Re: Anyone from Verisign J root on the list?
On Sat, Mar 7, 2020 at 7:33 AM Anurag Bhatia wrote: > > > Was wondering if there's anyone from Verisign managing the J root? Can you > please contact me offlist. > I am facing issue with consistent ICMP filtering on "rootns-lcy3" since last > couple of weeks. Note that contact information for the root server operators can always be found at https://root-servers.org/. In Verisign's case, have you tried root...@verisign.com? Best Wishes - Peter -- [ “There is nothing more permanent than a temporary solution“ ]
Re: Comcast business IPv6 vs rbldnsd & PSBL
That's true - I had one of the SMC routers for many years when I had static Business HSI service, and switched earlier this year to using a off the shelf Arris (ex Motorola) Surfboard modems and dynamic IP on my BHSI service... my IPv6 service has never been better. :) Unless you have a static IP configuration - As long as it's on Comcast's approved modem list they don't care what modem you use even if it's on their business class service. Best Wishes - Peter On Tue, Nov 29, 2016 at 1:18 PM,wrote: > To clarify, you cannot rent AND have static IP's. > > You can rent your own modem ofr business service when using dynamic IP's. > > Robert Webb > > > On Tue, 29 Nov 2016 15:07:52 -0500 > Jared Mauch wrote: > >> Can't do that with the business service. Oh well, to have choices. >> Jared Mauch >> >>> On Nov 29, 2016, at 2:40 PM, Randy Bush wrote: >>> >>> i am running my own (why rent at silly costs) dpc3008 and wfm. >>> >>> randy >>> >> > -- [ http://blog.plosh.net ] - "Earth Halted: Please reboot to continue"
Re: Circuit of the americas aka COTA
On Aug 29, 2012, at 5:00 PM, Chris McDonald copraph...@gmail.com wrote: Trendy name for the new racetrack/event venue outside austin. Does anyone know how one might get connectivity there? I figure there must be a few folks here prepping the place for the upcoming formula 1. The place seems to be a black hole to all the usual suspects. Since AS6453 is the official connectivity/technology sponsor for FOM, I suspect they will be leasing some dark fiber to COTA for the F1 race. Some of the F1 teams have their own telecom sponsors (Vodafone McLaren, etc) which will be doing the same. Don't know who would be pulling the actual fiber though... BTW - I will be there for the race as well (went to all the USGP races at IMS) - perhaps a NANOG meetup may be in order? Best Wishes - Peter -- [ plos...@isc.org | Senior Operations Architect | ISC | PGP E8048D08 ]
Re: Concern about gTLD servers in India
On Mar 9, 2012, at 10:19 PM, Anurag Bhatia wrote: I can see India has 3 root servers hosting root zone - i, j k in India which is good. So we can resolve the root zone i.e dot within India. One correction to that; F has been operating in India from NIXI Chennai's PoP since 2005. The reason you may not see it from your location in India is that it's a local node, so we advertise F's prefixes with the NO_EXPORT community string to limit it's reach to networks directly connected to the local IX/routeserver @NIXI Chennai. And even with that restriction as noted at APNIC 33 in Dehli, the node is one of our (F's) busiest in Asia... -Peter -- [ plos...@isc.org | Senior Operations Architect | ISC | PGP E8048D08 ]
Re: Concern about gTLD servers in India
On Mar 11, 2012, at 4:01 AM, Anurag Bhatia wrote: Thanks for info Peter I missed that because firstly no routes from major Indian backbones I can assure you that we get a good chunk of traffic from at least one of the major Indian Backbones. The Chennai PoP is smaller than NIXI's other locations in Mumbai/Dehli/Kolkata, but it has a couple of the major players... and second it is not even mentioned on official site of root servers - http://www.root-servers.org under F root. Umm, but it is... search for Chennai, IN and also look the F bubble on Chennai on the Google Map that is on the page. Best Wishes - Peter -- [ plos...@isc.org | Senior Operations Architect | ISC | PGP E8048D08 ]
Re: Concern about gTLD servers in India
On Mar 11, 2012, at 4:11 AM, Anurag Bhatia wrote: Btw coming back to original question - can you put some light on gTLDs in India? Are there any instances? Just to clarify - with gTLD I am refering to .com/net/org primarily. You would have to ask Verisign as operators of the com/net gTLD servers and Afilias for .org about their DNS deployments. I can only speak for ISC as we operate F.ROOT-SERVERS.NET. Best Wishes - Peter -- [ plos...@isc.org | Senior Operations Architect | ISC | PGP E8048D08 ]
[ISC Security Advisory] BIND 9 Resolver crashes after logging an error in query.c
BIND 9 Resolver crashes after logging an error in query.c Summary: Organizations across the Internet reported crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crashed after logging an error in query.c with the following message: INSIST(! dns_rdataset_isassociated(sigrdataset)) Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and has produced patches which prevent the crash. Further information will be made available soon. CVE: CVE-2011-4313 Document Version: 1.1 Document URL: http://www.isc.org/software/bind/advisories/cve-2011-4313 Posting date: 16 Nov 2011 Program Impacted: BIND Versions affected: All currently supported versions of BIND, 9.4-ESV, 9.6-ESV, 9.7.x, 9.8.x Severity: Serious Exploitable: Remotely Description: An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached.At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit. The patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature. CVSS Score: 7.8 CVSS Equation: (AV:N/AC:L/Au:N/C:N/I:N/A:C) Workarounds: No workarounds are known. The solution is to upgrade. Upgrade BIND to one of the following patched versions: BIND 9.8.1-P1, 9.7.4-P1, 9.6-ESV-R5-P1, 9.4-ESV-R5-P1 Active exploits: Under investigation Solution: Patches mitigating the issue are available at: https://www.isc.org/software/bind/981-p1 https://www.isc.org/software/bind/974-p1 https://www.isc.org/software/bind/96-esv-r5-p1 https://www.isc.org/software/bind/94-esv-r5-p1 ISC is receiving multiple reports and working with multiple customers on this issue. Please E-mail all questions, packet captures, and details to security-offi...@isc.org We very much appreciate all reports received on this issue. Related Documents: Do you have Questions? Questions regarding this advisory should go to security-offi...@isc.org. ISC Security Vulnerability Disclosure Policy: Details of our current security advisory policy and practice can be found here: https://www.isc.org/security-vulnerability-disclosure-policy Legal Disclaimer: Internet Systems Consortium (ISC) is providing this notice on an AS IS basis. No warranty or guarantee of any kind is expressed in this notice and none should be implied. ISC expressly excludes and disclaims any warranties regarding this notice or materials referred to in this notice, including, without limitation, any implied warranty of merchantability, fitness for a particular purpose, absence of hidden defects, or of non-infringement. Your use or reliance on this notice or materials referred to in this notice is at your own risk. ISC may change this notice at any time. A stand-alone copy or paraphrase of the text of this document that omits the document URL is an uncontrolled copy. Uncontrolled copies may lack important information, be out of date, or contain factual errors. -- [ plos...@isc.org | Senior Operations Architect | ISC | PGP E8048D08 ]