Re: On the control of the Internet.
On Mon, 14 Jun 2010 08:05:14 BST, Brandon Butterworth said: > > > Paul Baran's rand paper was on survivable networks. The arpanet was not > > > that network. > > > > I worry now if it will survive the people that operate it. > > I doubt it. When the machines rise up against us they will > kill the current net and carry on with their own IPv8 network. Is *that* what it's going to take to finally get it deployed everyplace? pgpghO9pAePeh.pgp Description: PGP signature
Re: On the control of the Internet.
On Mon, Jun 14, 2010 at 08:05:14AM +0100, Brandon Butterworth wrote: > > I worry now if it will survive the people that operate it. > > I doubt it. When the machines rise up against us they will > kill the current net and carry on with their own IPv8 network. Purely photonic relativistic cut-through all the way ;)
Re: On the control of the Internet.
> > Paul Baran's rand paper was on survivable networks. The arpanet was not > > that network. > > I worry now if it will survive the people that operate it. I doubt it. When the machines rise up against us they will kill the current net and carry on with their own IPv8 network. brandon
Re: On the control of the Internet.
On 6/13/2010 20:21, Joel Jaeggli wrote: > Paul Baran's rand paper was on survivable networks. The arpanet was not > that network. I worry now if it will survive the people that operate it. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On 06/13/2010 06:13 PM, Bruce Williams wrote: > On Sun, Jun 13, 2010 at 6:42 AM, Joe Greco wrote: >>> Generally speaking, it will be treated as damage and routed around. >> >> That fable only really stands a chance when the damage is accidental; in >> the case where such "damage" is being deliberately inflicted, particularly >> by government, it gets more complicated. A lot of the 'net is a little >> more centralized than it ought to be in order to allow the "routed around" >> concept to work successfully. >> >> ... JG > > BTW, I forget, when was the original ARPANET spec of surviving a > nuclear war tested? I mean, we do know what would happen, right? Paul baran's rand paper was on survivable networks. The arpanet was not that network. > Yes, Joe, the ARPANET fable does lives on. > > Bruce Williams > >
Re: On the control of the Internet.
On Sun, Jun 13, 2010 at 6:42 AM, Joe Greco wrote: >> Generally speaking, it will be treated as damage and routed around. > > That fable only really stands a chance when the damage is accidental; in > the case where such "damage" is being deliberately inflicted, particularly > by government, it gets more complicated. A lot of the 'net is a little > more centralized than it ought to be in order to allow the "routed around" > concept to work successfully. > > ... JG BTW, I forget, when was the original ARPANET spec of surviving a nuclear war tested? I mean, we do know what would happen, right? Yes, Joe, the ARPANET fable does lives on. Bruce Williams
Re: On the control of the Internet.
On 6/13/2010 18:09, Brett Frankenberger wrote: > On Sun, Jun 13, 2010 at 03:23:06PM -0500, Larry Sheldon wrote: >> On 6/13/2010 14:59, Joe Greco wrote: >> >> How about the case where the master zone file has be amputated and the >> secondaries can no longer get updates? >> >> Mea culpa. >> >> That was suppose to say "How about the case where the master zone file >> has beEN amputated and the secondaries can no longer get updates? > > I'm really not sure what you're asking, and I don't know what "master > zone file has been amputated" means, but if the master server goes > unreachable, then, for each secondary, either: > (a) it's not reachable from anywhere, in which case it doesn't really > matter what information it has because nothing will be querying it, or > (b) it is reachable from somewhere, in which case you log in to it > from that somewhere, edit the configuration file, change "slave" to > "master", and restart BIND. (Adjust as needed for whatever DNS server > is in use, if it's not BIND.) I have been faulted for injecting "politics" into the discussion of BGP configurations for people that ought not.. There I go again. Have you actually read the article I posted at the top of this thread? -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On Sun, Jun 13, 2010 at 03:23:06PM -0500, Larry Sheldon wrote: > On 6/13/2010 14:59, Joe Greco wrote: > > How about the case where the master zone file has be amputated and the > secondaries can no longer get updates? > > Mea culpa. > > That was suppose to say "How about the case where the master zone file > has beEN amputated and the secondaries can no longer get updates? I'm really not sure what you're asking, and I don't know what "master zone file has been amputated" means, but if the master server goes unreachable, then, for each secondary, either: (a) it's not reachable from anywhere, in which case it doesn't really matter what information it has because nothing will be querying it, or (b) it is reachable from somewhere, in which case you log in to it from that somewhere, edit the configuration file, change "slave" to "master", and restart BIND. (Adjust as needed for whatever DNS server is in use, if it's not BIND.) -- Brett
Re: On the control of the Internet.
