Re: Muni Fiber and Politics
On Monday, July 21, 2014 07:28:22 PM Scott Helms wrote: I'll be watching to see how well this roll out goes. If they didn't re-engineer their splits (or plan for symmetrical from the beginning) they could run into some problems because the total speed on a GPON port is asymmetrical, about 2.5 gbps down to 1.25 gbps up. Symmetrical would be tough to do unless you're doing Active- E. Then again, I haven't been following PON in the last two years, so maybe they have a solution now. Mark. signature.asc Description: This is a digitally signed message part.
Re: Carrier Grade NAT
In message CAMfXtQwmpEqBk9CKRq2MpW15tRcuicZ_3DoJUsTBAM4=503...@mail.gmail.com, Gary Buhrmaster writes: On Wed, Jul 30, 2014 at 5:22 AM, Owen DeLong o...@delong.com wrote: On Jul 29, 2014, at 4:13 PM, Mark Andrews ma...@isc.org wrote: . Add to that over half your traffic will switch to IPv6 as long as the customer has a IPv6 capable CPE. That's a lot less logging you need to do from day 1. That would be nice, but Iâm not 100% convinced that it is true. For the 99.99% of the users who believe that facebook and twitter *are* the internet, at least facebook is IPv6 enabled. 50.00%(*)! Yes, I think we can all stipulate that those participating on this list are different, and have different expectations, and different capabilities, than those other 99.99%. Gary (*) If we are going to make up statistics, four significant digits looks better than one. Enable IPv6 at home and measure the traffic. I did, which is why I say 50%. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Netflix To Cogent To World
On Thursday, July 24, 2014 02:27:01 AM Jimmy Hess wrote: It would be interesting if Google, Wikimedia, CBS/ABC, CNN, Walmart, Espn, Salesforce, BoFa, Weather.com, Dropbox, Paypal, Netflix, Microsoft, Facebook, Twitter, Amazon, Yahoo, Ebay, Wordpress.com, Pinterest, Instagram, Tumblr, Reddit, Forbes, Zillow, formed a little club and said OK, Tier1.. providers.. we're not paying you guys for transit anymore; your customers want our stuff and will consider their internet service DOWN if they can't get it. You are going to pay us for a fast lane to our content now. If you want it, please start sending us your bids, now. I almost wrote this a few weeks ago but decided not to - but I've been saying it for a while now and maybe I'll write it now. The bridge between content owners and their customers is service providers. Those service providers are either wholesale transit providers or consumer service providers. Commercial trends have been moving farther and farther away from, How much bandwidth do you want to buy? to, How many Tv channels, voice minutes and cloud recording can I get?, particularly in much more developed markets. We see evidence on this in the current transit prices being so low that now selling in Gbps as a minimum might be the only way to survive. (very) Slowly but (very) surely, the service provider (wholesale or consumer) is becoming a less visible part of the chain (well, unless we are in the news talking about de- peering or how much grief Netflix are causing us this week), because eyeballs just want their House of Cards. There really is very little reason why certain major content owners and providers who operate their own IP networks cannot turn around and become full-blown wholesale ISP's (and in some cases, consumer ISP's). As a transit provider industry, we need to get our act together and play nice, before we all get run over by the content owners. They will not hesitate to take us out of the equation the first chance they get. Mark. signature.asc Description: This is a digitally signed message part.
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
On Tuesday, July 29, 2014 04:21:32 AM Corey Touchet wrote: Right now my thinking are MX480 or ASR9k platforms. Opinions on those are equally welcome as alternatives, but I’d love to hear from those with personal experiences today vs sales people trying to tell me it would route the world :) Yep, MX480/960 and ASR9006/9010 are the way to go if you're looking at decent (Intel-based) CPU's, good performance and good 10Gbps/100Gbps port density, incuding combinations thereof. 40Gbps might be a little tricky on these boxes; for that, looking at Ethernet switches (Nexus, C6880, Juniper EX) are better options. We don't mess around with 40Gbps - it's 10Gbps or 100Gbps :-). IOS XR on the CRS and ASR9000 is based on QNX, which suffers from being only a 32-bit kernel. So even if the hardware will ship with 4GB of RAM, the OS will only see 4GB (I have 12GB in my CRS's and 8GB on my ASR9001's). IOS XR on the NCS runs on Linux, which removes the memory limitation, but it's not clear whether that philosophy will make it down to earlier IOS XR platforms (CRS, ASR9000). Whatever the case, I've been following Blackberry for a while on this, and it doesn't seem like they have any plans to release a 64-bit version of QNX. AFAIK, their phones are all 32-bit, so... Junos has no issue seeing 32GB of RAM (their currently highest RAM on their RE's), as it's a properly 64-bit OS. That said, some of the applications that run within Junos (notably rpd) are still playing catch-up in terms of how much memory it can see, and how well it can use the multiple cores present on the RE's. A lot of work is going on in this area, and generally, the later the Junos code you run, the more enhancements to the software you will see (and the accompanying bugs, hehe). I've been testing Junos 14.1R1 in production on a couple of MX80's and MX480's for some weeks now. No issues to report (yet). Mark. signature.asc Description: This is a digitally signed message part.
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
❦ 30 juillet 2014 09:53 +0200, Mark Tinka mark.ti...@seacom.mu : IOS XR on the CRS and ASR9000 is based on QNX, which suffers from being only a 32-bit kernel. So even if the hardware will ship with 4GB of RAM, the OS will only see 4GB (I have 12GB in my CRS's and 8GB on my ASR9001's). What's the point of shipping more memory then? Maybe the OS can only address 4GB per process but is able to use up to 64GB in total (PAE)? -- Use self-identifying input. Allow defaults. Echo both on output. - The Elements of Programming Style (Kernighan Plauger)
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
On Wednesday, July 30, 2014 11:12:44 AM Vincent Bernat wrote: What's the point of shipping more memory then? Maybe the OS can only address 4GB per process but is able to use up to 64GB in total (PAE)? That was one argument from Cisco - that when the software catches up, they might be able to compartmentalize so that applications gain access to it individually. I didn't grill them too much on this, as we use IOS XR in the core mostly (CRS), and we don't need RAM too much since IPv4 is switched on MPLS labels, negating the need to hold a full IPv4 table on the routers. That said, I can see a use-case where the additional RAM on the CRS and ASR9000 can make sense if IOS XR is allowed to run separate VM's on the same control plane. I know that iso one of the ideas behind the NCS, but not sure whether it will be added to the CRS and ASR9000. Mark. signature.asc Description: This is a digitally signed message part.
