Re: Domain renawals

[Peter Beckman]

On Wed, 22 Sep 2016, John Levine wrote:


For domain registration I found that joining the GoDaddy Domain Club
( $120/year or less if you pay ahead for multiple years [1] ) ...


There's a lot of registrars with prepay discounts.  Gandi's domains
are cheaper if you prepay $600, a lot cheaper if you prepay $2000.


 I see the discount, and $600 prepay IS cheaper than Gandi rates with NO
 prepay. But the other companies are still less expensive even with the
 Gandi prepay.

TLD NearlyFree  GoDaddy DDC Gandi B Rates ($600)
com  $9.34  $10.44  $14.50
org $11.39  $14.14  $16.20
net $10.54  $11.14  $17.00
info$10.69  $12.14  $15.55
name $8.99  $12.14  $14.60
biz $11.19  $14.14  $16.28

 Now if you get to $12,000 prepay, you get E Rates, where .com is $8.80 and
 .net is $11.00. Lower than most, but NearlyFree is still very competitive
 and even beats Gandi on a few TLDs at E Rates.

 I'm sure there are more benefits to Gandi over others than just price.

 I agree with the other poster that other dimensions are also important and
 valuable: support quality, security, policies, UI, ease of use,
 communication.

Beckman

NOTE: All rates quoted are RENEWAL rates, not transfer or new, as of
9/21/16. GoDaddy DDC rates are discounted and adjusted for 56 domains for
the DDC fee of $120 per year. More domains == lower prices.
---
Peter Beckman  Internet Guy
beck...@angryox.com http://www.angryox.com/
---

Re: Domain renawals

[Lou Katz]

On Wed, Sep 21, 2016 at 08:52:29PM -, John Levine wrote:
> In article 
> 

Re: Domain renawals

[Jimmy Hess]

On Wed, Sep 21, 2016 at 8:35 PM, John Levine  wrote:
>>For domain registration I found that joining the GoDaddy Domain Club
>>( $120/year or less if you pay ahead for multiple years [1] ) ...
> There's a lot of registrars with prepay discounts.  Gandi's domains
> are cheaper if you prepay $600, a lot cheaper if you prepay $2000.

Prepayment makes no sense, unless you are planning on maintaining more
than 10 domains,
which warrants much more due dilligence than if registering  one or two domains.

Also,  if you're maintaining one or two domains,  then it is sensible
to pay more
for a registrar that provides better support, or a more intuitive web interface.
For maintaining a larger number of domains: perhaps more powerful management
tools are  more useful,  and  possibly the ease-of-use is a lower priority.

Therefore, it depends on what you are doing with domains.
I know of registrars that are $8.99 per Year and $8.39 per Year for a .COM,
with no prepayment necessary,  for those rates,  and  small discounts
for prepay.

*  They say "cheap, secure, reliable, pick two"   But that's not
really how it is.

it's really  more like "Inexpensive, Good support, Feature-complete",
 pick two.

Because no registrar is "secure" totally; phishing is conceivable with
any registrar.
That includes ne'er do wells  pre-texting you and tricking registrar
support personnel
to change your e-mail address plus password and give it to a cracker.

You can't give up reliability to get security,  so the original 3 don't work.
Every registrar known to offer advanced security mitigations charges a boatload,
or part of a boatload to add them.

If you want security,  then the closest you get is what's called a
Registry lock  with'
a telephone-based confirmation of domain changes,  And two-factor login to the
website.


Last I check,  getting the registry lock service  is Only available on
certain TLDs,
and adds between $500 and $1000  Per domain name to the cost.

Also,  there is a bit of inconvenience,  since you are setting a lock which
your domain registrar is unable to override on their own,  so routine
maintenance
such as updating DNS servers or renewing becomes a potentially
drawn-out process.



Various registrars offer  Two-Factor website login and  'Max Lock'
features of their own,
providing their own confirmation,   and just a Client/Registrar-Lock
on the domain,

But again..  you can't see the registrar's IT systems,  so blindly
assuming they are secure
would be silly. Certainly price can't tell you that.

None of the registrars are going to be totally secure.

It's just a question of  How long have they been around,  how much
business does
the registrar do, and how many times have they been hacked and the hack
was bad enough that the internet community discovered it?

--
-JH

Re: Domain renawals

[Justin Paine via NANOG]

I've had quite good luck with:  Gandi, Hover, 101domains, and Google
Domains -- depending on which cc/TLDs you're looking for.


Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D


On Wed, Sep 21, 2016 at 6:35 PM, John Levine  wrote:
>>For domain registration I found that joining the GoDaddy Domain Club
>>( $120/year or less if you pay ahead for multiple years [1] ) ...
>
> There's a lot of registrars with prepay discounts.  Gandi's domains
> are cheaper if you prepay $600, a lot cheaper if you prepay $2000.
>
> R's,
> John

Re: CDN Overload?

[Martin Hannigan]

No problem.

If you can drop a pcap file somewhere we can reach (and drop me an email where) 
that was created during the event that'd be great.

Thanks again, and great use of the list. 