On 6/13/10 1:11 PM, Seth Mattinen wrote: > On 6/13/10 9:35 AM, Larry Sheldon wrote: >> How about the case where the master zone file has be amputated and the >> secondaries can no longer get updates? > > > We just saw that with Haiti. This overlooks the consequences of that particular catastrophic event on locally routed, and indifferently named resources, within the area directly affected by the event. The hard, even desperate struggle, to keep the physical level infrastructure powered, and operate link and above level services, using pre-event and ad hoc post-event resource to address mappings was not an exercise staged to demonstrate server configuration errors (these happen quite frequently, and without casualties) or network partition events (these too happen quite frequently, also without casualties). The Lieberman, Collins (R-ME) and Carper bill, like the Rockefeller and Snowe (R-ME) bill, offers nothing to the repair, or proactive resilience of the Haitian network. I am content that Congresswoman Chellie Pingree, of Maine's 1st CD, assisted significantly in the effort to keep the Boutillier facility fueled in the last weeks of January. Network infrastructure security can be distinguished from cybersecurity in the first instance by actual existence. Eric
RE: On the control of the Internet.
> For example--what happens when name-service information for a part that > is not shutdown comes from a part that is? > > What if an exchange point for parts that are not shutdown is shutdown. > > And spare me the tinfoil hat stuff--tinfoil hats have not worked for a > year or more. > -- > Somebody should have said: > A democracy is two wolves and a lamb voting on what to have for dinner. We can play "what if" all day long and wargame all sorts of scenarios but what it all boils down to is that there is really no such thing as "The Internet". Just exactly how would the government implement any policy that involved shutting things down and to what extent could they accomplish anything without hurting themselves? What if your NSP is a foreign company? Can our government tell a French company that they cannot communicate with someone else? Can our government tell any American company that they cannot communicate with another American company within the US? Do you "white list" certain communicators and allow them access while denying others? If so, how do you prevent your white list from becoming obsolete the day after it is produced? When you start disconnecting data communications you begin to impact such things as voice communications, news media dissemination of information, individuals in key positions losing a communications path, etc. The notion of government being able to "shut down" portions of "the internet" sounds easy to do in theory but I am not sure it has been thought through at the practical level. I would seem to me that the only effective way one could implement such a policy is to initially shut down ALL communications and then gradually certify various nodes for reinstatement into the net. I have no confidence that the government could ever pull such a thing off. G
Re: On the control of the Internet.
