On Thu, 2003-09-18 at 00:43, Matt wrote:
Hello all,
Was doing some upgrades on a UBR7246 (to a VXR), and I got to thinking
about short sighted design considerations. I was curious if any of you
had some pet peeves from a design perspective to rant about. I'll start
with a couple.
the
One thing I haven't seen mentioned in all this is the incredible business
monopolizing effect this move will have on the TLD's in question. It
dramatically shifts the domain playing field in Verisign's favor by
pointing
millions of potential customers to their site(s) specifically, giving
them
If I remember correctly, Verisign person stated in an interview that
they estimate that
it will be worth up to $100M annually.
Boycott Verisign as much as possible. You can register new names
in .BIZ or .INFO or in a country specific TLD including .US
http://www.us-register.com/faq-us.cfm
If
On woensdag, sep 17, 2003, at 19:32 Europe/Amsterdam, Paul Vixie wrote:
Just when I thought I had a DNS server I could point my IPv6-only
hosts
to...
that's the purpose of the f.6to4-servers.net server, and if it's not
working for you then please send dig results and we'll check it out.
(not
On Thu, 18 Sep 2003, Jared Mauch wrote:
: ultradns uses the power of anycast to have these ips that appear
: to be on close subnets in geographyically diverse locations.
Oh, that's brilliant. How nice of them to defeat the concept of redundancy
by limiting me to only two of their servers
On Thu, 18 Sep 2003, Majdi S. Abbas wrote:
: I didn't have a problem with .org this evening, and I've asked
: around and others don't seem to have noticed anything either. It would be
: more helpful if you told us your source prefix, and which filter you're
: hitting when you traceroute
On donderdag, sep 18, 2003, at 13:38 Europe/Amsterdam, Todd Vierling
wrote:
: ultradns uses the power of anycast to have these ips that appear
: to be on close subnets in geographyically diverse locations.
Oh, that's brilliant. How nice of them to defeat the concept of
redundancy
by
An interesting thought...
Jerry
Jerry,
One question - if I previously typed in an URL that was incorrect and would get the usual response from my OWN system, there would be not a real lot of data sent/received to pay for that mistake. Now that Verisign is doing their current thing, there
On Thu, 18 Sep 2003, Stephane Bortzmeyer wrote:
: BIND does it but what about Microsoft cache/forwarder? At RIPE 45 (you
: were there), a talk by people at CAIDA showed that A.root-servers.net
: received twice as much traffic as the other root name servers since it
: is just the first one
In a message written on Thu, Sep 18, 2003 at 12:25:48AM -0400, Gerald wrote:
They don't pay a thing for all of these domains that they are now
accepting queries for. It would seem to me to our benefit as an Internet
community to word this in our favor and send Verisign a bill for
manipulating
Went to register.com to register a new DNS server for someone, and when it
normally asks for the IP address (new server, new domain), it didn't because
when it did a query, it got a response for that name. Now, it is reporting
the new DNS server as resolving to Verisign's IP address.
I think
On Thu, 18 Sep 2003, Stephen J. Wilcox wrote:
: they have two distinct servers by IP, globally they have N x clusters. i'm sure
: each instance is actualyl more than a single linux PeeCee
Doesn't matter if it's a cluster at each location. The fact remains that
there were only two IP addresses
On donderdag, sep 18, 2003, at 14:08 Europe/Amsterdam, Stephane
Bortzmeyer wrote:
BGP is really bad at. DNS servers on the other hand track RTTs for
query responses
BIND does it but what about Microsoft cache/forwarder? At RIPE 45 (you
were there),
Was I???
a talk by people at CAIDA showed
On Thu, 18 Sep 2003, David B Harris wrote:
: ...and for heavens sake, stop accepting any kind of request at all on port
: 25!! Just shut it down altogether. There is no reason for you to accept
: any connection of any kind on port 25!
: If they don't accept anything on port 25, either by
On Thu, 18 Sep 2003, Stephane Bortzmeyer wrote:
: There's an easy fix to that particular situation: Make the first (or first
: two) listed servers anycast, and the rest unicast.
:
: It would require a central management (or at least a central
: oversight) of the root name servers and I do not
Frank wrote:
the orginal GSR blanks came without handles. They were also put in tight
as ***. For days after, your fingers would have the imprints of the
little screws on them. I once use my socks to protect my fingers when I
was pulling them out.
Some Cisco gear also arrived with the flash
Todd Vierling wrote:
Yes, it is firewalled. I was pointing out that the route is the same for
tld1 and tld2 for me, all the way up to the firewall.
