http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
And people wonder why I have such deep concerns about RPKI how long before
something like this happens with prefix certificates... ooops... we revoked a
few thousand certs for a few thousand prefix's because they happened to
http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
And people wonder why I have such deep concerns about RPKI.
there are a thousand means. the problem lies with the intent.
randy
http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
And people wonder why I have such deep concerns about RPKI.
there are a thousand means. the problem lies with the intent.
Agreed... doesn't mean its a great idea to create an even easier way to screw
up...
Andrew
--- On Sat, 2/19/11, Owen DeLong o...@delong.com wrote:
Are you willing to bet that IPv4 address
exhaustion will not result in IPv6-only hosts before we run
out of meaningful IPv4-only hosts?
No, but, I am willing to bet that we will not meaningfully
make the situation better for those
On Feb 19, 2011, at 12:41 AM, Zed Usser wrote:
--- On Sat, 2/19/11, Owen DeLong o...@delong.com wrote:
Are you willing to bet that IPv4 address
exhaustion will not result in IPv6-only hosts before we run
out of meaningful IPv4-only hosts?
No, but, I am willing to bet that we will not
Sorry, Google DNS typo is my bad.
It is of course 8.8.8.8 ...
On Fri, Feb 18, 2011 at 6:20 PM, Christopher Morrow morrowc.li...@gmail.com
wrote:
On Fri, Feb 18, 2011 at 11:47 AM, Robert Lusby nano...@gmail.com wrote:
--- Friday miscellaneous ---
snip
Google DNS is a good example
On Feb 19, 2011, at 3:12 36AM, Randy Bush wrote:
http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
And people wonder why I have such deep concerns about RPKI.
there are a thousand means. the problem lies with the intent.
Yes. Remember what happened to Youtube because of (a)
And that has nothing to do with whether a protocol is a peer protocol or not.
IP is a peer-to-peer protocol. As SMTP is implemented over IP, it is also a
peer-to-peer protocol.
In IP, all hosts/nodes are peers.
That you may wish that this were not the case and thereby impose completely
Hi,
On Fri, 18 Feb 2011 13:44:56 -0800
Leo Bicknell bickn...@ufp.org wrote:
In a message written on Fri, Feb 18, 2011 at 04:36:28PM -0500,
Christopher Morrow wrote:
leaking the IX prefix to customers, to me, seems like a recipe for
much wider/unintended leakage :(
Oh, it is. I remember
--- On Sun, 2/20/11, Owen DeLong o...@delong.com wrote:
So, in essence, you are advocating not to
interconnect the IPv4-only and IPv6-only domains in any way?
I'm advocating not depending on any such interaction
working as it's pretty clear that
the available solution set is fairly broken.
Hi everyone.
This is my first post here in Nanog.
First of all, sorry my bad english -- I'm Brazilian.
We are activating a new transit connection with 40 Mbps and I need to test
it, but here in Brazil all the international transits are weak.
I'm looking for a server that I can download/upload
On 2/19/2011 10:11 AM, kmedc...@dessus.com wrote:
And that has nothing to do with whether a protocol is a peer protocol or not.
IP is a peer-to-peer protocol. As SMTP is implemented over IP, it is also a
peer-to-peer protocol.
At each layer of an architecture, the question of whether a
On Feb 19, 2011, at 12:12 AM, Randy Bush wrote:
there are a thousand means. the problem lies with the intent.
yes
On 2011-02-18 22:03, Max Pierson wrote:
Nothing at all :)My problem is with rrdtool. It doesn't scale for this
project. I was looking into GNUplot, but wanted to see what else was out
there as well.
Is scaling of rrdtool still a problem for you with rrdcached?
Even with rrdcached, the I/O from many RRD files being updated often
will hammer the I/O subsydtem of most hosts :)
We have a host with around 50k RRD data files and rrdcached running,
most are updated every 5 mins, some every minute (Nagios + PNP) - with
RAID 10 and 10k rpm disks the io wait on
Twitter is releasing a high volume metrics collection store based on
cassandra as open source soon - if you will be scaling big, might be
worth looking into.
On 2/19/11, Max perld...@webwizarddesign.com wrote:
Even with rrdcached, the I/O from many RRD files being updated often
will hammer the
On 2/19/11 5:31 PM, Mikael Abrahamsson wrote:
On Fri, 18 Feb 2011, Matt Newsom wrote:
I am looking for a switch with a minimum of 12 X 10GE
ports on it, that can has routing protocol support and can do GRE in
hardware. Does anyone have a suggestion that might fit. Keep in mind
On 2/19/11 5:46 PM, Joel Jaeggli wrote:
On 2/19/11 5:31 PM, Mikael Abrahamsson wrote:
On Fri, 18 Feb 2011, Matt Newsom wrote:
I am looking for a switch with a minimum of 12 X 10GE
ports on it, that can has routing protocol support and can do GRE in
hardware. Does anyone have a
On Feb 19, 2011, at 11:31 AM, Zed Usser wrote:
--- On Sun, 2/20/11, Owen DeLong o...@delong.com wrote:
So, in essence, you are advocating not to
interconnect the IPv4-only and IPv6-only domains in any way?
I'm advocating not depending on any such interaction
working as it's pretty clear
My understanding of peer-to-peer was that it indicated that all hosts had
equal ability to originate or terminate (as in accept, not as in end) sessions.
That is, the role of client or server is defined by the choice of the
application
and/or software on the host and not by the network.
IP is a
On 2/19/2011 10:11 AM, kmedc...@dessus.com wrote:
And that has nothing to do with whether a protocol is a peer protocol or not.
IP is a peer-to-peer protocol. As SMTP is implemented over IP, it is also a
peer-to-peer protocol.
At each layer of an architecture, the question of whether a
- Original Message -
From: Steven Bellovin s...@cs.columbia.edu
On Feb 19, 2011, at 3:12 36AM, Randy Bush wrote:
http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
And people wonder why I have such deep concerns about RPKI.
there are a thousand means. the problem
Hi Eduardo,
don't expect you will be able to download a single connection at 40Mbps.
Your test will be limited by the latency. You can do some tweak in the
TCP but it will not improve too much considering the latency between
BR and US.
Here are two links which can give you some directions:
On Sun, 20 Feb 2011, Diogo Montagner wrote:
Your test will be limited by the latency. You can do some tweak in the
TCP but it will not improve too much considering the latency between BR
and US.
With 200ms delay he only needs 1 megabyte of TCP window to reach 40
megabit/s. This is
Those are the two options I am looking at now. Unfortunately both of those
require the chassis tax and a decent amount of real estate and power. It looks
like that is what I am going to be stuck with though because I can't seem to
find anyone that has small 1-2U solution that can do the full
Potentially the Cisco 4900M. I can't find specifically about the GRE
support however. My google-fu just finds discussion about v4 to v6
tunnels in software. The chassis has 8 built-in ports and two expansion
modules that can each do another 4 TenG ports in a not-oversubscribed
configuration.
I have both Level3 and NTT v6 connections and there are no additional
charges for the service. I recall NTT had one a few years ago, but I
think that's fallen by the wayside.
Mike
--
Michael K. Smith - CISSP, GSEC, GISP
Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com
w: +1 (206)
The 4900M doesn't do GRE in hardware.
-Original Message-
From: Michael K. Smith - Adhost [mailto:mksm...@adhost.com]
Sent: Sunday, February 20, 2011 12:06 AM
To: Matt Newsom; NANOG list
Subject: Re: Switch with 10 Gig and GRE support in hardware.
Potentially the Cisco 4900M. I can't
28 matches
Mail list logo