I'll bet that is a political statement, against list rules. Larry is currently making up a really high percentage of list traffic and this is beginning to annoy. L "Larry Sheldon" wrote: >On 6/13/2010 15:54, Joe Greco wrote: > >> If we want to be pedantic, Sony this year announced that it is shutting >> down its production of floppy disks by next year. Of course, the choice >> of "floppy disk" is irrelevant, and I'm guessing you know it. If your >> devices are more comfortable with CD-ROM or USB MicroSD readers, then by >> all means. > >I certainly hoped that that was the case, but not very long ago I read a >current "Emergency Recovery Plan" that depended on 9-track 1600BPI round >reel tapes in a shop that had not had a drive like that for ten years. > > >> Long before NANOG, there was actually a time that some of us hauled >> around things like USENET on magnetic media, because it was simply the >> highest bandwidth yet cheapest method to haul large amounts of data >> around the city, back when a Telebit Trailblazer was still vaguely able >> to cope with a USENET feed - and for a little while thereafter. > >Wide Band Truck was a major component of plans long ago. > >And I wish I had a nickel for every round-real tape in Anvil case I >escorted through airports. > >> If your network has been so thoroughly taken over that you cannot hope >> to get a file from a computer that does have a floppy over to your DNS >> server, you have Much Bigger Problems to begin with... > >And that is the issue I was trying to raise. > >> Our monitoring systems are definitely able to detect when connectivity >> goes away. What happens if and when that happens is generally left up >> to a human to decide. The sorts of brokenness that one might potentially >> discover if the government were to corrupt connectivity is much more >> complex than simple on/off; I feel comfortable saying that the best plan >> is to have diversity of resources and some in-depth knowledge, since that >> also serves normal engineering needs well. > >I'll bet you think The Stimulus created jobs. > >-- >Somebody should have said: >A democracy is two wolves and a lamb voting on what to have for dinner. > >Freedom under a constitutional republic is a well armed lamb contesting >the vote. > >Requiescas in pace o email >Ex turpi causa non oritur actio >Eppure si rinfresca > >ICBM Targeting Information: http://tinyurl.com/4sqczs >http://tinyurl.com/7tp8ml > > > -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Re: On the control of the Internet.
> On 6/13/2010 15:54, Joe Greco wrote: > > If we want to be pedantic, Sony this year announced that it is shutting > > down its production of floppy disks by next year. Of course, the choice > > of "floppy disk" is irrelevant, and I'm guessing you know it. If your > > devices are more comfortable with CD-ROM or USB MicroSD readers, then by > > all means. > > I certainly hoped that that was the case, but not very long ago I read a > current "Emergency Recovery Plan" that depended on 9-track 1600BPI round > reel tapes in a shop that had not had a drive like that for ten years. That's why emergency planning needs to be an ongoing thing. > > If your network has been so thoroughly taken over that you cannot hope > > to get a file from a computer that does have a floppy over to your DNS > > server, you have Much Bigger Problems to begin with... > > And that is the issue I was trying to raise. If they've got control of your network to the point where you cannot even hook up a laptop and get access to the DNS server, I submit that they effectively own your network and it is no longer your problem, unless maybe you have a love of being thrown in some dark room where no one will find you for a few years. If that's the issue you're trying to raise, I do not think it's solvable in any meaningful way. More generally, is your company going to refuse to comply? Or are you planning to refuse to comply with the directives of your employer? > > Our monitoring systems are definitely able to detect when connectivity > > goes away. What happens if and when that happens is generally left up > > to a human to decide. The sorts of brokenness that one might potentially > > discover if the government were to corrupt connectivity is much more > > complex than simple on/off; I feel comfortable saying that the best plan > > is to have diversity of resources and some in-depth knowledge, since that > > also serves normal engineering needs well. > > I'll bet you think The Stimulus created jobs. It sure did, there's a bunch of construction going on all over the place. Of course, a much better measure would be "how many of the jobs created by these projects will be there in a year" - or better yet, but much harder to quantify, would be positions created that weren't directly funded by The Stimulus. That's the best target to discuss, since everyone can pull statistics to prove whatever position they hold dear. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