Best,

Martin Hannigan
AS 20940 // AS 32787


> On Sep 21, 2016, at 15:29, Mike Hammett  wrote:
> 
> Thanks Marty. I have only experienced this on my network once and it was 
> directly with Microsoft, so I haven't done much until a couple days ago when 
> I started this campaign. I don't know if anyone else has brought this to 
> anyone's attention. I just sent an e-mail to Owen when I saw yours.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> 
> Midwest Internet Exchange
> 
> The Brothers WISP
> 
> From: "Martin Hannigan" 
> To: "Mike Hammett" 
> Cc: "NANOG" 
> Sent: Wednesday, September 21, 2016 8:19:35 PM
> Subject: Re: CDN Overload?
> 
> 
> Mike,
> 
> I will forward to the requisite group for a look. Have you brought this to 
> our attention previously? I don't see anything. If you did, please forward me 
> the ticket numbers or message(s) (peering@ is best) so wee can track down and 
> see if someone already has it in queue.
> 
> Jared alluded to fasttcp a few emails ago. Astute man.
> 
> Best,
> 
> Martin Hannigan 
> AS 20940 // AS 32787
> 
> 
> 
> On Sep 21, 2016, at 14:30, Mike Hammett  wrote:
> 
> https://docs.google.com/spreadsheets/d/1Jdm0dOBf81kSnXEvVfI6ZJbWFNt5AbYUV8CDxGwLSm8/edit?usp=sharing
>  
> 
> I have made the anonymized answers public. This will obviously have some bias 
> to it given that I mostly know fixed wireless operators, but I'm hoping this 
> gets some good distribution to catch more platforms. 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> - Original Message -
> 
> From: "Mike Hammett"  
> To: "NANOG"  
> Sent: Wednesday, September 21, 2016 9:08:55 AM 
> Subject: Re: CDN Overload? 
> 
> https://goo.gl/forms/LvgFRsMdNdI8E9HF3 
> 
> I have made this into a Google Form to make it easier to track compared to 
> randomly formatted responses on multiple mailing lists, Facebook Groups, etc. 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> - Original Message - 
> 
> From: "Mike Hammett"  
> To: "NANOG"  
> Sent: Monday, September 19, 2016 12:34:48 PM 
> Subject: CDN Overload? 
> 
> 
> I participate on a few other mailing lists focused on eyeball networks. For a 
> couple years I've been hearing complaints from this CDN or that CDN was 
> behaving badly. It's been severely ramping up the past few months. There have 
> been some wild allegations, but I would like to develop a bit more 
> standardized evidence collection. Initially LimeLight was the only culprit, 
> but recently it has been Microsoft as well. I'm not sure if there have been 
> any others. 
> 
> The principal complaint is that upstream of whatever is doing the rate 
> limiting for a given customer there is significantly more capacity being 
> utilized than the customer has purchased. This could happen briefly as TCP 
> adjusts to the capacity limitation, but in some situations this has persisted 
> for days at a time. I'll list out a few situations as best as I can recall 
> them. Some of these may even be merges of a couple situations. The point is 
> to show the general issue and develop a better process for collecting what 
> exactly is happening at the time and how to address it. 
> 
> One situation had approximately 45 megabit/s of capacity being used up by a 
> customer that had a 1.5 megabit/s plan. All other traffic normally held 
> itself within the 1.5 megabit/s, but this particular CDN sent excessively 
> more for extended periods of time. 
> 
> An often occurrence has someone with a single digit megabit/s limitation 
> consuming 2x - 3x more than their plan on the other side of the rate limiter. 
> 
> Last month on my own network I saw someone with 2x - 3x being consumed 
> upstream and they had *190* connections downloading said data from Microsoft. 
> 
> The past week or two I've been hearing of people only having a single 
> connection downloading at more than their plan rate. 
> 
> 
> These situations effectively shut out all other Internet traffic to that 
> customer or even portion of the network for low capacity NLOS areas. It's a 
> DoS caused by downloads. What happened to the days of MS BITS and you didn't 
> even notice the download happening? A lot of these guys think that the CDNs 
> are just a pile of dicks looking to ruin everyone's day and I'm certain that 
> there are at least a couple people at each CDN that aren't that way. ;-) 
> 
> 
> 
> 
> Lots of rambling, sure. What do I need to have these guys collect as evidence 
> of a problem and 

Re: Domain renawals

[John Levine]

>For domain registration I found that joining the GoDaddy Domain Club 
>( $120/year or less if you pay ahead for multiple years [1] ) ...

There's a lot of registrars with prepay discounts.  Gandi's domains
are cheaper if you prepay $600, a lot cheaper if you prepay $2000.

R's,
John

Re: CDN Overload?

[Mike Hammett]

Thanks Marty. I have only experienced this on my network once and it was 
directly with Microsoft, so I haven't done much until a couple days ago when I 
started this campaign. I don't know if anyone else has brought this to anyone's 
attention. I just sent an e-mail to Owen when I saw yours. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "Martin Hannigan"  
To: "Mike Hammett"  
Cc: "NANOG"  
Sent: Wednesday, September 21, 2016 8:19:35 PM 
Subject: Re: CDN Overload? 





Mike, 


I will forward to the requisite group for a look. Have you brought this to our 
attention previously? I don't see anything. If you did, please forward me the 
ticket numbers or message(s) (peering@ is best) so wee can track down and see 
if someone already has it in queue. 


Jared alluded to fasttcp a few emails ago. Astute man. 


Best, 


Martin Hannigan 
AS 20940 // AS 32787 





On Sep 21, 2016, at 14:30, Mike Hammett < na...@ics-il.net > wrote: 




https://docs.google.com/spreadsheets/d/1Jdm0dOBf81kSnXEvVfI6ZJbWFNt5AbYUV8CDxGwLSm8/edit?usp=sharing
 

I have made the anonymized answers public. This will obviously have some bias 
to it given that I mostly know fixed wireless operators, but I'm hoping this 
gets some good distribution to catch more platforms. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message - 

From: "Mike Hammett" < na...@ics-il.net > 
To: "NANOG" < nanog@nanog.org > 
Sent: Wednesday, September 21, 2016 9:08:55 AM 
Subject: Re: CDN Overload? 

https://goo.gl/forms/LvgFRsMdNdI8E9HF3 

I have made this into a Google Form to make it easier to track compared to 
randomly formatted responses on multiple mailing lists, Facebook Groups, etc. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message - 

From: "Mike Hammett" < na...@ics-il.net > 
To: "NANOG" < nanog@nanog.org > 
Sent: Monday, September 19, 2016 12:34:48 PM 
Subject: CDN Overload? 


I participate on a few other mailing lists focused on eyeball networks. For a 
couple years I've been hearing complaints from this CDN or that CDN was 
behaving badly. It's been severely ramping up the past few months. There have 
been some wild allegations, but I would like to develop a bit more standardized 
evidence collection. Initially LimeLight was the only culprit, but recently it 
has been Microsoft as well. I'm not sure if there have been any others. 

