On Wed, 6 Jul 2005, Rodney Joffe wrote:
On 7/6/05 10:00 PM, Church, Chuck [EMAIL PROTECTED] wrote:
Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper.
When I checked networksolutions' whois for neosystems.us and state.ny.us
, both returned:
We are unable to
On Jul 6, 2005, at 10:16 PM, Alexei Roudnev wrote:
IPv6 address allocation schema is terrible (who decided to use SP
dependent
spaces?),
Well, to date, provider based addressing works (although there were
times when it was a close thing). Your alternative?
security is terrible (who
On Wed, 2005-07-06 at 19:19 -1000, Randy Bush wrote:
Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper.
i believe even windoze has dig at the command line, though i don't
know in what directory it lies.
The web directory:
http://www.isc.org/index.pl?/sw/bind/bind9.php
philip,
did you get any useful information? nanog-l is quite good at telling you
how they would redesign your network, as opposed to actually answering
your question.
contact offlist if you still need atm help.
/bmj
At 7:19 PM -1000 2005-07-06, Randy Bush wrote:
Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper.
i believe even windoze has dig at the command line, though i don't
know in what directory it lies.
That's assuming you have installed BIND for Windows, which most
A number of explosion incidents have happened in London affecting
the tube causing website and mobile phone saturation and some
localised issues with the PSTN. From here we are able to route
calls ok and networks seems a little busier, The BBC and Sky TV
websites are very busy.
Regards,
Neil.
At 11:13 AM +0100 2005-07-07, Neil J. McRae wrote:
A number of explosion incidents have happened in London affecting
the tube causing website and mobile phone saturation and some
localised issues with the PSTN. From here we are able to route
calls ok and networks seems a little busier, The
Mobile networks have been switched in to emergency services only owing
to congestion and concern that devices may be activated by mobile.
However the cause of some of the these incidents is still not clear.
On 7-jul-2005, at 7:16, Alexei Roudnev wrote:
IPv6 address allocation schema is terrible (who decided to use SP
dependent
spaces?)
Address allocation is unsustainable but that's not IPv6's fault: it's
done the same way (or even worse) in IPv4. But somehow the industry
as a whole seems
Although many users have changed their online habits, they haven't
necessarily fixed their machines, even as infected computers slow, often
to a crawl.
Twenty percent of users who had computer problems did not attempt a fix.
Among those who did, 29 percent waited a month or longer.
Two in five
Thanks for your help, guys. Didn't know dig existed for windows.
Several ISPs (charter.net, alter.net) are choking on .us queries right
now, but ATT's name server is working ok for me. Here's one failing on
.us, but .com works fine:
C:\temp\dnstoolsdig @24.197.96.16 com NS
; DiG 9.3.1
Iljitsch van Beijnum wrote:
On 7-jul-2005, at 7:16, Alexei Roudnev wrote:
IPv6 address allocation schema is terrible (who decided to use SP
dependent
spaces?)
Address allocation is unsustainable but that's not IPv6's fault: it's
done the same way (or even worse) in IPv4. But somehow the
On Thu, Jul 07, 2005 at 07:25:20AM -0500,
Church, Chuck [EMAIL PROTECTED] wrote
a message of 109 lines which said:
Is it possible that one of the authoritative servers for .us
is unreachable/down at the moment, at least from name server
24.197.96.16's point of view?
It is perfectly
Iljitsch van Beijnum [EMAIL PROTECTED] writes:
You are approaching the problem at the wrong end by asking what's in
it for me to adopt IPv6 now. The real question is is IPv6
inevitable in the long run.
Death is inevitable in the long run, but end it all today is
probably not the proper
On Thu, 7 Jul 2005, Church, Chuck wrote:
Thanks for your help, guys. Didn't know dig existed for windows.
Several ISPs (charter.net, alter.net) are choking on .us queries right
the alter.net cache's you are using arent' guaranteed to work...
especially for non-customers :) but... in
On Wed, Jul 06, 2005 at 11:27:39PM -0500, Church, Chuck wrote:
Anyone else having issues with .US right now (~12AM EST)? NSlookup,
etc show various .us destinations as unknown domains...
