Responses and update..
I have gotten a massive response.. I am going to organize it all and give everyone a nice list... Just give me a few to organize it :)
Re: Do ATM-based Exchange Points make sense anymore?
Paul just hit on it. At how many layers do you want protection, and will they interfere with each other. Granted not all protection schemes overlap. If there if not a layer 1 failure, and a router maintains link0 but the card or routers has somehow failed and is no longer passing packets, I suppose that would have to be caught at layer 3. At an (MAN) exchange pt based in S. Fl, the technology is a multi-node area exchange point (layer 1 technology) based on dwdm and optical switches. The detection of nodes and failures is done with enhanced-OSPF. On testing, failure between the farthest two nodes and recovery took 16ms (approx 95miles dist btw nodes). Each individual circuit has a choice of protection level. This allows for no protection for any of a number of reasons. One may be to not interfere with a protection scheme at a higher level. While the switches do use OSPF for detection and recovery, they also use MPLS for reservation of bandwidth. None of this information is passed onto the customer routers however. It seems there should be a clear delineation btw the layers and what protection schemes should run at each. I also believe in separation of church and state if u will, router companies should play in their space while optical companies show stay in theirs. While it makes sense for some information to pass btw differing types of equipment (such as ODSI protocol or UNI 1.0) integration of the protection schemes runs a high degree of a cascade failure, or susceptibility to an exploit attach. As an added thought, the same MAN exchange point can do intranode connections (hairpinning). So that the same node that is used in internodal transport and peering, can also be used within a colo as an intelligent cross-connect box. This would allow for visibility and monitoring within the colo and even customer network management of their cross connects. I suppose the discussion is what do you want from your exchange pt operator and what do you NOT want. Many people would not feel comfortable that circuit operators have visibility and maintain stats on even NUMBER of packets passed dd At 9:21 + 8/10/02, Paul Vixie wrote: warning: i've had one high gravity steel reserve over my quota. hit D now. The issue I'm trying to address is to figure out how to extend the robustness that can be achieved with tuned IGP's with subsecond convergence across an exchange point without suffering a one to five minute delay blackholing packets. why on god's earth would subsecond anything matter in a nonmilitary situation? are you willing to pay a cell tax AND a protocol complexity tax AND a device complexity tax to make this happen? do you know what that will do do your TCO and therefore your ROI? you want to pay this tax 100% of the time even though your error states will account for less than 0.001% of the time? you want to have the complexity as your most likely source of (false positive) error? As far as I understand, this complexity just got added with Neighbor Discovery on IPv6. if so, then, you misunderstand. -- Paul Vixie -- David Diaz [EMAIL PROTECTED] [Email] [EMAIL PROTECTED] [Pager] Smotons (Smart Photons) trump dumb photons
Microslosh vision of the future
So read about Palladianism, and tell me the different between Palladium and Server 2000 Windows Palladium, the end of privacy as we know it. This taken from various sources encluding UHA and deviantart, the register and slashdot., Disturbing news.. Earlier this week, Microsoft outlined their plans for their next generation of operating systems, codenamed Longhorn/Palladium. Among the features touted was the secure networking functions that OS would offer. Firstly: Microsoft plans to implement Palladium DRM (digital rights management) in a hardware chip, initially implanted on the mobo, but later on embedded in the CPU, and employing hardwired encryption throughout. The purpose of this is to flag every file on the computer with a digital signature telling a remote server what it is. If it's an unauthorized file, the remote server will tell your computer not to let you execute it. This is basically an attempt to stop the trading of mp3's and/or warez. Secondly: Before an application can run, it too must have a digital signature remotely verified by another server. If the program binary doesn't match with any of the authenticated binaries, your computer won't run it. This, again, is meant to stop your computer running unauthorized software - which might be warez, or it might just be a nifty freeware program that the authors can't afford to have certified. Microsoft will be able to control exactly what your computer can and can't run. Thirdly: As most of you know, Microsoft employ a strategy of making their software deliberately obsolete - they make it forward compatible, but not backward compatible. With the laws of the DMCA, it will soon be illegal to try to make a software product that is compatible with another programs file types (for example, take the many office applications there are for Linux which have had some