Re: Netflix To Cogent To World
From: Mark Tinka mark.ti...@seacom.mu Commercial trends have been moving farther and farther away from, How much bandwidth do you want to buy? to, How many Tv channels, voice minutes and cloud recording can I get?, particularly in much more developed markets Internet should be utility, many providing it don't wnat to be a utility and so try doing other services usually best left to specialists As a transit provider industry, we need to get our act together and play nice, before we all get run over by the content owners Yes, I like to remind those engaging in peering wars and charging for access users to be careful when creating reasons for others to become their competition As a broadcaster we send our content direct to users over the air, there is opportunity in not making us do so for internet too (though it already happens, here in the UK Sky TV are a large ISP) brandon
Re: Netflix To Cogent To World
Brandon Butterworth bran...@rd.bbc.co.uk wrote: Yes, I like to remind those engaging in peering wars and charging for access users to be careful when creating reasons for others to become their competition As a broadcaster we send our content direct to users over the air, there is opportunity in not making us do so for internet too (though it already happens, here in the UK Sky TV are a large ISP) So, out of curiosity, how does BBC's user base split out between: - traditional over-the-air reception, - cable, - satellite (is their a UK equivalent of DishTV), - Internet? I'm pretty sure that in most US major markets broadcasters primarily reach their subscribers over cable these days - with those cable providers also providing subscribers' Internet access. Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. Yogi Berra
Re: Netflix To Cogent To World
On Wednesday, July 30, 2014 12:50:17 PM Brandon Butterworth wrote: Internet should be utility, many providing it don't wnat to be a utility and so try doing other services usually best left to specialists When we did FTTH at $previous_employer, it really was the first time an operator (albeit a competitive) was bundling voice, video and data on an end-to-end fibre connection to the home (even the incumbent's solution was FTTB, and then copper (Ethernet or VDSL) to the home. To make the service more utilitarian, we didn't do the selling or marketing. We left it to our partner (the Tv network, primarily a satellite Tv provider) to sell it, brand it their own, e.t.c. We were happy with just a Powered By at the bottom of their web site or sales material. Made sense, since they had the customer base, market visibility, back-end after-sales support and cash in the bank to do so. Their bundling made sense to customers: - Tv channels were packaged based on customer demographics. - Voice plans were simple. - Internet access was either 6Mbps, 12Mbps or 24Mbps, with an option to boost (boost is easier for Joe Blog to understand than burst) to 50Mbps via a web tool the customer can use at their discretion. - Multi-screen view options inside the home. - How many simultaneous live streams can you view while you record others. And that was it. As a provider, we ensured that there was sufficient capacity delivered to each home to make the above possible. In this case, it was 100Mbps (GPON), but could have also been 1Gbps (Active-E). We realized that customers didn't care how much bandwidth was required to watch their favorite channel in HD. They just wanted to watch their favorite channel in HD. How it all works is not their problem, and they don't want to know or care to be impressed by the details. What would drive network expansion would be what services customers wanted. If customers suddenly wanted 100% of their channels in HD, at 1080p, they would ask for and pay for that. If it means delivering 1Gbps to every home to do that, so be it; it was never going to become the customer's problem. They just want what they want, and more often than not, they don't want bandwidth (which is what ISP's typically know how to sell) - they just don't want video/audio buffering. Sounds like the same thing, but from a customer's point of view, it's not the same thing. If, as service providers, we can get ourselves to that point (either at a corporate level or with external help from policy and legislation), Internet will, thus, have become a utility. Your guess is as good as mine if that will ever happen. And given that content owners are the ones who appear most interested in the customer experience, 21st century traditional ISP's need to watch their backs. Mark. signature.asc Description: This is a digitally signed message part.
BGP communities question
Hello Nanog, I'm fairly new to running my employers multihomed BGP network with our own ASN. Things have been relatively smooth and stable for the past few months. We have 2 upstream ISP's giving us full routes. We have a single link to each provider, but I run two BGP sessions over that single link so I can have router redundancy. My routers are run in an active-passive configuration. With ISP-A, they have configured our 2 BGP sessions such that the secondary session (our passive router), although the BGP session is up, no traffic is directed there unless the primary router's BGP session goes away. This prevents asymmetric routing problems with my active/passive config. ISP-A attributes this config to the fact that we have 2 sessions, but on the same router, with a config on their router that looks like this: #show http://r04.lsanca03.us.bb#show running-config interface tenGigE 0/1/0/7 interface TenGigE0/1/0/7 description: 10GbE service-policy input cust1-in service-policy output cust1-out ipv4 address xxx.xxx.xxx.xxx 255.255.255.252 ipv4 address xxx.xxx.xxx.yyy 255.255.255.252 secondary ipv4 verify unicast source reachable-via any allow-self-ping ISP-B says they aren't able to do this active/passive config without us getting 2 physical links (kind of opposite what ISP-A is saying) They recommend that we use local pref and communities to direct traffic to our primary BGP session and only using the secondary session if the primary fails. Does that recommendation make sense? Will setting the local pref via ISP-B community strings accomplish this active/passive traffic split that I'm looking for? Looking through the documentation on this providers site about which community string needs to be set, it seems like I just need to make the primary router BGP session community string higher than the default, and the passive router BGP session community string lower than the default and that will get me the desired behavior. Is that the proper way of achieving the traffic flows for active / passive config from provider to my gear? Thank you, Philip
Re: Recommendations for a decent DWDM optical power meter.