Please post traceroutes from your location, as well as from the two
locations in different parts of the USA (You said earlier: I
tracerouted
On Thu, 18 Sep 2003, Stephane Bortzmeyer wrote:
: Still doesn't help .ORG, which is 100% anycast and thus has no DNS-based
: redundancy
:
: Wrong since there are two IP addresses. They may fail at the same time
: (which apparently happened to you) but there is a least an element of
: non-BGP
Speaking on Deep Background, the Press Secretary whispered:
Hello all,
Was doing some upgrades on a UBR7246 (to a VXR), and I got to thinking
about short sighted design considerations. I was curious if any of you
had some pet peeves from a design perspective to rant about. I'll
Somebody pointed out, on another list, that Verisign's move is essentially
a man in the middle attack. Which leads to the question: are they in
violation of any Federal laws - such as, say, the Patriot Act?
: There's an easy fix to that particular situation: Make the first (or first
: two) listed servers anycast, and the rest unicast.
:
: It would require a central management (or at least a central
: oversight) of the root name servers and I do not believe there is one:
: each root name
I have beef with every chasis designer that has ever left a sharp edge
hidden deep inside thier case of doom just waiting to gash some poor IT
guy in a most unpleasent manor..
also ASUS who insists on putting thier onboard sound interface at the
BOTTOM of the MB when they know that the little
On Thu, 18 Sep 2003, Todd Vierling wrote:
On Thu, 18 Sep 2003, Stephane Bortzmeyer wrote:
: Still doesn't help .ORG, which is 100% anycast and thus has no DNS-based
: redundancy
:
: Wrong since there are two IP addresses. They may fail at the same time
: (which apparently happened to
At 08:57 AM 9/18/2003, David Lesher wrote:
Speaking on Deep Background, the Press Secretary whispered:
Hello all,
Was doing some upgrades on a UBR7246 (to a VXR), and I got to thinking
about short sighted design considerations. I was curious if any of you
had some pet peeves from a design
How about MB chipset fans which always seem to fail! I avoid any mobo with
a chipset fan if possible. This is still commonplace and I still see them
fail all the time.
At 09:09 AM 9/18/2003, Ryan Dobrynski wrote:
I have beef with every chasis designer that has ever left a sharp edge
hidden
* [EMAIL PROTECTED] (Todd Vierling) [Thu 18 Sep 2003, 14:34 CEST]:
On Thu, 18 Sep 2003, David B Harris wrote:
If they don't accept anything on port 25, either by sending all packets
to /dev/null or by responding with SYN+RST (Connection refused), MTAs
everywhere will consider this a
Cisco 4x00 frame rails are the king - bend 'em and you'll be using a
chisel to open the metal chassis so you can remove the NPs. I've still
got a 4000 around here somewhere that was shuffled to lab duty after I
did surgery on it with a large cold chisel mallet.
Matt wrote:
Hello all,
* How about the plastic stand-offs that hold the AIM-VPN cards in the
2600 and 1700 series. Yeah...the ones that DON'T come with your
SmartNet replacement chassis and that you have the pull the entire board
to release.
* And how about this: Cisco: PICK A BUSINESS END ON YOUR SMALL OFFICE
On Thu, 18 Sep 2003, Stephen J. Wilcox wrote:
: 1. Only you were affected
I doubt this. At least one person has noted seeing the same on this list,
and I bet many more would corroborate by looking for DNS temp failures for
MAIL FROM:[EMAIL PROTECTED] in mail logs from last night between about
Sorry, I missed the hands-down winner in my initial thinking,
since it's not in my arena [hardware]..
The envelope please..
Micro$loth Lookout
{applause}
Starting with Let's invent top-posting and moving to its
virus-spreading abilities; Lookout has never met a standard, either
On Thu, 18 Sep 2003, just me wrote:
: If you're still confused, have a read here:
:
: http://www.ultradns.com/support/managed_dns_faq.cfm
:
: Q. I read that your service is supposed to make use of several
: servers all over the world, but you only give users two server
: addresses to provide to
In a message written on Thu, Sep 18, 2003 at 09:57:23AM -0400, Todd Vierling wrote:
The problem with UltraDNS, the point which many on this people are missing,
is that at least some UltraDNS sites are advertising *all* anycast networks
simultaneously (see traceroutes below). Yes, all == 2 at
On Thu, 18 Sep 2003, David Lesher wrote:
: Sorry, I missed the hands-down winner in my initial thinking,
: since it's not in my arena [hardware]..