success in translating their arcane file formats). This has the effect of killing any competition in the water - since you're not allowed to make your new product compatible with any of the others, no-one will use it. And eventually people will give up using any of the others instead, since no-one else can read their documents. So the entire world will be left with one choice only for software - Microsoft. Fourthly (I don't know if that's a word, but it should be): Palladium will effectively ban free software, not just free stuff for Windows platforms, but free stuff for Linux, Mac, in fact every OS that runs on a Palladium enabled motherboard/processor. Why? In order to get the program to run on a palladium platform, you will need to pay to have your binary certified as safe by Microsoft's software authentification branch. And who in their right mind is going to pay for a piece of software they spent hours working on? It just wouldn't be worth it. It gets worse when it comes to open source projects, such as Linux and BSD. Those of you who know about these things will know that open source projects are created by freelance coders all over the world who create programs in their spare time and then give them to the rest of the world for free. Many of them also release the source code for free too, so that if you wish you can alter the program (such as to fix bugs, add features etc). Now, it would be bad enough if the owner has to pay a certification fee. But EVERY CHANGE that is made to the source code will require a new, separate certificate to be created. Those of you who use Linux will know that so many things get updated so quickly, that this just isn't practical, and would cost the open source development people millions of dollars. This is money they just don't have, and Microsoft knows it. Fifthly: The secure network. This is the real clincher for Palladium. At first, they're going to make it so that it is possible to turn Palladium off at the hardware level. But it is created in such a way so that, if you try to connect to a Palladium web server, you won't be allowed to. Palladium machines will only be able to talk to other Palladium machines, and non-Palladium machines won't be able to talk to any Palladium machines. Hence, if Palladium reaches critical mass, there will be thousands of people the world over who won't be able to access the internet or even work on a network with Palladium machines, so by extension they will be forced to upgrade to Palladium machines. Sixthly: At first I thought: what the hell, this is only going to apply to x86 architecture (namely Athlon and Pentium chips, since it's only AMD and Intel who are involved at the moment). So, I could try another hardware architecture: such as the Mac/PPC, or the Sun Sparc, or an ARM, or any other kind of processor. But then I realside that even if I did, I wouldn't be able to access the Palladium network which could encompass the entire internet if this concept goes far enough. So all you Mac users would be effectively locked out; you too would have adopt a Palladium machine if you wanted
Re: Microslosh vision of the future
While I find much to worry about in Palladium, the vast majority of the information in this post is simply not correct. Even Microsoft is not delusional enough to think that they could get away with such a coup. (Not that they would not want to.) Before going ballistic, read up on Palladium and how it works. Then we can all have a somewhat intelligent discussion of where it might lead. Palladium does a number of very good things. It certainly will NOT block running whatever OS you prefer. It is debatable just whether it does DRM. Microsoft says it is not a DRM tool, but it sure seems to have at least mot of the pieces required for full DRM. Slashdot has had some pointers to a number of excellent (and some not so excellent) articles on Palladium form a number of sources on both sides of the issue. I strongly urge that you read them before either panicing or causing others to do so. Opposition may be justified and it may not, depending on many small technical points that may not be completely clear at this time. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634
damping
for research purposes. we want to send a periodic announce and a withdraw of a specific prefix. but we don't want to hit folk's damping policies. does anyone damp a swamp /24 which does an announce / withdraw on a two hour cycle? i.e. announce at 0,2,4,... and withdraw at 1,3,5,..? randy
Re: Do ATM-based Exchange Points make sense anymore?
I suppose the discussion is what do you want from your exchange pt operator and what do you NOT want. At the IXP level, bits per month always trumps bits per second, and usually trumps pennies per bit as well. There are now a number of companies trying to sell wide area ethernet -- even some transoceanic but most just intracontinental. It doesn't work well for peering, though, just like SMDS and NetEdge didn't work well for peering. Too many moving parts and too little transparency. Many people would not feel comfortable that circuit operators have visibility and maintain stats on even NUMBER of packets passed That's one of several important reasons why neutrality matters.