Not for my site, at least:
; DiG 9.2.1 +trace microsys.us
;; global options: printcmd
.
On Thu, Jul 07, 2005 at 10:10:03AM +0200, Jeroen Massar wrote:
DNSDoctor (which even supports IPv6 :)
http://demo.dnsdoctor.org/
avoid loosing all connectivity
sigh
Cheers,
-- jra
--
Jay R. Ashworth[EMAIL PROTECTED]
Designer
On 7 Jul 2005, at 08:27, Andre Oppermann wrote:
Err... So you want to protect the incumbent ISP's? Even those once
started off with 200 customers. Who is going to decide if some (today)
small ISP is worthy of receiving its own PA space or not?
Pretty much any ISP is capable of obtaining
Anyone here care to share operator perspectives shim6 and the like? Do
we actually have anything that anyone considers workable (not whether
somebody can make it happen, but viable in a commercial environment) for
mh?
The information transmitted is intended only for the person or entity to
Alexi,
Ah, You mean the excellent 'The Mythical Man-Month' Fred Brooks wrote a
second edition a few years back. I had not thought of IPv6 in terms of
the second system effect but you are absolutely correct in your appraisal.
Scott C. McGrath
On Wed, 6 Jul 2005,
Joe Abley wrote:
On 7 Jul 2005, at 08:27, Andre Oppermann wrote:
Err... So you want to protect the incumbent ISP's? Even those once
started off with 200 customers. Who is going to decide if some (today)
small ISP is worthy of receiving its own PA space or not?
Pretty much any ISP is
My day to day is primarily supporting high-performance research computing
on the network side if I can add new functionality without incurring
accquisition costs or operational expenses AND not changing experimental
regimes in my area of responsibility that is a BIG win and one that
'slides past
On 2005-07-07, at 10:10, Kuhtz, Christian wrote:
Anyone here care to share operator perspectives shim6 and the
like? Do
we actually have anything that anyone considers workable (not whether
somebody can make it happen, but viable in a commercial
environment) for
mh?
There is no
Our thoughts and prayers are with everyone in London.
with regard to telecommunications services, Tim
Richardson writes in The Register:
[snip]
Phone networks have been jammed today following a
series of blasts that hit London's public transport
network this morning.
Mobile networks in
On 2005-07-07, at 10:23, Andre Oppermann wrote:
It was about a spot in the global routing table. No matter if one
gets
PA or PI they get a routing table entry in the DFZ. There is no
way around
it other than to make the routing protocols more scaleable.
With the hole-punching/CIDR
On 7-jul-2005, at 16:23, Andre Oppermann wrote:
Err... So you want to protect the incumbent ISP's?
No, it should always be possible to start new ISPs.
Even those once
started off with 200 customers. Who is going to decide if some
(today)
small ISP is worthy of receiving its own PA
On Thu, 2005-07-07 at 10:39 -0400, Scott McGrath wrote:
1 - Get new (non-multihomed) address space from each of our upstreams
You mean from Abilene or get your own PA space? What is so odd about
this, a number of other universities* already did this.
Oh and for people in the ARIN region
Not related to operational issues (or is it?), but
there;s a story in this morning's Advanced Ip Pipeline
about Cisco hiring ormer FCC staffer Robert Pepper:
[snip]
With a title of senior managing director, global
advanced technology policy, Pepper will be working
under Laura Ipsen, Cisco's
Jeroen Massar wrote:
On Thu, 2005-07-07 at 10:39 -0400, Scott McGrath wrote:
4 - Retrain entire staff to support IPv6
You have to train people to drive a car, to program a new VCR etc. What
is so odd about this?
I had training to drive a car once in my life when I got my drivers
license.
Joe Abley wrote:
On 2005-07-07, at 10:23, Andre Oppermann wrote:
It was about a spot in the global routing table. No matter if one gets
PA or PI they get a routing table entry in the DFZ. There is no way
around
it other than to make the routing protocols more scaleable.