Oh, the hardware one's easy, though. The modern PC, which does not by
default come with a remote management (typically RS-232) system-level
I'm suddenly getting 3-4x the M$ patch and bounced mail
virus attacks as compared to 2-3 days ago.
Is this perhaps a result of VeriSlime's actions?
[Note I'm talking raw volume at my accounts; so it's not the
result of local filtering breaking.]
--
A host is a host from coast to [EMAIL
*glares*
Sometimes, especially on the Windows platform, its hard trying to find an
email program which does what you need it to. I've tried Eudora,
Netscape/Mozilla, and a few others I forget what they are named. All feel
clutsy and incomplete.
Outlook and its little friend Outlook Express at
Sun Ultra Enterprise 3500. Three power supplies for redundancy, only *one*
power cord. You'd think that with something that originally cost 6 figures,
that this would have been thought out a bit more.
Oh, and 1U patch panels with only 12 ports in them annoy me.
-Original Message-
On Thu, 18 Sep 2003, Leo Bicknell wrote:
: Number your sites from 1..N, have all odds announce one address, all
: evens the other. DNS servers will still use the closest (due to RTT
: checking), but will now also have a backup that does not go to the same
: site in steady state, but is still
On Thu, 18 Sep 2003, Leo Bicknell wrote:
A truely robust anycast setup has two addresses (or networks, or
whatever), but only one per site. From the momentary outage while
BGP reconverges to the very real problem of the service being down
and the route still being announced there are issues
Paul Vixie wrote:
actually, i had it convincingly argued to me today that wildcards in root
or top level domains were likely to be security problems, and that domains
like .museum were the exception rather than the rule, and that bind's
configuration should permit a knob like don't accept
I have noticed suddenly my virus filter catching more of those exact
same messages here in the last 24 hours.
David Lesher wrote:
I'm suddenly getting 3-4x the M$ patch and bounced mail
virus attacks as compared to 2-3 days ago.
Is this perhaps a result of VeriSlime's actions?
[Note I'm
* [EMAIL PROTECTED] (Jack Bates) [Thu 18 Sep 2003, 16:41 CEST]:
After all, is this the Internet or just the World Wide Web? wildcards at
the roots are catering solely to the web and disrupting other protocols
which require NXDOMAIN.
Wildcards anywhere are problematic. I've yet to encounter
--- Matt [EMAIL PROTECTED] wrote:
I've got a couple others in my head from 3Com and a
couple of others,
but I thought I'd get the ball rolling. So, what do
you think?
Personally my issues are console-cable related: is
there a benefit to the HUGE variety of console pinouts
used by the
Without a question: PS/2 style keyboard and mouse connectors. Impossible
to tell from each other, or the right way up without eyeballs directly on
them. A real PITA when trying to reach behind a desk or rack. The
console port is a close second, though...
On Thu, 18 Sep 2003, David Barak
--On Thursday, September 18, 2003 10:45 -0400 William Warren
[EMAIL PROTECTED] wrote:
I have noticed suddenly my virus filter catching more of those exact same
messages here in the last 24 hours.
David Lesher wrote:
I'm suddenly getting 3-4x the M$ patch and bounced mail
virus attacks as
Someone from Verio please contact me off list. We are experiencing some
routing issues through/to your network.
Thanks,
Josh
On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote:
: Without a question: PS/2 style keyboard and mouse connectors. Impossible
: to tell from each other,
And this part is somewhat funny, too, because the PS/2 connector layout is
capable of having both devices share the same bus (there's two
RJ21 patch panel connectors that are designed in such a way that you can
only screw down one end of the connector have consistently ruined my
day. Untold headaches with intermitten connectivity on devices using
the east end of the connector because crowded conditions in the cabinet
cause the
I overlooked the OBVIOUS reason that someone just mentioned:
There is a new worm:
http://www.f-secure.com/v-descs/swen.shtml
Damn, we need a TV-Guide type page listing all the first run
and rerun M$ viruses. It's just too hard to keep them all
straight..
--
A host is a host from coast
On Thu, 18 Sep 2003, Daryl G. Jurbala wrote:
* PCs with built in Ethernet that is so close to a lip on the case, with
the release pointed down, that you need to use a
screwdriver/knife/whatever to release the cable.