Re: Microslosh vision of the future
Guess my home P.C. will no longer be an intel platform..hello mighty SPARC Gerardo Gregory - Original Message - From: blitz To: [EMAIL PROTECTED] Sent: Sunday, August 11, 2002 5:50 PM Subject: Microslosh vision of the future So read about Palladianism, and tell me the different between Palladium and Server 2000Windows Palladium, the end of privacy as we know it. This taken from various sources encluding UHA and deviantart, the register and slashdot., Disturbing news.. Earlier this week, Microsoft outlined their plans for their next generation of operating systems, codenamed Longhorn/Palladium. Among the features touted was the "secure networking" functions that OS would offer. Firstly: Microsoft plans to implement Palladium DRM (digital rights management) in a hardware chip, initially implanted on the mobo, but later on embedded in the CPU, and employing hardwired encryption throughout. The purpose of this is to flag every file on the computer with a digital signature telling a remote server what it is. If it's an unauthorized file, the remote server will tell your computer not to let you execute it. This is basically an attempt to stop the trading of mp3's and/or warez. Secondly: Before an application can run, it too must have a digital signature remotely verified by another server. If the program binary doesn't match with any of the authenticated binaries, your computer won't run it. This, again, is meant to stop your computer running "unauthorized" software - which might be warez, or it might just be a nifty freeware program that the authors can't afford to have certified. Microsoft will be able to control exactly what your computer can and can't run. Thirdly: As most of you know, Microsoft employ a strategy of making their software deliberately obsolete - they make it forward compatible, but not backward compatible. With the laws of the DMCA, it will soon be illegal to try to make a software product that is compatible with another programs file types (for example, take the many office applications there are for Linux which have had some success in translating their arcane file formats). This has the effect of killing any competition in the water - since you're not allowed to make your new product compatible with any of the others, no-one will use it. And eventually people will give up using any of the others instead, since no-one else can read their documents. So the entire world will be left with one choice only for software - Microsoft. Fourthly (I don't know if that's a word, but it should be): Palladium will effectively ban free software, not just free stuff for Windows platforms, but free stuff for Linux, Mac, in fact every OS that runs on a Palladium enabled motherboard/processor. Why? In order to get the program to run on a palladium platform, you will need to pay to have your binary certified as "safe" by Microsoft's software authentification branch. And who in their right mind is going to pay for a piece of software they spent hours working on? It just wouldn't be worth it. It gets worse when it comes to open source projects, such as Linux and BSD. Those of you who know about these things will know that open source projects are created by freelance coders all over the world who create programs in their spare time and then give them to the rest of the world for free. Many of them also release the source code for free too, so that if you wish you can alter the program (such as to fix bugs, add features etc). Now, it would be bad enough if the owner has to pay a certification fee. But EVERY CHANGE that is made to the source code will require a new, separate certificate to be created. Those of you who use Linux will know that so many things get updated so quickly, that this just isn't practical, and would cost the open source development people millions of dollars. This is money they just don't have, and Microsoft knows it. Fifthly: The "secure network". This is the real clincher for Palladium. At first, they're going to make it so that it is possible to turn Palladium off at the hardware level. But it is created in such a way so that, if you try to connect to a Palladium web server, you won't be allowed to. Palladium machines will only be able to talk to other Palladium machines, and non-Palladium machines won't be able to talk to any Palladium machines. Hence, if Palladium reaches critical mass, there will be thousands of people the world over who won't be able to access the internet or even work on a network
Re: Microslosh vision of the future
On Sun, 11 Aug 2002, gg wrote: Guess my home P.C. will no longer be an intel platform..hello mighty SPARC I guess you didn't actually read this, did you? It makes no difference what you use at home, if that machine can't talk to the rest of the world. Gerardo Gregory - Original Message - From: blitz To: [EMAIL PROTECTED] Sent: Sunday, August 11, 2002 5:50 PM Subject: Microslosh vision of the future So read about Palladianism, and tell me the different between Palladium and Server 2000 -- Yours, J.A. Terranson [EMAIL PROTECTED] If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place...
Re: endpoint liveness (RE: Do ATM-based Exchange Points make sense an ymore?)
On Fri, Aug 09, 2002 at 03:22:00PM -0700, Lane Patterson wrote: BGP keepalive/hold timers are configurable even down to granularity of link or PVC level keepalives, but for session stability reasons, it appears that most ISPs at GigE exchanges choose not to tweak them down from the defaults. IIRC, Juniper is 30/90 and Cisco is 60/180. My gut feel was that even something like 10/30 would be reasonable, but nobody seems compelled that this is much of an issue. Your Cisco router (say a GSR) will go foobar if you use 10/30 seconds timers, a IGP topology change, causing a new next-hop interface for 100k routes, will cause processes (probably CEF related) to run for so long, that you will loose your BGP keepalives, thus loose sessions, and everything will go *BOOM* - so please be nice and don't do that without real testing. /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Senior network engineer AS3292, TDC Tele Danmark One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them.