On 6/13/2010 15:54, Joe Greco wrote: > If we want to be pedantic, Sony this year announced that it is shutting > down its production of floppy disks by next year. Of course, the choice > of "floppy disk" is irrelevant, and I'm guessing you know it. If your > devices are more comfortable with CD-ROM or USB MicroSD readers, then by > all means. I certainly hoped that that was the case, but not very long ago I read a current "Emergency Recovery Plan" that depended on 9-track 1600BPI round reel tapes in a shop that had not had a drive like that for ten years. > Long before NANOG, there was actually a time that some of us hauled > around things like USENET on magnetic media, because it was simply the > highest bandwidth yet cheapest method to haul large amounts of data > around the city, back when a Telebit Trailblazer was still vaguely able > to cope with a USENET feed - and for a little while thereafter. Wide Band Truck was a major component of plans long ago. And I wish I had a nickel for every round-real tape in Anvil case I escorted through airports. > If your network has been so thoroughly taken over that you cannot hope > to get a file from a computer that does have a floppy over to your DNS > server, you have Much Bigger Problems to begin with... And that is the issue I was trying to raise. > Our monitoring systems are definitely able to detect when connectivity > goes away. What happens if and when that happens is generally left up > to a human to decide. The sorts of brokenness that one might potentially > discover if the government were to corrupt connectivity is much more > complex than simple on/off; I feel comfortable saying that the best plan > is to have diversity of resources and some in-depth knowledge, since that > also serves normal engineering needs well. I'll bet you think The Stimulus created jobs. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
> On 6/13/2010 14:59, Joe Greco wrote: > > > Yes, but unreachability is basically only a problem for those who have > > failed to design and plan for it. You can engineer for unreachability. > > You're a lot more screwed if we start talking about government mandates > > and the contents of your zone. > > I meant to ask in my original posting: > > http://volokh.com/2010/06/13/32843/ > What happens when the US shuts down part of its part? > Depends on what part it shut down, of course. > But what are the available boundaries for the parts in question? > > If we don't know what will be ordered shutdown and what the boundaries > of the shutdown area will be are there engineering concerns that can not > be foreseen and economically provided-for? I think it's a great question, and of course there are all sorts of concerns. For many operators here, though, this may be a political question more than an engineering question: if the government has the power, and comes and tells your management to do X, are they going to comply, or not? It is probably more operationally relevant to be concerned with how to cope with the more general problem of partitioning, because it's also possible that one day Elbonia will decide to filter out the US, and we may actually be able to engineer solutions that cope with that. A network that has planned ahead and is able to respond to such issues has more of a chance to be able to successfully cope with other partitioning issues, regardless of whether they're government-imposed or just a peering spat. >From that point of view, I believe my initial answers to you make a great deal of sense. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
> On 6/13/2010 14:59, Joe Greco wrote: > > How about the case where the master zone file has be amputated and the > secondaries can no longer get updates? > > Mea culpa. > > That was suppose to say "How about the case where the master zone file > has beEN amputated and the secondaries can no longer get updates? > > My apologies. Do you actually mean that the master zone file has been modified by the government? If so, how is that intertwined with secondaries no longer being able to get updates? Work with me, here, I'm trying to understand what you're saying. If the government has corrupted your master, and they actually want those changes pushed out, one would expect that: 1) your master is not public to begin with (just good design, that, ..) 2) they would definitely not damage it in a manner that broke the ability of the secondaries to update, because presumably the reason they changed your zone was to push their data out to the 'net under your domain name, and that wouldn't work without the secondaries. 3) if they just wanted your domain to go away, there are easier ways to make that happen. So from my point of view, your question still makes no sense, even as corrected. I may be missing your point. Otherwise, if your question is "How about the case where the master zone file SERVER has been rendered unreachable and the secondaries can no longer get updates," I think I answered that already, between the public and private e-mails we've exchanged. The fundamental answer there is just to engineer it to avoid that being a serious problem; this includes things like trying to maintain a static DNS environment (dynamic updates of things == somewhat bad, particularly where such updates are required for proper operation), setting your expire record accordingly, and/or maintaining a contingency plan for updating your secondaries through an out-of-band mechanism, such as floppy disk via FedEx, modem to private dial-in, or pretty much any other way one uses to get bits from A to B. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
