Re: [Outages-discussion] Recent outage in Australia affecting Telstra

[Skeeve Stevens]

I would probably suggest that there wouldn't be any.

*Skeeve Stevens, CEO*
eintellego Pty Ltd
ske...@eintellego.net ; www.eintellego.net

Phone: 1300 753 383 ; Fax: (+612) 8572 9954

Cell +61 (0)414 753 383 ; skype://skeeve

facebook.com/eintellego

twitter.com/networkceoau ; www.linkedin.com/in/skeeve

PO Box 7726, Baulkham Hills, NSW 1755 Australia

The Experts Who The Experts Call
Juniper - Cisco – Brocade - IBM



On Wed, Feb 29, 2012 at 06:01, Gary Buckmaster <
gary.buckmas...@digitalpacific.com.au> wrote:

> On 2/25/2012 2:46 AM, Jay Ashworth wrote:
> > - Original Message -
> >> From: "Gert Doering" 
> >
> >>> One of Telstra's downstream customers, a smaller ISP called Dodo,
> >>> accidentally announced the global table to Telstra (or perhaps a very
> >>> large portion of it.) Enough of it to cause major disruption.
> >>
> >> This is good. There is a chance that Telstra will learn from it, and
> >> do proper customer-facing filters now.
> >>
> >> OTOH, there also is a chance that Telstra lawyers will just sue the
> >> customer, and not change anything...
> >
> > Perhaps.  I am not familiar with Australian jurisprudence, but the US
> there
> > is the doctrine of Last Clear Chance[1]... and the work necessary on
> Telstra's
> > part to avoid this problem is a) well known, b) arguably considered best
> > practice for a company in their field, and c) not disproportionately
> > onorous for them to have undertaken...
> >
> > so even if they sue, it's not at all a clear cut case for them to "win".
> >
> > Cheers,
> > -- jra
> > [1] https://en.wikipedia.org/wiki/Last_clear_chance
>
> Being a relatively recent immigrant to Australia from the US, I can say
> that, although I have no background in Australian legal shenanigans,
> they aren't quite the litigious bastards we Americans tend to be.
>
> Most of the commentary on AUSNOG tended towards "that was foolish,
> hopefully they learn from that".  I suspect the chances of there being
> any legal fallout from this are slim.
>
>

Re: [Outages-discussion] Recent outage in Australia affecting Telstra

[Gary Buckmaster]

On 2/25/2012 2:46 AM, Jay Ashworth wrote:
> - Original Message -
>> From: "Gert Doering" 
> 
>>> One of Telstra's downstream customers, a smaller ISP called Dodo,
>>> accidentally announced the global table to Telstra (or perhaps a very
>>> large portion of it.) Enough of it to cause major disruption.
>>
>> This is good. There is a chance that Telstra will learn from it, and
>> do proper customer-facing filters now.
>>
>> OTOH, there also is a chance that Telstra lawyers will just sue the
>> customer, and not change anything...
> 
> Perhaps.  I am not familiar with Australian jurisprudence, but the US there
> is the doctrine of Last Clear Chance[1]... and the work necessary on Telstra's
> part to avoid this problem is a) well known, b) arguably considered best
> practice for a company in their field, and c) not disproportionately 
> onorous for them to have undertaken...
> 
> so even if they sue, it's not at all a clear cut case for them to "win".
> 
> Cheers,
> -- jra 
> [1] https://en.wikipedia.org/wiki/Last_clear_chance

Being a relatively recent immigrant to Australia from the US, I can say
that, although I have no background in Australian legal shenanigans,
they aren't quite the litigious bastards we Americans tend to be.

Most of the commentary on AUSNOG tended towards "that was foolish,
hopefully they learn from that".  I suspect the chances of there being
any legal fallout from this are slim.

Re: Alaska peering

[Mr. James W. Laferriere]

Hello Mehmet ,

On Tue, 28 Feb 2012, Mehmet Akcin wrote:

Hi

I have read there was a discussion in 2010 regarding an IX in Alaska and 
whether it existed.

seems like the most logical point to get to Alaska is Seattle. Is that still 
the case? Is there any peering point in Alaska?

please contact me offlist if you know some colo / Internet service provider 
there.

thanks.

mehmet

Would you be so kind as to summerise any finding that you receive ?
Tia ,  JimL
--
+--+
| James   W.   Laferriere | SystemTechniques | Give me VMS |
| Network&System Engineer | 3237 Holden Road |  Give me Linux  |
| bab...@baby-dragons.com | Fairbanks, AK. 99709 |   only  on  AXP |
+--+

Re: Cisco ME3400

[Ramanpreet Singh]

Checkout me3600/me3800 ngn metro boxes which supports service level/efp
configuration. Also commonly known as cisco's evc infrastructute currently
supported on 7600 with es+ cards and asr 9k.

I dont think there is any other box from cost prespective which supports
most of the desired metro features as me3600/3800 does.
On Feb 28, 2012 4:08 PM, "Holmes,David A"  wrote:

> Anyone with advice on the ME3400 which some telcos use for Metro Ethernet
> Forum (MEF) services? Specifically looking for layer2 vs layer 3. At Layer
> 2 NNI/UNI vs dot1q qinq vs private VLANs. At Layer 3 multiple VRF CE/PE
> support. Specifically which connectivity options have been found to be most
> reliable and scalable.
>
>
>
>  
> This communication, together with any attachments or embedded links, is
> for the sole use of the intended recipient(s) and may contain information
> that is confidential or legally protected. If you are not the intended
> recipient, you are hereby notified that any review, disclosure, copying,
> dissemination, distribution or use of this communication is strictly
> prohibited. If you have received this communication in error, please notify
> the sender immediately by return e-mail message and delete the original and
> all copies of the communication, along with any attachments or embedded
> links, from your system.
>

RE: Programmers with network engineering skills

[George Bonser]

> 
> That sparked my interest. Did I miss something? One can lie about
> TS/CSI clearance and be believed as long as one can fool a lie
> detector? How safe is that? That strikes me as a bit odd.
> 

Yeah, you missed something.  TS/SCI w/polygraph means that you underwent a 
Special Background Investigation *and* you passed a polygraph during an 
interview which is generally used to detect if you are being deceptive in your 
answers to questions, not so much to find "the truth".

And you can lie about the TS/SCI until it comes time to actually be cleared for 
work.  The "powers that be" will discover your lie before you ever emerge from 
the "leper colony" and your hopes of ever getting one at that point are headed 
down the drain.

Re: BBC reports Kenya fiber break

[Greg Ihnen]

On Feb 28, 2012, at 10:53 AM, Mike Andrews wrote:

> On Mon, Feb 27, 2012 at 10:20:10AM -0800, virendra rode wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>> 
>> On 02/27/2012 08:11 AM, Marshall Eubanks wrote:
>>> Is anyone seeing this ?
>>> 
>>> http://www.bbc.co.uk/news/world-africa-17179544
>>> 
>>> "East Africa's high-speed internet access has been severely disrupted
>>> after a ship dropped its anchor onto fibre-optic cables off Kenya's
>>> coast."
> 
> The ship was reported to have dropped anchor while in a restricted or
> prohibited area. These areas are _EXTREMELY_ well marked on charts. I can't
> see it being anything other than human or mechanical error: not checking if
> the ship is in a no-anchorage area, or the anchor chain wildcat brake _and_
> the anchor chain blocking device fail simultaneously, or watch officer
> totally mistakes the ship's location and orders the anchor to be let go.
> 
> -- 
> Mike Andrews, W5EGO
> mi...@mikea.ath.cx
> Tired old sysadmin 
> 

One more option:  engine or steering failure making dropping the hook an urgent 
necessity. What are the chances you'd hit a fiber-optic cable. ; - )

Greg

Re: dns and software, was Re: Reliable Cloud host ?

[Mark Andrews]

In message ,
 William Herrin writes:
> On Tue, Feb 28, 2012 at 4:06 PM, Mark Andrews  wrote:
> > DNS TTL works. =A0Applications that don't honour it arn't a indication th=
> at
> > it doesn't work.
> 
> Mark,
> 
> If three people died and the building burned down then the sprinkler
> system didn't work. It may have sprayed water, but it didn't *work*.

Not enough evidence to say if it worked or not.  Sprinkler systems
are designed to handle particular classes of fire, not every fire.

A 0 TTL means use this information for this transaction.  We don't
tear down TCP sessions on DNS TTL going to zero.

If one really want to deprecate addresses we need something a lot
more complicated than A and  records in the DNS.  We need stuff
like "use this address for new transactions", "this address is going
away soon, don't use it unless no other works".  One also has to use
multiple addresses at the same time.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Re: Programmers with network engineering skills

[Jeroen van Aart]

Jamie Bowden wrote:

Hey now...the time from zero to TS/SCI has gone from over half a decade to a 
mere quarter decade.  You can totally pay these guys to sit around doing drudge 
work while their skills atrophy in the interim.  Of course, if you need a poly 
on top, add some more time and stir continually while applying heat.