We also have a Solid Optics CWDM meter and it does the job quite nicely. It feels solid (haha...) and is relatively cheap. -- Jeff Walter On Mon, Jul 28, 2014 at 4:34 PM, Neil Davidson n...@knd.org wrote: We have the Solid Optics DWDM and CWDM power meters. Simple, inexpensive and works well ... http://www.solid-optics.com/category/cwdm-dwdm/power-meter ... n -- K. Neil Davidson +1-720-258-6345 On Mon, Jul 28, 2014 at 2:45 PM, Tom Hill t...@ninjabadger.net wrote: On 28/07/14 19:33, Timothy Kaufman wrote: Also maybe the ODPM-48. I've got the CWDM version of this, and it does the job. Haven't explored the test result downloading/archiving features (didn't expect them to work with Linux anyway) but overall it was very helpful for measuring loss across various passive muxes (where DDM wasn't available). Tom
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
On Tue, Jul 29, 2014 at 5:56 PM, Simon Lockhart si...@slimey.org wrote: On Tue Jul 29, 2014 at 02:21:32AM +, Corey Touchet wrote: Right now my thinking are MX480 or ASR9k platforms. Opinions on those are Or, protect your existing investment in 6500 and replace the SUP720 with the SUP2T. You can then deploy the WS-X6904-40G-XL blades which give you 4 * 40G I would generally suggest you look at it as a long term decision, at least before jumping to the next incremental (modest increase) on the upgrade treadmill. It depends on whether the 6500 is still a perfect match for your network other than the prefix limit.Your vendor should think of your equipment as an investmentto be protected, by exploiting your feelings of loss aversion, but the upgrade treadmill is a trap.next thing you know, you will have to replace the chassis, then you will need new linecards.. Keep in mind most of the MX series makes the 6500 look like a 5 port linksys home router, when it comes to carrying around and managing large BGP tables; both in terms of prefix capacity, speed, the policy/filtering/configuration management functionality of the OS, and how they will take the route update beating during setup of new multiple BGP sessions... The SUP2T is about a 100% increase in TCAM size, but still pretty limited in terms of system resources. You can also protect your investment if appropriate by taking this late 1990s gear off your BGP edge, or otherwise recruiting it for a role which it is more suited for in this day and age, where it is not handling full tables and thus the feeble amount of FIB size, CPU, memory are no potential hinderance now or on the next 10 years. The ability to link up 40G ports did not seem terribly useful when it would all be unsafely oversubscribed. You can then look to migrate onto the 6880 chassis which gives you a faster backplane, whilst retaining compatibility with existing linecards. Simon -- -JH
Re: BGP communities question
This sounds perfectly acceptable. Your ISP-B should have a published list of communities that do different things. You need to choose the specific community to get the behaviour you are after. For example you can see a list of what Level3 accept from customers about half way down here: http://onesc.net/communities/as3356/. From them you may choose 3356:70 and 3356:90. Arbitrarily choosing a community may break things. For example, you probably would not want to use 3356:. You will also need to remember to set the local pref on your side of the link to ensure that you don't get asymmetric traffic flows. Be careful with BGP. You can break a lot of things if you don't know what you are doing. Regards, Dave On 30 July 2014 00:16, Philip diso...@gmail.com wrote: Hello Nanog, I'm fairly new to running my employers multihomed BGP network with our own ASN. Things have been relatively smooth and stable for the past few months. We have 2 upstream ISP's giving us full routes. We have a single link to each provider, but I run two BGP sessions over that single link so I can have router redundancy. My routers are run in an active-passive configuration. With ISP-A, they have configured our 2 BGP sessions such that the secondary session (our passive router), although the BGP session is up, no traffic is directed there unless the primary router's BGP session goes away. This prevents asymmetric routing problems with my active/passive config. ISP-A attributes this config to the fact that we have 2 sessions, but on the same router, with a config on their router that looks like this: #show http://r04.lsanca03.us.bb#show running-config interface tenGigE 0/1/0/7 interface TenGigE0/1/0/7 description: 10GbE service-policy input cust1-in service-policy output cust1-out ipv4 address xxx.xxx.xxx.xxx 255.255.255.252 ipv4 address xxx.xxx.xxx.yyy 255.255.255.252 secondary ipv4 verify unicast source reachable-via any allow-self-ping ISP-B says they aren't able to do this active/passive config without us getting 2 physical links (kind of opposite what ISP-A is saying) They recommend that we use local pref and communities to direct traffic to our primary BGP session and only using the secondary session if the primary fails. Does that recommendation make sense? Will setting the local pref via ISP-B community strings accomplish this active/passive traffic split that I'm looking for? Looking through the documentation on this providers site about which community string needs to be set, it seems like I just need to make the primary router BGP session community string higher than the default, and the passive router BGP session community string lower than the default and that will get me the desired behavior. Is that the proper way of achieving the traffic flows for active / passive config from provider to my gear? Thank you, Philip
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
On Wednesday, July 30, 2014 03:06:55 PM Jimmy Hess wrote: I would generally suggest you look at it as a long term decision, at least before jumping to the next incremental (modest increase) on the upgrade treadmill. It depends on whether the 6500 is still a perfect match for your network other than the prefix limit.Your vendor should think of your equipment as an investment to be protected, by exploiting your feelings of loss aversion, but the upgrade treadmill is a trap. next thing you know, you will have to replace the chassis, then you will need new linecards.. Next up the road are the 6800's. Essentially SUP-2T's, so you get software parity Day One, but still the same supervisor module. We are running 6880's (which are the fixed SUP-2T's, but with modular line cards), but only a core switching (Layer 2 Ethernet) role. Great port density since the 10Gbps ports are now SFP+, but oversubscribed line cards 2:1, since each slot is 80Gbps, but the line card comes with 16x 10Gbps ports. You can disable oversubscription and go into performance mode, which disables half the ports on the line card - we do that. IP-/MPLS-wise, whatever you can do on the 6500 you can do on the 6800, but I can't say for sure as we're running them as switches. That said, if your goal is IP, just consider the ASR9000, MX, and whatever else other vendors can do in this space. Mark. signature.asc Description: This is a digitally signed message part.
Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing
On (2014-07-30 08:06 -0500), Jimmy Hess wrote: Keep in mind most of the MX series makes the 6500 look like a 5 port linksys home router, when it comes to carrying around and managing large BGP tables; both in terms of prefix capacity, speed, the policy/filtering/configuration management functionality of the OS, and how they will take the route update beating during setup of new multiple BGP sessions... The SUP2T is about a 100% increase in TCAM size, but still pretty limited in terms of system resources. You can also protect your investment if appropriate by taking this late 1990s gear off your BGP edge, or otherwise recruiting it for a role which it is more suited for in this day and age, where it is not handling full tables and thus the feeble amount of FIB size, CPU, memory are no potential hinderance now or on the next 10 years. These seem cute anecdotes but I'm not sure how appropriate they are. CAT6880 is XEON control-plane, and if we compare MX80 and RSP720, where RSP720 has slightly lower performance CPU, RSP720 out-performs MX80 (and MX104) in BGP convergence and BGP scale. Certainly if you compare SUP720 to XEON MX960, your anecdote is accurate. JunOS is architecturally quite similar to IOS-XE, single fat process (iosd, rpd) doing all the relevant work, running on modern control-plane (linux, freebsd). One advantage to iosd is, that it's actually multithreaded unlike rpd. Obviously Sup2T/6880 2M FIB is limited, but what is JNPR MX scale? Trio has 256MB RLDRAM for everything, looking at my MX IPv4 FIB memory consumption divided by entry size, it pegs IPv4 entry to 77B (seems massive), which would translate to 3.5M IPv4 FIB upper bound, if nothing else is there. Realistically, I don't think JNPR promises anywhere near this. So the FIB scale may be pretty similar in both. So I don't think FIB, control-plane or software are selling-points here. Where MX shines, is deep services, with CAT you have relatively dumb ASIC, while MX is capable for very deep services with its NPU. If you can reuse existing LC and skill investment while living with limited forwarding-plane functionality offered, it seems entirely sensible solution, and in no way more '90s technology' than MX. If you need deep services, of course it's wrong box, then MX or ASR9k is what you should be looking at. -- ++ytti
Re: FW: Public Notice: FCC asks for comments on network security
On 27-07-14 16:15, Livingood, Jason wrote: FYI. The U.S. Public Safety and Homeland Security Bureau released a Public Notice on Friday (copied below), seeking comment on the “implementation and effectiveness of the CSRIC III recommendations”. Comments are due by September 26. Some folks here may wish to send the FCC comments on this, especially areas pertaining to preventing IP address spoofing. Interesting RFCs. Out of curiosity: do (many) routers already support the necessary ingress filter features to support these RFCs? Kind regards, Pieter Hulshoff
Re: FW: Public Notice: FCC asks for comments on network security
Should. It is a few million$ in man hours thou. ( Not necessary spent, but budgeted ) And still no BCP38 recommendation. I wonder: 1. If they taught of it; 2. What was their process to not include it; Oh well. - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.netFax: 514-990-9443 On 07/30/14 09:57, Pieter Hulshoff wrote: On 27-07-14 16:15, Livingood, Jason wrote: FYI. The U.S. Public Safety and Homeland Security Bureau released a Public Notice on Friday (copied below), seeking comment on the “implementation and effectiveness of the CSRIC III recommendations”. Comments are due by September 26. Some folks here may wish to send the FCC comments on this, especially areas pertaining to preventing IP address spoofing. Interesting RFCs. Out of curiosity: do (many) routers already support the necessary ingress filter features to support these RFCs? Kind regards, Pieter Hulshoff
Re: Carrier Grade NAT
The only actual residential data I can offer is my own. I am fully dual stack and about 40% of my traffic is IPv6. I am a netflix subscriber, but also an amazon prime member. I will say that if amazon would get off the dime and support IPv6, it would make a significant difference. Other than amazon and my financial institutions and Kaiser, living without IPv4 wouldn't actually pose a hardship as near as I can tell from my day without v4 experiment on June 6. I know Kaiser is working on it. Amazon apparently recently hired Yuri Rich to work on their issues. So that would leave my financial institutions. I think we are probably less than 5 years from residential IPv4 becoming a service that carries a surcharge, if available. Owen On Jul 29, 2014, at 22:42, Julien Goodwin na...@studio442.com.au wrote: On 29/07/14 22:22, Owen DeLong wrote: On Jul 29, 2014, at 4:13 PM, Mark Andrews ma...@isc.org wrote: In message 20140729225352.go7...@hezmatt.org, Matt Palmer writes: On Wed, Jul 30, 2014 at 09:28:53AM +1200, Tony Wicks wrote: 2. IPv6 is nice (dual stack) but the internet without IPv4 is not a viable thing, perhaps one day, but certainly not today (I really hate clueless people who shout to the hills that IPv6 is the solution for today's internet access) Do you have IPv6 deployed and available to your entire customer base, so that those who want to use it can do so? To my way of thinking, CGNAT is probably going to be the number one driver of IPv6 adoption amongst the broad customer base, *as long as their ISP provides it*. Add to that over half your traffic will switch to IPv6 as long as the customer has a IPv6 capable CPE. That's a lot less logging you need to do from day 1. That would be nice, but I’m not 100% convinced that it is true. Though it will be an increasing percentage over time. Definitely a good way of reducing the load on your CGN, with the additional benefit that your network is part of the solution rather than part of the problem. Being on the content provider side I don't know the actual percentages in practice, but in the NANOG region you've got Google/Youtube, NetFlix, Akamai Facebook all having a significant amount of their services v6 native. I'd be very surprised if these four together weren't a majority of any consumer-facing network's traffic in peak times.
Re: Carrier Grade NAT
There¹s still a lot of websites that are not with the times. No ipv6 on CNN, FOX, or NBC news websites. Slashdot.org shame on you! Comcast and ATT work, but not Verizon. No surprise there. Power company nope. I think CGN is fine for 99% of customers out there. Until the iPhone came out Verizon Wireless had natted all their blackberry customers and saved million¹s of IP¹s. Then Apple and Google blew a hole into that plan. Then again I¹m for IPv4 just running out and finally pushing people to adopt. The US Govt has done a better job of moving to IPv6 than private industry which frankly is amazing all things considered. Comcast is pushing over 1TBPS of IPv6 traffic, but I¹m sure that¹s mainly video from Youtube and Netflix. On 7/30/14, 9:45 AM, Owen DeLong o...@delong.com wrote: The only actual residential data I can offer is my own. I am fully dual stack and about 40% of my traffic is IPv6. I am a netflix subscriber, but also an amazon prime member. I will say that if amazon would get off the dime and support IPv6, it would make a significant difference. Other than amazon and my financial institutions and Kaiser, living without IPv4 wouldn't actually pose a hardship as near as I can tell from my day without v4 experiment on June 6. I know Kaiser is working on it. Amazon apparently recently hired Yuri Rich to work on their issues. So that would leave my financial institutions. I think we are probably less than 5 years from residential IPv4 becoming a service that carries a surcharge, if available. Owen On Jul 29, 2014, at 22:42, Julien Goodwin na...@studio442.com.au wrote: On 29/07/14 22:22, Owen DeLong wrote: On Jul 29, 2014, at 4:13 PM, Mark Andrews ma...@isc.org wrote: In message 20140729225352.go7...@hezmatt.org, Matt Palmer writes: On Wed, Jul 30, 2014 at 09:28:53AM +1200, Tony Wicks wrote: 2. IPv6 is nice (dual stack) but the internet without IPv4 is not a viable thing, perhaps one day, but certainly not today (I really hate clueless people who shout to the hills that IPv6 is the solution for today's internet access) Do you have IPv6 deployed and available to your entire customer base, so that those who want to use it can do so? To my way of thinking, CGNAT is probably going to be the number one driver of IPv6 adoption amongst the broad customer base, *as long as their ISP provides it*. Add to that over half your traffic will switch to IPv6 as long as the customer has a IPv6 capable CPE. That's a lot less logging you need to do from day 1. That would be nice, but I¹m not 100% convinced that it is true. Though it will be an increasing percentage over time. Definitely a good way of reducing the load on your CGN, with the additional benefit that your network is part of the solution rather than part of the problem. Being on the content provider side I don't know the actual percentages in practice, but in the NANOG region you've got Google/Youtube, NetFlix, Akamai Facebook all having a significant amount of their services v6 native. I'd be very surprised if these four together weren't a majority of any consumer-facing network's traffic in peak times.
