
> unable to differentiate between ISPs for 100.64/10 destinations.
>
> Regards,
> Bill Herrin
> --
> For hire. https://bill.herrin.us/resume/
Correct, you can’t use 100.64/10 for any s
extra
steps.
As for connection racing IPv6 wins 99.99% of the time. There is enough bias
that it will win unless there is a lossy path involved.
--
Mark Andrews
> On 6 Dec 2022, at 06:02, Tom Beecher wrote:
>
>
> But IPv6Foo , ast least as far as I could tell by quickly lo
empt should be made regardless of knowing in advance which it will be.
>>
>> You assertion needs some back of the envelope numbers, which once provided,
>> I suspect will render your estimate grossly incorrect.
>>
>> You can hardly attempt to convince anybody that 240/4 as unicast would not
>> be the more trivial change made in any of these products natural life cycle
>> points.
>>
>> Especially as we have examples of what that type of effort might look like.
>> IGTFY and here
>>
>> https://lore.kernel.org/lkml/20080108011057.ga21...@cisco.com/
>>
>> The burdensome position is ridiculous even more so when stated with a
>> straight face.
>>
>> Joe
>>
>>
>>
>
>
> --
> This email has been checked for viruses by Avast antivirus software.
> www.avast.com
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
stupid NAT tricks.
> Well yes...
>
> ... but why would Sony do that when they have so conveniently externalized
> all costs?
>
>
> - Jared
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
what breaks like
sites where one of the cdn’s is IPv4 only despite the page itself being
reachable over IPv6. Or the nameservers are not reachable over IPv6.
Write down what you find is broken and report it.
--
Mark Andrews
> On 1 Apr 2022, at 05:53, Matthew Petach wrote:
>
>
&g
and everything else had defaults. You could implement this in stack
that only presented IPv6 to the application using IPv4 mapped address. You use
getaddrinfo with AI_V4MAPPED set for domain names and address literals which
should preference IPv6 over mapped IPv4 moving the traffic to IPv6. Yes
s contributors by
> its own merits, not by relying on artificial barriers to the competitions.
> Based on my best understanding, IPv6 failed right after the decision of "not
> emphasizing the backward compatibility with IPv4". It broke one of the golden
>
It’s a business problem for the RIR’s. Selling / leasing known defective
products is against lots of consumer law.
--
Mark Andrews
> On 17 Mar 2022, at 03:43, Owen DeLong wrote:
>
>
>
>>> On Mar 15, 2022, at 19:23 , Mark Andrews wrote:
>>>
>>>
&
Information Utility | *oo*
>>
>>
>> --
>> Best Regards !
>> __
>> baya.sylvain[AT cmNOG DOT cm]|<https://cmnog.cm/dokuwiki/Structure>
>> Subscribe to Mailing List: <https://lists.cmnog.cm/mailman/listinfo/cmnog/>
>> __
>> #LASAINTEBIBLE|#Romains15:33«Que LE #DIEU de #Paix soit avec vous
>> tous! #Amen!»
>> #MaPrière est que tu naisses de nouveau. #Chrétiennement
>> «Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
>> après TOI, ô DIEU!»(#Psaumes42:2)
>>
>>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
;>
>>
>> https://datatracker.ietf.org/doc/html/draft-fuller-240space-02
>> https://mailarchive.ietf.org/arch/search/?q=draft-fuller-240space
>>
>>
>> The walkaway I had from these discussions was that while changing the
>> definition of the address space would allow RIRs to sell more IPv4 address
>> space for a few weeks (such as happened to APNIC when the last /8's were
>> handed out), there were not enough addresses in the identified pools to
>> solve the address shortage. So it was in the end a fool's errand. If you
>> want to have address space to address the current shortage, you need an
>> addressing architecture with more addresses.
>>
>> I was there for those discussions, and I'm not sure how to put it more
>> simply.
>>
>> --
>>
>>
>> Virus-free. www.avast.com
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
harmed if the rest of the network stopped treating this as
> loopback, we'd be glad to hear about it.
What does it matter what people are using those addresses for. They are
using them in good faith and are under no obligation to report how they
are using them.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
or the other side to enable
it.
For requests without DNS COOKIEs present there is RRL mechanisms.