> On 6/13/2010 14:59, Joe Greco wrote: > > What happens? The master zone simply doesn't get updated until someone > > FedEx's a floppy. You know, some of us made these sorts of contingency > > plans long ago, back in days when the Internet actually wasn't all that > > reliable, and it wasn't completely unthinkable to be off the air for at > > least 24 hours. > > Interesting plan. > > I've got a Gateway computer down stairs that can write a 3.5 inch floppy > and a Micron tower (running Windows 2000 the last time it was powered > up) that can write 5 inch floppies. If we want to be pedantic, Sony this year announced that it is shutting down its production of floppy disks by next year. Of course, the choice of "floppy disk" is irrelevant, and I'm guessing you know it. If your devices are more comfortable with CD-ROM or USB MicroSD readers, then by all means. Long before NANOG, there was actually a time that some of us hauled around things like USENET on magnetic media, because it was simply the highest bandwidth yet cheapest method to haul large amounts of data around the city, back when a Telebit Trailblazer was still vaguely able to cope with a USENET feed - and for a little while thereafter. > When I left active administration in 2003, out of 30 or so machines > running BIND I can't recall one that has a floppy drive of any sort. If your network has been so thoroughly taken over that you cannot hope to get a file from a computer that does have a floppy over to your DNS server, you have Much Bigger Problems to begin with... > > It's not that rough, these days, to install some monitoring to make sure > > that your zones are up to date on the secondaries and that they resolve > > names correctly; some operators used to even get really super-freakazoid > > and do zone transfers back to allow verification. Here, we draw the line > > at checking the SOA's for consistency and checking one other beacon record > > for resolvability. That's clearly not a solution aimed at warning about > > non-transferable zones; it raises some interesting questions. Think maybe > > I'll go asking on dnsops what, if anything, people do to monitor. > > "monitor" implies connectivity. The OP was about the possibility that > the government would deny you connectivity. Please try to stay n topic. Our monitoring systems are definitely able to detect when connectivity goes away. What happens if and when that happens is generally left up to a human to decide. The sorts of brokenness that one might potentially discover if the government were to corrupt connectivity is much more complex than simple on/off; I feel comfortable saying that the best plan is to have diversity of resources and some in-depth knowledge, since that also serves normal engineering needs well. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
On 6/13/2010 14:59, Joe Greco wrote: > Yes, but unreachability is basically only a problem for those who have > failed to design and plan for it. You can engineer for unreachability. > You're a lot more screwed if we start talking about government mandates > and the contents of your zone. I meant to ask in my original posting: http://volokh.com/2010/06/13/32843/ What happens when the US shuts down part of its part? Depends on what part it shut down, of course. But what are the available boundaries for the parts in question? If we don't know what will be ordered shutdown and what the boundaries of the shutdown area will be are there engineering concerns that can not be foreseen and economically provided-for? -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On 6/13/2010 14:59, Joe Greco wrote: How about the case where the master zone file has be amputated and the secondaries can no longer get updates? Mea culpa. That was suppose to say "How about the case where the master zone file has beEN amputated and the secondaries can no longer get updates? My apologies. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On 6/13/2010 14:59, Joe Greco wrote: > What happens? The master zone simply doesn't get updated until someone > FedEx's a floppy. You know, some of us made these sorts of contingency > plans long ago, back in days when the Internet actually wasn't all that > reliable, and it wasn't completely unthinkable to be off the air for at > least 24 hours. Interesting plan. I've got a Gateway computer down stairs that can write a 3.5 inch floppy and a Micron tower (running Windows 2000 the last time it was powered up) that can write 5 inch floppies. When I left active administration in 2003, out of 30 or so machines running BIND I can't recall one that has a floppy drive of any sort. > It's not that rough, these days, to install some monitoring to make sure > that your zones are up to date on the secondaries and that they resolve > names correctly; some operators used to even get really super-freakazoid > and do zone transfers back to allow verification. Here, we draw the line > at checking the SOA's for consistency and checking one other beacon record > for resolvability. That's clearly not a solution aimed at warning about > non-transferable zones; it raises some interesting questions. Think maybe > I'll go asking on dnsops what, if anything, people do to monitor. "monitor" implies connectivity. The OP was about the possibility that the government would deny you connectivity. Please try to stay n topic. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
