Re: [Nanog-futures] [Outages] Outages have an Outage? (fwd)
[EMAIL PROTECTED] wrote: That's the reason we need list moderators, to CULTIVATE the list and encourage more signal in the postings. I don't know about moderators, but I do think list admins are appropriate. You want someone to watch the list and curtail inappropriate behavior (and postings), and not really to moderate the posts. Moderation suggests some control over what gets posted to the mailing list, and unless you make the list fully moderated, that is impossible. Unfortunately, one of the large disadvantages of an unmoderated mailing has versus a moderated mailing list or forum is the inability to retroactively remove posts that have been made that were not on-topic, or otherwise not appropriate. That said, I'd rather have an unmoderated mailing list over either of the other options. The information exchange is so much more important than the ridged control or inappropriate behavior. -Sean ___ Nanog-futures mailing list Nanog-futures@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-futures
RE: Latest instalment of the hijacked /16s story
http://www.47-usc-230c2.org/chapter3.html This time 128.168/16 - and by the same group that seems to have acquired control of the earlier one. luckily, there is no black market in address space. or at least so the theory goes on arin and ripe public policy lists. No, the theory goes that there *IS* a black market and changing ARIN or RIPE policies to make it a white market would be a bad idea. Better to help ARIN to document the fact that this is not a valid allocation so that they can recover the block. --Michael Dillon
Re: SMTP no-such-user issues
Steve Bertrand wrote: Hi everyone, We are experiencing an issue in regards to SMTP MTA relay responses regarding 'no such user', and it *apparently* appears to be only occurring when a particular site attempts to deliver email to us. For the sake of completeness... The problem has been found within the defining of a variable in chkuser: But I found the problem. chkuser_settings.h shows: #define CHKUSER_NORCPT_STRING 511 sorry, no mailbox here by that name (#5.1.1 - chkuser)\r\n I changed the 511 to 550 (as shown here http://www.faqs.org/rfcs/rfc821.html ) I'm also told that version 2.09 of chkuser works around this problem. For those who have recommended Postfix, I'd love to switch, however Qmail is tied so tightly into my mail infrastructure at this point that I don't think it would be possible without months and months of planning, and redeveloping a whole lot of internal management software. Thanks everyone, Steve
Re: Latest instalment of the hijacked /16s story
On Jun 18, 2008, at 7:57 AM, Joe Provo wrote: On Tue, Jun 17, 2008 at 10:59:21PM -0700, Tomas L. Byrnes wrote: [snip] See no evil, hear no evil, fear no evil The (human) operators who cared have been pushed out by the (coprorate) operators who would rather disavow responsibility, turn up quickly, and book the revenue instead of vetting any customer claims for basis in fact or reason. Customer filtering -even when black hats drive an AS- is Not Hard if the backbones (nets) displayed actual backbone (spine). I would argue the same for any/all security issues. If people would just shut off $VALUE, we'd have a lot fewer problems on the network. I will concede the problem is making it scale and viable for some parties. The ones that don't make the inherent security of the global network a priority are dragging the average down. - jared VALUE = ( infected host ip/customer, route leaker/hijacker, nonfiltering customer, ... )
Re: Latest instalment of the hijacked /16s story
The (human) operators who cared have been pushed out by the (coprorate) operators who would rather disavow responsibility, turn up quickly, and book the revenue instead of vetting any customer claims for basis in fact or reason. Customer filtering -even when black hats drive an AS- is Not Hard if the backbones (nets) displayed actual backbone (spine). there is a reason i am in japan. well, many actually. randy
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
On Tue, Jun 17, 2008, Christopher Morrow wrote: most of the larger free-nix's do BT downloads on release day(s). Revision3 distributes their content via BT. There were rumors of Disney and Apple moving to BT models for their content distribution at one point as well. random type=idea from tonight If only there was a way for a SP to run a BitTorrent type service for their clients, subscribing the BT server(s) to known-good (ie, not warez-y) torrents pre-seeded from trusted sources and then leaving it the hell alone and not having to continuously dump specific torrent files into it. /random Hm! Adrian