Re: Carrier Grade NAT
Once upon a time, Corey Touchet corey.touc...@corp.totalserversolutions.com said: Comcast is pushing over 1TBPS of IPv6 traffic, but I¹m sure that¹s mainly video from Youtube and Netflix. One thing to remember about the video services that do support IPv6 is that a lot of end users, even if they have IPv6 in the home, won't see them over IPv6. Many people watch Netflix and such from TV-connected devices like DVD/Blu-Ray players, smart TVs, Xboxes, TiVos, etc. Many (most?) of these devices don't support IPv6, and many never will (because they don't get firmware updates much after release). -- Chris Adams c...@cmadams.net
Re: Netflix To Cogent To World
There really is very little reason why certain major content owners and providers who operate their own IP networks cannot turn around and become full-blown wholesale ISP's (and in some cases, consumer ISP's). As a transit provider industry, we need to get our act together and play nice, before we all get run over by the content owners. They will not hesitate to take us out of the equation the first chance they get. Yes and no… The barrier to Netflix becoming a consumer ISP is very high… Very very high. It costs a lot of money to deploy all that last mile infrastructure, assuming you can get permits, acquire rights-of-way, etc. to even do it. Much of the current consumer ISP infrastructure happens to be owned by content providers that Netflix is competing with. The rest is largely owned by other content providers that are attempting to compete with Netflix _AND_ the other content providers. ($CABLECOs (e.g. Cox, Time Warner, et. al.) in the former case and $TELCOs (e.g. FIOS, uVerse, et. al.) in the latter). In the US, at least, both $CABLECOs and $TELCOs look more like law firms than communications companies if you analyze their business models. They seem to spend most of their time seeking ways to create a regulatory environment that favors them and disadvantages their competition rather than focusing on customer service and innovation to gain better profits. For the most part, their ability to do harm is somewhat limited by the fact that their interests largely run contrary to each other, so you have roughly equal forces fighting for legislation and rulings in roughly opposite directions. Unfortunately, when they agree, it is almost certainly the consumer that loses and loses big. The current situation with Netflix (and other content providers) is one such example. One of the few things they can agree on is that it is easier for them to try and extort money from content producers that compete with them than it is to change their business model to account for the true costs of providing what they promised. One interesting thing about this in my opinion is that the worst consequence if they get their wish (the Slow Lane proposal, as I call it), the worst effect on consumers is an unintended side-effect. It will create an additional set of entry barriers for companies attempting to compete with Netflix and other content providers that have sufficient resources to pay the “exit the slow lane extortion”. So not only is this bad for consumers by raising the cost of their content services by a factor of $ISP_EXTORTION+MARKUP, but it’s also bad for consumers by creating a new barrier to competition in an area of the market that was previously more open. Owen
Re: Carrier Grade NAT
On Wed, Jul 30, 2014 at 11:45 AM, Owen DeLong o...@delong.com wrote: SNIP Amazon apparently recently hired Yurie Rich insert: and John Spence to work on their issues. /SNIP And Yurie recently posted an opening for an IPv6 Engineer at same ... for any so inclined. /TJ
Re: Carrier Grade NAT
On 07/30/2014 09:16 AM, Chris Adams wrote: Once upon a time, Corey Touchet corey.touc...@corp.totalserversolutions.com said: Comcast is pushing over 1TBPS of IPv6 traffic, but I¹m sure that¹s mainly video from Youtube and Netflix. One thing to remember about the video services that do support IPv6 is that a lot of end users, even if they have IPv6 in the home, won't see them over IPv6. Many people watch Netflix and such from TV-connected devices like DVD/Blu-Ray players, smart TVs, Xboxes, TiVos, etc. Many (most?) of these devices don't support IPv6, and many never will (because they don't get firmware updates much after release). In the game console market, from what I could see from some quick searches, Xbox and Wii do v6, but PS4 does not. And as time goes on more things will do v6, not less. :) The time for using $FOO does not support IPv6, so I don't have to enable it as an excuse is way past over. Doug
Re: Carrier Grade NAT
On Jul 30, 2014, at 8:45 AM, Owen DeLong o...@delong.com wrote: I will say that if amazon would get off the dime and support IPv6, it would make a significant difference. Per Microsoft public statements, they are now moving address space allocated them in Brazil to the US to fill a major service shortfall in Azure. They’re not the only kids on the block with that problem, but are perhaps the one most publicly reported. To my way of thinking, having services like that adopt IPv6 and tell their customers that they need to access the service using IPv6 would go a lot farther that residential service in pushing enterprise adoption. http://tools.ietf.org/html/draft-anderson-siit-dc gives a fairly clever way to make it possible for the service itself to be IPv6-only and yet provide IPv4 access, and preserve IPv4 addresses in the process. signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Netflix To Cogent To World
On Wednesday, July 30, 2014 06:21:46 PM Owen DeLong wrote: Yes and no… The barrier to Netflix becoming a consumer ISP is very high… Very very high. It costs a lot of money to deploy all that last mile infrastructure, assuming you can get permits, acquire rights-of-way, etc. to even do it. Note I said ...certain major For sure, not all content owners have the might or time to become ISP's (whether for themselves or for their customers). But definitely, certain major ones do... and we are already seeing bits of that, here and there in the world... I can't predict the future, but if certain major content owners/networks find the barriers to entry surmountable, consolidation could close the loop (certainly, if money, skill and effort wasn't my problem, this would be one of my strategies). And if the industry were go this way, I wouldn't expect to see it coming. It would start small. Very small. No big bang announcement or launch... Mark. signature.asc Description: This is a digitally signed message part.