> Please stop enabling dnssec on your domain folks, you are going to have
> outage, your security is worse off, and you feeding the vendor / hacker ddos
> death spiral
>
>
>
>
be able to grow the per customer
allocation up to /48 per customer.
One shouldn’t be stuck with /56 because one made a bad choice of prefix size
initially.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
That fine. XP supports IPv6 and apart from the DNS needing a IPv4 recursive
server it works fine.
--
Mark Andrews
> On 21 Nov 2021, at 11:23, ML wrote:
>
>
>
>> On 11/19/2021 1:27 PM, William Herrin wrote:
>>> On Fri, Nov 19, 2021 at 10:22 AM Zu wrote
on your system, is by definition, local to your
> system.
>
> All other mechanisms are not. Maybe by convention, but not definition.
>
> Dont we appreciate standards for that very reason?
>
>> Or, you know,
>> some maniac might decide that part of 127/8 isn't loopback so I have to move
>> them to the part that
>> still is.
>>
>> In IPv6 I use ULAs since that gives me the option of routing them or not.
>>
>> R's,
>> John
>>
>>
> ULA and registered ULA are one of those things thats hard to think about with
> a straight face. They betray a variety of dichotomies that are quite
> ridiculous.
>
> Joe
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> On 18 Nov 2021, at 11:58, Joe Maimon wrote:
>
>
>
> Mark Andrews wrote:
>> It’s a denial of service attack on the IETF process to keep bringing up
>> drafts like this that are never going to be approved. 127/8 is in use. It
>> isn’t free.
>
> T
mproving interoperability with multiple protocols and tunnelling
> technologies
> • Supplying tested patches and tools that address these problems
> --
>
> Some of these are hardcoded in ASICs, I believe. Change that! ;)
>
> scott
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
\032 is space. Go read STD13 aka RFC 1034 and RFC 1035.
--
Mark Andrews
> On 22 Oct 2021, at 16:40, Owen DeLong via NANOG wrote:
>
> \032 is not a space.
>
> Decimal 32 (0x20, \040) is a space.
> \032 is a Ctrl-Z (26 decimal, 0x1a)
>
> Owen
>
>
>> On
/rfc6092
CableLabs has similar requirements.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
start some kind of flame war here. Yeah I
>>> know, Im biased toward IPv4.
>>
>> I don't view honest and good spirited discussion of facts and understanding
>> to
>> be a flame war. In fact, I view such discussions as a good thing.
>>
>>> If something new popups, I want it better than previous thingie (a lot) and
>>> easier or at least same level of complications, but IPv6 just solves one
>>> thing
>>> and brings a lot of complexity.
>> Please elaborate on the complexity that IPv6 brings that IPv4 didn't also
>> bring
>> with it in the '90s?
>>
>> Would the things that you are referring to as IPv6 complexities have been any
>> different if we had started with IPv6 instead of IPv4 in the '80s & '90s?
>>
>> In some ways it seems to me that you are alluding to the legacy code /
>> equipment
>> / understanding / configuration / what have you. This is something that many
>> have been dealing with for quite a while. The mainframe's ability to run
>> code
>> from near half a century ago comes to mind.
>>
>>> The fact is, IPv6 failed.
>>
>> I concede that IPv6 has faltered. But I don't believe it's failed. I don't
>> think it's fair to claim that it has.
>>
>>> There are probably multiple reasons for it. Do we ever move to IPv6? I dont
>>> know.. Do I care for now? Nope, IPv4 works for me for now.
>>
>> You are entitled to your own opinion as much as I'm entitled to mine. But the
>> key thing to keep in mind is that it's /your/ opinion. The operative word
>> being
>> "your" as in "you". Your views / opinions / experiences are /yours/. What's
>> more important is that other people's views / opinions / experiences may be
>> different.
>>
>>
>>
>> --
>> Grant. . . .
>> unix || die
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
:34, Colton Conor wrote:
>
> 300 apartments Mark. No, it's bulk internet and wifi so a single provider.
