you know who to yell at.
Until MFN sells them in coming months in their attempts to pay off
billions of dollars of debt...
No change is expected in who you yell at if PAIX isn't doing a good job.
(That is, me.)
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNX)
The MAE in Phoenix was originally constructed by Dave Siegel
and it ran from 1996 through 1998/9.
and if anybody thinks phoenix still/again needs an exchange point,
i'd thank you very much for contacting me about it off-list.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc
packet reordering at MAE East was extremely common a few years ago. Does
anyone have information whether this is still happening?
more to the point, does anybody still care about packet reordering at
exchange points? we (paix) go through significant effort to prevent it,
and interswitch
H. You're right. I lost sight of the original thread...
GigE inter-switch trunking at PAIX. In that case, congestion
_should_ be low, and there shouldn't be much queue depth.
indeed, this is the case. we keep a lot of headroom on those trunks.
But this _does_ bank on current real
While acknowledging that a data center may make any rules it likes, I
am asking nanog how common this practice is.
data center is too amorphous a term to be used here. private data centers
owned by banks or insurance companies aren't relevant at all. telco motels
aren't really data
there's no answer to the question, as posed. can you be more specific?
I think the poster was inquiring as to common practice.
Yes, but there isn't going to be a common practice for data centers as
a whole. There's going to be a common practice for telco/fiber hotels,
and a common
... So - that is the larger picture, but was not my question to NANOG.
We wish to be able to provide this peering, but we find that UUnets
cross-connect policy interferes with our aims - as it requires potential
peers in the data center to separately purchase connectivity to us (in
the
now as to who's responsible, first off you have to understand that we block
rfc1918-sourced packets at our AS boundary. (otherwise these numbers would
be Much Higher
are you sure? i suspect they are windows 2000 systems behind NATs. so
the dynamic update is for the 1918 address, but
according to http://root-servers.org/, dns transactions concerning rfc1918
address space are now being served by an anycast device near you ...
And right you are. However, pray tell, why doesn't bind feature a simple way
to not log these spurious updates? As far as I can tell lots of
(received privately, answering publically)
any AS owner who wants to localize these updates can do so by simply
anycasting the 192.175.48/24 netblock and serving dns on .1,=20
.6, and .42.
Will it be a _bad_ thing if I just null-route those addresses in a
[EMAIL PROTECTED] (Eric A. Hall) writes:
Clayton Fiske wrote:
[bind question]
[bind answer]
this is nanog, you probably want bind-users[-request]@isc.org.
as a coauthor of rfc2136, my curiousity is always
piqued when spammers use the technology. can i get
private forwards of other similar messages? (see
below.)
(and yes, i'll also be in touch with level3, who
serves 166.90.15.236, from whence this message came.)
(time was, anyone who could use
... I'm not sure entirely what the big deal with spam is. Honestly sure
I get it like everyone else, in some of my accounts more than others
... I have a delete key ...
in the time between when you sent the above, and when i read it, the
following messages were added to my mailbox:
1+
... not only does it cost usually very little to receive these messages ...
even if i granted to a third party the right to determine the value of my
time, which i don't, the fact is that an hour or more of my time per day is
too high a price to pay to receive these messages, by _any_
Anyone have a good NOC contact for DEC, AS33? I checked Jared's NOC page
and I don't see them listed.
when you find it, send it to me :)
you need number 6.
in order, as33 was maintained by:
1. brian reid
2. richard johnsson
3. me
4. stephen stuart
5. drew kramer
number six is
trollishly
What do you guess for the amortized cost/spam?
/trollishly
a cost that you are forced to pay in order to enrich somebody else is
theft, no matter how microscopic the payment might be. we all know what
(they) are, now we're just arguing about the price.
I do find it amusing
There will be a day when folks will need to pay to transit email
(Paul Vixie, 1998).
Still working on that better mouse trap?
well, other than that i wish i could charge _you_ for the spam i get
that's due to the several MAILTO:[EMAIL PROTECTED]'s on your www.dotcomeon.com
site, no. it's
There are some relatively small regionals like NYIIX where you won't find
many large carriers, but they still have their own little nitch markets.
There's been rumors of NYIIX and PAIX-NY linking up like SIX and
PAIX-seattle.
It's not a rumour. PAIX is interconnecting with NYIIX as
It's not a rumour. PAIX is interconnecting with NYIIX as soon as the
fiber engineering people say that the photons will travel end to end.
Will PAIX be around as an entity capable of providing any services in 3
month?
PAIX is modestly profitable and has been for years. We are quite
. I'm no fiber expert,
but the parent company (MFN) does employ such experts, so let's remain calm.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNXE)
a nonstrategic asset and that they intended to sell us.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNXE)
know a lot more
about fiber in general AND this plant in particular than I do.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNX)
and that multilaterals are kind of swampy. but
if there's interest, we'll find the old paperwork and shuffle it anew.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNXE)
on.
