Re: SP / Enterprise design (dis)similarities
On Tue, Oct 11, 2011 at 1:19 AM, Keegan Holley keegan.hol...@sungard.com wrote: 2011/10/11 Christopher Morrow morrowc.li...@gmail.com On Tue, Oct 11, 2011 at 1:12 AM, Keegan Holley keegan.hol...@sungard.com wrote: The definition of clean is also subjective. There are many who would run the IGP only for loopbacks and /30's and force everything into BGP even at small scale. BGP makes it easier to control the routing relationships between companies and pretty much removes the need for redistribution. There are trade-offs though, such as load-balancing. just loadbalance toward the next-hop, no? It depends on the IGP, whether the paths have exactly the same metric and whether or not you need to run MPLS. sure.
Re: meeting network
The hotel IT department is the guy who runs the as400 that gets reservations from corprate, and runs the POS terminals. the room-net is by-in-large run by a third party such as lodgenet. here at the lovely and reasonably priced loews, the dhcp disaster in the rooms killed the front desk randy
Re: Y'all know Google is offering public DNS services now?
On Tue, Oct 11, 2011 at 1:19 AM, Scott Howard sc...@doc.net.au wrote: the initial release date (not actually shown in the that version as far as I can see, but it was around the same time Google announced their public DNS servers). jan 27 2011, so says the doc header...
Re: Y'all know Google is offering public DNS services now?
At 22-07-2011 20:59, Michael Painter wrote: Fwiw, ol' Steve Gibson has written a small (167KB), .exe, DNS Benchmark. It's easy to add 8.8.8.8 and 8.8.8.4 (or any nameserver) to the .ini file from within the program . http://www.grc.com/dns/benchmark.htm --Michael There's also namebench, does a lot of more tests, and runs at Mac OSX and Linux too: http://code.google.com/p/namebench/
Re: SP / Enterprise design (dis)similarities
Tom Lanyon wrote on 11/10/2011 01:42: In the case that there is both iBGP and IGP running internally, is there any reason to choose one or the other to originate a default route to our aggregation/access layers? At some point I imagine it's going to be redistributed into the IGP (or re-originated in the IGP), so would think it would be best to just always run the default in the IGP to keep things consistent. Thanks, Tom We recently started migrating from IGP for everything to BGP for customers, IGP for infrastructure. We have chosen to go with the default route in IGP, since we consider IGP strictly internal (no redistribution allowed anywhere) and something to be trusted more than BGP. -- Tassos
Re: meeting network
On 10/10/11 3:41 PM, Frank Bulk wrote: Holding the last 10% of the meeting room payment seems like a good start for any venue. It's worthless. It's like being single-homed on a line with an SLA that refunds some small percent of your service provider fee for extended outages - fat lot of good that does you when your line Goes Down. The hotel's IT department will assure them (and you) that they have the situation covered, and then when it goes down you get a whole whopping 10% discount, but in the meantime you Have No Network. To get their attention, to make sure they are really ready to provision the network capacity correctly (with adequate hardware, software, bandwidth, appropriate configs, etc.) the penalty needs to be something closer to 50% of all fees paid by the organization AND our attendees, for meeting rooms, food service, AND for lodging. Then when the network dies everyone gets 50% refunded. That will get the hotel management's attention and *possibly* help ensure that their IT department really DOES have the situation properly spec'd and provisioned to handle the traffic. jc
Re: Y'all know Google is offering public DNS services now?