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
On 18 Jun 2008, at 10:42, Adrian Chadd wrote: random type=idea from tonight If only there was a way for a SP to run a BitTorrent type service for their clients, subscribing the BT server(s) to known-good (ie, not warez-y) torrents pre-seeded from trusted sources and then leaving it the hell alone and not having to continuously dump specific torrent files into it. /random Automatically leeching and then seeding for long periods is trivial to set up if you can get an RSS feed with torrent enclosures. It is my (highly theoretical, naturally) understanding that many BitTorrent trackers make such feeds available. However just because you have a fast, on-net seed for particular torrents doesn't mean that your on-net leechers will necessarily pick it up. The behaviour I have observed with BitTorrent is that clients are handed a relatively short list of potential peers by the tracker, and it's quite common for sensible, close, local peers not to be included. My assumption has been that the set of potential peers passed to the client is assembled randomly. If this behaviour is widespread (i.e. if my observations are valid and my interpretation of those observations reasonable) then the more popular the content, the less likely leechers are to see the seed you want them to see. This relegates your local, on-net, fast seed to be a way of distributing unpopular content (that which is not being seeded by many other people). There has been at least one presentation at NANOG in the past couple of years which describes the benefit to ISPs of p2p, by virtue of keeping traffic for popular content on-net. From memory, however, that presentation was based on a non-deployed p2p protocol which made more of an effort to help peers find local peers than the clients I described above. Joe
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
On Jun 18, 2008, at 10:42 AM, Adrian Chadd wrote: On Tue, Jun 17, 2008, Christopher Morrow wrote: most of the larger free-nix's do BT downloads on release day(s). Revision3 distributes their content via BT. There were rumors of Disney and Apple moving to BT models for their content distribution at one point as well. random type=idea from tonight If only there was a way for a SP to run a BitTorrent type service for their clients, subscribing the BT server(s) to known-good (ie, not warez-y) torrents pre-seeded from trusted sources and then leaving it the hell alone and not having to continuously dump specific torrent files into it. /random Ah, if only there was a way for my SP to go and look all over the web and figure out what pages are acceptable for me to browse and block out all of the other stuff like porn and warez and phishing --- and other objectionable content like creationism / evolution [delete whichever is appropriate ], those bastard [insert your least favorite ethnic / religious group here ] and any mention of [insert political party]. Oh, and anything to do with clowns, they freak me out... Yes, P2P is not the web, but the general principle still applies -- I don't think that handing over the censorship keys to my ISP is a reasonable solution... W Hm! Adrian -- Do not meddle in the affairs of wizards, for they are subtle and quick to anger. -- J.R.R. Tolkien
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
On Wed, Jun 18, 2008 at 10:52:38AM -0400, Joe Abley [EMAIL PROTECTED] wrote a message of 41 lines which said: The behaviour I have observed with BitTorrent is that clients are handed a relatively short list of potential peers by the tracker, and it's quite common for sensible, close, local peers not to be included. My assumption has been that the set of potential peers passed to the client is assembled randomly. I did not check seriously so I cannot confirm or deny but do note that there are several proposals to improve peer selection behind random sorting or crude measurements with ping on a few hosts. A summary of existing work is on the ALTO Web site http://alto.tilab.com/resources.html. ALTO will have a BoF session at the next IETF in Dublin, so we may see one day a standard protocol for peer selection.