--
Paul Vixie [EMAIL PROTECTED]
President, PAIX.Net Inc. (NASD:MFNX)
[EMAIL PROTECTED] (Daniel Golding) writes:
PAIX shares MFN/Abovenet's peering agreements? That's quite a trick. ...
No. PAIX has no peering agreements of any kind.
This is not to slam PAIX or Paul Vixie - I'm a big PAIX fan, and Paul has
done a superb job. However, MFN adds no value
[EMAIL PROTECTED] (Randy Bush) writes:
well, za and some of its principal subdomains are the highest error
rate zones i secondary or use. but i can imagine a different part
of the government doing an even funkier job. the contest is likely
keen.
ISC has had very little in the way of
/Model1280GbX_092101.pdf
...which Pac*Bell SBC is using for its new GigaMan product.
--
Paul Vixie
I am looking for a ballpark count concerning amount of current internet
nodes. ( obviously not exact ) With data relevant to this year. Feel free
to contact off-list.
http://www.isc.org/ds/
--
Paul Vixie
[EMAIL PROTECTED] (Daniska Tomas) writes:
a brief summary of responses up to now:
in response to my earlier reply on this topic, i was also pointed at
http://www.nbase-xyplex.com/products.html
which indeed shows how to do 65Km regen points. pretty cool other stuff too.
within a quarter mile of that intersection.
--
Paul Vixie
: when this situation has existed in other industries, gov't intervention
: has always resulted. even when the scope is international. i've not
: been able to puzzle out the reason why the world's gov'ts have not
: stepped in with some basic interconnection requirements for IP carriers.
than
is being done now. when i added my comments to the parent thread, i only
meant to indicate my surprise that such isn't being tried -- NOT any
disappointment.
--
Paul Vixie
representative of mfn's or paix's actual plans/desires.
--
Paul Vixie
What is the connection between unregulated peering and the financial
difficulties we have seen?
The problems have been caused by:
- Bad business models
- Greed
- Corporate officers who have shirked their fudiciary responsibilities to
the stockholders
If you can somehow tie
for a trillion packets per second per root server, there is no way to get
the whole Internet, which is full of Other People's Networks, provisioned at
that level. Wide area anycast, dangerous though it can be, works around that.
See www.as112.net for an example of how this might work. More later.
--
Paul
one small note, in passing:
In other words..intermittent intergap delay?
when PAIX sells what it calls Fractional Gig E, it's just Gig E with
rate limiting. nothing special at the link level.
thing, but older customers probably wish it hadn't happened.)
--
Paul Vixie
. Clark *that* slack,
even if you must (righteously, I might add) blast him on other issues.
--
Paul Vixie
measured in months or years, then when
it does fail the failure is likely to be *in* the extra complexity you added.
--
Paul Vixie
misunderstand.
--
Paul Vixie
I suppose the discussion is what do you want from your exchange pt
operator and what do you NOT want.
At the IXP level, bits per month always trumps bits per second,
and usually trumps pennies per bit as well. There are now a number
of companies trying to sell wide area ethernet -- even
after six reports that 192.5.5.241's address has been forged as the source
of a tcp fragmented scan probe, i'm ready to have it stop. but just in
case it doesn't, this is fair warning to the community: F's address is in
unlawful use by as-yet-unidentified third parties.
re:
--- Forwarded
How about [EMAIL PROTECTED]?
Wasn't this set up for this very purpose?
Nobody goes there any more, it's too crowded.
--
Paul Vixie
myself. This is not
the same topic. I want to know what the homeland security department is
likely to do about all this, not what is good/bad for the citizens of
hostile nations or even nonhostile nations.)
--
Paul Vixie
Speakig of paix's and locations, I know the mfn filings have held up
progress but I wondered and maybe others on this list wonder what the
status of the paix nyiix interconnection might be?
until mfn finishes selling paix, there will likely be no progress on this.
technical reason to keep the number of ultimately trusted keys
small. (verisign/thawte may feel that there are compelling business reasons,
however.)
--
Paul Vixie
and
receivers can detect forged source/return addresses in e-mail.
--
Paul Vixie
names are not the
subject of http://www.vix.com/~vixie/mailfrom.txt; rather, i'm
trying to address the issue of spammers who lie about _existing_
source/return domain names.
--
Paul Vixie
simple things is blocking outbound TCP/25, then I
hope you have alternatives including changing ISP's...
...but if you don't, then it's between you and your ISP, and best of luck.
--
Paul Vixie
professional (and pretty public.)
--
Paul Vixie
If this function of your ISP costs less than 1 FTE per 10,000
dialups or 1,000 T1's or 100 T3's, then your ISP is a slacker and
probably a magnet for professional spammers as well.