Michiel Klaver wrote: At 22-07-2011 20:59, Michael Painter wrote: Fwiw, ol' Steve Gibson has written a small (167KB), .exe, DNS Benchmark. It's easy to add 8.8.8.8 and 8.8.8.4 (or any nameserver) to the .ini file from within the program . http://www.grc.com/dns/benchmark.htm --Michael There's also namebench, does a lot of more tests, and runs at Mac OSX and Linux too: http://code.google.com/p/namebench/ More tests? Where's the result of the DNSSec checks? Its maintenance is suspect, since my ISP's (and most resolvers) returned something like: a.. www.anonymizer.com appears incorrect: 209.143.153.58 a.. isohunt.com appears incorrect: 208.95.172.130 a.. www.thesouthasian.org appears incorrect: sbsfe.geo.mf0.yahoodns.net a.. youporn.com appears incorrect: 173.192.24.120, 173.192.60.242, 173.192.60.245, 173.192.24.114, 173.192.24.115, 173.192.24.116, 173.192.24.117, 173.192.24.119 a.. www.stopkinderporno.com appears incorrect: 188.72.230.78 a.. wikileaks.org appears incorrect: 88.80.16.63 a.. www.lapsiporno.info appears incorrect: 89.166.50.123 a.. www.paypal.com is hijacked: 173.0.88.34, 173.0.84.2, 173.0.84.34, 173.0.88.2 a.. uddthailand.com appears incorrect: 184.173.208.195 a.. www.stormfront.org appears incorrect: 174.121.229.156 a.. motherless.com appears incorrect: 198.64.4.17, 198.64.4.16 a.. www.partypoker.com appears incorrect: ppdotcom.iivt.com a.. twitter.com appears incorrect: 199.59.149.198, 199.59.149.230, 199.59.148.10 Interesting choice of URLs. I wonder how many folks are wasting their time chasing this ominous sounding a.. www.paypal.com is hijacked: 173.0.88.34, 173.0.84.2, 173.0.84.34, 173.0.88.2 --Michael
Re: Y'all know Google is offering public DNS services now?
At 11-10-2011 10:58, Michael Painter wrote: Interesting choice of URLs. I wonder how many folks are wasting their time chasing this ominous sounding a.. www.paypal.com is hijacked: 173.0.88.34, 173.0.84.2, 173.0.84.34, 173.0.88.2 --Michael I guess you selected the Alexa top1000 as data-source, which contains this selection of URLs. The result of mis-matching IP addresses reports could be the result of geo-dns, serving different results to different parts of the world to match local CDN nodes.
Re: new guest room SSID for NANOG
On Oct 10, 2011, at 9:44 PM, Joel jaeggli wrote: On 10/10/11 17:12 , Randy Carpenter wrote: Very nice. I wonder if this is an option we could try to use in future meetings. It makes sense, really, since we already have decent connectivity for the conference areas, and we wouldn't be destroying the hotel's outside connection (only their WiFi ;-) ) having negotiated or attempted to negotiate this as part of a number of hotel contracts, I'd note that while nice to have this is not always possible, so while I'd put it on the list, if it becomes a deal-breaker it would substantially reduce the number of available venues or result in payment of significant considerations to the hotel for the lost revenue from non-nanog guests to the hotel, for whom internet is generally an upsell unless included in their rate. Should be pretty easy to convince the hotel that upselling NANOGers internet isn't going to result in revenue unless their network somehow miraculously handles the load. Instead, they can look forward to ~500 people wanting that charge reversed on checkout due to the hotel's inability to provide sufficient capacity. Owen -Randy - Original Message - Noah - Very nice... I also notice it's IPv6 enabled. :-) Thanks! /John On Oct 10, 2011, at 5:43 PM, Noah Weis wrote: All, The hotel is in the process of deploying an SSID throughout the guest room network that terminates to the NANOG external router, rather than the hotel's gateway. The SSID is NANOG-guest. They stated it will take a couple of hours to be fully operational in the guest room space. As always, please let me know if you have any questions. Cheers, Noah -- Noah K. Weis Verilan, Inc. m: +1-503-902-2491
Re: meeting network
On Oct 10, 2011, at 10:32 PM, Joel jaeggli wrote: On 10/10/11 07:00 , Owen DeLong wrote: It would be wise for NANOG to approach future venues and specifically discuss these things with the hotel IT departments in question ahead of time so that they have some remote chance of being prepared. The hotel IT department is the guy who runs the as400 that gets reservations from corprate, and runs the POS terminals. the room-net is by-in-large run by a third party such as lodgenet. Owen In my experience, you start with the hotel IT department and they at least know who to talk to at LodgeNet/whoever in order to reach someone that can provide a useful response. Owen