I didn't know what TS/SCI exactly stood for. So I did some thorough 
research (read: wikipedia, so if I am wrong please correct me :-) and I 
found this:

http://en.wikipedia.org/wiki/List_of_U.S._security_clearance_terms#SCI_eligibility

"In general, employees do not publish the individual compartments for 
which they are cleared. While this information is not classified, 
specific compartment listings may reveal sensitive information when 
correlated with an individual's resume. Therefore, it is sufficient to 
declare that a candidate possesses a TS/SCI clearance with a polygraph."


That sparked my interest. Did I miss something? One can lie about TS/CSI 
clearance and be believed as long as one can fool a lie detector? How 
safe is that? That strikes me as a bit odd.


http://en.wikipedia.org/wiki/Polygraph#Validity
"Polygraphy has little credibility among scientists.[22][23] Despite 
claims of 90-95% validity by polygraph advocates, and 95-100% by 
businesses providing polygraph services,[non-primary source needed] 
critics maintain that rather than a "test", the method amounts to an 
inherently unstandardizable interrogation technique whose accuracy 
cannot be established"


--
Earthquake Magnitude: 4.7
Date: Tuesday, February 28, 2012 23:18:51 UTC
Location: Iran-Iraq border region
Latitude: 32.4895; Longitude: 47.1147
Depth: 10.20 km

Re: FCoE/CNA Deployment w/ Nexus 5K, HP 580s, QLogic

[David Swafford]

The full SKU of the original cards was QLE8242-CU-CK (dual port copper).
 The replacements were the same, but SR instead of CU.  Here's a quick link
of detail on these cards --
http://www.qlogic.com/Resources/Documents/DataSheets/Adapters/Datasheet_8200_Series_Adapters.pdf
.

The copper cables/SFPs were Cisco's SFP-H10GB-CU5M and SFP-H10GB-CU3M,
which are listed on QLogic's list of approved cables:
http://www.qlogic.com/Resources/Documents/LineCards/Copper_Cables_Support_Matrix_Line_Card.pdf
.

I had a comment regarding the TCO of a Nexus 5548 w/ full SR SFPs vs.
copper  and yes, this is a significant cost increase, so be aware of that!
 Hopefully you're not paying retail for them :-), even w/ our discount it
was substantial.

David.



On Tue, Feb 28, 2012 at 5:38 PM, David Newman wrote:

> On 2/28/12 2:55 AM, David Swafford wrote:
>
> > Yeah, our vendors epically failed here!
>
> Were these QLogic 2400s or 2500s by any chance?
>
> https://admin.fedoraproject.org/updates/F15/FEDORA-2012-1863
>
> dn
>
>
>
>
>

Cisco ME3400

[Holmes,David A]

Anyone with advice on the ME3400 which some telcos use for Metro Ethernet Forum 
(MEF) services? Specifically looking for layer2 vs layer 3. At Layer 2 NNI/UNI 
vs dot1q qinq vs private VLANs. At Layer 3 multiple VRF CE/PE support. 
Specifically which connectivity options have been found to be most reliable and 
scalable.



  
This communication, together with any attachments or embedded links, is for the 
sole use of the intended recipient(s) and may contain information that is 
confidential or legally protected. If you are not the intended recipient, you 
are hereby notified that any review, disclosure, copying, dissemination, 
distribution or use of this communication is strictly prohibited. If you have 
received this communication in error, please notify the sender immediately by 
return e-mail message and delete the original and all copies of the 
communication, along with any attachments or embedded links, from your system.

Re: Time Warner Cable issues in Ohio ?

[Pete Carah]

On Feb 28, 2012, at 15:22, Randy Carpenter  wrote:

> 
> We're seeing some strange issues with our fiber connection to TWC in Ohio. 
> Intermittent packet loss to/from some IPs.
> 
> It gets as specific as from a certain IP outside our network, packets to 
> a.b.c.10 are fine, but pings to a.b.c.50 (same subnet of same netblock) lose 
> ~75% of the packets.
> 
> Likewise, from one of our IPs, connections are fine to a particular remote 
> host, but not to another host on the same network.
> 
> Connections to/from some other IPs (and some whole networks) are totally fine.
> 
> It almost seems that some piece of gear somewhere is barfing on packets that 
> have a particular set of bits in the source and/or destination address.
> 
LACP somewhere with a partial link failure?

-- Pete

Alaska peering

[Mehmet Akcin]

Hi

I have read there was a discussion in 2010 regarding an IX in Alaska and 
whether it existed.

seems like the most logical point to get to Alaska is Seattle. Is that still 
the case? Is there any peering point in Alaska? 

please contact me offlist if you know some colo / Internet service provider 
there.

thanks.

mehmet

Re: Time Warner Cable issues in Ohio ?

[Jonas Frey (Probe Networks)]

Sounds very much like an issue with a link aggregation.
Seen this a couple of times with various carriers...apparently
monitoring lag's isnt a top priority nowadays.
Try to find out which hop is causing the problems (do multiple
traceroute's or use mtr on affected and unaffected servers) and drop TWC
a mail.


Am Dienstag, den 28.02.2012, 18:22 -0500 schrieb Randy Carpenter:
> We're seeing some strange issues with our fiber connection to TWC in Ohio. 
> Intermittent packet loss to/from some IPs.
> 
> It gets as specific as from a certain IP outside our network, packets to 
> a.b.c.10 are fine, but pings to a.b.c.50 (same subnet of same netblock) lose 
> ~75% of the packets.
> 
> Likewise, from one of our IPs, connections are fine to a particular remote 
> host, but not to another host on the same network.
> 
> Connections to/from some other IPs (and some whole networks) are totally fine.
> 
> It almost seems that some piece of gear somewhere is barfing on packets that 
> have a particular set of bits in the source and/or destination address.
> 
> We have manually failed over to a backup connection, and are 100% fine now.
> 
> I just want to see if anyone has seen anything similar, or has any info. I am 
> on hold now waiting for someone at TWC.
> 
> thanks,
> -Randy
> 

Time Warner Cable issues in Ohio ?

[Randy Carpenter]

We're seeing some strange issues with our fiber connection to TWC in Ohio. 
Intermittent packet loss to/from some IPs.

It gets as specific as from a certain IP outside our network, packets to 
a.b.c.10 are fine, but pings to a.b.c.50 (same subnet of same netblock) lose 
~75% of the packets.

Likewise, from one of our IPs, connections are fine to a particular remote 
host, but not to another host on the same network.

Connections to/from some other IPs (and some whole networks) are totally fine.

It almost seems that some piece of gear somewhere is barfing on packets that 
have a particular set of bits in the source and/or destination address.

We have manually failed over to a backup connection, and are 100% fine now.

I just want to see if anyone has seen anything similar, or has any info. I am 
on hold now waiting for someone at TWC.

thanks,
-Randy

Re: FCoE/CNA Deployment w/ Nexus 5K, HP 580s, QLogic

[David Newman]

On 2/28/12 2:55 AM, David Swafford wrote:

> Yeah, our vendors epically failed here!  

Were these QLogic 2400s or 2500s by any chance?

https://admin.fedoraproject.org/updates/F15/FEDORA-2012-1863

dn

RE: Programmers with network engineering skills

[Brandt, Ralph]

I would hope that the working with the team aspect would have been have been 
handled BEFORE you spend time on this.  Let HR do it, then check if they did it 
right because they screw it up at times. I have been overridden twice in hiring 
decisions over the years by my boss.  Both of them lived to regret that action. 
 Both were unsuitable because the person had character and personality flaws 
that made them unsuitable for any job except working more than 20 miles from 
Ted Kaminski.  




Ralph Brandt
Communications Engineer
HP Enterprise Services
Telephone +1 717.506.0802
FAX +1 717.506.4358
Email ralph.bra...@pateam.com
5095 Ritter Rd
Mechanicsburg PA 17055


-Original Message-
From: Jeroen van Aart [mailto:jer...@mompl.net] 
Sent: Tuesday, February 28, 2012 4:05 PM
To: NANOG list
Subject: Re: Programmers with network engineering skills

John Mitchell wrote:
> 
> 
> I would wholeheartedly agree with this, but I believe its worse than 

> teaching process is one of learning to program like a monkey, monkey 
> see monkey do. People are no longer taught to think for themselves, but 
> instead taught to program in a specific language (PHP, Java, rarely C 
> or C++ any more, C#, or VB) and that is all they know. I don't believe 
> this is a failing with the lecturers but with the fundamental change in 
> attitudes to programming.