... you're offering very definitive figures/labeling, and I'm curious
as to what you are basing your
the example that appears in the rfc. the only
users i'm aware of are Microsoft and Apple for their respective service
discovery systems, and MIT Kerberos iff your domain name and your realm name
are the same.
--
Paul Vixie
and/or for some brief instant. see the DCC
for an example (http://dcc.rhyolite.com/) of how to build and apply that
leverage. (i'm not giving the reference to vipul's razor because i said
millions.)
--
Paul Vixie
on those very other lists i mentioned -- but to
demonstrate that the most powerful force on the internet is someone who
says something won't work. thank y'all for your help in the demonstration.
--
Paul Vixie
[EMAIL PROTECTED] (Paul Vixie) writes:
whenever you get spammed, it's because some isp somewhere is a slacker,
what i meant to say was whenever you're getting repeat spam from the same
place, day after week after month, it's because some isp somewhere is a
slacker. any given isp can
In the fullness of time, the universe itself will die of heat. So what?
How come this makes me want to raise the issue of our immortal souls?
spammers have souls?
So for example saying this or that filter appears to have repelled 1M
spam msgs per day doesn't really prove much unless
... (http://dcc.rhyolite.com/) ...
Indeed, that is a cool idea. I definitely want to look into
that a lot more closely. Perhaps we can combine this with deep
blacklist checking (beyond just the first hop), tagging, and Bayesian
content filtering. Perhaps then we will have a
to the need.
--
Paul Vixie
.procmailrc is not for sale, so go make your own.)
in the general case, we let this happen because there is no procedure for
excluding folks from the list on any basis, including insulting.
--
Paul Vixie
One of the basic problems with discussions about spam control is that it
focuses entirely on spam. Blocking output SMTP from individual dial-ups
has a serious negative consequence:
Laptop mobile users cannot use their home SMTP server.
in the business, we call this tough
, and require them to do
likewise?
and if not, why not, and how long do you think it's going to take before
we use economic methods to solve this scourge?
--
Paul Vixie
Does anyone have any comments (good or bad) about Cognet as a transit
provider in New York?
No. But we (ISC) are using them in San Francisco (at 200 Paul Street) and
they've been fine.
--
Paul Vixie
Plenty of asian isp's in los angeles for Quite a while now.
there also seems to be a PAIX switch inside 1 Wilshire now. (mfn's chap.11
filing having sawn off any hope we had of opening PAIX-LA.)
--
Paul Vixie
I have heard that the new paix switch will be attached [to laap] as well.
But only rumored not sure if its true.
it's true. there was a launch party recently when the paix switch was
announced for 1 wilshire, and laap was absolutely mentioned along with
the words just like seattle with
reports of equinix's demise appear to have been grossly premature. see
http://biz.yahoo.com/bw/021002/20088_1.html, whose title is something like:
Equinix Gains Strategic Investment From Singapore Technologies Telemedia
and Creates the Largest Global Network Neutral Internet Exchange
no idea this was generally thought to be so complicated.
--
Paul Vixie
yesterday, but I asked that it not be filtered anywhere except C-root itself
(where I can measure it) or distant source-AS's (which is where it makes
sense.)
--
Paul Vixie
Just out of interest how do you co-ordinate use of RFC 1918 addresses
and routes amongst your customers? Do you run a registry for them, or
do you just let them fight it out and the one with the biggest packets
wins or something like that?
there's a registry. we also maintain IN-ADDR
ritual of chapter 11, i think
they will be in a fine position to reset their per-megabit charges in ways
that make them a compelling transit provider. their network's been great.
--
Paul Vixie
i wrote:
transit prices have been in free fall, and worldcom has not been
following them downward. however, after the cleansing ritual of
chapter 11, i think they will be in a fine position to reset their
per-megabit charges in ways that make them a compelling transit
provider. their
someone wrote, in response to my piece this morning...
Can you explain more about why you think transit prices will return to
the $200-$300/mbps. I've been quoted $40/mbps on a 50mbps commit
(95th%) ... which I think is pretty much as low as it's going to get.
I can understand prices going
How do you compute CGS on a network that is 25% utilized?
bad
Is it expenses/current utilization or expenses/maximum capacity?
i want to be in a situation where i owe income taxes. so it's all
about costs vs. sales.
I think a lot of the low-ball pricing that is in the market is the
[EMAIL PROTECTED] (Sean Donelan) writes:
Best guess, its a smurf attack. Networks which still have ip
directed-broadcast (or your vendor's equivalent) enabled on interfaces.
Its still amazing how much traffic it can generate.
however, this attack was icmp request, not icmp reply.
--
Paul
(Okay Paul - here's your chance to rant about how badly they misquoted
you! Grin)
I think it's clear that editors were involved.