Re: meeting network
On Oct 11, 2011, at 8:22 AM, Owen DeLong wrote: On Oct 10, 2011, at 10:32 PM, Joel jaeggli wrote: On 10/10/11 07:00 , Owen DeLong wrote: It would be wise for NANOG to approach future venues and specifically discuss these things with the hotel IT departments in question ahead of time so that they have some remote chance of being prepared. The hotel IT department is the guy who runs the as400 that gets reservations from corprate, and runs the POS terminals. the room-net is by-in-large run by a third party such as lodgenet. In my experience, you start with the hotel IT department and they at least know who to talk to at LodgeNet/whoever in order to reach someone that can provide a useful response. To be perfectly clear, the hotel IT department is a fine escalation point once you're close the actual event, and that they will bring in others as needed. This even works if you need to pull fiber into a facility for additional bandwidth, with the hotel IT/telecom team often getting involved months in advance. At the time of _contracting_ (more than 1 year in advance in many cases), the ability to pierce the sales veil of Yes, we can do anything you need and It's no problem can be quite difficult, even if one does an on-site visit and meets with the hotel IT team. They are trained to avoid raising any issues in the sales process, and prioritize any actual technical level engagement with their partners until well past contract. They often do not even have the ability to engage their partners except during an actual performance problem, so expecting them to get someone on the phone a year in advance of an event to commit to an unusual configuration may be quite limited (or even absent in the case of hotel chains whose wireless partner relationship is held by the hotel chain parent corporation.) I'm not saying that it is not worth trying; I just want folks to have a realistic understanding of how these arrangements are actually made. It is far better today then in the past, as there have been many conferences over the years where step 1 was pulling the coax or fiber through the hotel to establish their first-ever network infrastructure... :-) FYI, /John
Re: new guest room SSID for NANOG
On 10/11/11 8:19 AM, Owen DeLong wrote: Should be pretty easy to convince the hotel that upselling NANOGers internet isn't going to result in revenue unless their network somehow miraculously handles the load. Instead, they can look forward to ~500 people wanting that charge reversed on checkout due to the hotel's inability to provide sufficient capacity. As has been said in other parts of this thread NANOG typically negotiates to have in room internet removed from the attendees bill. Also +1 regarding what Joel and John have said regarding the business complexities surrounding making the conference network available in-room or otherwise manipulating the existing network infrastructure of the hotel. Its worth a try but sometimes it is just not practical to do this.
Re: meeting network
On 11/10/2011 14:12, John Curran wrote: is far better today then in the past, as there have been many conferences over the years where step 1 was pulling the coax or fiber through the hotel to establish their first-ever network infrastructure... :-) There is nothing more dispiriting than yeah sure, you can pull in that fibre cable, but only on condition that you remove it immediately after the [conference|meeting|whatever] is over. We already have the Internet. Then they point at the 2Mb DSL wifi AP and expect you to be impressed at their technology. Nick
Re: meeting network
Maybe instead of upgrading the network of cities, we could convince Google to practice by upgrading the networks of a variety of hotels in locations that NANOG might find appealing :) On Tue, Oct 11, 2011 at 10:48 AM, Nick Hilliard n...@foobar.org wrote: On 11/10/2011 14:12, John Curran wrote: is far better today then in the past, as there have been many conferences over the years where step 1 was pulling the coax or fiber through the hotel to establish their first-ever network infrastructure... :-) There is nothing more dispiriting than yeah sure, you can pull in that fibre cable, but only on condition that you remove it immediately after the [conference|meeting|whatever] is over. We already have internet Then they point at the 2Mb DSL wifi AP and expect you to be impressed at their technology. Nick