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
On 19/06/2008, at 2:52 AM, Joe Abley wrote: On 18 Jun 2008, at 10:42, Adrian Chadd wrote: random type=idea from tonight If only there was a way for a SP to run a BitTorrent type service for their clients, subscribing the BT server(s) to known-good (ie, not warez-y) torrents pre-seeded from trusted sources and then leaving it the hell alone and not having to continuously dump specific torrent files into it. /random Automatically leeching and then seeding for long periods is trivial to set up if you can get an RSS feed with torrent enclosures. It is my (highly theoretical, naturally) understanding that many BitTorrent trackers make such feeds available. However just because you have a fast, on-net seed for particular torrents doesn't mean that your on-net leechers will necessarily pick it up. The behaviour I have observed with BitTorrent is that clients are handed a relatively short list of potential peers by the tracker, and it's quite common for sensible, close, local peers not to be included. My assumption has been that the set of potential peers passed to the client is assembled randomly. If this behaviour is widespread (i.e. if my observations are valid and my interpretation of those observations reasonable) then the more popular the content, the less likely leechers are to see the seed you want them to see. This relegates your local, on-net, fast seed to be a way of distributing unpopular content (that which is not being seeded by many other people). There has been at least one presentation at NANOG in the past couple of years which describes the benefit to ISPs of p2p, by virtue of keeping traffic for popular content on-net. From memory, however, that presentation was based on a non-deployed p2p protocol which made more of an effort to help peers find local peers than the clients I described above. There was a product around that would keep track of torrents and fudge the tracker responses to direct you to on-net peers where possible. Not sure what it's called. Inline box thing, much like Sandvine, Allot, etc. I imagine you could either inject the details of a local seed you're running, or keep track of on-net users and inject those. From a tracker software point of view, it would be fairly trivial to weight peer lists to prefer peers within the same ASN I imagine. Perhaps that could be turned in to same country, or what not. Better, combine it with some kind of rough AS adjacency graph and insert algorithm here and viola. Is there any data available that would let that happen easily? Obviously routing tables for the ASN/IP mapping, but what about rough ASN adjacency? It doesn't really need to be updated that often - even CAIDA's yearly data that they use to make their pretty pictures could work OK. Seems like win/win/win - linux distribution vendors can pride themselves on how much faster their torrents run, end users get better speeds for their torrents, networks move less traffic off-net. .. this is the part where someone bustles off and makes it go. -- Nathan Ward
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
Christopher Morrow wrote: On Mon, Jun 16, 2008 at 9:53 AM, Netfortius [EMAIL PROTECTED] wrote: Has anybody used (and been successful at) a bit-torrent-like agent for fast distribution of LEGAL software (install programs of large-DVD size), across multiple sites, all over the globe, with bad WAN connectivity? I have read a couple of references online (e.g. http://torrentfreak.com/university-uses-utorrent-080306/) about such, but I am a little reluctant to do it in a corporate environment, especially in the light of potential misuse of such ... unless finding a way to install, use and remove the P2P agent, all in one shot ... catch 22, sort of (distributing the P2P agent, that is :)) ... revision3.com And we saw how it worked out for Revision3.com. MediaDefender considered them illegal and launched a Denial of Service attack against them over Memorial Day weekend. P2P is considered illegal and wrong by people with lots of money and that makes it hard to use for legitimate services. Because MediaDefender is backed by the RIAA and similar organizations they seem to be immune to prosecution. However, if *I* did the same thing then I know I would be locked up right now. --Blaine
[NANOG-announce] Reminder - NANOG PC tool is accepting presentations for both NANOG 44 45
Hi folks, As mentioned in the NANOG Program Committee call minutes, posted at http://www.nanog.org/pc.nanog44_minutes.html, we are currently accepting presentations for both NANOG44 and NANOG45. Several abstracts have been received for the October meeting and we are going to assume they are intended for NANOG44. Please clearly mark submissions if NANOG45 is your intention. Our next call is scheduled for early July so keep the submissions, and promised slides for those with abstracts in the tool at present, flowing. Thanks! -Ren, on behalf of the NANOG Program Committee ___ NANOG-announce mailing list [EMAIL PROTECTED] http://mailman.nanog.org/mailman/listinfo/nanog-announce
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