...and combine that with the RJ45 connecters that have a rubber hood over
In a message written on Thu, Sep 18, 2003 at 10:05:15AM -0400, Todd Vierling wrote:
Anycast is *NOT* a redundancy and reliability system when dealing with
application-based services like DNS. Rather, anycast is a geographically
I think you'll find most people on the list would disagree with
On Thu, 18 Sep 2003, Todd Vierling wrote:
: The problem with UltraDNS, the point which many on this people are missing,
: So I try to look up domains in .ORG, and all its the servers fail because
Heh.
Sorry about the horrible lapse of grammar in the post above. I was writing
it on a train,
On Thu, 18 Sep 2003, David Barak wrote:
--- Matt [EMAIL PROTECTED] wrote:
I've got a couple others in my head from 3Com and a
couple of others,
but I thought I'd get the ball rolling. So, what do
you think?
Personally my issues are console-cable related: is
there a benefit
Thats to prevent it from being disconnected accidentally
(or for any other reason :-)
When I get my hands on one of those, I clip off the hood
with a pair of manicure scissors.
- Original Message -
From: Gerald [EMAIL PROTECTED]
To: Daryl G. Jurbala [EMAIL PROTECTED]
Cc: nanog list
On Thu, 18 Sep 2003, Todd Vierling wrote:
On Thu, 18 Sep 2003 [EMAIL PROTECTED] wrote:
: Without a question: PS/2 style keyboard and mouse connectors. Impossible
: to tell from each other,
And this part is somewhat funny, too, because the PS/2 connector layout is
capable of having
I can't stand it when I sit down and find the keyboard in front of me has
moved the backslash key. It drives me crazy and prompts me to find a real
keyboard right away to work with.
CB
On Thu, 18 Sep 2003, Leo Bicknell wrote:
: Anycast is *NOT* a redundancy and reliability system when dealing with
: application-based services like DNS. Rather, anycast is a geographically
:
: I think you'll find most people on the list would disagree with you
: on this point. Many ISP's run
On Thu, 18 Sep 2003 08:24:40 -0400 (EDT)
Todd Vierling [EMAIL PROTECTED] wrote:
: ...and for heavens sake, stop accepting any kind of request at all on port
: 25!! Just shut it down altogether. There is no reason for you to accept
: any connection of any kind on port 25!
: If they don't
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz, geotrust is Verisign
http://www.google.com/search?sourceid=mozclientie=utf-8oe=utf-8q=Thawte+was+b
ought+by+Verisign
Marc
--
On Thu, 18 Sep 2003, John Palmer wrote:
: ...and combine that with the RJ45 connecters that have a rubber hood over
: the release. Gr!
: Thats to prevent it from being disconnected accidentally
: (or for any other reason :-)
Actually, the original intent of those hoods was to snagproof
On Wed, 17 Sep 2003, Alex Kamantauskas wrote:
Not really operational content, but I was wondering if there was an
intellectual property issue with the Verisign .com/.net redirect?
For instance, http://searchthewebwithgoogle.com/ brings you to a
Verisign search engine.
Or, even
At 10:08 AM 18/09/2003, David Lesher wrote:
I'm suddenly getting 3-4x the M$ patch and bounced mail
virus attacks as compared to 2-3 days ago.
This virus seems to depart from the standard Click on mine patches
pleases type text. Instead, it has quite an elaborate message complete
with in line
Speaking on Deep Background, the Press Secretary whispered:
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz, geotrust is Verisign
And braindead. Go to that address
Marc MERLIN [EMAIL PROTECTED] 9/18/03 9:27:11 AM
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED]
wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz, geotrust is Verisign
On Thu, 18 Sep 2003 09:53:38 -0400
Daryl G. Jurbala [EMAIL PROTECTED] wrote:
* And how about this: Cisco: PICK A BUSINESS END ON YOUR SMALL OFFICE
ROUTING EQUIPMENT. Most of my less clued customer like to help out
and rack the equipment ahead of time. And it always gets done pretty
side
David Barak wrote:
Personally my issues are console-cable related: is
there a benefit to the HUGE variety of console pinouts
used by the various hardware vendors? Just look at
vendor C as an example [...]
Is that the best example you can come up with? Ever use any Bay
equipment...?
Speaking on Deep Background, the Press Secretary whispered:
: I think you'll find most people on the list would disagree with you
: on this point. Many ISP's run anycast for customer facing DNS
: servers, and I'll bet if you ask the first reason why isn't because
: they provide faster
Once upon a time, Marc MERLIN [EMAIL PROTECTED] said:
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz, geotrust is Verisign
As someone who has dealt extensively with GeoTrust, I can assure you, they
are not owned by Verisign. They're a totally separate company that has the
old equifax root cert.