Re: meeting network
Sent from my iPad On Oct 11, 2011, at 10:48, Nick Hilliard n...@foobar.org wrote: On 11/10/2011 14:12, John Curran wrote: is far better today then in the past, as there have been many conferences over the years where step 1 was pulling the coax or fiber through the hotel to establish their first-ever network infrastructure... :-) There is nothing more dispiriting than yeah sure, you can pull in that fibre cable, but only on condition that you remove it immediately after the [conference|meeting|whatever] is over. We already have the Internet. Then they point at the 2Mb DSL wifi AP and expect you to be impressed at their technology. Nick Yes there is... There's the time when they say No, you can't pull in that fiber. Just use the internet and set up a VPN then point to the 1Mbps DSL wifi AP... Owen
RE: meeting network
The hotel will never refund at that level. The only thing that works is not to pay them in the first place. No hotel is that desperate enough to fill rooms that they're willing to return 50% of everything if the connectivity is poor or fails. They'll let their competitors have that business. Frank -Original Message- From: JC Dill [mailto:jcdill.li...@gmail.com] Sent: Tuesday, October 11, 2011 3:26 AM To: NANOG list Subject: Re: meeting network On 10/10/11 3:41 PM, Frank Bulk wrote: Holding the last 10% of the meeting room payment seems like a good start for any venue. It's worthless. It's like being single-homed on a line with an SLA that refunds some small percent of your service provider fee for extended outages - fat lot of good that does you when your line Goes Down. The hotel's IT department will assure them (and you) that they have the situation covered, and then when it goes down you get a whole whopping 10% discount, but in the meantime you Have No Network. To get their attention, to make sure they are really ready to provision the network capacity correctly (with adequate hardware, software, bandwidth, appropriate configs, etc.) the penalty needs to be something closer to 50% of all fees paid by the organization AND our attendees, for meeting rooms, food service, AND for lodging. Then when the network dies everyone gets 50% refunded. That will get the hotel management's attention and *possibly* help ensure that their IT department really DOES have the situation properly spec'd and provisioned to handle the traffic. jc
2011.10.11 NANOG53 tuesday morning session notes
Wow. People drank too much coffee this morning, they were talking at warp 10. Especially that Todd Underwood fellow; someone swap him out onto decaf next time. ^_^; Video stream worked much better today than yesterday, though VLC stream seemed to be running a bit odd, so I switched back to web stream instead. Notes from the morning session are posted at http://kestrel3.netflight.com/2011.10.11-nanog53-morning-session.txt in case they might be of use to people following along remotely. Thanks! Matt
Re: meeting network
Once upon a time, Nick Hilliard n...@foobar.org said: There is nothing more dispiriting than yeah sure, you can pull in that fibre cable, but only on condition that you remove it immediately after the [conference|meeting|whatever] is over. We already have the Internet. I would say the situation depends on the hotel and which person you talk to. I volunteer for one of the largest science fiction conventions, and we take over 5 convention hotels for the con. I set up networking for our staff department's operations last year in one hotel, and initially we couldn't get anywhere because it was iBAHN and demanding an auth code on a captive web portal. When we got somebody from the hotel to look, he went into a closet around the corner and moved the wire, and we were then on the hotel's direct network. He then noticed I was running Linux, and we chatted about different distributions, and while I was setting up my (probably not allowed) wireless router, he showed back up with a box of cat5 and some ends (he was going to run some additional wires around the room for us, but saw I was running an AP and said you're good, aren't you and went on). We also have fiber pulled between the 5 hotels for our video feed, and that stays in place from year to year. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: Enterprise Wi-Fi list recommendations?