>
> On Wed, Sep 22, 2021 at 8:01 PM Mark Andrews wrote:
>>
>> And how many apartments where covered by that single IP address? Was this
>> where there is a
an lower the number of people that need to escape IPv4 nat. If
>> it helps just a little bit, that alone will make implementing IPv6 worth it
>> for smaller emerging operators. Buying IPv4 has become very expensive. Yes
>> you can profit from selling a public IPv4 address to the cu
It tells you that AT&T don’t treat IPv6 on equal footing to IPv4 and nothing
more.
There is nothing at the protocol level stopping AT&T offering a similar level
of service. Don’t equate poor implementation with the protocol being broken.
--
Mark Andrews
> On 19 Sep 2021, at 07:
w/ CLAT] { home
network IPv4 + IPv6 }
DS-Lite
{ Internet IPv4(40% of traffic) + IPv6(60% of traffic) } - [Router w/ AFTR] - {
IPv6-only (IPv4 traffic has been encapsulated in IPv6) } - [CPE w/ B4] { home
network IPv4 + IPv6 }
MAP-T and MAP-E are similar to 464XLAT and DS-Lite respectively.
Yes, you have to learn something new but it costs less that a “pure" IPv4
service.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
s
enable it if it is implemented? Getting IPv4 continue to work
just add layer upon layer of hacks which we are all continuing
to pay for.
While we debate more and more services are enabling IPv6 and
the traffic is shifting to IPv6.
>> Do you have any more practical proposals, or..?
>
>
et firmware updates
> done),
> I wouldn’t hold my breath and I suspect where there are competitive
> alternatives,
> such a notice would be a boon to the competition.
>
> Owen
>
>
>> On Aug 31, 2021, at 15:15 , Mark Andrews wrote:
>>
>> Force the traff
;
>> Geolocate and VPN or Not are often kind of tied to the same kinds of
>> reporting services and it may well be that whatever provider HBO is using
>> for one is also being used for the other.
>> Owen
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
, but not want to sign
> stuff they can't control.
>
> Just playing devils advocate.
>
> --
> Bryan Fields
>
> 727-409-1194 - Voice
> http://bryanfields.net
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
DANE works with self generated CERTs. The TLSA record provides the
cryptographic link back to the DNSSEC root.
--
Mark Andrews
> On 3 Jun 2021, at 22:32, babydr DBA James W. Laferriere
> wrote:
>
> Hello Mark ,
>
>> On Wed, 2 Jun 2021, Mark Tinka wrote:
>&g
e in the RDATA section of the
RR. If a CNAME RR is present at a node, no other data should be
present; this ensures that the data for a canonical name and its aliases
cannot be different. This rule also insures that a cached CNAME can be
used without checking with an authoritative server for other
: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
;; QUESTION SECTION:
;login.authorize.net.cdn.cloudflare.net. IN TXT
;; Query time: 15 msec
;; SERVER: 198.41.222.31#53(198.41.222.31)
;; WHEN: Wed Apr 07 07:14:22 AEST 2021
;
.
NATs produce a second class Internet. We have had to lived with a second class
Internet for so long that most don’t know what they are missing.
--
Mark Andrews
> On 27 Mar 2021, at 07:14, Andy Ringsmuth wrote:
>
>
>>
>>> On 3/26/21 12:26 PM, Mark Tinka wrote:
&
letter to the
Minster, Shadow Minister and the CEO of the company the servers where
outsourced too pointing out the problem. Fixed within a couple of days.
--
Mark Andrews
> On 10 Mar 2021, at 06:17, Kevin Wallace wrote:
>
> On Tue, Mar 9, 2021, at 6:13 AM, Justin Wilson (Lists) wr
to satisfy myself that I
> wrote mine correctly?
> 2. Which one makes more sense from the practical point-of-view: having a Null
> MX Record for the no-mail domain, or having no MX record at all?
>
>
> Thanks in advance for all advices,
>
> --
>
> Pi
s:
> - Why will us keep that much options of endpoints connections, if only one
> solves all the problems?
> - We will need to train the guys on the Dual-Stack/CGNAT Scnario, and
> 464Xlat Scenario... Knowing about Danos, about Jool...
> - It doesn't scale!
>
>
>
not true if the IPv4AAS implementation is done carefully.
>
> Owen
>
>
>> On Feb 19, 2021, at 12:11 PM, Tony Wicks wrote:
>>
>> Because then a large part of the Internet won't work....