The story of Mel comes to mind (one of my favourite):

http://www.catb.org/jargon/html/story-of-mel.html
http://www.catb.org/jargon/html/R/Real-Programmer.html

> http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a 
> chance to show they can program rather than being able to tell me "I 
> know PHP" or "I know C", suprisingly very few newer programmers can 

I think someone being able to quickly understand brainfuck and write 
usable code in it may be smart, but I don't think it's necessarily a 
sure sign of a potentially productive employee that "fits well in the team".

Greetings,
Jeroen

-- 
Earthquake Magnitude: 3.5
Date: Tuesday, February 28, 2012 20:15:32 UTC
Location: Channel Islands region, California
Latitude: 33.9042; Longitude: -119.4195
Depth: 8.60 km

Re: dns and software, was Re: Reliable Cloud host ?

[William Herrin]

On Tue, Feb 28, 2012 at 4:06 PM, Mark Andrews  wrote:
> DNS TTL works.  Applications that don't honour it arn't a indication that
> it doesn't work.

Mark,

If three people died and the building burned down then the sprinkler
system didn't work. It may have sprayed water, but it didn't *work*.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: dns and software, was Re: Reliable Cloud host ?

[Mark Andrews]

In message ,
 William Herrin writes:
> On Tue, Feb 28, 2012 at 12:45 AM, Mark Andrews  wrote:
> >getaddrinfo was designed to be extensible as was struct
> >addrinfo.  Part of the problem with TTL is not [all] dat=
> a sources
> >used by getaddrinfo have TTL information.
> 
> Hi Mark,
> 
> By the time getaddrinfo replaced gethostbyname, NIS and similar
> systems were on their way out. It was reasonably well understood that
> many if not most of the calls would return information gained from the
> DNS. Depending on how you look at it, choosing not to propagate TTL
> knowledge was either a belligerent choice to continue disrespecting
> the DNS Time To Live or it was fatalistic acceptance that the DNS TTL
> isn't and would not become functional at the application level.

No.  Propogating TTL is still a issue especially when you do not always
have one.  You can't just wave the problem away.  As for DNS TTL addresses
are about the only thing which have multiple sources.  You also don't
have to use getaddrinfo.  It really is designed to be the first step in
connecting to a host.   If you need to reconnect you call it again.
 
> Still works fine deeper in the query system, timing out which server
> holds the records though.
> 
> 
> >Additionally for
> >many uses you want to reconnect to the same server rather
> >than the same name.
> 
> The SRV record was designed to solve that whole class of problems
> without damaging the operation of the TTL. No one uses it.

You don't need to know the TTL to use SRV.
 
> It's all really very unfortunate. The recipe for SOHO multihoming, the
> end of routing table bloat and IP roaming without pivoting off a home
> base all boils down to two technologies: (1) a layer 4 protocol that
> can dynamically rebind to the layer 3 IP address the same way IP uses
> ARP to rebind to a changing ethernet MAC and (2) a DNS TTL that
> actually works so that the DNS supports finding a connection's current
> IP address.

DNS TTL works.  Applications that don't honour it arn't a indication that
it doesn't work.
 
> Regards,
> Bill Herrin
> 
> -- 
> William D. Herrin  her...@dirtside.com  b...@herrin.us
> 3005 Crane Dr. .. Web: 
> Falls Church, VA 22042-3004
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Re: Programmers with network engineering skills

[Jeroen van Aart]

John Mitchell wrote:



I would wholeheartedly agree with this, but I believe its worse than 


teaching process is one of learning to program like a monkey, monkey 
see monkey do. People are no longer taught to think for themselves, but 
instead taught to program in a specific language (PHP, Java, rarely C 
or C++ any more, C#, or VB) and that is all they know. I don't believe 
this is a failing with the lecturers but with the fundamental change in 
attitudes to programming.


The story of Mel comes to mind (one of my favourite):

http://www.catb.org/jargon/html/story-of-mel.html
http://www.catb.org/jargon/html/R/Real-Programmer.html

http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a 
chance to show they can program rather than being able to tell me "I 
know PHP" or "I know C", suprisingly very few newer programmers can 


I think someone being able to quickly understand brainfuck and write 
usable code in it may be smart, but I don't think it's necessarily a 
sure sign of a potentially productive employee that "fits well in the team".


Greetings,
Jeroen

--
Earthquake Magnitude: 3.5
Date: Tuesday, February 28, 2012 20:15:32 UTC
Location: Channel Islands region, California
Latitude: 33.9042; Longitude: -119.4195
Depth: 8.60 km

Re: Programmers with network engineering skills

[George Herbert]

On Tue, Feb 28, 2012 at 11:21 AM, Lamar Owen  wrote:
> On Monday, February 27, 2012 07:53:07 PM William Herrin wrote:
>> .../SCI clearance.
>>
>> The clearance is killing me. The two generalists didn't have a
>> clearance and the cleared applicants are programmers or admins but
>> never both.
>
> I just about spewed my chai tea seeing 'SCI' and 'generalist' in the same 
> post... isn't that mutually exclusive?

There's a difference between the TS/SCI clearance - and SCI
compartmentalization security model for secure projects or information
- and whether you need a generalist programmer / network programmer to
solve the problem within the compartment or a specialist.

One can have very generalist problems within a very narrowly defined
security compartment.

One of my main hobbies, if done as a day job, would require TS/SCI
clearance plus an additional level; it requires about 8 or 9 major
scientific and engineering disciplines to master.


-- 
-george william herbert
george.herb...@gmail.com

Re: Reliable Cloud host ?

[david raistrick]

On Tue, 28 Feb 2012, Owen DeLong wrote:


But they don't have to... They can simply use getaddrinfo()/getnameinfo()
and let the OS libraries do it. The fact that some applications choose to
use their own resolvers instead of system libraries is what is broken.


Not always true - firewall software, for example, generally requires IP 
addresses in their rules (ipfw, pfsense, iptables, at least a few years 
ago) and for validly sane reasons (even some of our best kernel guys were 
not crazy enough to change that for ipfw).



Proxy software that supports high connection rates and connection churn 
generally prefer to cache the IP address internally because OS resolvers 
and the caches they read from just can't keep up [except in specificly 
well designed systems - which proxy developers can't expect blow joe to 
know how to do].  A stress test tool I'm working with just had to be 
modified for exactly that reason (and because adding more caches in front 
of AWS semiauthorative caches (due to split horizon) wouldn't solve 
anything.  a short TTL is a short TTL is a short TTL).


Some of those proxy developers claim that within the chrootwhatchamajiggy 
that their socket handling code runs they don't have access to the 
resolvers - so they have to store them at startup (see haproxy).




--
david raistrickhttp://www.netmeister.org/news/learn2quote.html
dr...@icantclick.org http://www.expita.com/nomime.html

Re: Programmers with network engineering skills

[Lamar Owen]

On Tuesday, February 28, 2012 09:03:33 AM John Mitchell wrote:
> One of the tests I give all interviewees is write a very short program 
> in a language they have never ever used before 

I typically recommend either Intercal, or one of various assembler languages 
that are out of date (well, not really out of date, but out of date for 
mainstream computing.  My old TRS-80 Z80 assembler skills come in handy when 
playing around with certain DVD drives' firmware, since a Z80 variant is used 
in many such drives).  Make 'em do something in 6502 that absolutely has to use 
page zero stuff, or in Z80 where a block instruction would be the best way to 
accomplish a task.  Or maybe handcoded ia64, or MIPS, the 6502's 
godgrandchildren

Object shmobject, let me see the bytes!

And if they choose to try it in Intercal, they have to use at least two COME 
FROM statements.  In a 'Hello World' type program (of course, 'Hello World' in 
Intercal is, well, interesting, and reads like an obfuscated perl contest 
entry.  The point being, if you can make something useful happen in Intercal, 
you can probably do something useful in a sane language.

The skills I'm looking for are simple: be able to think sideways, and on your 
feet, with unfamiliar tools if necessary.  That is, be a quick study who 
doesn't cringe at any language, tool, toolkit, or technique that might need to 
be used.

Re: Reliable Cloud host ?

[Owen DeLong]

On Feb 28, 2012, at 10:22 AM, William Herrin wrote:

> On Tue, Feb 28, 2012 at 9:02 AM, Jared Mauch  wrote:
>> On Feb 27, 2012, at 2:53 PM, valdis.kletni...@vt.edu wrote:
>>> On Mon, 27 Feb 2012 14:02:04 EST, William Herrin said:
>>> 
 The net result is that when you switch the IP address of your server,
 a percentage of your users (declining over time) will be unable to
 access it for hours, days, weeks or even years regardless of the DNS
 TTL setting.
>>> 
>>> Amen brother.
>>> 
>>> So just for grins, after seeing William's I set up a listener on an address
>>> that had an NTP server on it many moons ago. As in the machine was shut down
>>> around 2002/06/30 22:49 and we didn't re-assign the IP address ever since
>>> *because* it kept getting hit with NTP packets..  Yes, a decade ago.
>>> 
>>> In the first 15 minutes, 234 different IP's have tried to NTP to that 
>>> address.
>> 
>> I hereby reject the principle that one can not renumber a
>> host/name and move it.
>> I reject the idea that you can't move a service, or have one
>> MX, DNS, etc.. host be down and have it be fatal without
>> something else being SERIOUSLY broken.  If you are right,
>> nobody could ever renumber anything ever, nor take a
>> service down ever in the most absolute terms.
> 
> Something else IS seriously broken. Several something elses actually:
> 
> 1. DNS TTL at the application boundary, due in part to...