With the
On Thu, 2005-07-07 at 18:02 +0200, Andre Oppermann wrote:
Jeroen Massar wrote:
On Thu, 2005-07-07 at 10:39 -0400, Scott McGrath wrote:
4 - Retrain entire staff to support IPv6
You have to train people to drive a car, to program a new VCR etc. What
is so odd about this?
I had training
we're off on the usual strange tangents. next will be whether
it is ethical to walk in your neighbor's open house if they're
running ipv6:-).
ipv4 has some problems. the world has hacked around the major
ones with things such as [holding nose] nat. the ivtf came up
with a technically weak
Andre,
On Thu, Jul 07, 2005 at 06:04:22PM +0200, Andre Oppermann wrote:
Joe Abley wrote:
On 2005-07-07, at 10:23, Andre Oppermann wrote:
It was about a spot in the global routing table. No matter if one gets
PA or PI they get a routing table entry in the DFZ. There is no way
We have relatively PI address space in IPv4, which works fine, even with
current routers. No any problem to hold the whole world-wide routing with a
future ones. Is it a pproblem keeping 500,000 routess in core routers? Of
course, it is not (it was in 1996, but it is not in 2005 and it will not
What's the problem with independent address space for every entity (company,
family, enterprise) which wants it? Big routing tables? Is RT of 1,000,000
routes BIG? I do not think so. Memory is cheap, modern routing schemas like
CEF are effective. How many entities do we have on earth? It was a
From: Joe Abley [mailto:[EMAIL PROTECTED]
On 2005-07-07, at 10:10, Kuhtz, Christian wrote:
Anyone here care to share operator perspectives shim6 and the
like? Do
we actually have anything that anyone considers workable (not
whether
somebody can make it happen, but viable in a
Neil J. McRae wrote:
A number of explosion incidents have happened in London affecting
the tube causing website and mobile phone saturation and some
localised issues with the PSTN. From here we are able to route
calls ok and networks seems a little busier, The BBC and Sky TV
websites are very
We are peered with Equinix Direct and Internap in San Jose and have
received a couple solicitations from random companies to peer, though
we're not a provider of transit. I have no desire to find new peers, so
I'm not considering the offer below -- just wondering if this is a red
flag that's
On 7-jul-2005, at 18:58, Alexei Roudnev wrote:
Is RT of 1,000,000 routes BIG?
We've had this discussion very many times. Both the maximum number of
routes routers can hold at any time in the future and the number of
prefixes people are going to inject at that time are unknown. This
David Meyer wrote:
On Thu, Jul 07, 2005 at 06:04:22PM +0200, Andre Oppermann wrote:
Ok, you don't think this thing will ever fly, do you?
I'm interested in what aspect(s) of shim6 you think might
cause it to fail? Is it the technology itself (as much as is
specified
On Jul 7, 2005, at 1:09 PM, Kuhtz, Christian wrote:
As an easy-to-read overview of the shim6 approach, the following
rough draft may be useful:
http://www.ietf.org/internet-drafts/draft-ietf-shim6-arch-00.txt
Thanks, I'm fully aware of where shim6 is right now. I'm asking if
anyone
..and I've hit my post limit for the day. :-)
http://icann.org/announcements/announcement-06jul05.htm
- ferg
--
Fergie, a.k.a. Paul Ferguson
Engineering Architecture for the Internet
[EMAIL PROTECTED] or [EMAIL PROTECTED]
ferg's tech blog: http://fergdawg.blogspot.com/
we're off on the usual strange tangents. next will be whether
it is ethical to walk in your neighbor's open house if they're
running ipv6:-).