--
Paul Vixie
-sides? Sure. But who really needs the end-to-end
principle or uncontrolled innovation.
i can see how the end to end principle applies in cases 2 and 3, but not 1.
--
Paul Vixie
1. Require all providers install and manage firewalls on all subscriber
connections enforcing source address validation.
i can see how the end to end principle applies in cases 2 and 3, but not 1.
I didn't make any of these up. They've all been proposed by serious,
well-meaning
not just the bad people. all the people. a network with 2 or 3 in place
is useless. there is no way to make 2 or 3 happen.
As part of their anti-spam efforts, several providers block SMTP port
25, and force their subscribers to only use that provider's SMTP
relay/proxy to send mail.
Source address validation, or more generally anti-spoofing filters, do
not require providers maintain logs, perform content inspection or
install firewalls. But source address validation won't stop attacks,
viruses, child porn, terrorists, gambling, music sharing or any other
evil that
server operators are, http://root-servers.org/ has a list. valdis writes:
And remember - Paul Vixie has shown that 10% of the inbound traffic at
c.root-server.net is bogus rfc1918 sourced. Making the addresses public
will serve as a DDoS vector against the root operators
moreover, duane
tradition,
nonexistent.
--
Paul Vixie
1 - Connection Taxonomy
1.1. The Internet is a network of networks, where the component
networks are called Autonomous Systems (AS), each having a unique AS
Number (ASN).
Even if this reflects the original intent of ASNs, it certainly does not fit
current reality.
it is
of the decade, and ultimately any metro with population
greater than 50K in a 100 sq Km area will need a neutral exchange point
(even if it's 1500 sqft in the bottom of a bank building.)
--
Paul Vixie
I'm putting the number closer to 40 (the NFL cities) right now, and
150 by the end of the decade, and ultimately any metro with population
greater than 50K in a 100 sq Km area will need a neutral exchange point
(even if it's 1500 sqft in the bottom of a bank building.)
What application
speaking of paix, for those of you in atlanta (ietf) this week, i'm
going to do a couple of site walkthroughs. send me e-mail if interested.
--
Paul Vixie
http://www.businesswire.com/cgi-bin/f_headline.cgi?day0/223210010ticker=
more about PAIX-ATL1's
likely future under their ownership.
paul
re:
speaking of paix, for those of you in atlanta (ietf) this week, i'm
going to do a couple of site walkthroughs. send me e-mail if interested.
--
Paul Vixie
in the last few months since i most recently cleared out the database,
my test network (a defunct /16) has received 3.8M http transactions
containing 460K distinct worm bodies sent from 137K source addresses.
the top 8, by quantity, are:
srcaddr | count |first|
, and we were very proud of it.)
--
Paul Vixie
:28.731864+00
2002-12-05 02:39:01.039261+00
2002-12-06 13:34:01.304566+00
2002-12-06 19:18:16.930703+00
2002-12-06 19:27:04.795367+00
2002-12-06 19:36:18.116943+00
2002-12-06 20:13:11.24717+00
2002-12-06 20:21:55.262627+00
2002-12-07 16:22:00.914884+00
(398 rows)
--
Paul Vixie
or otherwise; rather, it's about not leaving money on
the table.
--
Paul Vixie
The perceived money on the table frequently doesn't exist and attempts
to get it may produce the opposite result.
well, yeah, sure, but...
* Who they shift the traffic to may be your competitor.
...at least you know they are paying SOMEBODY, thus supporting the market
you want to be in.
... if everybody who could peer in N places worldwide could just get
peering, then all kinds of per-bit revenue for high tier network
owners would turn into per-port revenue for exchange point
operators. ...
Well, I think as a local operator you can not expect to be able to
peer with
Similarly to peering, a base amount is required to make this crazy
thing we all run work. As we've seen with companies like PSI, those
who terminate, or loose significant peering generally end up dead.
no part of worldcom's failure traces to uunet's decision to restrict
their peering back in
Is it just me or does all this make Internap's Business model look
really good?
i think it's just you.
wow, break bind in a new and horrid way to accomplish this task :) Nice...
perhaps mr. vixie will add this functionality for us?
patches welcomed.
--
Paul Vixie
bears directly on your top-line revenue.
--
Paul Vixie
.
--
Paul Vixie
.
to that end :-), something is happening with a DNS ISAC. (more later.)
--
Paul Vixie
to be a complete joke
for peering for any number of reasons.
before any of you argue further, please carefully define your terminology so
the rest of us will know how to fill out our scorecards.
--
Paul Vixie
pulled out of AMS-IX in protest (and in fear). however, if the
expansion was intra-metro, then i must be confused, because KQ's major
source of bandwidth revenue should have been inter-metro not intra-metro.
--
Paul Vixie
1 - 100 of 738 matches
Mail list logo