On 10/10/2011 4:21 PM, Network IP Dog wrote: MERAKI... http://www.meraki.com E = 4:32Cheers!!! Just had a call from them oddly enough. (via a white paper download, not scrapping nanog fortunatly...) I signed up for the wispa and wireless-lan lists mentioned in the thread, so we'll see how that goes. Thanks all for the on and off list replies. -- --- James M Keller
Re: meeting network
Just an FYI - even though you approved the wireless charge, it's actually free. They pull the per-diem/week charge off your bill. That applies to all NANOG attendees. Mike On Oct 10, 2011, at 11:36 PM, Owen DeLong wrote: I don't think it is. I think that you can negotiate and I will point out that the hotel here has wanted our business enough that they have now scrambled to make life significantly better. You can also bet I'll be demanding that they credit my $54 that I put on the in-room access be credited to my bill even though ARIN would pay it. I routinely do this when the conference network (or the in-room network) sucks and it's provided by the hotel. I have yet to have one refuse my refund request. Owen On Oct 10, 2011, at 3:41 PM, Frank Bulk wrote: Holding the last 10% of the meeting room payment seems like a good start for any venue. But as others have indicated, the market may be too small for free-market principles to be fully effective. Frank -Original Message- From: JC Dill [mailto:jcdill.li...@gmail.com] Sent: Monday, October 10, 2011 1:36 PM Cc: North American Network Operators' Group Subject: Re: meeting network On 10/10/11 7:00 AM, Owen DeLong wrote: It would be wise for NANOG to approach future venues and specifically discuss these things with the hotel IT departments in question ahead of time so that they have some remote chance of being prepared. I tried this approach many years ago, for a Blogher conference. The hotel's IT people were uncooperative, and incompetent, and they lied both about their network design and their equipment capabilities. I have since learned that this is par for the course. IMHO the only way to solve this problem is with big $$$ penalties in the contract, big enough that the incompetent IT people realize their jobs are on the line and relinquish control so experts can get access and set-up things properly. Also note - the conference or hotel's IT people will always claim they have done this before with no problems even when they haven't. jc -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
EP.net and Almond Oil Process LLC?
Anyone know what the current status is with EP.net and their new owner/parent company Almond Oil Process LLC? Some on this list may use EP.net services and have noticed the happenings of late. We contracted with EP.net for exchange space when it was owned by Bill Manning. Apparently it was sold and since then things have gone downhill. We were trying to get a simple authority record changed to no avail despite dozens of contact attempts, and now it appears the ep.net domain is functionally gone, which is causing even more issues. Any hints or current contact information would be helpful. Calls/email to ARIN POCs currently go unanswered. Tnx Chris -- Chris Griffin cgrif...@ufl.edu Sr. Network Engineer - CCNP Phone: (352) 273-1051 CNS - Network Services Fax: (352) 392-9440 University of Florida/FLR Gainesville, FL 32611
Re: Y'all know Google is offering public DNS services now?
On Mon, Oct 10, 2011 at 11:04 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Oct 11, 2011 at 1:19 AM, Scott Howard sc...@doc.net.au wrote: the initial release date (not actually shown in the that version as far as I can see, but it was around the same time Google announced their public DNS servers). jan 27 2011, so says the doc header... The original draft had a different name, and was released in Jan 2010. http://tools.ietf.org/html/draft-vandergaast-edns-client-ip-00 Scott
Re: Steve Jobs has died
On 10/6/11 7:26 PM, Paul Graydon wrote: On 10/6/2011 4:02 PM, Wayne E Bouchard wrote: In some circles, he's being compared to Thomas Edison. Apply your own opinion there whether you feel that's accurate or not. I'll just state this: Both men were pasionate about what they did. They each changed the world and left it better than they found it. It's probably not a bad analogy, like Ford and many other champions of industry he didn't invent groundbreaking technology (Edison's only invention was the phonograph IIRC, all else was improvements on existing technology). They took what was already in existence and did something amazing with it: made it accessible, be it through price, ease of use or whatever. Steve demonstrated any number of times, when excellent hardware + software engineering + quality control is applied, even commodity products are able to provide good returns. In this view, the analogy holds when price alone is not considered. -Doug
Re: meeting network
The hotel will never refund at that level. ietf maastricht gave 100% refunds never say never
Re: Steve Jobs has died
On Tuesday, October 11, 2011 04:00:44 PM Douglas Otis wrote: On 10/6/11 7:26 PM, Paul Graydon wrote: On 10/6/2011 4:02 PM, Wayne E Bouchard wrote: In some circles, he's being compared to Thomas Edison. It's probably not a bad analogy, like Ford and many other champions of industry he didn't invent groundbreaking technology Steve demonstrated any number of times, when excellent hardware + software engineering + quality control is applied, even commodity products are able to provide good returns. In this view, the analogy holds when price alone is not considered. And, like Edison, Mr. Jobs fiercely championed his own technologies over all others; just one example is in the field of electricity where Edison's DC lost the war to Tesla's AC. Time has yet to tell how well Mr. Jobs' walled garden devices and OS's do, finally. Edison would have loved today's intellectual property wars and software patents and their attendent trolls. And Edison would have been right at home with the concept of lock-in. Brilliant man, Edison was, and he did do a great deal for humanity in general. But historical facts are historical facts. Don't get me wrong; I have a great deal of respect for both men, even though I disagree with some of their ideologies and methods. And the phonograph really was pure brilliance.