The principal complaint is that upstream of whatever is doing the rate limiting 
for a given customer there is significantly more capacity being utilized than 
the customer has purchased. This could happen briefly as TCP adjusts to the 
capacity limitation, but in some situations this has persisted for days at a 
time. I'll list out a few situations as best as I can recall them. Some of 
these may even be merges of a couple situations. The point is to show the 
general issue and develop a better process for collecting what exactly is 
happening at the time and how to address it. 

One situation had approximately 45 megabit/s of capacity being used up by a 
customer that had a 1.5 megabit/s plan. All other traffic normally held itself 
within the 1.5 megabit/s, but this particular CDN sent excessively more for 
extended periods of time. 

An often occurrence has someone with a single digit megabit/s limitation 
consuming 2x - 3x more than their plan on the other side of the rate limiter. 

Last month on my own network I saw someone with 2x - 3x being consumed upstream 
and they had *190* connections downloading said data from Microsoft. 

The past week or two I've been hearing of people only having a single 
connection downloading at more than their plan rate. 


These situations effectively shut out all other Internet traffic to that 
customer or even portion of the network for low capacity NLOS areas. It's a DoS 
caused by downloads. What happened to the days of MS BITS and you didn't even 
notice the download happening? A lot of these guys think that the CDNs are just 
a pile of dicks looking to ruin everyone's day and I'm certain that there are 
at least a couple people at each CDN that aren't that way. ;-) 




Lots of rambling, sure. What do I need to have these guys collect as evidence 
of a problem and who should they send it to? 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

Re: CDN Overload?

[Martin Hannigan]

Mike,

I will forward to the requisite group for a look. Have you brought this to our 
attention previously? I don't see anything. If you did, please forward me the 
ticket numbers or message(s) (peering@ is best) so wee can track down and see 
if someone already has it in queue.

Jared alluded to fasttcp a few emails ago. Astute man.

Best,

Martin Hannigan 
AS 20940 // AS 32787



> On Sep 21, 2016, at 14:30, Mike Hammett  wrote:
> 
> https://docs.google.com/spreadsheets/d/1Jdm0dOBf81kSnXEvVfI6ZJbWFNt5AbYUV8CDxGwLSm8/edit?usp=sharing
>  
> 
> I have made the anonymized answers public. This will obviously have some bias 
> to it given that I mostly know fixed wireless operators, but I'm hoping this 
> gets some good distribution to catch more platforms. 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> - Original Message -
> 
> From: "Mike Hammett"  
> To: "NANOG"  
> Sent: Wednesday, September 21, 2016 9:08:55 AM 
> Subject: Re: CDN Overload? 
> 
> https://goo.gl/forms/LvgFRsMdNdI8E9HF3 
> 
> I have made this into a Google Form to make it easier to track compared to 
> randomly formatted responses on multiple mailing lists, Facebook Groups, etc. 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> - Original Message - 
> 
> From: "Mike Hammett"  
> To: "NANOG"  
> Sent: Monday, September 19, 2016 12:34:48 PM 
> Subject: CDN Overload? 
> 
> 
> I participate on a few other mailing lists focused on eyeball networks. For a 
> couple years I've been hearing complaints from this CDN or that CDN was 
> behaving badly. It's been severely ramping up the past few months. There have 
> been some wild allegations, but I would like to develop a bit more 
> standardized evidence collection. Initially LimeLight was the only culprit, 
> but recently it has been Microsoft as well. I'm not sure if there have been 
> any others. 
> 
> The principal complaint is that upstream of whatever is doing the rate 
> limiting for a given customer there is significantly more capacity being 
> utilized than the customer has purchased. This could happen briefly as TCP 
> adjusts to the capacity limitation, but in some situations this has persisted 
> for days at a time. I'll list out a few situations as best as I can recall 
> them. Some of these may even be merges of a couple situations. The point is 
> to show the general issue and develop a better process for collecting what 
> exactly is happening at the time and how to address it. 
> 
> One situation had approximately 45 megabit/s of capacity being used up by a 
> customer that had a 1.5 megabit/s plan. All other traffic normally held 
> itself within the 1.5 megabit/s, but this particular CDN sent excessively 
> more for extended periods of time. 
> 
> An often occurrence has someone with a single digit megabit/s limitation 
> consuming 2x - 3x more than their plan on the other side of the rate limiter. 
> 
> Last month on my own network I saw someone with 2x - 3x being consumed 
> upstream and they had *190* connections downloading said data from Microsoft. 
> 
> The past week or two I've been hearing of people only having a single 
> connection downloading at more than their plan rate. 
> 
> 
> These situations effectively shut out all other Internet traffic to that 
> customer or even portion of the network for low capacity NLOS areas. It's a 
> DoS caused by downloads. What happened to the days of MS BITS and you didn't 
> even notice the download happening? A lot of these guys think that the CDNs 
> are just a pile of dicks looking to ruin everyone's day and I'm certain that 
> there are at least a couple people at each CDN that aren't that way. ;-) 
> 
> 
> 
> 
> Lots of rambling, sure. What do I need to have these guys collect as evidence 
> of a problem and who should they send it to? 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> 
> 

Re: Domain renawals

[Peter Beckman]

I use DNS Made Easy for all of my DNS hosting, which I'm happy to
recommend.

For domain registration I found that joining the GoDaddy Domain Club 
( $120/year or less if you pay ahead for multiple years [1] ) is a good

deal for the quantity of domains I own (56 and counting). It's kind of like
Sam's Club -- you pay a membership fee for lower bulk pricing.

Additionally they handle nearly every TLD, like .us, .name and co.uk.

NearlyFreeSpeech.net looks to have pricing that is close to that of the
Domain Club, may have to check them out. The Domain Club cost of $120
divided by 56 domains is about $2.15 per Domain, so NearlyFree wins
handily. I'd like to learn more about the WHO behind NFSN, as well as how
and when they offer support.