Re: Carrier Grade NAT
On Tue, Jul 29, 2014 at 11:56 PM, Mark Andrews ma...@isc.org wrote: In message CAMfXtQwmpEqBk9CKRq2MpW15tRcuicZ_3DoJUsTBAM4=503...@mail.gmail.com, Gary Buhrmaster writes: On Wed, Jul 30, 2014 at 5:22 AM, Owen DeLong o...@delong.com wrote: On Jul 29, 2014, at 4:13 PM, Mark Andrews ma...@isc.org wrote: . Add to that over half your traffic will switch to IPv6 as long as the customer has a IPv6 capable CPE. That's a lot less logging you need to do from day 1. That would be nice, but I’m not 100% convinced that it is true. For the 99.99% of the users who believe that facebook and twitter *are* the internet, at least facebook is IPv6 enabled. 50.00%(*)! Yes, I think we can all stipulate that those participating on this list are different, and have different expectations, and different capabilities, than those other 99.99%. Gary (*) If we are going to make up statistics, four significant digits looks better than one. Enable IPv6 at home and measure the traffic. I did, which is why I say 50%. Orange Poland deployed 464XLAT on mobile and is seeing 62% native IPv6 and 38% NAT64 (slide 26) http://www.data.proidea.org.pl/plnog/12edycja/day2/track4/01_ipv6_implementation.pdf I don't have good measurements on this, but i assume the 11 million 464XLAT subscribers on T-Mobile US show a similar profile, possibly higher due to Netflix now supporting IPv6 on Android. CB Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Carrier Grade NAT
On Jul 30, 2014, at 8:45 AM, Owen DeLong o...@delong.com wrote: I will say that if amazon would get off the dime and support IPv6, it would make a significant difference. Someone that works for Amazon once told me that they are primed for it now; the question is whether their customers tick the box appropriately. Per Microsoft public statements, they are now moving address space allocated them in Brazil to the US to fill a major service shortfall in Azure. They’re not the only kids on the block with that problem, but are perhaps the one most publicly reported. To my way of thinking, having services like that adopt IPv6 and tell their customers that they need to access the service using IPv6 would go a lot farther than residential service in pushing enterprise adoption. http://tools.ietf.org/html/draft-anderson-siit-dc gives a fairly clever way to make it possible for the service itself to be IPv6-only and yet provide IPv4 access, and preserve IPv4 addresses in the process. If I’m not mistaken, it’s pretty much what Facebook and others like them have implemented, with a view to being internally IPv6-only within a relatively short timeframe. signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Netflix To Cogent To World
We peer with Netflix directly on an exchange, and transit Level3, Cogent, HE TW. In me experience, when our direct peer is down for whatever reason, Netflix prefers Hurricane Electric no matter what - if the route is there, it takes it - then Cogent, then Level3, then TW. I agree that the Netflix team is responsive and easy to work with, and again in my experience, their network team is extremely interested in making things happen (despite what blogs hearsay ...) Randal On Wed, Jul 23, 2014 at 8:48 AM, Jay Ashworth j...@baylink.com wrote: While thinking about this double play over the weekend, a very interesting chain of thoughts occurred to me. If I were Netflix, why would I buy all my transit from Cogent[1], given Cogent's propensity for getting into peering fights with people *already*, even before *I* start sending them 1000:1 asymmetric outbound traffic? Presumably because they're offering me a helluva deal on the bandwidth. So why would Cogent offer Netflix a helluva deal? Perhaps because they were smart enough to see how popular NF would become... and thought it would make an excellent stalking horse in their own peering fights? Who's gonna depeer Cogent *now*? Cheers, -- jra [1] This is my understanding, though of course I'm not privy. -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
Re: Netflix To Cogent To World
On Wed, 30 Jul 2014 13:04:31 -0600, randal k said: I agree that the Netflix team is responsive and easy to work with, and again in my experience, their network team is extremely interested in making things happen (despite what blogs hearsay ...) Well, it *is* in their best interests to make sure that every requested packet gets out of Netflix's network (and/or CDN) as fast as possible. :) pgpdcHSXte3OM.pgp Description: PGP signature
Re: Carrier Grade NAT
You can utilize an ASR 1006 / 1013 with an ESP card for CGN functionality. Starting in 3.10 code you can utilize Bulk Port Allocation to carve out small consecutive port bundles for end users as to not mess up SIP functionsand High Speed Logging to log individual customers ports for law enforcement needs without overrunning your logging server. On Tue, Jul 29, 2014 at 10:45 AM, Colton Conor colton.co...@gmail.com wrote: We are looking for recommendations for a carrier grade nat solution. Who is the leaders in this space? How do carrier grade NAT platforms integrate with DHCP and DNS solutions? How do you keep track of copyright violations in a CGNAT solution if multiple customers are sharing the same public IP address?
On a future of open settlement free peering
I hesitate to respond to Mr. Bennett. But since he has asserted my opinion on this matter... There is no reasonable reading of the early FCC Open Internet proposed rulemaking that would lead to a ban on paid peering. It takes a number of logical leaps and a great deal of inference to even get close to that: the text of the proposed rule-making is crystal clear. I can turn any transit link into a paid peering link in about 25 seconds (and only that long because my IOS and JUNOS are rusty) The law professor whose contribution you cite either misrepresented or failed to understand the paper he (in turn) cited regarding MPEG-DASH and congested networks. His inference was that maybe networks really aren't congested and that the problem is the underlying video transmission protocol. The idea is absurd - we've all seen the Backdoor Santa graphs. Whether MPEG-DASH gracefully degrades under significant congestion is another matter entirely, and is orthogonal to this discussion. You seem to paint everyone who disagrees with you as being some sort of cabal. Yet, my agreement with Patrick Gilmore on this issue is far more the result of the extremism of the opposite position. The guiding principle of the internet engineering community has always been to avoid breaking the Internet because it has the effect of hurting everyone - a tragedy of the commons. And yet, some broadband providers are playing a long game of intentional congestion to attempt to reverse the existing content-broadband power paradigm. No one deserves settlement free interconnection and I don't believe it should be universally mandated. However, the ability for carriers and content providers to avoid onerous regulation has long depended on acting responsibly, as is the case in any industry. Causing prolonged pain to your own customers, as some monopolistic broadband providers are doing, is inviting regulation. This is where I do part company with some folks in this community - I think regulation is bad and will hurt us. People say well it can't get worse - oh yes, it can. But, Mr. Bennett, your paymasters are driving us to a more comprehensive regulatory regime, whether we like it or not. Mr. Bennett - the reason that everyone believes you are a lobbyist rather than a sincere activist is that a sincere activist (who just happened to be getting paid by the broadband providers) would realize that he is going down a path of greater regulation. If you were sincere, you would find that to be abhorrent. AEI once stood for competition and lower regulatory burdens. Now, you take money to support monopoly providers who are destroying established industry self-regulatory regimes. Shameful. Daniel Golding (speaking for myself, not my employer)
Re: Carrier Grade NAT
On 07/30/2014 11:41 AM, Fred Baker (fred) wrote: Someone that works for Amazon once told me that they are primed for it now Pun intended? :)
Re: Carrier Grade NAT
In message 53d96dbd.3070...@dougbarton.us, Doug Barton writes: On 07/30/2014 11:41 AM, Fred Baker (fred) wrote: Someone that works for Amazon once told me that they are primed for it now Pun intended? :) The best thing Amazon could do would be to stop stocking IPv4 only CPE devices. I know this is a hard ask. The second best thing would be to warn that a CPE device was IPv4 only and won't work with the new IPv6 Internet. They could also ship dual stack images for all the Kindle models they have released. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Owning a name
An update, apparently writs of attachment were sent for not only .ir, but also .sy and .kp ccTLDs as well, based on separate cases related to support for terrorism. ICANN has filed a motion to quash the writs and taken the position that the domains are not assets. Press: http://www.securityweek.com/country-specific-web-domains-cant-be-seized-icann Court Documents: https://www.icann.org/resources/pages/icann-various-2014-07-30-en On Fri, Jun 27, 2014 at 1:54 AM, Mark Rudholm m...@rudholm.com wrote: On 06/26/2014 10:14 PM, Collin Anderson wrote: On Thu, Jun 26, 2014 at 10:00 PM, John Levine jo...@iecc.com wrote: I've been looking for the case in PACER, and don't see anything filed this year against ICANN so the case doesn't even exist. Seth Charles Ben HAIM, et al., Plaintiffs, v. The ISLAMIC REPUBLIC OF IRAN, et al., Defendants. Civil Action No. 02-1811 (RCL) It seems to me that even if the ccTLD delegations were removed from the root DNS zone, all sysadmins in Iran would just add the ns.irnic.ir NS record to their cache, effectively ignoring ICANN. I bet a lot of sysadmins outside Iran would do the same thing, since it makes sense to refer to IRNIC for Iranian DNS regardless of any court ruling. Similarly, they'd just keep using their current network numbers. It's not like ARIN would be able to give them to someone else. Nobody would want them. And a lot of us would continue to route those numbers to Iran. Courts have shown time and again that they don't understand that ICANN is a coordinator, not an authority. -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C.