>>
>> From: NANOG on behalf of Mark
>> Andrews
>>
(A-side
> > organization, Z-Side Organization, PathPanel/Port).
> > And some workflow
> > - Cross Connect Requiremento/Authorization from A-Side
> > - Acceptance/Authorization from Z-side.
> > - Acceptance/Authorization from Facilities involved (could be more than
> > one)
> > - Execution/Activation notice from Facilities.
> >
> >
> > --
> > Douglas Fernando Fischer
> > Engº de Controle e Automação
>
>
> --
> Douglas Fernando Fischer
> Engº de Controle e Automação
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
I’m sure the large parts of the world already doing this would disagree.
--
Mark Andrews
> On 20 Feb 2021, at 07:11, Tony Wicks wrote:
>
>
> Because then a large part of the Internet won't work
>
> From: NANOG on behalf of Mark
> Andrews
> Sent: Saturd
Why not go whole hog and provide IPv4 as a service? That way you are not
waiting for your customers to turn up IPv6 to take the load off your NAT box.
Yes, you can do it dual stack but you have waited so long you may as well miss
that step along the deployment path.
--
Mark Andrews
> On
> problem.
Lets hope you aren’t depending on a piece of medical equipment with a Y2038
issue to keep you alive.
Y2038 is everybody's problem!
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
8 is a bandaid for an obsolete
>> >> protocol.
>> > So, in your mind, IPv4 was "obsolete" in 1996 -- almost three years
>> > before IPv6 was even specified? Fascinating. I could be in no way
>> > mistaken for an IPv4/NAT apologist, but that
if (fcntl(fd, F_SETFL, flags) == -1)
perror("fcntl");
} else
perror("fcntl");
}
cleanup:
/* Free everything. */
if (fds != NULL) free(fds);
return (fd);
}
See https://users.isc.org/~marka/
Mark
> Regards,
> Bill Herrin
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
If you want to "fix the network," tolerate neither incompetence or sloth
> from its operators. Educate the former. Encourage the latter.
>
> --
> . ___ ___ . . ___
> . \/ |\ |\ \
> . _\_ /__ |-\ |-\ \__
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> On 12 Feb 2021, at 10:25, Tim Howe wrote:
>
> On Fri, 12 Feb 2021 09:05:51 +1100
> Mark Andrews wrote:
>
>> Almost everything you buy today works with IPv6. Even the crappy $50 home
>> router does IPv6.
>
> You're testing very different gear
yet enabled IPv6 to the home but the installed base
is becoming IPv6 capable.
The harder part is making sure every piece of kit works with IPv6 when you want
to turn off IPv4 internally but even then you can put that equipment behind
bi-directional NAT-64 boxes.
You have large parts of the world actively turning off as much IPv4 as they
can. Connections to legacy IPv4-only services are being tunnelled over IPv6
either by encapsulation or bi-directional protocol translation.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> Doug Barton
> Sent: Friday, January 22, 2021 5:30 PM
> To: nanog@nanog.org
> Subject: Re: DoD IP Space
>
> The KB indicates that the problem is with the "LG TV WebOS 3.8 or above."
>
> Doug
>
> (not speaking for any employers, current or former)
>
>
APNIC and 30% in RIPE then the
majority of addresses by region are in the LACNIC region.
--
Mark Andrews
> On 22 Jan 2021, at 23:48, JORDI PALET MARTINEZ via NANOG
> wrote:
>
>
>
> El 22/1/21 13:25, "NANOG en nombre de Masataka Ohta"
> mo...
services to move staff around the factory.
--
Mark Andrews
> On 23 Jan 2021, at 07:42, Mark Andrews wrote:
>
> Disney should hire some proper developers and QA team.
>
> RFC 1123 instructed developers to make sure your products handled multi-homed
> servers properly and d
silently untraceable over one then the other transport. It isn’t
hard to do. Dealing with broken networks is something every application should
do.
--
Mark Andrews
> On 23 Jan 2021, at 01:28, Travis Garrison wrote:
>
> What's all your opinion when company's such as Disney
I would think as long as most of the LACNIC addresses are used in region they
are fine. Without going and reading the policies in full, I would expect that
there would be a exception for multinationals to allow them to get addresses
from wherever they held a significant usage.