TLD NearlyFree  GoDaddy Domain Club [Adjusted]
com  $9.34  >$8.29  [$10.44]
org $11.39 <$11.99  [$14.14]
net $10.54  >$8.99  [$11.14]
info$10.69  >$9.99  [$12.14]
name $8.99 < $9.99  [$12.14]
biz $11.19 <$11.99  [$14.14]

In the 10-15 years of using GoDaddy, despite my disagreement with some of
their marketing and public business positions, my domains don't get stolen,
they haven't shut anything down, I haven't lost a domain name, and their
support is decent when I need it (and it is 24/7 phone / email / chat).

[1] https://www.godaddy.com/domains/discount-domains.aspx

Beckman

On Mon, 19 Sep 2016, Jeff Jones wrote:


Hello All,

Sorry if this is low level. But are people sick of registrars jacking up
prices? Who is the cheapest and most reliable? I have been using whois.com,
networksolutions.com and am looking for input on who is cheap, secure,
reliable registrar. Thanks for your input.

~Jeff



---
Peter Beckman  Internet Guy
beck...@angryox.com http://www.angryox.com/
---

Re: CDN Overload?

[Mike Hammett]

https://docs.google.com/spreadsheets/d/1Jdm0dOBf81kSnXEvVfI6ZJbWFNt5AbYUV8CDxGwLSm8/edit?usp=sharing
 

I have made the anonymized answers public. This will obviously have some bias 
to it given that I mostly know fixed wireless operators, but I'm hoping this 
gets some good distribution to catch more platforms. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "Mike Hammett"  
To: "NANOG"  
Sent: Wednesday, September 21, 2016 9:08:55 AM 
Subject: Re: CDN Overload? 

https://goo.gl/forms/LvgFRsMdNdI8E9HF3 

I have made this into a Google Form to make it easier to track compared to 
randomly formatted responses on multiple mailing lists, Facebook Groups, etc. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message - 

From: "Mike Hammett"  
To: "NANOG"  
Sent: Monday, September 19, 2016 12:34:48 PM 
Subject: CDN Overload? 


I participate on a few other mailing lists focused on eyeball networks. For a 
couple years I've been hearing complaints from this CDN or that CDN was 
behaving badly. It's been severely ramping up the past few months. There have 
been some wild allegations, but I would like to develop a bit more standardized 
evidence collection. Initially LimeLight was the only culprit, but recently it 
has been Microsoft as well. I'm not sure if there have been any others. 

The principal complaint is that upstream of whatever is doing the rate limiting 
for a given customer there is significantly more capacity being utilized than 
the customer has purchased. This could happen briefly as TCP adjusts to the 
capacity limitation, but in some situations this has persisted for days at a 
time. I'll list out a few situations as best as I can recall them. Some of 
these may even be merges of a couple situations. The point is to show the 
general issue and develop a better process for collecting what exactly is 
happening at the time and how to address it. 

One situation had approximately 45 megabit/s of capacity being used up by a 
customer that had a 1.5 megabit/s plan. All other traffic normally held itself 
within the 1.5 megabit/s, but this particular CDN sent excessively more for 
extended periods of time. 

An often occurrence has someone with a single digit megabit/s limitation 
consuming 2x - 3x more than their plan on the other side of the rate limiter. 

Last month on my own network I saw someone with 2x - 3x being consumed upstream 
and they had *190* connections downloading said data from Microsoft. 

The past week or two I've been hearing of people only having a single 
connection downloading at more than their plan rate. 


These situations effectively shut out all other Internet traffic to that 
customer or even portion of the network for low capacity NLOS areas. It's a DoS 
caused by downloads. What happened to the days of MS BITS and you didn't even 
notice the download happening? A lot of these guys think that the CDNs are just 
a pile of dicks looking to ruin everyone's day and I'm certain that there are 
at least a couple people at each CDN that aren't that way. ;-) 




Lots of rambling, sure. What do I need to have these guys collect as evidence 
of a problem and who should they send it to? 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

Re: Domain renawals

[Harald Koch]

There are still many registrars that don't support DNSSEC (possibly only
for a subset of TLDs), and/or have an unusable or cumbersome interface for
adding DNSSEC glue. Just another thing to watch out for...

Re: Domain renawals

[Ken Chase]

EasyDNS has gone beyond the normal registrar dilligence and has
resisted bogus takedowns and other things, where many would just
bend over backwards. They can do this a bit more easily by being in Canada
as well:

https://www.techdirt.com/articles/20160606/10541834640/riaa-demands-takedown-thepiratebayorg-easydns-refuses-over-lack-due-process.shtml

https://www.techdirt.com/articles/20150107/17585829627/easydns-sued-refusing-to-take-down-website-without-court-order-then-hit-again-writing-about-lawsuit.shtml

https://www.techdirt.com/articles/20131127/02062025385/easydns-continues-to-fight-bogus-website-seizures-city-london-police-after-verisign-issues-no-decision.shtml

https://www.techdirt.com/articles/20150623/17321931439/icanns-war-whois-privacy.shtml

Mark Jeftovic, owner is a great guy who's one of the old school netheads (cut
my teeth with him as co admins under an ISP owned by Osama Arafat who went on
to found Q9). Recommended.