DNS TTL shouldn't make it to the application boundary...
> 
> 2. Pushing the name to layer 3 address mapping process up from layer 4
> to layer 7 where each application has to (incorrectly) reinvent the
> process, and...

But they don't have to... They can simply use getaddrinfo()/getnameinfo()
and let the OS libraries do it. The fact that some applications choose to
use their own resolvers instead of system libraries is what is broken.

> 3. A layer 4 protocol which overloads the layer 3 address as an
> inseverable component of its transport identifier.
> 
> Even stuff like SMTP which took care to respect the DNS TTL in its own
> standards gets busted at the back end: too many antispam process
> components rely on the source IP address, crushing large scale servers
> that suddenly appear, transmitting large amounts of email from a fresh
> IP address.

I think this is orthogonal to DNS TTL issues.

> Shockingly enough we have a strongly functional network despite this
> brokenness. But, it's broken all the same and renumbering is majorly
> impaired as a consequence.
> 

In my experience, the biggest hurdle to renumbering has nothing to do with DNS,
DNS TTLs, respect or failure to respect them, etc.

In my experience the biggest renumbering challenges come from the number of 
configuration
files which contain your IP addresses yet are not under your control.
VPNs (the configuration at the far side of the VPN)
Firewalls (vendors, clients, etc. that have put your IP addresses into 
exceptions)
Router configurations (vendors, clients, etc. that have special routing 
policy to reach you)
etc.

These are the things that make renumbering hard. The DNS stuff is usually 
fairly trivial to work around with a little time and planning.

> 
> Renumbering in light of these issues isn't impossible. An overlap
> period is required in which both old and new addresses are operable.

That's desirable even if you have a 5 second TTL and everyone did honor it.

> The duration of that overlap period is not defined by the the protocol
> itself. Rather, it varies with the tolerable level or residual
> brokenness, literally how many nines of users should be operating on
> the new address before the old address can go away.

There is some truth to that. The combination of applications having their
own (broken) resolver libraries and operating systems that provide even
more broken resolvers (thanks, Redmond) has made this a bigger challenge
than it should be. The ideal solution is to go back to using the OS resolver
libraries and fix them.

Best of luck actually achieving that.

Owen

Re: Programmers with network engineering skills

[Lamar Owen]

On Monday, February 27, 2012 05:14:00 PM Owen DeLong wrote:
> Who is a strong network engineer
> Who has been a professional software engineer (though many years ago and my 
> skills are rusty
>   and out of date)

Owen, you nailed it here.  Even the ACM recognizes that a 'Software Engineer' 
and a 'Computer Scientist' are different animals (ACM recognizes five 'computer 
related' degree paths with unique skill maps: Computer Engineering, Computer 
Science, Software Engineering, Information Services, and Information 
Technology; see https://www.acm.org/education/curricula-recommendations for 
more details).

A true 'network engineer' will have a different mindset and different focus 
than a 'Computer Scientist' who has all the theoretical math skills that a 
Computer Scientist needs (a reply to one of my recent posts mentioned that 
math, and was somewhat derogatory about engineers and timeliness, but I 
digress). 

Coding and development can bridge across the differences; but it is very useful 
to understand some of the very basic differences in mindset, and apply that to 
the position being sought.  

It boils down to whether the OP wants strong engineering skills with the 
accompanying mindset, or strong CS skills with the accompanying mindset.  Given 
the other clearance issues, I would be more inclined to say that the OP would 
want a 'Software Engineer' with some network engineering skills rather than a 
CS grad with some network guy skills.  It's a different animal, and software 
engineering teaches change control and configuration management at a different 
depth than the typical CS track will do (and that sort of thing would be 
required in such a cleared environment).  On the flip side, that same 'Software 
Engineer' isn't nearly as steeped in CS fundamentals of algorithms and the 
associated math.

Re: Programmers with network engineering skills

[Peter Kristolaitis]

Education in theoretical concepts is definitely a problem in general, 
but I've found it's particularly noticeable in the technology field 
which has become increasingly commercialized (or commoditized);  where 
once a "sysadmin" was a long-running process, grown from a person with 
the mindset of "how does this work?" and "let's build cool stuff!", 
eventually culminating in someone who knew operating systems, 
networking, and programming inside out (see: "UNIX greybeard" types), 
nowadays people haul off to a 5 day course in "Advanced System 
Administration(TM)", write a certificate exam or 15, and call themselves 
a "sysadmin".


There still are people with the "greybeard" mentality -- all of the very 
best sysadmins I know are of this type, and many know real programming 
(that is, data structures, algorithms, etc) better than the 
mass-produced developers our there -- but unfortunately, they're 
relatively rare, and usually very hard to recruit.   You have to have a 
very interesting project first and foremost -- salary is important, but 
building new, cool stuff is usually the #1 factor for top-notch 
generalists.


- Pete


On 12-02-28 01:51 PM, Owen DeLong wrote:

This problem is not limited to programming.

Education in general has moved from teaching conceptual knowledge
re-inforced by practical examples and exercises to teaching methodological
and/or procedural knowledge without any effort to convey concepts.

It's much like the difference between teaching a man to buy a fish using
cash vs. teaching a man more generalized economic skills and money
management.

In the former case, you get a man who can eat fish as long as he still
has some cash. In the latter case, you get a man who can keep cash
coming in and use it to obtain a varied diet and other things he may
want.

Today, the indoctrination mills (hard to call them education centers
at this point) churn out people who are good at repeating the same
process and solving the same problems over and over.

Unfortunately, when faced with a problem that doesn't look like something
from their text book, they either become completely lost or they take
the hammer approach (when the only tool you have is a hammer, every
problem looks like a nail).

I'm not sure how to solve this. Teaching methodologically is much much
faster than teaching conceptually and the endemic lack of patience makes it
hard to get people to sit still long enough to learn conceptually.

Owen

On Feb 28, 2012, at 6:03 AM, John Mitchell wrote:




I would wholeheartedly agree with this, but I believe its worse than
just that. I used to categorize myself as a full developer, now I'm
slightly ashamed to be tainted with that brush since there's so many
people using the term who don't know the first thing about programming.

It used to be that when you were taught programming, you were taught
concepts (when to use a for loop, while loop, Boolean algebra), then
you built on the foundations by learning advanced concepts  (data
structures, how to program concurrently using semaphores etc etc), you
would then pick some optional classes to make up for some non
programming specific knowledge (networking, linux admin, etc etc).

I now have a lot of friends who work in academia and they are worried
by a decline (as am I when trying to hire new talent). Currently the
teaching process is one of learning to program like a monkey, monkey
see monkey do. People are no longer taught to think for themselves, but
instead taught to program in a specific language (PHP, Java, rarely C
or C++ any more, C#, or VB) and that is all they know. I don't believe
this is a failing with the lecturers but with the fundamental change in
attitudes to programming.

One of the tests I give all interviewees is write a very short program
in a language they have never ever used before ( personally I recommend
http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a
chance to show they can program rather than being able to tell me "I
know PHP" or "I know C", suprisingly very few newer programmers can
make it through, or even try it, because the concept of thinking for
themselves is so last year.



On 27 February 2012 20:02:13, Brandt, Ralph wrote:

Generalists are hard to come by these days. They are people who learn
less and less about more and more till they know nothing about
everything. People today are specializing in the left and right halves
of the bytes  They learn more and more about less and less till they
know everything about nothing.  And BTW, they are worthless unless you
have five of them working on a problem because none of them know enough
to fix it.  Worse, you can replace the word five with fifty and it may
be still true.

I know of three of these, all gainfully employed at this time and could
each find at least a couple jobs if they wanted.  I am one, my son is
two and a guy we worked with is the third.

At one time (40 years ago) the mantra in IS was train for expertise, now
it is hire f

Re: Programmers with network engineering skills

[Jeroen van Aart]

Mike Hale wrote:

If you're located in a major city, I'm sure you can find a community
college that has a networking certificate program you can send your
developer to, along with an in-house training program.


Oh come on!!!1
Investing in your employee by sending them out to courses, for crying 
out loud, that's way too practical and effective to even consider.