To address the original question, there are several p2p companies focusing on optimizing p2p for internal distribution of software and rich media. In particular, Kontiki and Ignite both offer such services, and between the two have many of the Fortune 1000 as customers (Coke, Bank of America, Accenture, McDonalds, Canon, Burger King, etc.). Their systems manage not just the (p2p) physical delivery of the bits, but also the enterprise management aspects (e.g. sending the right versions of the right software to the right desktops, managing data flow in a way that works well on a corporate LAN, security, running the installs/upgrades, etc.). Addressing the Revision3 comment in the thread, I don't think that the RIAA and similar organizations had any problem with Revision3 using the BitTorrent protocol, but with them running an (inadvertently) open Tracker that was hosting 250K pirate torrents. The attack was pretty clearly a MediaDefender software bug in their code that monitors pirate torrents, multiplied by the large number of servers that they run, which unfortunately kicked in over a holiday weekend when nobody was around to fix it. Once MediaDefender was notified of the problem, Revision3 said that it was fixed quickly. So while you may not like what MediaDefender does for a living, it doesn't look like they were trying to DDOS Revision3 for using p2p protocols. - Laird Popkin, CTO, Pando Networks mobile: 646/465-0570 - Original Message - From: Blaine Fleming [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, June 18, 2008 12:20:28 PM (GMT-0500) America/New_York Subject: Re: P2P agents for software distribution - saving the WAN from meltdown?!? Christopher Morrow wrote: On Mon, Jun 16, 2008 at 9:53 AM, Netfortius [EMAIL PROTECTED] wrote: Has anybody used (and been successful at) a bit-torrent-like agent for fast distribution of LEGAL software (install programs of large-DVD size), across multiple sites, all over the globe, with bad WAN connectivity? I have read a couple of references online (e.g. http://torrentfreak.com/university-uses-utorrent-080306/) about such, but I am a little reluctant to do it in a corporate environment, especially in the light of potential misuse of such ... unless finding a way to install, use and remove the P2P agent, all in one shot ... catch 22, sort of (distributing the P2P agent, that is :)) ... revision3.com And we saw how it worked out for Revision3.com. MediaDefender considered them illegal and launched a Denial of Service attack against them over Memorial Day weekend. P2P is considered illegal and wrong by people with lots of money and that makes it hard to use for legitimate services. Because MediaDefender is backed by the RIAA and similar organizations they seem to be immune to prosecution. However, if *I* did the same thing then I know I would be locked up right now. --Blaine
A pipe dream? [WAS: Re: P2P agents for software distribution - saving the WAN from meltdown?!?]
On Wed, Jun 18, 2008 at 10:42:22PM +0800, Adrian Chadd wrote: [...] random type=idea from tonight If only there was a way for a SP to run a BitTorrent type service for their clients, subscribing the BT server(s) to known-good (ie, not warez-y) torrents pre-seeded from trusted sources and then leaving it the hell alone and not having to continuously dump specific torrent files into it. /random Modifying the P2P protocols might help find good seeds, etc. However, I always like to take this thought a bit further and combine it with a particular Network Neutrality solution. Imagine a world where Net Neutral means that you have a neutral layer 2 architecture and you're free to choose the layer 3 provider. (Model it on US West/Qwest's original DSL product.) Then, sprinkle in a *bunch* of ISPs that must have transparent layer 3 policies. Let them block/fold/mutilate/spindle/synthesize packets at their whim -- as long as they *tell* the customer what they're going to do. In the end, I can see ISPs that do *nothing* to your traffic, and charge what we would call normal pricing. There would be cut-rate ISPs that would promise best-effort, but will throttle if they have congestion issues. If you're an ISP, you might even try to cut a deal with the RIAA and/or MPAA so your customers have *fast* access to legitimate content. As a content provider, I would look seriously into subsidizing the access costs so that I could capture an end user... Guess I picked the wrong week to stop sniffing glue...
Re: P2P agents for software distribution - saving the WAN from meltdown?!?
Nathan Ward wrote: There was a product around that would keep track of torrents and fudge the tracker responses to direct you to on-net peers where possible. Not sure what it's called. Inline box thing, much like Sandvine, Allot, etc. I imagine you could either inject the details of a local seed you're running, or keep track of on-net users and inject those. Out of curiosity, how many SPs out there have local Akamai servers on their network? I inquired about it last Fall and our average bandwidth to Akamai wasn't enough at the time to warrant placing hardware on our site, from their perspective anyway. The bandwidth though accounted for roughly 1/10th of our overall bandwidth. I wonder what it would be today. Our Internet bandwidth is just over 4x what it was last Fall. Justin