/kc


On Wed, Sep 21, 2016 at 02:46:43PM -0400, Jim Mercer said:
  >On Wed, Sep 21, 2016 at 11:43:50AM -0700, james machado wrote:
  >> so who would you quantify as secure and reliable? who does not require
  >> additional "services" besides registration or spend all their time trying
  >> to upsell you?
  >
  >i'm good with easydns.com
  >
  >--jim
  >
  >> 
  >> james
  >> 
  >> On Wed, Sep 21, 2016 at 10:18 AM, Jim Mercer  wrote:
  >> 
  >> >
  >> > cheap, secure, reliable
  >> >
  >> > pick two.
  >> >
  >> > --jim
  >> >
  >> > On Mon, Sep 19, 2016 at 12:19 PM, Jeff Jones 
  >> > wrote:
  >> > > Sorry if this is low level. But are people sick of registrars jacking 
up
  >> > > prices? Who is the cheapest and most reliable? I have been using
  >> > whois.com,
  >> > > networksolutions.com and am looking for input on who is cheap, secure,
  >> > > reliable registrar. Thanks for your input.
  >> >
  >> > --
  >> > Jim Mercer Reptilian Research  j...@reptiles.org+1 416 
410-5633
  >> >
  >> > Life should not be a journey to the grave with the intention of
  >> > arriving safely in a pretty and well preserved body, but rather
  >> > to skid in broadside in a cloud of smoke, thoroughly used up,
  >> > totally worn out, and loudly proclaiming "Wow! What a Ride!"
  >> >  -- Hunter S. Thompson
  >> >
  >
  >-- 
  >Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633
  >
  >Life should not be a journey to the grave with the intention of
  >arriving safely in a pretty and well preserved body, but rather
  >to skid in broadside in a cloud of smoke, thoroughly used up,
  >totally worn out, and loudly proclaiming "Wow! What a Ride!"
  > -- Hunter S. Thompson

-- 
Ken Chase - m...@sizone.org Toronto Canada

Re: Domain renawals

[Mark Andrews]

In message 
, Jeff Jones writes:
> Hello All,
> 
> Sorry if this is low level. But are people sick of registrars jacking up
> prices? Who is the cheapest and most reliable? I have been using whois.com,
> networksolutions.com and am looking for input on who is cheap, secure,
> reliable registrar. Thanks for your input.
> 
> ~Jeff

Remember to check that their DNS servers are RFC compliant.  You can check
EDNS compliance at https://ednscomp.isc.org/ednscomp

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Re: CDN Overload?

[Scott Weeks]

:: I have made this into a Google Form to make it easier to 
:: track compared to randomly formatted responses on multiple 
:: mailing lists, Facebook Groups, etc. 



Yeah, because...

but I don't do email like that
why is it hard to read?
it's really hard to read email this way.
because it's out of order
umm, ok.  I fixed it for you


scott

Re: Domain renawals

[John Levine]

In article 

Re: Domain renawals

[Richard Holbo]

FWIW, as I'm in the middle of this right now. It would appear that many of
the less expensive registrars no longer support glue records in any
meaningful way.  They all expect you to host DNS with them. So might want
to check on that before buying the cheapest and hosting your own DNS.
/rh

On Mon, Sep 19, 2016 at 10:19 AM, Jeff Jones  wrote:

> Hello All,
>
> Sorry if this is low level. But are people sick of registrars jacking up
> prices? Who is the cheapest and most reliable? I have been using whois.com
> ,
> networksolutions.com and am looking for input on who is cheap, secure,
> reliable registrar. Thanks for your input.
>
> ~Jeff
>

Re: Domain renawals

[Rich Kulawiec]

On Mon, Sep 19, 2016 at 01:19:43PM -0400, Jeff Jones wrote:
Who is the cheapest and most reliable? 

I've had an excellent experience with NearlyFreeSpeech:

https://www.nearlyfreespeech.net/

They have a high level of technical clue, don't try to upsell me
things I don't need or want (although they do offer services), and
they've been very efficient/precise about handling support requests.

---rsk

Re: Domain renawals

[Mark Blackman]

> On 21 Sep 2016, at 19:43, james machado  wrote:
> 
> so who would you quantify as secure and reliable? who does not require
> additional "services" besides registration or spend all their time trying
> to upsell you?
> 
> james

I have always liked https://www.gandi.net/

- Mark

Re: Domain renawals

[Jim Mercer]

On Wed, Sep 21, 2016 at 11:43:50AM -0700, james machado wrote:
> so who would you quantify as secure and reliable? who does not require
> additional "services" besides registration or spend all their time trying
> to upsell you?

i'm good with easydns.com

--jim

> 
> james
> 
> On Wed, Sep 21, 2016 at 10:18 AM, Jim Mercer  wrote:
> 
> >
> > cheap, secure, reliable
> >
> > pick two.
> >
> > --jim
> >
> > On Mon, Sep 19, 2016 at 12:19 PM, Jeff Jones 
> > wrote:
> > > Sorry if this is low level. But are people sick of registrars jacking up
> > > prices? Who is the cheapest and most reliable? I have been using
> > whois.com,
> > > networksolutions.com and am looking for input on who is cheap, secure,
> > > reliable registrar. Thanks for your input.
> >
> > --
> > Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633
> >
> > Life should not be a journey to the grave with the intention of
> > arriving safely in a pretty and well preserved body, but rather
> > to skid in broadside in a cloud of smoke, thoroughly used up,
> > totally worn out, and loudly proclaiming "Wow! What a Ride!"
> >  -- Hunter S. Thompson
> >

-- 
Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633

Life should not be a journey to the grave with the intention of
arriving safely in a pretty and well preserved body, but rather
to skid in broadside in a cloud of smoke, thoroughly used up,
totally worn out, and loudly proclaiming "Wow! What a Ride!"
 -- Hunter S. Thompson

Re: Domain renawals

[james machado]

so who would you quantify as secure and reliable? who does not require
additional "services" besides registration or spend all their time trying
to upsell you?

james

On Wed, Sep 21, 2016 at 10:18 AM, Jim Mercer  wrote:

>
> cheap, secure, reliable
>
> pick two.
>
> --jim
>
> On Mon, Sep 19, 2016 at 12:19 PM, Jeff Jones 
> wrote:
> > Sorry if this is low level. But are people sick of registrars jacking up
> > prices? Who is the cheapest and most reliable? I have been using
> whois.com,
> > networksolutions.com and am looking for input on who is cheap, secure,
> > reliable registrar. Thanks for your input.
>
> --
> Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633
>
> Life should not be a journey to the grave with the intention of
> arriving safely in a pretty and well preserved body, but rather
> to skid in broadside in a cloud of smoke, thoroughly used up,
> totally worn out, and loudly proclaiming "Wow! What a Ride!"
>  -- Hunter S. Thompson
>

Re: Domain renawals

[Jim Mercer]

cheap, secure, reliable

pick two.