And to add insult to injury you suggest a low cost alternative such as a 
community college. If an employer was going to do such an outrageous 
thing as sending an employee to a course at least let it be an 
overpriced corporate course. Gees.




--
Earthquake Magnitude: 3.0
Date: Tuesday, February 28, 2012 19:17:34 UTC
Location: Northern California
Latitude: 40.2860; Longitude: -124.3183
Depth: 19.90 km

Re: Programmers with network engineering skills

[Lamar Owen]

On Monday, February 27, 2012 07:53:07 PM William Herrin wrote:
> .../SCI clearance.
> 
> The clearance is killing me. The two generalists didn't have a
> clearance and the cleared applicants are programmers or admins but
> never both.

I just about spewed my chai tea seeing 'SCI' and 'generalist' in the same 
post... isn't that mutually exclusive?

Re: Programmers with network engineering skills

[Owen DeLong]

This problem is not limited to programming.

Education in general has moved from teaching conceptual knowledge
re-inforced by practical examples and exercises to teaching methodological
and/or procedural knowledge without any effort to convey concepts.

It's much like the difference between teaching a man to buy a fish using
cash vs. teaching a man more generalized economic skills and money
management.

In the former case, you get a man who can eat fish as long as he still
has some cash. In the latter case, you get a man who can keep cash
coming in and use it to obtain a varied diet and other things he may
want.

Today, the indoctrination mills (hard to call them education centers
at this point) churn out people who are good at repeating the same
process and solving the same problems over and over.

Unfortunately, when faced with a problem that doesn't look like something
from their text book, they either become completely lost or they take
the hammer approach (when the only tool you have is a hammer, every
problem looks like a nail).

I'm not sure how to solve this. Teaching methodologically is much much
faster than teaching conceptually and the endemic lack of patience makes it
hard to get people to sit still long enough to learn conceptually.

Owen

On Feb 28, 2012, at 6:03 AM, John Mitchell wrote:

> 
> 
> I would wholeheartedly agree with this, but I believe its worse than 
> just that. I used to categorize myself as a full developer, now I'm 
> slightly ashamed to be tainted with that brush since there's so many 
> people using the term who don't know the first thing about programming.
> 
> It used to be that when you were taught programming, you were taught 
> concepts (when to use a for loop, while loop, Boolean algebra), then 
> you built on the foundations by learning advanced concepts  (data 
> structures, how to program concurrently using semaphores etc etc), you 
> would then pick some optional classes to make up for some non 
> programming specific knowledge (networking, linux admin, etc etc).
> 
> I now have a lot of friends who work in academia and they are worried 
> by a decline (as am I when trying to hire new talent). Currently the 
> teaching process is one of learning to program like a monkey, monkey 
> see monkey do. People are no longer taught to think for themselves, but 
> instead taught to program in a specific language (PHP, Java, rarely C 
> or C++ any more, C#, or VB) and that is all they know. I don't believe 
> this is a failing with the lecturers but with the fundamental change in 
> attitudes to programming.
> 
> One of the tests I give all interviewees is write a very short program 
> in a language they have never ever used before ( personally I recommend 
> http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a 
> chance to show they can program rather than being able to tell me "I 
> know PHP" or "I know C", suprisingly very few newer programmers can 
> make it through, or even try it, because the concept of thinking for 
> themselves is so last year.
> 
> 
> 
> On 27 February 2012 20:02:13, Brandt, Ralph wrote:
>> Generalists are hard to come by these days. They are people who learn
>> less and less about more and more till they know nothing about
>> everything. People today are specializing in the left and right halves
>> of the bytes  They learn more and more about less and less till they
>> know everything about nothing.  And BTW, they are worthless unless you
>> have five of them working on a problem because none of them know enough
>> to fix it.  Worse, you can replace the word five with fifty and it may
>> be still true. 
>> 
>> I know of three of these, all gainfully employed at this time and could
>> each find at least a couple jobs if they wanted.  I am one, my son is
>> two and a guy we worked with is the third. 
>> 
>> At one time (40 years ago) the mantra in IS was train for expertise, now
>> it is hire for it.  Somewhere there has to be a happy medium.  I suggest
>> this, find a good coder, not a mediocre who writes shit code but a good
>> one who can think and learn and when you talk about branching out with
>> his skill set he or she lights up.  His first thing on site is take the
>> A+ networking course.  
>> 
>> No, I do not sell the courses.  But I have seen this kind of approach
>> work when nothing else was.
>> 
>> 
>> 
>> 
>> Ralph Brandt
>> Communications Engineer
>> HP Enterprise Services
>> Telephone +1 717.506.0802
>> FAX +1 717.506.4358
>> Email ralph.bra...@pateam.com
>> 5095 Ritter Rd
>> Mechanicsburg PA 17055
>> 
>> -Original Message-
>> From: A. Pishdadi [mailto:apishd...@gmail.com] 
>> Sent: Sunday, February 26, 2012 8:27 PM
>> To: NANOG
>> Subject: Programmers with network engineering skills
>> 
>> Hello All,
>> 
>> i have been looking for quite some time now a descent coder (c,php) who
>> has
>> a descent amount of system admin / netadmin experience. Doesn't
>> necessarily
>> need to be an expert at network engin

Re: Programmers with network engineering skills

[Owen DeLong]

While what you say is true (heck, I'm one of them), my point is that a great 
many
network engineers have relatively strong programming backgrounds and if you
could convince one of them to go back to writing code (sufficiently interesting
project and/or right $$) you'd probably have better luck than finding a 
programmer
that has networking skills.

Owen

On Feb 28, 2012, at 5:18 AM, Brandt, Ralph wrote:

> Owen, I can only say it is my opinion, based on some years of experience
> and working with people who have come from both sides.  I have seen more
> people successfully move from programming to networking than the
> reverse.
> 
> 
> Ralph Brandt
> Communications Engineer
> HP Enterprise Services
> Telephone +1 717.506.0802
> FAX +1 717.506.4358
> Email ralph.bra...@pateam.com
> 5095 Ritter Rd
> Mechanicsburg PA 17055
> 
> 
> -Original Message-
> From: Owen DeLong [mailto:o...@delong.com] 
> Sent: Monday, February 27, 2012 5:14 PM
> To: david raistrick
> Cc: Brandt, Ralph; NANOG
> Subject: Re: Programmers with network engineering skills
> 
> 
> On Feb 27, 2012, at 12:31 PM, david raistrick wrote:
> 
>> On Mon, 27 Feb 2012, Owen DeLong wrote:
>> 
>>> I think you're more likely to find a network engineer with (possibly
> limited)
>>> programming skills.
>> 
>> While I'll agree about the more likely, if I needed a coder who had a
> firm grasp of networking I'd rather teach a good coder networking, than
> try to teach the art and magic of good development to a network guy.
>> 
> 
> Well, I won't call myself a hard-core coder, but, I think I have a
> reasonable grasp on the art and magic of good development. What I mostly
> lack is speed and efficiency in the language of choice for whatever
> project. I can write good code, it just takes me longer than it would
> take a hard-core coder.
> 
> OTOH, having done both, I would say that I think you are not necessarily
> correct about which direction of teaching is harder. Yes, if you start
> with a network engineer that knows nothing about writing code or doesn't
> understand the principles of good coding, you're probably right.
> However, starting with a network engineer that can write decent code
> slowly, I think you will get a better result in most cases than if you
> try to teach network engineering to a hard-core coder that has only a
> minimal understanding of networking.
> 
>> I think it really comes down to which you need: a hardcore network
> engineer/architect who can hack up code, or a hardcore developer who has
> or can obtain enough of a grasp of networking fundementals and specifics
> to build you the software you need him to develop.
>> 
> 
> I'm guessing that someone who needed a hard-core developer that could
> grasp fundamentals would have grabbed an existing coder and handed him a
> copy of Comer.
> 
> The fact that this person posted to NANOG instead implies to me that he
> needs someone that has a better grasp than just the fundamentals.
> 
> Of course I am speculating about that and I could be wrong.
> 
>> The ones who already know both ends extremely well are going to be
> -very- hard to find, but finding one who can learn enough of the other
> to accomplish what you need shouldn't be hard at all.
>> 
> 
> Depends on what you need. However, I think it's faster to go from
> limited coding skills with a good basis in the fundamentals to usable
> development than to go from limited networking skills to a firm grasp on
> how networks behave in the real world. To the best of my knowledge,
> nothing but experience will teach you the latter. Even with 20+ years
> experience networks do still occasionally manage to surprise me.
> 
>> ...d (who is not exactly the former though I've played one for TV, and
> not at all the later)
> 
> I am admittedly lost given the three choices as to which constitutes
> former or latter at this point.
> 
> 1.Strong coder with limited networking
> 2.Strong networker with limited coding
> 3.Strong in both
> 
> Owen
> Who is a strong network engineer
> Who has been a professional software engineer (though many years ago and
> my skills are rusty
>   and out of date)

Re: Reliable Cloud host ?