Why of course it is. Afterall, anyone should be able to engage in any
(group hug|rape) at any time of their chosing with anyone else. And if
you
On 2005-07-07, at 12:53, Alexei Roudnev wrote:
We have relatively PI address space in IPv4, which works fine, even
with
current routers. No any problem to hold the whole world-wide
routing with a
future ones. Is it a pproblem keeping 500,000 routess in core
routers? Of
course, it is not
I've been poking around with end-host / end-network multihoming at the
transport and application layers. See, e.g., MONET, a multi-homed Web
proxy designed to achieve high availability:
http://nms.lcs.mit.edu/ron/ronweb/
In general, this kind of end-host informed multihoming has a
Compare with SSL (works out-of-the-box in 99.999% cases,
and allows both, full and hard security with root certificates etc,
or
simple security based on _ok, I trust you first time, then we can
work_.
If I'm on the same shared medium as you I can kill your SSL session
with one packet.
Alexei,
On Jul 7, 2005, at 9:58 AM, Alexei Roudnev wrote:
What's the problem with independent address space for every entity
(company,
family, enterprise) which wants it?
It doesn't scale. Regardless of Moore's law, there are some
fundamental physical limits that constrain technology.
On Thu, Jul 07, 2005 at 09:58:56AM -0700, Alexei Roudnev wrote:
What's the problem with independent address space for every entity (company,
family, enterprise) which wants it? Big routing tables? Is RT of 1,000,000
routes BIG? I do not think so. Memory is cheap, modern routing schemas like
Alexei,
On Jul 7, 2005, at 9:58 AM, Alexei Roudnev wrote:
What's the problem with independent address space for every entity
(company,
family, enterprise) which wants it?
It doesn't scale. Regardless of Moore's law, there are some
fundamental physical limits that constrain
Um. TMNet is Telekom Malaysia. Used to be the PTT for Malaysia.
Used to be the Malaysian government. I think they're privatized now.
This would be a bit like saying British Telecom is passing bogus
routes. While possibly true, it is unlikely it is intentional...
Rgds,
-drc
On Jul
I don't want to get into an SSL vs. IPsec argument, but...
David Conrad [EMAIL PROTECTED] writes:
Compare with SSL (works out-of-the-box in 99.999% cases,
and allows both, full and hard security with root certificates etc, or
simple security based on _ok, I trust you first time, then we can
On the training issue. Everybody in our organization understands IPv4 at
some basic level. The senior staff here myself included are conversant
with IPv6 but you have the level 1 and 2 people who for the most part are
not even aware IPv6 exists and there are a LOT more of them then there are
Kuhtz, Christian wrote:
On Jul 7, 2005, at 9:58 AM, Alexei Roudnev wrote:
What's the problem with independent address space for every entity
(company,
family, enterprise) which wants it?
It doesn't scale. Regardless of Moore's law, there are some
fundamental physical limits that constrain
Thanks, I'm fully aware of where shim6 is right now. I'm asking if
anyone feels this is headed anywhere useful or if we got anything else
we can use to facilitate mh.
a shim layer seems like a promising enhancement. ietf-shim6 is taking an
approach to a shim layer that will, I
Dave,
I'd have to counter with the assumption that NATs are going
away with v6 is a rather risky assumption. Or perhaps I
misunderstood your point...
$.02,
- ferg
-- Dave Crocker [EMAIL PROTECTED] wrote:
[re: shim6]
the effort is relying on IPv6 and on the disappearance of NATs, for v6.
Christian,
On Jul 7, 2005, at 11:02 AM, Kuhtz, Christian wrote:
What's the problem with independent address space for every entity
(company, family, enterprise) which wants it?
It doesn't scale. Regardless of Moore's law, there are some
fundamental physical limits that constrain technology.
Fergie (Paul Ferguson) wrote:
I'd have to counter with the assumption that NATs are going
away with v6 is a rather risky assumption. Or perhaps I
misunderstood your point...
There is one thing often overlooked with regard to NAT. That is,
it has prevented many network based worms for
I'd have to counter with the assumption that NATs are going
away with v6 is a rather risky assumption. Or perhaps I
misunderstood your point...
i think we are agreeing.
i think that any prediction that users will not use nats for v6 involves logic
that can, at best, be called idealistic.