Thanks,
Matt
--
Matthew Zito
GridApp Systems
Email: [EMAIL PROTECTED]
Cell: 646-220-3551
Phone: 212-358-8211 x 359
On Thu, 18 Sep 2003, Marc MERLIN wrote:
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz, geotrust is Verisign
Can anyone point me to a set of standards that define a Class A Data
Center? I'm not asking for requirements, but an actual pointer to
standards hammered out by an organization or governing body.
Thanks.
My vote goes to the EMI gasket Cisco's BPX 8600 cards. The gasket was
tacky enough to maintain a nice seal between cards ... enough to remove one
or two adjacent cards when you pulled the card out.
Special runner up nominee is whatever do-gooder decided it was a good idea
to have a cell phone
TV Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT)
TV From: Todd Vierling
TV DNS site A goes down, but its BGP advertisements are still in
TV effect.
Or are they?
Eddy
--
Brotsman Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone:
On Thu, 18 Sep 2003 09:59:27 MDT, John Neiberger [EMAIL PROTECTED] said:
If GeoTrust is Verisign, why do they make a big deal out of competing
with Verisign?
And Chevy competes with Pontiac and Buick. Your point?
pgp0.pgp
Description: PGP signature
On Thu, 18 Sep 2003 12:08:43 EDT, Bob German [EMAIL PROTECTED] said:
Can anyone point me to a set of standards that define a Class A Data
Center? I'm not asking for requirements, but an actual pointer to
standards hammered out by an organization or governing body.
must have connectivity
TV Date: Thu, 18 Sep 2003 11:39:17 -0400 (EDT)
TV From: Todd Vierling
TV And guess what: neither of the two addresses supplied by
TV UltraDNS worked last night for some sites, because their
TV anycast configuration is not allowing DNS redundancy. It is
TV depending on every site somehow
All,
In response to requests from many folks asking for prefix
to AS mappings, routeviews is now providing 2 new services
mapping and address or prefix to its origin AS and to its
ASPath. These services are available via two zones:
(i).
On Thu, 18 Sep 2003, E.B. Dreger wrote:
: TV Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT)
: TV From: Todd Vierling
:
: TV DNS site A goes down, but its BGP advertisements are still in
: TV effect.
:
: Or are they?
I couldn't know for sure from some sites, but traceroutes sure got there.
That
On Thu, 18 Sep 2003, Matthew Zito wrote:
As someone who has dealt extensively with GeoTrust, I can assure you, they
are not owned by Verisign. They're a totally separate company that has the
old equifax root cert.
Agreed. I used Equifax before they handed off to Geotrust. Both have done
a
On Thu, Sep 18, 2003 at 11:11:12AM -0500, Dominic J. Eidson wrote:
On Thu, 18 Sep 2003, Marc MERLIN wrote:
On Thu, Sep 18, 2003 at 11:42:19AM +0100, [EMAIL PROTECTED] wrote:
And you can get SSL certs from alternative sources such as GeoTrust
http://www.geotrust.com/
Bzzz,
On Thu, 18 Sep 2003, E.B. Dreger wrote:
: TV Anycasting only works as a redundancy scheme when you have a
: TV mesh of *partially* overlapping BGP advertisements, so that a
: TV client has a guarantee that at least one address in the mix
: TV is located elsewhere from the rest.
:
: Don't be
PEF Date: Thu, 18 Sep 2003 11:02:08 -0500
PEF From: Peter E. Fry
PEF Is that the best example you can come up with? Ever use any
PEF Bay equipment...?
You have reminded me of Bay's config GUI. I shall have
nightmares tonight.
Eddy
--
Brotsman Dreger, Inc. - EverQuick Internet Division
TV Date: Thu, 18 Sep 2003 13:01:18 -0400 (EDT)
TV From: Todd Vierling
TV BGP doesn't know when a DNS server dies. Therein lies the
TV findamental problem of using anycast as an application
TV redundancy scheme.
But it can and should. Again, seeing if the process is running
is easy; verifying
TV Date: Thu, 18 Sep 2003 12:52:29 -0400 (EDT)
TV From: Todd Vierling
TV I couldn't know for sure from some sites, but traceroutes
TV sure got there. That would imply that (at their end) the
TV advertisements were still up.
Which would be an implementation flaw, not something inherently
wrong
David Barak wrote:
Personally my issues are console-cable related: is
there a benefit to the HUGE variety of console pinouts
used by the various hardware vendors? Just look at
vendor C as an example [...]