Re: Were A record domain names ever limited to 23 characters?
Hahahahaha! That is awesome. On Mon, Oct 10, 2011 at 17:50, bmann...@vacation.karoshi.com wrote: back in the day, abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ.ca.us. existed to test the length of DNS label. circa 1992 ^b.com also existed (yes, we considered ^p) the heady days of DNS evolution! /bill On Fri, Oct 07, 2011 at 06:16:46PM -0700, Owen DeLong wrote: NSI was never the only registrar. They were just the only registrar for COM, ORG, NET, EDU, and possibly a few other TLDs, but, they were, for example, never the registrar for US or many other CCTLDs. Therefore, it was not internet wide, though I will admit that it did cover most of the widely known gTLDs. Owen On Oct 7, 2011, at 4:45 PM, steve pirk [egrep] wrote: It turns out it was an artificial limitation on Network Solution's part. Being the only registrar at the time, it was pretty much internet wide at that point, contrary to the RFC spec. What was so funny was that someone got Internic/Network Solutions to up the limit. Apparently just to save some money on reprinting movie posters... ok, so they would have had to change some trailers... ;-] On Fri, Oct 7, 2011 at 16:39, Jimmy Hess mysi...@gmail.com wrote: On Fri, Sep 30, 2011 at 10:32 PM, Joe Hamelin j...@nethead.com wrote: I remember tales from when there was an eight character limit. But that was back when you didn't have to pay for them and they assigned you a class-c block automatically. Of course it took six weeks to register because there was only one person running the registry. You may be referring to a limitation of a certain OS regarding a hostname; or some network's policy. But the DNS protocol itself never had a limit of 8 characters. When we are talking about the contents of A record names, I would refer you to http://www.rfc-editor.org/rfc/rfc2181.txt RFC 2181 Clarifications to the DNS Specification R. Elz, R. Bush [ July 1997 ] (TXT = 36989) (Updates RFC1034, RFC1035, RFC1123) (Updated-By RFC4035, RFC2535, RFC4343, RFC4033, RFC4034, RFC5452) (Status: PROPOSED STANDARD) (Stream: IETF, Area: int, WG: dnsind) Elz Bush Standards Track[Page 12] ... Occasionally it is assumed that the Domain Name System serves only the purpose of mapping Internet host names to data, and mapping Internet addresses to host names. This is not correct, the DNS is a general (if somewhat limited) hierarchical database, and can store almost any kind of data, for almost any purpose. ... 11. Name syntax The length of any one label is limited to between 1 and 63 octets. A full domain name is limited to 255 octets (including the separators). The zero length full name is defined as representing the root of the DNS tree, and is typically written and displayed as .. Those restrictions aside, any binary string whatever can be used as the label of any resource record. -- -JH -- steve pirk refiamerica.org father... the sleeper has awakened... paul atreides - dune kexp.org member august '09 -- steve pirk yensid father... the sleeper has awakened... paul atreides - dune kexp.org member august '09 - Google+ pirk.com
2011.10.11 NANOG53 tues afternoon notes
Notes from the tuesday afternoon session have been posted to http://kestrel3.netflight.com/2011.10.11-nanog53-afternoon-session.txt for those who might find them useful...and apache has been restarted for those who pointed out it was hung earlier. ^_^; Thanks! Matt