[Valdis . Kletnieks]

On Tue, 28 Feb 2012 09:02:00 EST, Jared Mauch said:

> Sometimes you have to break the service worse for people to repair it.

I broke it a decade ago, I think I can pretty much give up on expecting people 
to
repair it. :)


pgpBAyxDj9y8X.pgp
Description: PGP signature

Re: Reliable Cloud host ?

[William Herrin]

On Tue, Feb 28, 2012 at 9:02 AM, Jared Mauch  wrote:
> On Feb 27, 2012, at 2:53 PM, valdis.kletni...@vt.edu wrote:
>> On Mon, 27 Feb 2012 14:02:04 EST, William Herrin said:
>>
>>> The net result is that when you switch the IP address of your server,
>>> a percentage of your users (declining over time) will be unable to
>>> access it for hours, days, weeks or even years regardless of the DNS
>>> TTL setting.
>>
>> Amen brother.
>>
>> So just for grins, after seeing William's I set up a listener on an address
>> that had an NTP server on it many moons ago. As in the machine was shut down
>> around 2002/06/30 22:49 and we didn't re-assign the IP address ever since
>> *because* it kept getting hit with NTP packets..  Yes, a decade ago.
>>
>> In the first 15 minutes, 234 different IP's have tried to NTP to that 
>> address.
>
> I hereby reject the principle that one can not renumber a
> host/name and move it.
> I reject the idea that you can't move a service, or have one
> MX, DNS, etc.. host be down and have it be fatal without
> something else being SERIOUSLY broken.  If you are right,
> nobody could ever renumber anything ever, nor take a
> service down ever in the most absolute terms.

Something else IS seriously broken. Several something elses actually:

1. DNS TTL at the application boundary, due in part to...

2. Pushing the name to layer 3 address mapping process up from layer 4
to layer 7 where each application has to (incorrectly) reinvent the
process, and...

3. A layer 4 protocol which overloads the layer 3 address as an
inseverable component of its transport identifier.

Even stuff like SMTP which took care to respect the DNS TTL in its own
standards gets busted at the back end: too many antispam process
components rely on the source IP address, crushing large scale servers
that suddenly appear, transmitting large amounts of email from a fresh
IP address.


Shockingly enough we have a strongly functional network despite this
brokenness. But, it's broken all the same and renumbering is majorly
impaired as a consequence.


Renumbering in light of these issues isn't impossible. An overlap
period is required in which both old and new addresses are operable.
The duration of that overlap period is not defined by the the protocol
itself. Rather, it varies with the tolerable level or residual
brokenness, literally how many nines of users should be operating on
the new address before the old address can go away.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Programmers with network engineering skills

[Keegan Holley]

+1 on both.  Senior network guys learn programming/scripting as a way to
automate configuration and deal with large amounts of data.  It's an
enhancement for us and most network people are willing to expand their
programming skills given the time.  On the other hand there are way too
many jobs where programmers can just be programmers for many of them to be
interested in expanding their networking skills even if they have prior
experience.  If they become interested in the "hardware" world they usually
go toward systems administrator and OS's.  Some of them are big enough
geeks to want to learn both or all three, but those are few and far
between.  It's very likely that such programmers frequent this list so
hopefully I won't get flamed for posting this.  EIther way it's just
semantics, but it is generally easier to find a network guy that wants to
learn how to program or get better at it than to find a programmer who is
dying to learn about networking.  Not sure if I agree with the opinion
about generalists.  There are alot of people who view technology as both a
job and a hobby and become experts in what pays their bills and then slowly
learn something about everything via osmosis.  There are alot of people
that never saw a book or trade rag they didn't like.


2012/2/27 Owen DeLong 

> I think you're more likely to find a network engineer with (possibly
> limited)
> programming skills.
>
> That's certainly where I would categorize myself.
>
> Owen
>
> On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
>
> > Generalists are hard to come by these days. They are people who learn
> > less and less about more and more till they know nothing about
> > everything. People today are specializing in the left and right halves
> > of the bytes  They learn more and more about less and less till they
> > know everything about nothing.  And BTW, they are worthless unless you
> > have five of them working on a problem because none of them know enough
> > to fix it.  Worse, you can replace the word five with fifty and it may
> > be still true.
> >
> > I know of three of these, all gainfully employed at this time and could
> > each find at least a couple jobs if they wanted.  I am one, my son is
> > two and a guy we worked with is the third.
> >
> > At one time (40 years ago) the mantra in IS was train for expertise, now
> > it is hire for it.  Somewhere there has to be a happy medium.  I suggest
> > this, find a good coder, not a mediocre who writes shit code but a good
> > one who can think and learn and when you talk about branching out with
> > his skill set he or she lights up.  His first thing on site is take the
> > A+ networking course.
> >
> > No, I do not sell the courses.  But I have seen this kind of approach
> > work when nothing else was.
> >
> >
> >
> >
> > Ralph Brandt
> > Communications Engineer
> > HP Enterprise Services
> > Telephone +1 717.506.0802
> > FAX +1 717.506.4358
> > Email ralph.bra...@pateam.com
> > 5095 Ritter Rd
> > Mechanicsburg PA 17055
> >
> > -Original Message-
> > From: A. Pishdadi [mailto:apishd...@gmail.com]
> > Sent: Sunday, February 26, 2012 8:27 PM
> > To: NANOG
> > Subject: Programmers with network engineering skills
> >
> > Hello All,
> >
> > i have been looking for quite some time now a descent coder (c,php) who
> > has
> > a descent amount of system admin / netadmin experience. Doesn't
> > necessarily
> > need to be an expert at network engineering but being acclimated in
> > understanding the basic fundamentals of networking. Understanding basic
> > routing concepts, how to diagnose using tcpdump / pcap, understanding
> > subnetting and how bgp works (not necessarily setting up bgp). I've
> > posted
> > job listings on the likes of dice and monster and have not found any
> > good
> > canidates, most of them ASP / Java guys.
> >
> > If anyone can point me to a site they might recommend for job postings
> > or
> > know of any consulting firms that might provide these services that
> > would
> > be greatly appreciated.
>
>
>
>

RE: Programmers with network engineering skills

[Jamie Bowden]

William Herrin [mailto:b...@herrin.us]
> On Mon, Feb 27, 2012 at 3:22 PM, Owen DeLong  wrote:
> > On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
> >> Generalists are hard to come by these days.
> >
> > I think you're more likely to find a network engineer with (possibly
> limited)
> > programming skills.
> 
> I wish. For the past three months I've been trying to find a network
> engineer with a deep TCP/IP protocol understanding, network security
> expertise, some Linux experience, minor programming skill with sockets
> and a TS/SCI clearance.
> 
> The clearance is killing me. The two generalists didn't have a
> clearance and the cleared applicants are programmers or admins but
> never both.

Hey now...the time from zero to TS/SCI has gone from over half a decade to a 
mere quarter decade.  You can totally pay these guys to sit around doing drudge 
work while their skills atrophy in the interim.  Of course, if you need a poly 
on top, add some more time and stir continually while applying heat.

Jamie

Re: BBC reports Kenya fiber break

[Mike Andrews]

On Mon, Feb 27, 2012 at 10:20:10AM -0800, virendra rode wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> 
> On 02/27/2012 08:11 AM, Marshall Eubanks wrote:
> > Is anyone seeing this ?
> > 
> > http://www.bbc.co.uk/news/world-africa-17179544
> > 
> > "East Africa's high-speed internet access has been severely disrupted
> > after a ship dropped its anchor onto fibre-optic cables off Kenya's
> > coast."

The ship was reported to have dropped anchor while in a restricted or
prohibited area. These areas are _EXTREMELY_ well marked on charts. I can't
see it being anything other than human or mechanical error: not checking if
the ship is in a no-anchorage area, or the anchor chain wildcat brake _and_
the anchor chain blocking device fail simultaneously, or watch officer
totally mistakes the ship's location and orders the anchor to be let go.

-- 
Mike Andrews, W5EGO
mi...@mikea.ath.cx
Tired old sysadmin 

Re: Programmers with network engineering skills

[Ray Soucy]

The right tool for the right job.

PHP (and the LAMP stack) can result in very quick development of systems
that will run on any vanilla Linux server.  In my experience, that has
turned out to be a huge benefit.

If you have a developer who knows C well, then they will more than likely
be able to use PHP properly.  I use both C and PHP myself, and have no
conflict.  I think they compliment each other nicely.  C for performance,
PHP for web applications or quick scrips.

C# and any .NET language on the other hand . . . now /that/ I question.