Makes me remember when representatives from mentioned vendor made funny
looks when
On Thu, 18 Sep 2003, E.B. Dreger wrote:
PEF From: Peter E. Fry
PEF Is that the best example you can come up with? Ever use any
PEF Bay equipment...?
You have reminded me of Bay's config GUI. I shall have
nightmares tonight.
How about BCC?
bcc#config
... wait ...
--
Dominic J.
If anyone from Videotron is around, please contact me off-list.
Thanks.
Todd Mitchell
--
TV BGP doesn't know when a DNS server dies. Therein lies the
TV findamental problem of using anycast as an application
TV redundancy scheme.
But it can and should. Again, seeing if the process is running
is easy; verifying correct functionality requires more work, but
definitely is
On Thu, 18 Sep 2003, Todd Vierling wrote:
On Thu, 18 Sep 2003, E.B. Dreger wrote:
: TV Date: Thu, 18 Sep 2003 10:05:15 -0400 (EDT)
: TV From: Todd Vierling
:
: TV DNS site A goes down, but its BGP advertisements are still in
: TV effect.
:
: Or are they?
I couldn't know for sure
- Original Message -
From: E.B. Dreger [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, September 18, 2003 1:04 PM
Subject: Re: Worst design decisions?
You have reminded me of Bay's config GUI. I shall have
nightmares tonight.
Ah, the days when I used
Todd Vierling wrote:
BGP doesn't know when a DNS server dies. Therein lies the findamental
problem of using anycast as an application redundancy scheme.
You ever think that maybe, just maybe, Ultra wrote some code to do this?
Yes, it might have concievably failed in a way that seems to have
On Thu, 18 Sep 2003 17:04:47 + (GMT), E.B. Dreger
[EMAIL PROTECTED] wrote:
You have reminded me of Bay's config GUI. I shall have
nightmares tonight.
Back in the winter of '00, I had the pleasure of working on a friend's old
Bay. He was using it for a home-based ISP, and, well, I believe
E.B. Dreger wrote:
TV Date: Thu, 18 Sep 2003 13:01:18 -0400 (EDT)
TV From: Todd Vierling
TV BGP doesn't know when a DNS server dies. Therein lies the
TV findamental problem of using anycast as an application
TV redundancy scheme.
But it can and should. Again, seeing if the process is running
is
On Thu, 18 Sep 2003, Todd Vierling wrote:
BGP has no way to know that an internal network problem occurred. If
someone mistakenly tripped over a network cable that disconnected DNS
clusters from a router, how would the router know to drop anycast
advertisements?
(Sure, you could run
Even better: the old bay switches had a backdoor password, that you
could always use no matter what. Great security there. G. I
had to deal with a campus full of them, and since they had of course
forgotten all the passwords, so it was a good thing in that case, I
could actually
BGP has no way to know that an internal network problem occurred. If
someone mistakenly tripped over a network cable that disconnected DNS
clusters from a router, how would the router know to drop anycast
advertisements?
(Sure, you could run zebra on the cluster. But what about if
Date: Thu, 18 Sep 2003 13:47:01 -0400
From: Keptin Komrade Dr. BobWrench III esq.
And, I might add, in the case of a highly complex anycast
application, you will need to check not only for correctness,
but for timeliness.
In a realtime system, something that is late is considered
In the immortal words of Justin Shore ([EMAIL PROTECTED]):
Applause
I can think of 6 different console cable pinouts and connectors that
Enterasys (Cabletron) has used over the years. No wait, make that 7. How
could I forget the inherited Fore ATM architecture and subsequent blades.
Date: Thu, 18 Sep 2003 10:29:06 -0700 (PDT)
From: bmanning
Ick. you really believe that BGP can or should be augmented to
understand application liveness? BGP reaching past the
And why not? BGP deals in reachability information. Perhaps it
conventionally represents interface and link
On Thu, 18 Sep 2003, Keptin Komrade Dr. BobWrench III esq. wrote:
: And, I might add, in the case of a highly complex anycast application,
: you will need to check not only for correctness, but for timeliness.
All this still assumes that DNS should be trusting a single anycast location
as the
EBD Date: Thu, 18 Sep 2003 18:01:07 + (GMT)
EBD From: E.B. Dreger
EBD That's why one uses a daemon with main loop including
EBD something like:
EBD
EBDsuccess = 0 ;
EBDfor ( i = checklist ; i-callback != NULL ; i++ )
EBDsuccess = i-callback(foo) ;
EBDif ( success )
1 - 100 of 150 matches
Mail list logo