--jim

On Mon, Sep 19, 2016 at 12:19 PM, Jeff Jones  wrote:
> Sorry if this is low level. But are people sick of registrars jacking up
> prices? Who is the cheapest and most reliable? I have been using whois.com,
> networksolutions.com and am looking for input on who is cheap, secure,
> reliable registrar. Thanks for your input.

-- 
Jim Mercer Reptilian Research  j...@reptiles.org+1 416 410-5633

Life should not be a journey to the grave with the intention of
arriving safely in a pretty and well preserved body, but rather
to skid in broadside in a cloud of smoke, thoroughly used up,
totally worn out, and loudly proclaiming "Wow! What a Ride!"
 -- Hunter S. Thompson

Re: Domain renawals

[Valdis . Kletnieks]

On Mon, 19 Sep 2016 13:19:43 -0400, Jeff Jones said:

> networksolutions.com and am looking for input on who is cheap, secure,
> reliable registrar. Thanks for your input.

cheap, secure, reliable - pick any two.

(The driver here is "cheap" - the other two criteria can be almost anything,
but to do them well will probably not be cheap.  Alternately, you can have
three criteria that are all done excellently - but that level of service
won't come cheap)


pgpGh018Vgzay.pgp
Description: PGP signature

Re: Domain renawals

[Ishmael Rufus]

$9.88 for commercial domains seems under the average from what I've seen
from other registrars

On Mon, Sep 19, 2016 at 12:19 PM, Jeff Jones  wrote:

> Hello All,
>
> Sorry if this is low level. But are people sick of registrars jacking up
> prices? Who is the cheapest and most reliable? I have been using whois.com
> ,
> networksolutions.com and am looking for input on who is cheap, secure,
> reliable registrar. Thanks for your input.
>
> ~Jeff
>

Domain renawals

[Jeff Jones]

Hello All,

Sorry if this is low level. But are people sick of registrars jacking up
prices? Who is the cheapest and most reliable? I have been using whois.com,
networksolutions.com and am looking for input on who is cheap, secure,
reliable registrar. Thanks for your input.

~Jeff

ATT contact about BGP leak

[Fabien V.]

Hi the list =)

Someone from AT on the list ?

We have a potential BGP leak on a recently transfered /16

Sent email to noc @ but no reply since 6 hours.

Perhaps someone can contact me directly ? fabien AT beufa DOT net

Thanks

-
Fabien VINCENT
---
Twitter : @beufanet
Website : https://beufa.net

Level 3 GBLX / Legacy Twt IPv6 Issue

[Jeff Waddell]

I am having an issue where since the the old twt convergence by Level 3 to
the GBLX network/AS3549 our v6 prefix isn't being announced outside of
Level 3. I have had a ticket open for a week and had one engineer who
seemed to be on to fixing it (regarding an export policy) but then that
went silent and now I am getting no-where with support (other than promised
call backs)

Can someone from Level 3 reach out off list and help me out?


Thanks
Jeff
j...@waddellsolutions.com

Ebay operations contact please

[Inglis, Adam]

Can someone from ebay NOC (or similar) contact me off list for an issue with 
search results from a specific CIDR of our network that the end user swears 
doesn't happen elsewhere?

Thanks.


The information transmitted is intended only for the person or entity to which 
it is addressed and may contain confidential and/or privileged material. Any 
review, retransmission, dissemination or other use of, or taking of any action 
in reliance upon, this information by persons or entities other than the 
intended recipient is prohibited. If you received this in error, please contact 
the sender or send back to retu...@agoc.com and delete the material from any 
computer.

Re: PlayStationNetwork blocking of CGNAT public addresses

[Tom Beecher]

I have a hard time accepting that service providers should re-engineer
their networks because other companies cannot properly engineer their abuse
tooling.

On Tue, Sep 20, 2016 at 11:33 AM, Justin Wilson  wrote:

> PSN is one reason I am not a fan of CGNAT. All they see are tons of
> connections from the same IP.  This results in them banning folks.  Due to
> them being hacked so many times getting them to actually communicate is
> almost impossible.  My .02 is just get the gamers a true public if at all
> possible.
>
> Justin Wilson
> j...@mtin.net
>
> ---
> http://www.mtin.net Owner/CEO
> xISP Solutions- Consulting – Data Centers - Bandwidth
>
> http://www.midwest-ix.com  COO/Chairman
> Internet Exchange - Peering - Distributed Fabric
>
> > On Sep 20, 2016, at 8:24 AM, Danijel Starman 
> wrote:
> >
> > Something similar happened to a local FantasyConon I was helping set up,
> we
> > had only two PS4 machines there and accounts provided by Blizzard for
> > Overwatch. Outside IP of the LAN (as it was NATed) was banned by PSN in
> > about 8h. There was no other traffic other then those two accounts
> playing
> > Overwatch so my guess is that they have some too aggressive checks. I've
> > managed to convince our ISP there to change the outside IP of the link so
> > we got them working the next day but it happened again in 8h.
> >
> > --
> > *blap*
> >
> > On Fri, Sep 16, 2016 at 3:12 PM, Simon Lockhart 
> wrote:
> >
> >> All,
> >>
> >> We operate an access network with several hundred thousand users.
> >> Increasingly
> >> we're putting the users behind CGNAT in order to continue to give them
> an
> >> IPv4
> >> service (we're all dual-stack, so they all get public IPv6 too). Due to
> the
> >> demographic of our users, many of them are gamers.
> >>
> >> We're hitting a problem with PlayStationNetwork 'randomly' blocking some
> >> of our
> >> CGNAT outside addresses, because they claim to have received anomalous,
> or
> >> 'attack' traffic from that IP. This obviously causes problems for the
> other
> >> legitimate users who end up behind the same public IPv4 address.
> >>
> >> Despite numerous attempts to engage with PSN, they are unwilling to
> give us
> >> any additional information which would allow us to identify the 'rogue'
> >> users
> >> on our network, or to identify the 'unwanted' traffic so that we could
> >> either
> >> block it, or use it to identify the rogue users ourselves.
> >>
> >> Has anyone else come up against the problem, and/or have any
> suggestions on
> >> how best to resolve it?
> >>
> >> Many thanks in advance,
> >>
> >> Simon
> >>
> >>
> >
>
>

Re: CDN Overload?