; )




On Tue, Feb 28, 2012 at 1:21 AM, Noon Silk  wrote:

> On Mon, Feb 27, 2012 at 12:27 PM, A. Pishdadi  wrote:
> > Hello All,
> >
> > i have been looking for quite some time now a descent coder (c,php) who
> has
>
> Just a practical comment here; part of your problem may be offering c
> and php together. I don't want to start a war, but I know that at the
> very least all the c programmers I know would considered php to be ...
> "horribly offensive". So, maybe seperating out these two roles (c and
> php programming) will help you.
>
> It is definitely true (speaking as a programmer, C# for several years)
> that seeing +PHP would instantly turn me off. Further, I'm sure that
> almost anyone who is still programming in c these days would have the
> level of networking knowledge you care about (and can train on top
> of).
>
>
> > a descent amount of system admin / netadmin experience. Doesn't
> necessarily
> > need to be an expert at network engineering but being acclimated in
> > understanding the basic fundamentals of networking. Understanding basic
> > routing concepts, how to diagnose using tcpdump / pcap, understanding
> > subnetting and how bgp works (not necessarily setting up bgp). I've
> posted
> > job listings on the likes of dice and monster and have not found any good
> > canidates, most of them ASP / Java guys.
> >
> > If anyone can point me to a site they might recommend for job postings or
> > know of any consulting firms that might provide these services that would
> > be greatly appreciated.
>
> --
> Noon Silk
>
> Fancy a quantum lunch? https://sites.google.com/site/quantumlunch/
>
> "Every morning when I wake up, I experience an exquisite joy — the joy
> of being this signature."
>
>


-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/

Re: Programmers with network engineering skills

[John Mitchell]

I would wholeheartedly agree with this, but I believe its worse than 
just that. I used to categorize myself as a full developer, now I'm 
slightly ashamed to be tainted with that brush since there's so many 
people using the term who don't know the first thing about programming.

It used to be that when you were taught programming, you were taught 
concepts (when to use a for loop, while loop, Boolean algebra), then 
you built on the foundations by learning advanced concepts  (data 
structures, how to program concurrently using semaphores etc etc), you 
would then pick some optional classes to make up for some non 
programming specific knowledge (networking, linux admin, etc etc).

I now have a lot of friends who work in academia and they are worried 
by a decline (as am I when trying to hire new talent). Currently the 
teaching process is one of learning to program like a monkey, monkey 
see monkey do. People are no longer taught to think for themselves, but 
instead taught to program in a specific language (PHP, Java, rarely C 
or C++ any more, C#, or VB) and that is all they know. I don't believe 
this is a failing with the lecturers but with the fundamental change in 
attitudes to programming.

One of the tests I give all interviewees is write a very short program 
in a language they have never ever used before ( personally I recommend 
http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a 
chance to show they can program rather than being able to tell me "I 
know PHP" or "I know C", suprisingly very few newer programmers can 
make it through, or even try it, because the concept of thinking for 
themselves is so last year.



On 27 February 2012 20:02:13, Brandt, Ralph wrote:
> Generalists are hard to come by these days. They are people who learn
> less and less about more and more till they know nothing about
> everything. People today are specializing in the left and right halves
> of the bytes  They learn more and more about less and less till they
> know everything about nothing.  And BTW, they are worthless unless you
> have five of them working on a problem because none of them know enough
> to fix it.  Worse, you can replace the word five with fifty and it may
> be still true. 
>
> I know of three of these, all gainfully employed at this time and could
> each find at least a couple jobs if they wanted.  I am one, my son is
> two and a guy we worked with is the third. 
>
> At one time (40 years ago) the mantra in IS was train for expertise, now
> it is hire for it.  Somewhere there has to be a happy medium.  I suggest
> this, find a good coder, not a mediocre who writes shit code but a good
> one who can think and learn and when you talk about branching out with
> his skill set he or she lights up.  His first thing on site is take the
> A+ networking course.  
>
> No, I do not sell the courses.  But I have seen this kind of approach
> work when nothing else was.
>
>
>
>
> Ralph Brandt
> Communications Engineer
> HP Enterprise Services
> Telephone +1 717.506.0802
> FAX +1 717.506.4358
> Email ralph.bra...@pateam.com
> 5095 Ritter Rd
> Mechanicsburg PA 17055
>
> -Original Message-
> From: A. Pishdadi [mailto:apishd...@gmail.com] 
> Sent: Sunday, February 26, 2012 8:27 PM
> To: NANOG
> Subject: Programmers with network engineering skills
>
> Hello All,
>
> i have been looking for quite some time now a descent coder (c,php) who
> has
> a descent amount of system admin / netadmin experience. Doesn't
> necessarily
> need to be an expert at network engineering but being acclimated in
> understanding the basic fundamentals of networking. Understanding basic
> routing concepts, how to diagnose using tcpdump / pcap, understanding
> subnetting and how bgp works (not necessarily setting up bgp). I've
> posted
> job listings on the likes of dice and monster and have not found any
> good
> canidates, most of them ASP / Java guys.
>
> If anyone can point me to a site they might recommend for job postings
> or
> know of any consulting firms that might provide these services that
> would
> be greatly appreciated.

Re: Reliable Cloud host ?

[Jared Mauch]

On Feb 27, 2012, at 2:53 PM, valdis.kletni...@vt.edu wrote:

> On Mon, 27 Feb 2012 14:02:04 EST, William Herrin said:
> 
>> The net result is that when you switch the IP address of your server,
>> a percentage of your users (declining over time) will be unable to
>> access it for hours, days, weeks or even years regardless of the DNS
>> TTL setting.
> 
> Amen brother.
> 
> So just for grins, after seeing William's I set up a listener on an address
> that had an NTP server on it many moons ago. As in the machine was shut down
> around 2002/06/30 22:49 and we didn't re-assign the IP address ever since
> *because* it kept getting hit with NTP packets..  Yes, a decade ago.
> 
> In the first 15 minutes, 234 different IP's have tried to NTP to that address.

I hereby reject the principle that one can not renumber a host/name and move it.

Certainly some people will see breakage.  This is because their software is 
defective, sometimes in a critical way, other times in a way that is 
non-obvious.

But I reject the idea that you can't move a service, or have one MX, DNS, etc.. 
host be down and have it be fatal without something else being SERIOUSLY 
broken.  If you are right, nobody could ever renumber anything ever, nor take a 
service down ever in the most absolute terms.

I've been involved in large scale DNS server renumbering/moving/whatnot.  It's 
harder these days than it was in the past, but its feasible.  I know those 
resolver addresses that have been retired still get queries from *very* broken 
hosts.  Just because they're getting queries, doesn't mean they are expecting 
an answer, or will properly handle it.

Sometimes you have to break the service worse for people to repair it.  Look at 
the DCWG.org site and try to get an idea if you're infected.  At some point 
those will go away.  Doesn't mean those people aren't broken/infected and 
REQUIRE remediation.

- Jared

Re: Programmers with network engineering skills

[Rodrick Brown]

The smaller more elite hedge funds  are - Getco LLC, Knight Capital, SAC 
Capital Advisors, Jump Trading, Wolverine Trading, Chicago Trading, Citadel, 
Sun Trading

A list of larger firms are here - 
http://www.nasdaqtrader.com/Trader.aspx?id=topliquidity

The core skill sets most look for is core Linux, C/C++, multicast, 
multithreading, IPC, and low level kernel drivers. FPGA and CUDA is also 
becoming more relevant.

Sent from my iPhone

On Feb 28, 2012, at 8:23 AM, "Brandt, Ralph"  wrote:

> Rodrick, give me the name of one of those firms.  :)
> 
> 
> Ralph Brandt
> 
> 
> -Original Message-
> From: Rodrick Brown [mailto:rodrick.br...@gmail.com] 
> Sent: Monday, February 27, 2012 6:13 PM
> To: A. Pishdadi
> Cc: NANOG
> Subject: Re: Programmers with network engineering skills
> 
> On Feb 26, 2012, at 8:27 PM, "A. Pishdadi"  wrote:
> 
>> Hello All,
>> 
>> i have been looking for quite some time now a descent coder (c,php)
> who has
>> a descent amount of system admin / netadmin experience. Doesn't
> necessarily
>> need to be an expert at network engineering but being acclimated in
>> understanding the basic fundamentals of networking. Understanding
> basic
>> routing concepts, how to diagnose using tcpdump / pcap, understanding
>> subnetting and how bgp works (not necessarily setting up bgp). I've
> posted
>> job listings on the likes of dice and monster and have not found any
> good
>> canidates, most of them ASP / Java guys.
>> 
>> If anyone can point me to a site they might recommend for job postings
> or
>> know of any consulting firms that might provide these services that
> would
>> be greatly appreciated.
> 
> Good Luck guys like these are being scooped up by large financial firms
> and hedgefunds and they don't come cheap  ~$250k easy! 