Re: Microslosh vision of the future
Microsoft can have whatever vision of the future they want and can use any resources at their disposal to bring their vision to light. Everybody has that right. If I don't like it, I won't buy it. If they convince customers that they gain more than they lose, only a gun will make them buy it. I don't see Bill Gates packing heat any time soon. *yawn* -- David Schwartz [EMAIL PROTECTED]
Re: Microslosh vision of the future
Microsoft already duped the software consumers into buying into fully proprietary software. Given the prevalent time horizon of average IT manager's thinking I fully expect Microsoft to get that stuff deployed before the poor saps start realizing they're being ripped. After that Microsoft will leverage their market power to exclude any competition. Exactly like they did it before on numerous occasions. Their PR budget is bigger than GDP of some nations. They're ruthless and show remarkable lack of respect to the notions of fairness or common good. Be afraid. --vadim On Sun, 11 Aug 2002, David Schwartz wrote: Microsoft can have whatever vision of the future they want and can use any resources at their disposal to bring their vision to light. Everybody has that right. If I don't like it, I won't buy it. If they convince customers that they gain more than they lose, only a gun will make them buy it. I don't see Bill Gates packing heat any time soon. *yawn* -- David Schwartz [EMAIL PROTECTED]
Re: Microslosh vision of the future
On Sun, 11 Aug 2002 18:43:17 -0700 (PDT), Vadim Antonov wrote: Microsoft already duped the software consumers into buying into fully proprietary software. I don't think duped is really a fair description. They simply provide a large number of users with what they want. There isn't currently an alternative. Given the prevalent time horizon of average IT manager's thinking I fully expect Microsoft to get that stuff deployed before the poor saps start realizing they're being ripped. After that Microsoft will leverage their market power to exclude any competition. Exactly like they did it before on numerous occasions. That's what everyone said about IBM, way back when. The reality is that you can't hold the market unless you continue to provide people with what they want. Their PR budget is bigger than GDP of some nations. They're ruthless and show remarkable lack of respect to the notions of fairness or common good. Be afraid. If they didn't show a lack of respect for the notion of the common good, they should be sued. Their responsibility is to their shareholders. It's not their job to protect your interests, it's yours. Obviously, Microsoft is going to have a vision of the future that involves Microsoft everything and their going to use all the resources at their disposal to make that vision come to pass. You should expect nothing less of them. If your vision of the future of computing differs from theirs (and I'm sure it does, I know mine does!) then you work to promote your vision. Short of correcting any false factual assertions made in this thread, I'm done with it. It has no operational content as far as I can tell. If you think Microsoft can make IP go away and replace it with something more secure, you're crazy. (Not that this would be a bad thing, I just wouldn't want MS to design the replacement!) DS
Re: Microslosh vision of the future
We have given up on M$ when they started invading our hard drives with XP...no reason to think their plans are anything less than nefarious, judging from their past behavior. At 16:10 8/11/02 -0700, you wrote: While I find much to worry about in Palladium, the vast majority of the information in this post is simply not correct. Even Microsoft is not delusional enough to think that they could get away with such a coup. (Not that they would not want to.)
Re: Microslosh vision of the future
Well, I may be a wet blanket to the chip houses, but how much speed DO you actually need? Any REAL reason to abandon the present working architecture? I don't personally think so, a 2 gig box is plenty fast for anything we have now, so why don't we just vote with our feet? DON'T buy this crap, the CPU or the OS...and let them stew in their own misfortune. We made Intel back down on the PSN issue with exactly those tactics... I'll go back to my old SGI Indy if necessary...heh.. At 18:51 8/11/02 -0500, you wrote: Guess my home P.C. will no longer be an intel platform..hello mighty SPARC Gerardo Gregory
Re: Microslosh vision of the future
I agree wholeheartedly, let 'em starve At 18:17 8/11/02 -0700, you wrote: Microsoft can have whatever vision of the future they want and can use any resources at their disposal to bring their vision to light. Everybody has that right. If I don't like it, I won't buy it. If they convince customers that they gain more than they lose, only a gun will make them buy it. I don't see Bill Gates packing heat any time soon. *yawn* -- David Schwartz [EMAIL PROTECTED]
Re: Microslosh vision of the future
I just hope the anti-trust people are looking into thisi can't see a bigger case for them to spring into action... At 18:43 8/11/02 -0700, you wrote: Microsoft already duped the software consumers into buying into fully proprietary software. Given the prevalent time horizon of average IT manager's thinking I fully expect Microsoft to get that stuff deployed before the poor saps start realizing they're being ripped. After that Microsoft will leverage their market power to exclude any competition. Exactly like they did it before on numerous occasions. Their PR budget is bigger than GDP of some nations. They're ruthless and show remarkable lack of respect to the notions of fairness or common good. Be afraid. --vadim