Given that shim breaks fundamental assumptions about the stable relationship
between the packet header and the application context, there will be many
security related issues to be resolved after the shim spec stabilizes. Shim
is a 'more than a decade' effort if it ever completes.
The
Andre Oppermann wrote:
Fergie (Paul Ferguson) wrote:
I'd have to counter with the assumption that NATs are going
away with v6 is a rather risky assumption. Or perhaps I
misunderstood your point...
There is one thing often overlooked with regard to NAT. That is,
it has prevented many
On Jul 7, 2005, at 3:41 PM, Andre Oppermann wrote:
Fergie (Paul Ferguson) wrote:
I'd have to counter with the assumption that NATs are going
away with v6 is a rather risky assumption. Or perhaps I
misunderstood your point...
There is one thing often overlooked with regard to NAT. That
My feeling is that the question isn't how much memory, but
rather how
much CPU and bandwidth is necessary to deal with routing thrash.
Sure. Resources in the end.
Yes, you can aggregate different things to try to reduce the number
of entries, but that would seem to go against the
Mangling the header did not prevent the worms, lack of state did that. A
stateful filter that doesn't need to mangle the packet header is frequently
called a firewall (yes some firewalls still do, but that is by choice).
Tony
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
On Thu, 7 Jul 2005 12:10:46 -0500
Jason Sloderbeck [EMAIL PROTECTED] wrote:
we're not a provider of transit. I have no desire to find new peers,
so I'm not considering the offer below -- just wondering if this is a
red flag that's worth passing on.
Probably not. When I was at DePaul and
On Wed, Jul 06, 2005 at 09:46:53PM +0200, Iljitsch van Beijnum wrote:
We know how many IPv4 addresses there are. We know how many are
unusable (although this number isn't 100% fixed). We know how many
were given out. We know how many are given out now each year. What
kind of magic do
Crist Clark wrote:
And the counter point to that argument is that the sparse population
of IPv6 space will make systematic scanning by worms an ineffective
means of propagation.
Any by connecting to one of the p2p overlay networks you'll have a few
million in-use addresses momentarily.
In message [EMAIL PROTECTED], David Conrad wri
tes:
Christian,
On Jul 7, 2005, at 11:02 AM, Kuhtz, Christian wrote:
What's the problem with independent address space for every entity
(company, family, enterprise) which wants it?
It doesn't scale. Regardless of Moore's law, there are some
In message [EMAIL PROTECTED], Tony Hain writes:
Mangling the header did not prevent the worms, lack of state did that. A
stateful filter that doesn't need to mangle the packet header is frequently
called a firewall (yes some firewalls still do, but that is by choice).
Absolutely correct.
At 1:02 PM -0500 2005-07-07, Kuhtz, Christian wrote:
It doesn't scale. Regardless of Moore's law, there are some
fundamental physical limits that constrain technology.
I would contend that is not true. What says that every device inside a
company, family, enterprise etc has to be
Is it a pproblem keeping 500,000 routess in core routers? Of
course, it is not (it was in 1996, but it is not in 2005
really? we have not seen this so how do you know? and it
will be fine with churn and pushing 300k forwarding entries
into the fibs on a well-known vendor's line cards?
randy
Petri Helenius wrote:
Crist Clark wrote:
And the counter point to that argument is that the sparse population
of IPv6 space will make systematic scanning by worms an ineffective
means of propagation.
Any by connecting to one of the p2p overlay networks you'll have a few
million in-use
a) I suspect most SSL implementations derive out of the same code base.
definitely not! at least three major ones out there.
randy
On 7-jul-2005, at 22:03, Jay R. Ashworth wrote:
Are there
hidden pockets of yet undiscovered address space?
Undiscovered? No.
But unless the situation has changed since I last looked (which is
possible), there are some sizeable
On Thu, Jul 07, 2005 at 02:55:08PM -0400, Scott McGrath wrote:
On the training issue. Everybody in our organization understands IPv4 at
some basic level. The senior staff here myself included are conversant
with IPv6 but you have the level 1 and 2 people who for the most part are
not
74 matches
Mail list logo