[Mike Hammett]

I've had DSL and AE service providers respond with the issues. 

So far there is not a common element other than CDNs. 

That's the point of the questions I'm asking, to gather a ton of information 
and then figure out how to act on it. 

You're assuming that the CDNs are using an unmolested, vanilla TCP stack. That 
may not be the case, especially if doing something like Fast TCP. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "Baldur Norddahl"  
To: nanog@nanog.org 
Sent: Wednesday, September 21, 2016 9:32:58 AM 
Subject: Re: CDN Overload? 

It appears all complaints are from SP doing wireless. I am going to go with 
a yes and put forth a these that these guys have a common factor somewhere. 
It could be equipment from a some popular vendor of wireless or maybe some 
common method to throttle that is popular in the wireless community. 

I note that while we have slow links we have no throttling or bandwidth 
management going on except for the buffering that happens in the DSLAM. 

Also there is no way to cheat. If you send 4 mbps to a 2 mbps DSL it will 
drop half of the traffic and TCP will not survive that. The CDN would have 
an effective transfer rate approaching zero for that customer. That seems 
to be a rather bad business proposal seen from the view if the CDN so they 
would not do that. The other customers will be unaffected as the DSLAM 
itself has plenty of capacity. 

Regards 

Baldur 

Den 21. sep. 2016 14.36 skrev "Josh Reynolds" : 

> With so many geographically diverse complaints on many hardware routing 
> and switching platforms, I'm going to go with a "no". 
> 
> On Sep 21, 2016 4:04 AM, "Baldur Norddahl"  
> wrote: 
> 
>> How come we have never seen this problem? We have a ton of DSL and many 
>> of those are slow, but no customer complaints about overloaded lines from 
>> CDN networks. 
>> 
>> Could it be that the way you throttle the bandwidth is defect? It is easy 
>> to blame the other guy but could it be that you are doing it wrong? 
>> 
>> Regards, 
>> 
>> Badur 
>> 
>> 

Re: CDN Overload?

[Baldur Norddahl]

It appears all complaints are from SP doing wireless. I am going to go with
a yes and put forth a these that these guys have a common factor somewhere.
It could be equipment from a some popular vendor of wireless or maybe some
common method to throttle that is popular in the wireless community.

I note that while we have slow links we have no throttling or bandwidth
management going on except for the buffering that happens in the DSLAM.

Also there is no way to cheat. If you send 4 mbps to a 2 mbps DSL it will
drop half of the traffic and TCP will not survive that. The CDN would have
an effective transfer rate approaching zero for that customer. That seems
to be a rather bad business proposal seen from the view if the CDN so they
would not do that. The other customers will be unaffected as the DSLAM
itself has plenty of capacity.

Regards

Baldur

Den 21. sep. 2016 14.36 skrev "Josh Reynolds" :

> With so many geographically diverse complaints on many hardware routing
> and switching platforms, I'm going to go with a "no".
>
> On Sep 21, 2016 4:04 AM, "Baldur Norddahl" 
> wrote:
>
>> How come we have never seen this problem? We have a ton of DSL and many
>> of those are slow, but no customer complaints about overloaded lines from
>> CDN networks.
>>
>> Could it be that the way you throttle the bandwidth is defect? It is easy
>> to blame the other guy but could it be that you are doing it wrong?
>>
>> Regards,
>>
>> Badur
>>
>>

Re: CDN Overload?

[Mike Hammett]

https://goo.gl/forms/LvgFRsMdNdI8E9HF3 

I have made this into a Google Form to make it easier to track compared to 
randomly formatted responses on multiple mailing lists, Facebook Groups, etc. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "Mike Hammett"  
To: "NANOG"  
Sent: Monday, September 19, 2016 12:34:48 PM 
Subject: CDN Overload? 


I participate on a few other mailing lists focused on eyeball networks. For a 
couple years I've been hearing complaints from this CDN or that CDN was 
behaving badly. It's been severely ramping up the past few months. There have 
been some wild allegations, but I would like to develop a bit more standardized 
evidence collection. Initially LimeLight was the only culprit, but recently it 
has been Microsoft as well. I'm not sure if there have been any others. 

The principal complaint is that upstream of whatever is doing the rate limiting 
for a given customer there is significantly more capacity being utilized than 
the customer has purchased. This could happen briefly as TCP adjusts to the 
capacity limitation, but in some situations this has persisted for days at a 
time. I'll list out a few situations as best as I can recall them. Some of 
these may even be merges of a couple situations. The point is to show the 
general issue and develop a better process for collecting what exactly is 
happening at the time and how to address it. 

One situation had approximately 45 megabit/s of capacity being used up by a 
customer that had a 1.5 megabit/s plan. All other traffic normally held itself 
within the 1.5 megabit/s, but this particular CDN sent excessively more for 
extended periods of time. 

An often occurrence has someone with a single digit megabit/s limitation 
consuming 2x - 3x more than their plan on the other side of the rate limiter. 

Last month on my own network I saw someone with 2x - 3x being consumed upstream 
and they had *190* connections downloading said data from Microsoft. 

The past week or two I've been hearing of people only having a single 
connection downloading at more than their plan rate. 


These situations effectively shut out all other Internet traffic to that 
customer or even portion of the network for low capacity NLOS areas. It's a DoS 
caused by downloads. What happened to the days of MS BITS and you didn't even 
notice the download happening? A lot of these guys think that the CDNs are just 
a pile of dicks looking to ruin everyone's day and I'm certain that there are 
at least a couple people at each CDN that aren't that way. ;-) 




Lots of rambling, sure. What do I need to have these guys collect as evidence 
of a problem and who should they send it to? 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

Re: CDN Overload?