RE: Programmers with network engineering skills

[Brandt, Ralph]

Rodrick, give me the name of one of those firms.  :)


Ralph Brandt


-Original Message-
From: Rodrick Brown [mailto:rodrick.br...@gmail.com] 
Sent: Monday, February 27, 2012 6:13 PM
To: A. Pishdadi
Cc: NANOG
Subject: Re: Programmers with network engineering skills

On Feb 26, 2012, at 8:27 PM, "A. Pishdadi"  wrote:

> Hello All,
> 
> i have been looking for quite some time now a descent coder (c,php)
who has
> a descent amount of system admin / netadmin experience. Doesn't
necessarily
> need to be an expert at network engineering but being acclimated in
> understanding the basic fundamentals of networking. Understanding
basic
> routing concepts, how to diagnose using tcpdump / pcap, understanding
> subnetting and how bgp works (not necessarily setting up bgp). I've
posted
> job listings on the likes of dice and monster and have not found any
good
> canidates, most of them ASP / Java guys.
> 
> If anyone can point me to a site they might recommend for job postings
or
> know of any consulting firms that might provide these services that
would
> be greatly appreciated.

Good Luck guys like these are being scooped up by large financial firms
and hedgefunds and they don't come cheap  ~$250k easy! 

Call for updates: Native IPv6 access providers

[Jeroen Massar]

Hi Folks,

I would like to get more organizations on the Native IPv6 list:

http://www.sixxs.net/faq/connectivity/?faq=native

Thus, if you have updates and also new entries, do not hesitate to
forward them to i...@sixxs.net.

Please provide the list of countries that you are offering the service,
the name of the organization/company, the website, the IPv6 prefixes
involved, the type of link/technology and any kind of notes that may
pertain to your offering.

Of course, if you are in the planning phase and know that around date
XYZ you are going to offer the service too this can be put in the Notes
column too...

Yes, this list does not include Datacenter offerings, as when you have a
simple Ethernet/routed network it you should have been able to offer
IPv6 ages ago...

Thanks for the input!

Greets,
 Jeroen

RE: Programmers with network engineering skills

[Brandt, Ralph]

Owen, I can only say it is my opinion, based on some years of experience
and working with people who have come from both sides.  I have seen more
people successfully move from programming to networking than the
reverse.


Ralph Brandt
Communications Engineer
HP Enterprise Services
Telephone +1 717.506.0802
FAX +1 717.506.4358
Email ralph.bra...@pateam.com
5095 Ritter Rd
Mechanicsburg PA 17055


-Original Message-
From: Owen DeLong [mailto:o...@delong.com] 
Sent: Monday, February 27, 2012 5:14 PM
To: david raistrick
Cc: Brandt, Ralph; NANOG
Subject: Re: Programmers with network engineering skills


On Feb 27, 2012, at 12:31 PM, david raistrick wrote:

> On Mon, 27 Feb 2012, Owen DeLong wrote:
> 
>> I think you're more likely to find a network engineer with (possibly
limited)
>> programming skills.
> 
> While I'll agree about the more likely, if I needed a coder who had a
firm grasp of networking I'd rather teach a good coder networking, than
try to teach the art and magic of good development to a network guy.
> 

Well, I won't call myself a hard-core coder, but, I think I have a
reasonable grasp on the art and magic of good development. What I mostly
lack is speed and efficiency in the language of choice for whatever
project. I can write good code, it just takes me longer than it would
take a hard-core coder.

OTOH, having done both, I would say that I think you are not necessarily
correct about which direction of teaching is harder. Yes, if you start
with a network engineer that knows nothing about writing code or doesn't
understand the principles of good coding, you're probably right.
However, starting with a network engineer that can write decent code
slowly, I think you will get a better result in most cases than if you
try to teach network engineering to a hard-core coder that has only a
minimal understanding of networking.

> I think it really comes down to which you need: a hardcore network
engineer/architect who can hack up code, or a hardcore developer who has
or can obtain enough of a grasp of networking fundementals and specifics
to build you the software you need him to develop.
> 

I'm guessing that someone who needed a hard-core developer that could
grasp fundamentals would have grabbed an existing coder and handed him a
copy of Comer.

The fact that this person posted to NANOG instead implies to me that he
needs someone that has a better grasp than just the fundamentals.

Of course I am speculating about that and I could be wrong.

> The ones who already know both ends extremely well are going to be
-very- hard to find, but finding one who can learn enough of the other
to accomplish what you need shouldn't be hard at all.
> 

Depends on what you need. However, I think it's faster to go from
limited coding skills with a good basis in the fundamentals to usable
development than to go from limited networking skills to a firm grasp on
how networks behave in the real world. To the best of my knowledge,
nothing but experience will teach you the latter. Even with 20+ years
experience networks do still occasionally manage to surprise me.

> ...d (who is not exactly the former though I've played one for TV, and
not at all the later)

I am admittedly lost given the three choices as to which constitutes
former or latter at this point.

1.  Strong coder with limited networking
2.  Strong networker with limited coding
3.  Strong in both

Owen
Who is a strong network engineer
Who has been a professional software engineer (though many years ago and
my skills are rusty
and out of date)

Re: dns and software, was Re: Reliable Cloud host ?

[William Herrin]

On Tue, Feb 28, 2012 at 12:45 AM, Mark Andrews  wrote:
>        getaddrinfo was designed to be extensible as was struct
>        addrinfo.  Part of the problem with TTL is not [all] data sources
>        used by getaddrinfo have TTL information.

Hi Mark,

By the time getaddrinfo replaced gethostbyname, NIS and similar
systems were on their way out. It was reasonably well understood that
many if not most of the calls would return information gained from the
DNS. Depending on how you look at it, choosing not to propagate TTL
knowledge was either a belligerent choice to continue disrespecting
the DNS Time To Live or it was fatalistic acceptance that the DNS TTL
isn't and would not become functional at the application level.

Still works fine deeper in the query system, timing out which server
holds the records though.


>    Additionally for
>        many uses you want to reconnect to the same server rather
>        than the same name.

The SRV record was designed to solve that whole class of problems
without damaging the operation of the TTL. No one uses it.


It's all really very unfortunate. The recipe for SOHO multihoming, the
end of routing table bloat and IP roaming without pivoting off a home
base all boils down to two technologies: (1) a layer 4 protocol that
can dynamically rebind to the layer 3 IP address the same way IP uses
ARP to rebind to a changing ethernet MAC and (2) a DNS TTL that
actually works so that the DNS supports finding a connection's current
IP address.

Regards,
Bill Herrin

-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: FCoE/CNA Deployment w/ Nexus 5K, HP 580s, QLogic

[David Swafford]

Hey Chris,

Yeah, our vendors epically failed here!  I was getting at having a good
releationship with fellow server/storage team mates.

David.



On Mon, Feb 27, 2012 at 7:50 PM, Chris Cappuccio  wrote:

> David Swafford [da...@davidswafford.com] wrote:
> >
> > Lots of head-banging and teamwork eventually got us squared away!  This
> > situation is a good example of why network guys NEED to have a great
> > relationship with both server and storage guys (we're all really close
> > where I'm at).  Had there been tension/etc between the teams, this would
> > have been signifiantky harder to resolve.
>
> I don't know how this points to the NEED to have a great relationship with
> your vendor. Your vendors all failed to figure anything out. Obviously you
> need smart guys on staff to work-around problems...
>

Re: dns and software, was Re: Reliable Cloud host ?

[Owen DeLong]

On Feb 27, 2012, at 9:45 PM, Mark Andrews wrote:

> 
>   getaddrinfo was designed to be extensible as was struct
>   addrinfo.  Part of the problem with TTL is not data sources
>   used by getaddrinfo have TTL information.  Additionally for
>   many uses you want to reconnect to the same server rather
>   than the same name.  Note there is nothing to prevent a
>   getaddrinfo implementation maintaining its own cache though
>   if I was implementing such a cache I would have a flag to
>   to force a refresh.
> 

Sorry if I wasn't clear... My point to Bill was that we should be using calls 
that don't have TTL information
(GAI/GNI in their default forms). That we don't need to abuse connect() to 
achieve that. That if people use GAI/GNI(), then, any brokenness is system-wide 
brokenness in the system's resolver library and should be addressed there.

Owen

RE: Programmers with network engineering skills

[George Bonser]

> Noon Silk said:
>
> Just a practical comment here; part of your problem may be offering c
> and php together. I don't want to start a war, but I know that at the
> very least all the c programmers I know would considered php to be ...
> "horribly offensive". So, maybe seperating out these two roles (c and
> php programming) will help you.
> 
> It is definitely true (speaking as a programmer, C# for several years)
> that seeing +PHP would instantly turn me off. Further, I'm sure that
> almost anyone who is still programming in c these days would have the
> level of networking knowledge you care about (and can train on top of).

PHP tends to mesh well with things like perl programmers. It is basically a 
scripting language.  Anyone using D ?