--
Mark
ing to the URL bar, similar to the HTTPS
> warnings we see today. If a site is IPv4 only, warn that the site is using
> deprecated technology.
>
> Financial incentives also work. Perhaps we can convince Mr. Biden to give a
> .5%
> tax cut to corporations that fully implement v6.
; John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for
> Dummies",
> Please consider the environment before reading this e-mail. https://jl.ly
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
talina macos) and
> rebooted just because. Anyone else seen a weirdism on this? thanks
>
> Becki in Detroit
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ecord - fwiw...
>
> Yes. I didn't think that was something that needed to be explained on NANOG,
> though.
Given the number of ISPs (and others) that ask ISC to support CNAME at the APEX
to whom we have to politely say:
“No. It is not permitted by this part of RFC 1034.”
cient in a lot of other areas, too.
>>
>> - Matt
>
>
> except - don't forget that the root of a domain (that domain without "www.”
> or any other label) - cannot have a CNAME as the "A" record - fwiw…
Which is why there are HTTPS and SVCB records coming and
t; https://spacenews.com/osiris-rex-touches-down-on-asteroid
> https://www.bbc.com/news/science-environment-47293317
>
> Or...
>
> The IPI idea has been around for a long time now:
> https://en.wikipedia.org/wiki/Interplanetary_Internet
>
> The main question is will NANOG O
compared
to counting the votes.
Timezone spread also makes the night longer. If you have a result within 2
hours of the Hawaiian polls closing you are on par.
--
Mark Andrews
> On 17 Oct 2020, at 07:49, Alain Hebert wrote:
>
> Hi,
>
> Beside being:
>
>
ack, scans, or notices)
>
> I suppose it depends on your definition of "engage the community". I think
> that's what we're doing right now. We're also no stranger to NANOG (though
> perhaps more of a lurker on the mailing list). But community is a much
> broader term. And anyway, there is some order to this whole thing, and
> broader announcements will come later.
>
> Cheers,
> Casey
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
re still waiting for the customer to let us know what that source IP is
> when it does work).
> Before you suggest that those .255 addresses are broadcasts on some VLAN,
> they are not. They are injected as /32s using a routing protocol, while the
> VLAN addressing is all RFC1918 addressing.
>
> --Andrey
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
missing?
Lots of assumptions people are making about how equipment is configured which
is causing people to talk past each other.
>> On Aug 27, 2020, at 1:20 AM, Mark Andrews wrote:
>>
>>
>>
>>> On 27 Aug 2020, at 15:58, Bjørn Mork wrote:
>>>
>
stack network.
And no NAT64 does not imply DNS64. You can publish a ipv4only.arpa zone with
the mappings for the NAT64. There are now also RA options for publishing these
mappings. There are also DHCPv6 options.
Mark
> Bjørn
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Sony is in
breach of lots of consumer laws around the planet. No EULA trumps the law.
Here is Australia it would be the ACCC that would take them to task.
--
Mark Andrews
> On 27 Aug 2020, at 04:38, Brian Johnson wrote:
>
> I‘m going further... They shouldn’t have to care. So
r non-explicilty authorized disclosure,
> copying, distribution or use of the contents of this information, even if
> partially, including attached files, is strictly prohibited and will be
> considered a criminal offense. If you are not the intended recipient be aware
> that any disclosu
d will be
> considered a criminal offense. If you are not the intended recipient be aware
> that any disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited, will be considered a criminal offense, so you must reply to the
> original sender to inform about this communication and delete it.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
time I actually interacted with
>> them, I just emailed Matt Griswold, but that was years ago.
>
> I'm also assuming this is about the 5 bounce messages I got from this last
> message to the list "Message to 9728466...@email.uscc.net failed."
>
> Lets see if it
The machines that are ssh probing are probably doing other stuff. Take the win
that you have been informed about a compromised machine and get it cleaned /
quarantined.
--
Mark Andrews
> On 30 Apr 2020, at 06:20, Bottiger wrote:
>
>
> It is rather easy to block SSH crack
1 - 100 of 1172 matches
Mail list logo