As so often happens, I forgot to note what my client picked up for a return address. This is the first of several items that I meant to send to the list. My apologies to Mr Greco. On 6/13/2010 14:17, Larry Sheldon wrote: > On 6/13/2010 14:07, Joe Greco wrote: >>> On 6/13/2010 08:47, valdis.kletni...@vt.edu wrote: On Sun, 13 Jun 2010 00:21:49 CDT, Larry Sheldon said: > For example--what happens when name-service information for a part that > is not shutdown comes from a part that is? It's always been a BCP good idea to have your DNS have secondaries in another non-fate-sharing AS, even though everybody from Microsoft on down seems to feel the need to rediscover this. >>> >>> How about if the source database (not the relevant zone file, but the >>> collection of data on some computer from which a zone file is created. >> >> How about [...] is /what/? Unavailable? The zone files are still in >> place. Not really a problem in the overall scheme of things; I realize >> that some people have engineered things so that this will be a problem, >> but that's a choice. > > Yeah, it is a choice to keep the source data in a database (think DHCP > system or something) WHERE IT MAKES OPERATIONAL SENSE TO SO. > > What happens if that source data can no longer be transferred to the > master zone file located on the DNS server placed somewhere else WHERE > IT MAKES OPERATIONAL SENSE TO SO, and the network is severed between them? > >>> How about the case where the master zone file has be amputated and the >>> secondaries can no longer get updates? >> >> I'm not sure what "amputated" means here, but considering the case where >> the master itself is amputated, and the secondaries can no longer update, >> generally speaking, you log into the secondaries and twiddle their configs >> to make them masters. This requires some planning, preparedness, and >> procedures, but is in no way a crisis, unless you've failed to do the >> planning, have failed to prepare, and haven't followed your procedures. > > Amputated = severed = cut off = disconnected = no longer able to > communicate with not to be communicated with. > > Did not see that that was going to be so hard to understand. > > Should have known better, I guess. > >> How that works in the case where a government mandates something specific >> happens within your zone file is of course debatable, but possibly more >> back towards the original topic. > > > Uhactually that WAS the original topic. > -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
> On 6/13/2010 08:47, valdis.kletni...@vt.edu wrote: > > On Sun, 13 Jun 2010 00:21:49 CDT, Larry Sheldon said: > > > >> For example--what happens when name-service information for a part that > >> is not shutdown comes from a part that is? > > > > It's always been a BCP good idea to have your DNS have secondaries in > > another > > non-fate-sharing AS, even though everybody from Microsoft on down seems > > to feel the need to rediscover this. > > How about if the source database (not the relevant zone file, but the > collection of data on some computer from which a zone file is created. How about [...] is /what/? Unavailable? The zone files are still in place. Not really a problem in the overall scheme of things; I realize that some people have engineered things so that this will be a problem, but that's a choice. > How about the case where the master zone file has be amputated and the > secondaries can no longer get updates? I'm not sure what "amputated" means here, but considering the case where the master itself is amputated, and the secondaries can no longer update, generally speaking, you log into the secondaries and twiddle their configs to make them masters. This requires some planning, preparedness, and procedures, but is in no way a crisis, unless you've failed to do the planning, have failed to prepare, and haven't followed your procedures. How that works in the case where a government mandates something specific happens within your zone file is of course debatable, but possibly more back towards the original topic. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
On 6/13/10 9:35 AM, Larry Sheldon wrote: > How about the case where the master zone file has be amputated and the > secondaries can no longer get updates? We just saw that with Haiti. ~Seth
Re: On the control of the Internet.