Re: Netflix To Cogent To World
On Jul 30, 2014, at 9:51 AM, Mark Tinka mark.ti...@seacom.mu wrote: On Wednesday, July 30, 2014 06:21:46 PM Owen DeLong wrote: Yes and no… The barrier to Netflix becoming a consumer ISP is very high… Very very high. It costs a lot of money to deploy all that last mile infrastructure, assuming you can get permits, acquire rights-of-way, etc. to even do it. Note I said ...certain major For sure, not all content owners have the might or time to become ISP's (whether for themselves or for their customers). But definitely, certain major ones do... and we are already seeing bits of that, here and there in the world... I can't predict the future, but if certain major content owners/networks find the barriers to entry surmountable, consolidation could close the loop (certainly, if money, skill and effort wasn't my problem, this would be one of my strategies). In that case, I would argue that the attempts to freeze Netflix out in a SlowLane extortion scheme are a move by the existing content/ISP conglomerates to do just exactly that, no? If not, then I am completely failing to understand you point. Owen
Netflix And ATT Sign Peering Agreement
Seems germane to recent conversations ... Netflix has signed a peering agreement with ATT that will see the video streaming service pay the ISP for direct connection to its network. Previously, Netflix signed similar agreements with Comcast and Verizon. http://techcrunch.com/2014/07/29/netflix-and-att-sign-peering-agreement/
Re: Carrier Grade NAT
On Jul 30, 2014, at 11:41 AM, Fred Baker (fred) f...@cisco.com wrote: On Jul 30, 2014, at 8:45 AM, Owen DeLong o...@delong.com wrote: I will say that if amazon would get off the dime and support IPv6, it would make a significant difference. Someone that works for Amazon once told me that they are primed for it now; the question is whether their customers tick the box appropriately. Owens-MacBook-Pro:toneAC owendelong$ host www.amazon.com www.amazon.com has address 72.21.215.232 Owens-MacBook-Pro:toneAC owendelong$ host www.google.com www.google.com has address 74.125.239.145 www.google.com has address 74.125.239.146 www.google.com has address 74.125.239.148 www.google.com has address 74.125.239.144 www.google.com has address 74.125.239.147 www.google.com has IPv6 address 2607:f8b0:4005:802::1010 It appears to me that they have failed to tick their own box correctly. I was talking about Amazon, not AWS. Yes, AWS would help too, but in terms of the Alexa list, Amazon would swing the percentage meaningfully. I don’t know to what extent AWS would swing the percentage. Owen
Re: Muni Fiber and Politics
On Jul 30, 2014, at 1:47 AM, Mark Tinka mark.ti...@seacom.mu wrote: Symmetrical would be tough to do unless you're doing Active- E. I'm an outlier in my thinking, but I believe the best world would be where the muni offered L1 fiber, and leased access to it on a non-discrimatory basis. That would necessitate an Active-E solution since L1 would not have things like GPON splitters in it, but it enables things like buying a dark fiber pair from your home to your business, and lighting it with your own optics. That to me is a huge win. It also means future upgrades are unencumbered. Want to run 10GE? 100GE? 50x100GE WDM? Please do. You leased a dark fiber. If the muni has gear (even just splitters) in the path they will gatekeeper upgrades. It may be a smidge more expensive up front, but in the long run I think it will be cheaper, more reliable, and most importantly hugely more flexible. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Netflix And ATT Sign Peering Agreement
- Original Message - From: Doug Barton do...@dougbarton.us Seems germane to recent conversations ... Netflix has signed a peering agreement with ATT that will see the video streaming service pay the ISP for direct connection to its network. Previously, Netflix signed similar agreements with Comcast and Verizon. http://techcrunch.com/2014/07/29/netflix-and-att-sign-peering-agreement/ Am I nuts in thinking that *someone* has mispelt Netflix agrees to buy transit from ATT? Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
Re: Carrier Grade NAT
On Wed, 30 Jul 2014 16:39:14 -0700, Owen DeLong said: I was talking about Amazon, not AWS. Yes, AWS would help too, but in terms of the Alexa list, Amazon would swing the percentage meaningfully. I dont know to what extent AWS would swing the percentage. There's probably not much stuff that individually is in the Alexa top 100, but collectively AWS probably has a half million or so hosted entities that together would end up at the bottom end of the Top 50 if not better. Of course, then the question becomes what percentage of those half million entities are ready to go once AWS flips the switch pgpZniV_uLp5_.pgp Description: PGP signature
Re: Carrier Grade NAT
On Jul 30, 2014, at 3:55 PM, Mark Andrews ma...@isc.org wrote: In message 53d96dbd.3070...@dougbarton.us, Doug Barton writes: On 07/30/2014 11:41 AM, Fred Baker (fred) wrote: Someone that works for Amazon once told me that they are primed for it now Pun intended? :) The best thing Amazon could do would be to stop stocking IPv4 only CPE devices. I know this is a hard ask. The second best thing would be to warn that a CPE device was IPv4 only and won't work with the new IPv6 Internet. They could also ship dual stack images for all the Kindle models they have released. In terms of biggest impact, sure. In terms of the biggest impact to effort ratio, I would argue that for amazon.com would be huge. Owen
Re: Owning a name
On Jul 30, 2014, at 4:17 PM, Collin Anderson col...@averysmallbird.com wrote: An update, apparently writs of attachment were sent for not only .ir, but also .sy and .kp ccTLDs as well, based on separate cases related to support for terrorism. ICANN has filed a motion to quash the writs and taken the position that the domains are not assets. Press: http://www.securityweek.com/country-specific-web-domains-cant-be-seized-icann Court Documents: https://www.icann.org/resources/pages/icann-various-2014-07-30-en On Fri, Jun 27, 2014 at 1:54 AM, Mark Rudholm m...@rudholm.com wrote: On 06/26/2014 10:14 PM, Collin Anderson wrote: On Thu, Jun 26, 2014 at 10:00 PM, John Levine jo...@iecc.com wrote: I've been looking for the case in PACER, and don't see anything filed this year against ICANN so the case doesn't even exist. Seth Charles Ben HAIM, et al., Plaintiffs, v. The ISLAMIC REPUBLIC OF IRAN, et al., Defendants. Civil Action No. 02-1811 (RCL) It seems to me that even if the ccTLD delegations were removed from the root DNS zone, all sysadmins in Iran would just add the ns.irnic.ir NS record to their cache, effectively ignoring ICANN. I bet a lot of sysadmins outside Iran would do the same thing, since it makes sense to refer to IRNIC for Iranian DNS regardless of any court ruling. Similarly, they'd just keep using their current network numbers. It's not like ARIN would be able to give them to someone else. Nobody would want them. And a lot of us would continue to route those numbers to Iran. Pretty sure that would be a RIPE, not ARIN matter since TTBOMK, Iran et. al. are in the RIPE region (possibly some in AfriNIC actually). Courts have shown time and again that they don't understand that ICANN is a coordinator, not an authority. Wonder how long it is before we recognize the need for an international technical court for such matters where the guy on the bench has to be not just a lawyer, but a nerd, too. Owen
Re: Owning a name
On Thu, Jul 31, 2014 at 12:10 AM, Owen DeLong o...@delong.com wrote: Wonder how long it is before we recognize the need for an international technical court for such matters where the guy on the bench has to be not just a lawyer, but a nerd, too. Can I nominate Judge William Alsup?
Re: Owning a name
I keep thinking (in this you can not own a name thing) about the early occupants of North America who to a man, I believe, argued that fences were just wrong, because you can't own the land. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)
Re: Owning a name
On 07/30/2014 05:10 PM, Owen DeLong wrote: On Jul 30, 2014, at 4:17 PM, Collin Anderson col...@averysmallbird.com wrote: An update, apparently writs of attachment were sent for not only .ir, but also .sy and .kp ccTLDs as well, based on separate cases related to support for terrorism. ICANN has filed a motion to quash the writs and taken the position that the domains are not assets. ICANN would lose a lot of credibility if the ccTLDs were pulled, because people would simply ignore it. Press: http://www.securityweek.com/country-specific-web-domains-cant-be-seized-icann Court Documents: https://www.icann.org/resources/pages/icann-various-2014-07-30-en On Fri, Jun 27, 2014 at 1:54 AM, Mark Rudholm m...@rudholm.com wrote: On 06/26/2014 10:14 PM, Collin Anderson wrote: On Thu, Jun 26, 2014 at 10:00 PM, John Levine jo...@iecc.com wrote: I've been looking for the case in PACER, and don't see anything filed this year against ICANN so the case doesn't even exist. Seth Charles Ben HAIM, et al., Plaintiffs, v. The ISLAMIC REPUBLIC OF IRAN, et al., Defendants. Civil Action No. 02-1811 (RCL) It seems to me that even if the ccTLD delegations were removed from the root DNS zone, all sysadmins in Iran would just add the ns.irnic.ir NS record to their cache, effectively ignoring ICANN. I bet a lot of sysadmins outside Iran would do the same thing, since it makes sense to refer to IRNIC for Iranian DNS regardless of any court ruling. Similarly, they'd just keep using their current network numbers. It's not like ARIN would be able to give them to someone else. Nobody would want them. And a lot of us would continue to route those numbers to Iran. Pretty sure that would be a RIPE, not ARIN matter since TTBOMK, Iran et. al. are in the RIPE region (possibly some in AfriNIC actually). Yes, Iran gets numbers mainly from RIPE NCC. I'm used to dealing with ARIN so that's what comes out of my fingers. But, I'm sure you get my point anyway. Courts have shown time and again that they don't understand that ICANN is a coordinator, not an authority. Wonder how long it is before we recognize the need for an international technical court for such matters where the guy on the bench has to be not just a lawyer, but a nerd, too. Owen
Re: Carrier Grade NAT
On Wed, Jul 30, 2014 at 08:05:28PM -0400, valdis.kletni...@vt.edu wrote: On Wed, 30 Jul 2014 16:39:14 -0700, Owen DeLong said: I was talking about Amazon, not AWS. Yes, AWS would help too, but in terms of the Alexa list, Amazon would swing the percentage meaningfully. I dont know to what extent AWS would swing the percentage. There's probably not much stuff that individually is in the Alexa top 100, but collectively AWS probably has a half million or so hosted entities that together would end up at the bottom end of the Top 50 if not better. Of course, then the question becomes what percentage of those half million entities are ready to go once AWS flips the switch Given that almost all of them will be using ELB, which is just a reverse proxy, where AWS controls the A records that get returned, I'd say that most of them would Just Work. The ones that don't will fail only because they're assuming that the IP address they get sent via HTTP header is IPv4, but plenty of sites don't even look, and most of the rest wouldn't need much more than a regex update and/or DB column size change. - Matt -- The real art of conversation is not only to say the right thing at the right place but to leave unsaid the wrong thing at the tempting moment. -- Dorothy Nevill
Re: Netflix And ATT Sign Peering Agreement
- Original Message - From: Jay Ashworth j...@baylink.com Previously, Netflix signed similar agreements with Comcast and Verizon. http://techcrunch.com/2014/07/29/netflix-and-att-sign-peering-agreement/ Am I nuts in thinking that *someone* has mispelt Netflix agrees to buy transit from ATT? As several people were kind enough to point out to me off-list, yes is the answer to that question. Cheers, -- jr 'on-net transit' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274