[Mike Hammett]

Likewise, why was it never an issue before and why does it only affect certain 
types of traffic from certain CDNs? 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "Baldur Norddahl"  
To: nanog@nanog.org 
Sent: Wednesday, September 21, 2016 4:02:30 AM 
Subject: Re: CDN Overload? 

How come we have never seen this problem? We have a ton of DSL and many 
of those are slow, but no customer complaints about overloaded lines 
from CDN networks. 

Could it be that the way you throttle the bandwidth is defect? It is 
easy to blame the other guy but could it be that you are doing it wrong? 

Regards, 

Badur 

Re: importance of fiber cleaning

[Mel Beckman]

This is a very comprehensive article, and worth handing out to techs. I have 
one comment on Balder’s OTDR suggestion, and one on the article’s microscope 
instructions.

Although it certainly can’t hurt to run an OTDR test (except for extended 
downtime), I fear hauling out the extra gear will prompt many techs to put off 
fiber cleaning. In my experience, just doing the cleaning solves 99.9% of the 
problem. Anything that an OTDR would pick up would likely severely impact 
performance, while dirty connector will just increase the error rate.

Also, the article didn’t mention eye safety when using a fiber microscope. The 
example showed a USB digital video microscope, but many maintainer kits in the 
field have much cheaper direct-view optical microscopes. Viewing an energized 
fiber with a direct-view microscope can cause major eye damage. I recommend all 
fiber kits throw out their optical scopes and substitute a USB or WiFI scope 
(some of these can be used with a cell phone or tablet). 

 -mel


> On Sep 21, 2016, at 1:58 AM, Baldur Norddahl  
> wrote:
> 
> It is a good article. It is missing a few points:
> 
> If you are going to do the full efford of cleaning and then microscope each 
> connector, you would also want to finish off by doing a OTDR scan of the 
> link. This is your documentation for a clean link.
> 
> Always use optics that can monitor the signal level. The reality is that best 
> practice, as described in the article, will not always be followed. In most 
> case you will be good anyway as long your optics report back a signal 
> strength with a good margin. Have your automated monitoring system watch over 
> those signal levels.
> 
> Slightly dirty connectors will often give a sufficient link quality anyway if 
> you have plenty of power budget to spare. We use many 1G single mode BIDI 
> optics which cost about 10 USD each for 20 km modules and most of the links 
> are only 1-5 km. The customer end of those links are probably all half dirty, 
> but nobody cares as long we get a strong signal back with power budget to 
> spare.
> 
> Regards,
> 
> Baldur
> 
> On 09/21/2016 07:56 AM, Mikael Abrahamsson wrote:
>> 
>> https://www.sunet.se/blogg/long-read-cleanliness-is-a-virtue/
>> 
>> This is an excellent article regarding fiber cleaning and its importance. 
>> Please do share with other people in our business. I'm sure lack of proper 
>> fiber cleaning causes a lot of unneccessary outages and operational problems 
>> worldwide, partly because people aren't aware of its importance.
>> 
> 

Yahoo as#10310 reachability problem

[Mohamed Kamal]

Can someone from Yahoo as#10310 contact me off-list, we have some 
problems reaching Yahoo through Telia and GTT.


Thanks.

--
Mohamed Kamal
Core Network Sr. Engineer

Re: PlayStationNetwork blocking of CGNAT public addresses

[Roland Dobbins]

On 21 Sep 2016, at 15:37, Baldur Norddahl wrote:


Which means we may ignore it instead.


. . . copy/paste or awk/sed or whatever isn't an option?  If not, have 
you requested a) separate notifications per source and/or b) a more 
textual-manipulation-friendly format?  Unless they're sending .gifs or 
something, surely this might be possible, yes?


It seems within the realm of possibility this sort of response - or lack 
thereof - could result in some gaming network operators becoming a bit 
jaded.  And perhaps some customers, too.


---
Roland Dobbins 

Re: CDN Overload?

[Baldur Norddahl]

How come we have never seen this problem? We have a ton of DSL and many 
of those are slow, but no customer complaints about overloaded lines 
from CDN networks.


Could it be that the way you throttle the bandwidth is defect? It is 
easy to blame the other guy but could it be that you are doing it wrong?


Regards,

Badur

Re: importance of fiber cleaning

[Baldur Norddahl]

It is a good article. It is missing a few points:

If you are going to do the full efford of cleaning and then microscope 
each connector, you would also want to finish off by doing a OTDR scan 
of the link. This is your documentation for a clean link.


Always use optics that can monitor the signal level. The reality is that 
best practice, as described in the article, will not always be followed. 
In most case you will be good anyway as long your optics report back a 
signal strength with a good margin. Have your automated monitoring 
system watch over those signal levels.


Slightly dirty connectors will often give a sufficient link quality 
anyway if you have plenty of power budget to spare. We use many 1G 
single mode BIDI optics which cost about 10 USD each for 20 km modules 
and most of the links are only 1-5 km. The customer end of those links 
are probably all half dirty, but nobody cares as long we get a strong 
signal back with power budget to spare.


Regards,

Baldur

On 09/21/2016 07:56 AM, Mikael Abrahamsson wrote:


https://www.sunet.se/blogg/long-read-cleanliness-is-a-virtue/

This is an excellent article regarding fiber cleaning and its 
importance. Please do share with other people in our business. I'm 
sure lack of proper fiber cleaning causes a lot of unneccessary 
outages and operational problems worldwide, partly because people 
aren't aware of its importance.

Re: PlayStationNetwork blocking of CGNAT public addresses

[Baldur Norddahl]

Hi

We have the opposite problem with PSN: Sometimes they will send abuse 
reports with several of our IP addresses listed. The problem with that 
is that we can not give data about one customer to another customer. By 
listing multiple IP addresses we are prevented from forwarding the email 
to the customer. Which means we may ignore it instead.


Regards,

Baldur