On 6/13/2010 08:47, valdis.kletni...@vt.edu wrote: > On Sun, 13 Jun 2010 00:21:49 CDT, Larry Sheldon said: > >> For example--what happens when name-service information for a part that >> is not shutdown comes from a part that is? > > It's always been a BCP good idea to have your DNS have secondaries in another > non-fate-sharing AS, even though everybody from Microsoft on down seems > to feel the need to rediscover this. How about if the source database (not the relevant zone file, but the collection of data on some computer from which a zone file is created. How about the case where the master zone file has be amputated and the secondaries can no longer get updates? -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On 6/13/2010 07:50, Owen DeLong wrote: > Generally speaking, it will be treated as damage and routed around. Nothing to see here. Move along. Nothing to worry about. Have a nice day. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: On the control of the Internet.
On 6/13/2010 3:47 PM, valdis.kletni...@vt.edu wrote: It's always been a BCP good idea to have your DNS have secondaries in another non-fate-sharing AS, even though everybody from Microsoft on down seems to feel the need to rediscover this. Postel used to advise having them on different tectonics plates (and sources of power, of course.) Conflating the "liberal in what you accept" advise, it might be wise to accept tectonic as covering tectonic shifts in politics, as well as land masses. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: On the control of the Internet.
On Sun, 13 Jun 2010 00:21:49 CDT, Larry Sheldon said: > For example--what happens when name-service information for a part that > is not shutdown comes from a part that is? It's always been a BCP good idea to have your DNS have secondaries in another non-fate-sharing AS, even though everybody from Microsoft on down seems to feel the need to rediscover this. pgpglL5vgU5Yl.pgp Description: PGP signature
Re: On the control of the Internet.
> Generally speaking, it will be treated as damage and routed around. That fable only really stands a chance when the damage is accidental; in the case where such "damage" is being deliberately inflicted, particularly by government, it gets more complicated. A lot of the 'net is a little more centralized than it ought to be in order to allow the "routed around" concept to work successfully. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: On the control of the Internet.
Taking into account a submarine cable structure like this: http://www.telegeography.com/product-info/map_cable/images/cable_map_2010_large.png And that satellite connections have very high latency. I think the idea of routing around will be, at least, a performance hell. On Sun, Jun 13, 2010 at 09:50, Owen DeLong wrote: > Generally speaking, it will be treated as damage and routed around. > > Owen
Re: On the control of the Internet.
Generally speaking, it will be treated as damage and routed around. Owen On Jun 12, 2010, at 10:21 PM, Larry Sheldon wrote: > http://volokh.com/2010/06/13/32843/ > > What happens when the US shuts down part of its part? > > Depends on what part it shut down, of course. > > But what are the available boundaries for the parts in question? > > Will that have to change? > > For example--what happens when name-service information for a part that > is not shutdown comes from a part that is? > > What if an exchange point for parts that are not shutdown is shutdown. > > And spare me the tinfoil hat stuff--tinfoil hats have not worked for a > year or more. > -- > Somebody should have said: > A democracy is two wolves and a lamb voting on what to have for dinner. > > Freedom under a constitutional republic is a well armed lamb contesting > the vote. > > Requiescas in pace o email > Ex turpi causa non oritur actio > Eppure si rinfresca > > ICBM Targeting Information: http://tinyurl.com/4sqczs > http://tinyurl.com/7tp8ml > >
On the control of the Internet.
http://volokh.com/2010/06/13/32843/ What happens when the US shuts down part of its part? Depends on what part it shut down, of course. But what are the available boundaries for the parts in question? Will that have to change? For example--what happens when name-service information for a part that is not shutdown comes from a part that is? What if an exchange point for parts that are not shutdown is shutdown. And spare me the tinfoil hat stuff--tinfoil hats have not worked for a year or more. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml