On Wed, Mar 16, 2022 at 10:29:07AM -0700, Owen DeLong via NANOG wrote:
>
> You’re right… Two changes to a single file in most cases:
>
> 1.Set the correct new timezone (e.g. MST for California).
> 2.Turn off the Daylight Stupid Time flag.
>
> The previous change involved updating MANY
On Tue, Feb 16, 2021 at 08:02:38AM +0200, Mark Tinka wrote:
>
> On 2/16/21 07:49, Matthew Petach wrote:
>
> > Isn't that a result of ERCOT stubbornly refusing to interconnect with
> > the rest of the national grid, out of an irrational fear of coming under
> > federal regulation?
> >
> > I
On Sun, Jun 21, 2020 at 02:17:08PM -0300, Rubens Kuhl wrote:
> On Sat, Jun 20, 2020 at 5:05 PM Marshall Eubanks
> wrote:
>
> > This was also pitched as one of the killer-apps for the SpaceX
> > Starlink satellite array, particularly for cross-Atlantic and
> > cross-Pacific trading.
> >
> >
> >
On Thu, Jul 04, 2019 at 11:46:05AM +0200, Mark Tinka wrote:
> I finally thought about this after I got off my beer high :-).
>
> Some of our customers complained about losing access to Cloudflare's
> resources during the Verizon debacle. Since we are doing ROV and
> dropping Invalids, this should
On Sun, Oct 29, 2017 at 07:01:13AM -0500, Mike Hammett wrote:
> If I understand the OP correctly, I will use this real world example:
>
> https://onestep.net/communities/as174/
>
> 174:3001 through 174:3003 as compared to doing the prepending
> yourself. What is the functional difference?
>
On Thu, Oct 26, 2017 at 03:05:25PM -0400, William Herrin wrote:
>
> You'd only use communities like that if you want to signal the ISP to
> deprioritize your advertisement on a particular peer or set of peers but
> not others. That's when you're getting fancy. It's not the norm. The norm
> is you
On Wed, Jun 14, 2017 at 02:02:47PM -, John Levine wrote:
> In article <63cd2031-701d-4567-b88a-2986e8b3f...@beckman.org> you write:
> >But as I said, harvesting emails is not illegal under can spam.
>
> This might be a good time to review 15 USC 7704(b)(1), which is titled
> "Address
On Wed, Jun 14, 2017 at 01:21:21PM +, Mel Beckman wrote:
> Rodney,
>
> You make a good point. But I wonder how often spammers are so
> obvious, and I wonder if his "leveraging" falls amiss of CAN-SPAM's
> specific prohibition:
>
> (I) harvesting electronic mail addresses of the users of a
On Sat, Mar 18, 2017 at 09:27:11PM -0700, Doug Barton wrote:
>
> > As to why DNS-native zone operations are not utilized, the challenge
> > is that reverse DNS zones for IPv4 and DNS operations are on octet
> > boundaries, but IPv4 address blocks may be aligned on any bit
> > boundary.
>
> Yes,
On Sun, Feb 26, 2017 at 12:18:48PM -0500, Patrick W. Gilmore wrote:
>
> I repeat something I've said a couple times in this thread: If I can
> somehow create two docs with the same hash, and somehow con someone
> into using one of them, chances are there are bigger problems than a
> SHA1 hash
On Mon, Nov 28, 2016 at 01:44:25PM -0500, Rich Kulawiec wrote:
> On Mon, Nov 28, 2016 at 09:53:41AM -0800, Kasper Adel wrote:
> > Vendor X wants you to run their VNF (Router, Firewall or Whatever) and they
> > refuse to give you root access, or any means necessary to do 'maintenance'
> > kind of
contact)
User-Agent: Mutt/1.6.1 (2016-04-27)
On Sun, Nov 13, 2016 at 03:57:19PM -0800, Christopher Morrow wrote:
> So... actually someone did tell arin to aim these at
> ns1/2google.com...
> I'll go ask arin to 'fix the glitch'.
For 138.8.204.in-addr.arpa ...
ARIN is delegating to
On Fri, Oct 21, 2016 at 05:11:34PM -0700, Crist Clark wrote:
>
> Given the scale of these attacks, whether having two providers does any
> good may be a crap shoot.
>
> That is, what if the target happens to share the same providers you do?
> Given the whole asymmetry of resources that make this
On Sun, Dec 06, 2015 at 02:20:36PM -0800, Owen DeLong wrote:
>
> As an alternative worth considering, it could do this with BGP instead of
> OSPF.
>
> There’s nothing mythical or magical about BGP. A CPE autoconfiguring
> itself to advertise the prefix(es) it has received from upstream
> DHCPv6
Hey!
New message, please read <http://clddesign.com/tired.php?l9>
Brett Frankenberger
On Thu, Sep 03, 2015 at 01:04:34PM +0100, Nick Hilliard wrote:
> On 03/09/2015 11:56, Saku Ytti wrote:
> > 40GE server will flood the window as fast as it can, instead of
> > limiting itself to 10Gbps, optimally it'll send at linerate.
>
> optimally, but tcp slow start will generally stop this
On Thu, Sep 03, 2015 at 05:48:00PM +0300, Saku Ytti wrote:
> Hey Brett,
>
> > Here's a paper that shows you don't need buffers equal to
> > bandwidth*delay to get near capacity:
> > http://www.cs.bu.edu/~matta/Papers/hstcp-globecom04.pdf
> > (I'm not endorsing it. Just pointing out it out as a
On Wed, Jul 08, 2015 at 01:55:43PM -0400, valdis.kletni...@vt.edu wrote:
On Wed, 08 Jul 2015 17:42:52 -, Matthew Huff said:
Given that the technical resources at the NYSE are significant and
the lengthy duration of the outage, I believe this is more serious
than is being reported.
On Mon, Dec 29, 2014 at 12:27:04PM -0500, Jay Ashworth wrote:
Valdis, you are correct. What your seeing is caused by multiple IP
blocks being assigned to the same CMTS interface.
Am I incorrect, though, in believing that ARP packets should only be visible
within a broadcast domain,
On Mon, Nov 10, 2014 at 08:20:44AM -0600, Joe Greco wrote:
Hey,
VPN setup is not really a viable option (for us) in this scenario.
Honestly, I'd prefer to just call it done already and have a VPN but due to
certain restraints, we have to go down this route.
Without explaining the
On Sat, Oct 04, 2014 at 11:19:57PM -0700, Owen DeLong wrote:
There's a lot of amateur lawyering ogain on in this thread, in an area
where there's a lot of ambiguity. We don't even know for sure that
what Marriott did is illegal -- all we know is that the FCC asserted it
was and Mariott
On Sat, Oct 04, 2014 at 01:33:13PM -0700, Owen DeLong wrote:
On Oct 4, 2014, at 12:39 , Brandon Ross br...@pobox.com wrote:
On Sat, 4 Oct 2014, Michael Thomas wrote:
The problem is that there's really no such thing as a copycat if
the client doesn't have the means of authenticating
On Sun, Sep 14, 2014 at 04:19:42PM -0500, Jimmy Hess wrote:
On Sat, Sep 13, 2014 at 5:33 AM, Tarko Tikan ta...@lanparty.ee wrote:
2000::/64 has nothing to do with it.
Any address between 2000::::::: and
23ff::::::: together with
On Wed, Aug 13, 2014 at 07:53:45PM -0400, Patrick W. Gilmore wrote:
you mean your vendor won't give you the knobs to do it smartly ([j]tac
tickets open for five years)? wonder why.
Might be useful if you mentioned what you considered a smart way to
trim the fib. But then you couldn't
On Fri, May 23, 2014 at 02:09:18PM -0400, Barry Shein wrote:
On May 24, 2014 at 00:38 rdobb...@arbor.net (Roland Dobbins) wrote:
Never, under any circumstances, pay. Not even if you've persuaded
the Men from U.N.C.L.E. to help you, and they suggest you pay
because they think they can
On Sun, Feb 09, 2014 at 03:45:19PM -0500, Jay Ashworth wrote:
- Original Message -
From: Saku Ytti s...@ytti.fi
That's only true if the two devices have common failure modes,
though, is it not?
No, we can assume arbitrary fault which causes NTP to output bad time. With
On Fri, Jan 31, 2014 at 05:10:51AM -0800, Owen DeLong wrote:
A /8 slot costs as much as a /28 slot to hold process etc. A routing
slot is a routing slot. The *only* reason this isn't a legal problems
at the moment is people can still get /24s. The moment /24's aren't
readily available
On Fri, May 31, 2013 at 03:25:22PM -0700, Mike wrote:
Gang,
In the interest of sharing 'the weird stuff' which makes the job of
being an operator ... uh, fun? is that the right word?..., I would
like to present the following two smokeping latency/packetloss
plots, which are by far the
On Tue, May 14, 2013 at 09:14:56PM -0400, Jean-Francois Mezei wrote:
On 13-05-14 20:55, Patrick W. Gilmore wrote:
Since when is peering not part of the Internet?
Yes, one car argue that an device with an IP address routable from the
internet is part of the internet.
But when traffic
On Fri, Oct 05, 2012 at 10:24:18AM -0500, Ben Bartsch wrote:
use this:
http://www.team-cymru.org/Services/Bogons/bgp.html
Please tell me how I can configure my router to use that feed to
automatically reject any bogon advertisements I receive from other BGP
neigbhors.
On Fri, Oct 5, 2012 at
On Wed, Sep 19, 2012 at 06:46:54PM -0700, Jo Rhett wrote:
For these networks to have gateways which connect to the outside, you
have to have an understanding of which IP networks are inside, and
which IP networks are outside. Your proxy client then forwards
connections to outside networks to
On Wed, Aug 08, 2012 at 08:52:51AM -0500, Naslund, Steve wrote:
It seems to me that all the markets have been doing this the wrong way.
Would it now be more fair to use some kind of signed timestamp and
process all transactions in the order that they originated? Perhaps
each trade could have
On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
Also, we are only talking about a delay long enough to satisfy the
longest circuit so you could not push your timestamp very far back and
would have to get the fake one done pretty quickly in order for it to be
worthwhile. The
On Sat, Jul 14, 2012 at 09:48:49PM -0400, Robert E. Seastrom wrote:
Actually, that's one of the most insightful meta-points I've seen on
NANOG in a long time.
There is a HUGE difference between IPv4 and IPv6 thinking. We've all
been living in an austerity regime for so long that we've
On Tue, Jul 03, 2012 at 04:54:24PM -0400, valdis.kletni...@vt.edu wrote:
On Tue, 03 Jul 2012 21:49:40, Peter Lothberg said:
Leapseconds can be both positive and negative, but up to now, the
earth has only slowed down, so we have added seconds.
That's what many people believe, but it's
On Wed, Jul 04, 2012 at 05:02:02PM -0400, valdis.kletni...@vt.edu wrote:
On Wed, 04 Jul 2012 12:44:40 -0500, Brett Frankenberger said:
Leap Seconds and Leap Years are completely unrelated and solve two
completely different problems.
Leap Seconds exist to adjust time to match the Earth's
On Mon, Jul 02, 2012 at 09:09:09AM -0700, Leo Bicknell wrote:
In a message written on Mon, Jul 02, 2012 at 11:30:06AM -0400, Todd Underwood
wrote:
from the perspective of people watching B-rate movies: this was a
failure to implement and test a reliable system for streaming those
movies
On Sat, Jun 30, 2012 at 01:19:54PM -0700, Scott Howard wrote:
On Sat, Jun 30, 2012 at 12:04 PM, Todd Underwood toddun...@gmail.comwrote:
This was not a cascading failure. It was a simple power outage
Cascading failures involve interdependencies among components.
Not always.
On Sun, Jun 10, 2012 at 04:34:55PM -0400, valdis.kletni...@vt.edu wrote:
On Sun, 10 Jun 2012 12:29:46 -0700, Owen DeLong said:
It is far preferable for the merchant to request ID and verify that the
signature matches the ID _AND_ the picture in the ID matches the customer.
Maybe from the
On Sun, Jun 10, 2012 at 03:47:20PM -0700, Owen DeLong wrote:
On Jun 10, 2012, at 3:06 PM, Brett Frankenberger wrote:
Eliminating fraud isn't an objective of card issuers. Making money is.
Fraud reduction is only done when the savings from the reduced fraud
exceeds both the cost
On Mon, Jun 04, 2012 at 07:39:58AM -0700, Templin, Fred L wrote:
https://datatracker.ietf.org/doc/draft-generic-v6ops-tunmtu/
3) For IPv6 packets between 1281-1500, break the packet
into two (roughly) equal-sized pieces and admit each
piece into the tunnel. (In other words,
On Mon, May 28, 2012 at 09:32:29PM +0200, Stephane Bortzmeyer wrote:
On Tue, May 29, 2012 at 12:21:10AM +0530,
Anurag Bhatia m...@anuragbhatia.com wrote
a message of 28 lines which said:
I know few registry/registrars which do not accept both (or all)
name servers of domain name on
On Thu, Apr 05, 2012 at 06:45:30PM +0100, Nick Hilliard wrote:
On 05/04/2012 17:48, goe...@anime.net wrote:
But they will care about a /24.
I'm curious as to why they would want to stop at /24. If you're going to
take the shotgun approach, why not blacklist the entire ASN?
It's a
On Wed, Mar 28, 2012 at 04:13:53PM -0300, Carlos Martinez-Cagnazzo wrote:
I'm not convinced. What you mention is real, but the code they need is
little more than a regular expression that can be found on Google and a
20-line script for testing lames. And a couple of weeks of testing, and
I
On Wed, Nov 23, 2011 at 05:45:08PM -0500, Jay Ashworth wrote:
Yeah. But at least that's stuff you have a hope of managing. Firmware
underwent bit rot is simply not visible -- unless there's, say, signature
tracing through the main controller.
I can't speak to traffic light controllers
On Mon, Nov 21, 2011 at 11:16:14PM -0500, Jay Ashworth wrote:
Precisely. THe case in point example these days is traffic light
controllers.
I know from traffic light controllers; when I was a kid, that was my dad's
beat for the City of Boston. Being a geeky kid, I drilled the guys in the
On Tue, Nov 22, 2011 at 10:16:56AM -0500, Jay Ashworth wrote:
- Original Message -
From: Brett Frankenberger rbf+na...@panix.com
The typical implementation in a modern controller is to have a separate
conflict monitor unit that will detect when conflicting greens (for
example
On Tue, Nov 22, 2011 at 11:16:54AM -0500, Jay Ashworth wrote:
- Original Message -
From: Owen DeLong o...@delong.com
As in all cases, additional flexibility results in additional
ability to make mistakes. Simple mechanical lockouts do not scale
to the modern world. The benefits
On Tue, Nov 22, 2011 at 06:14:54PM -0500, Jay Ashworth wrote:
- Original Message -
From: Matthew Kaufman matt...@matthew.at
Indeed. All solid-state controllers, microprocessor or not, are required
to have a completely independent conflict monitor that watches the
actual HV
On Sun, Nov 13, 2011 at 06:29:39PM -0500, Jay Ashworth wrote:
SCADA networks should be hard air-gapped from any other network.
In case you're in charge of one, and you didn't hear that, let me say
it again:
*SCADA networks should he hard air-gapped from any other network.*
If you're
On Tue, Sep 27, 2011 at 04:09:03PM -0700, Owen DeLong wrote:
Yes, it is realistic to expect every mom-and-pop posting a personal
web site to utilize a provider that implements SNI, and the sooner
they do it.
No, it isn't because it requires you to send the domain portion of the URL
in
On Tue, Sep 20, 2011 at 04:13:57PM -0400, Dorn Hetzel wrote:
full time connection to two or more providers should be satisfied when the
network involved has (or has contracted for and will have) two or more
connections that are diverse from each other at ANY point in their path
between the
On Tue, Sep 13, 2011 at 09:45:39AM -0500, Chris Adams wrote:
Once upon a time, Tei oscar.vi...@gmail.com said:
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows.
SSL without some verification of the far end is useless, as a
man-in-the-middle attack can
On Sun, Aug 07, 2011 at 09:45:31PM -0400, valdis.kletni...@vt.edu wrote:
On Sun, 07 Aug 2011 20:47:48 EDT, Randy Carpenter said:
Does ATT seriously serve the entire state of Indiana from a single POP???
Sounds crazy to me.
It makes sense if they're managing to bill customers by the cable
On Fri, May 20, 2011 at 06:46:45PM +, Eu-Ming Lee wrote:
To do this, you only need 2 numbers: the nth digit of pi and the number of
digits.
Simply convert your message into a single extremely long integer. Somewhere,
in the digits of pi, you will find a matching series of digits the
On Thu, May 19, 2011 at 12:26:26AM +0100, Heath Jones wrote:
I wonder if this is possible:
- Take a hash of the original file. Keep a counter.
- Generate data in some sequential method on sender side (for example simply
starting at 0 and iterating until you generate the same as the original
On Sun, May 01, 2011 at 12:50:37PM -0700, George Bonser wrote:
From my reading of what happened, it looks like they didn't have a
single point of failure but ended up routing around their own
redundancy.
They apparently had a redundant primary network and, on top of that, a
secondary
On Tue, Dec 21, 2010 at 12:42:09AM -0600, Robert Bonomi wrote:
From: Leo Bicknell bickn...@ufp.org
So if it's illegal for you to put a letter inside a FedEx box,
Bzzt! It's -not- illegal to put a letter inside a FedEx box. It just has
to have the appropriate (USPS) postage on it,
On Mon, Sep 13, 2010 at 10:15:02AM -0400, Jamie Bowden wrote:
I was thinking more along the lines of the fact that I pay for access
at home, my employer pays for access here at work, and Google, Apple,
etc. pay for access (unless they've moved into the DFZ, which only
happens when it's
On Sun, Sep 05, 2010 at 09:18:54PM -0400, Jon Lewis wrote:
Anti-spam is a never ending arms race.
That's really the question at hand here -- whether or not there's any
benefit to continuing the never ending arms race game. Some people
think there is. Others question whether anything is
On Mon, Sep 06, 2010 at 10:38:15PM +, deles...@gmail.com wrote:
Having worked in past @ 3 large ISPs with residential customer pools
I can tell you we saw a very direct drop in spam issues when we
blocked port 25.
No one is disputing that. Or, at least, I'm not disputing that. I'm
On Sun, Aug 29, 2010 at 12:30:21AM -0700, Paul Ferguson wrote:
It would seem to me that there should actually be a better option, e.g.
recognizing the malformed update, and simply discarding it (and sending the
originator an error message) instead of resetting the session.
Resetting of BGP
On Sat, Aug 28, 2010 at 02:19:28PM +0200, Florian Weimer wrote:
* Claudio Jeker:
I think you blame the wrong people. The vendor should make sure that
their implementation does not violate the very basics of the BGP
protocol.
The curious thing here is that the peer that resets the
On Sun, Aug 15, 2010 at 11:44:18AM -0400, Owen DeLong wrote:
You and Randy operate from the assumption that these less certain
rights somehow exist at all. I believe them to be fictitious in
nature and contrary to the intent of number stewardship all the way
back to Postel's original
On Sun, Jul 18, 2010 at 06:12:29PM +0100, Nick Hilliard wrote:
On 18 Jul 2010, at 10:58, Dobbins, Roland rdobb...@arbor.net wrote:
ASR1K, which is what I'm assuming you're referring to, is a
hardware-based router. Same for ASR9K.
My c* SE swears that the asr1k is a software router. I
On Mon, Jul 19, 2010 at 07:13:46AM +0930, Mark Smith wrote:
This document supports that. If the definition of a software router is
one that doesn't have a fixed at the factory forwarding function, then
the ASR1K is one.
The code running in the ASICs on line cards in 6500-series
chassis isn't
On Sun, Jun 13, 2010 at 03:23:06PM -0500, Larry Sheldon wrote:
On 6/13/2010 14:59, Joe Greco wrote:
How about the case where the master zone file has be amputated and the
secondaries can no longer get updates?
Mea culpa.
That was suppose to say How about the case where the master zone
On Wed, Jan 13, 2010 at 01:51:41PM -0500, George Imburgia wrote:
On Wed, 13 Jan 2010, Barry Shein wrote:
The big advantage of RFIDs is that you don't need line of sight access
like you do with bar codes, they use RF, radio frequency.
Which is also a big disadvantage in a datacenter. Ever
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
I know nothing of how to do this on a Catalyst; for PCs, my own guess
is that you're looking far too high-end. If the issue is relaying to
the outside, I suspect that a small, dedicated Soekris or the like
will do all you need
On Sat, Oct 24, 2009 at 11:06:29AM -0400, Patrick W. Gilmore wrote:
On Oct 24, 2009, at 10:53 AM, Richard A Steenbergen wrote:
On Sat, Oct 24, 2009 at 09:36:05AM -0400, Patrick W. Gilmore wrote:
On Oct 24, 2009, at 9:28 AM, Jeffrey Lyon wrote:
Outside of child pornography there is no content
On Fri, Apr 24, 2009 at 01:12:42PM +0100, Michael Dillon wrote:
I think that many company officers will ask to see the results of an audit
before they sign this document, and they will want the audit to be performed
by qualified CPAs. Are your IPv4 records in good enough shape that an
On Mon, Mar 16, 2009 at 10:48:42PM -0500, Frank Bulk - iName.com wrote:
It was my understanding that (most) cable modems are L2 devices -- how it is
that they have a buffer, other than what the network processor needs to
switch it?
The Ethernet is typically faster than the upstream cable
On Tue, Dec 23, 2008 at 08:25:40AM -0600, Alex H. Ryu wrote:
Also one of the reason why not putting default route may be because of
recursive lookup from routing table.
If you have multi-homed site within your network with static route, and
if you use next-hop IP address instead of named
On Fri, Dec 05, 2008 at 09:31:11AM -0500, Alex Rubenstein wrote:
I wonder if having a spare card there would have been cheaper than
this outage and resulting flights and labour?
It unquestionably would have cheaper to have a spare for that card at
that location. What might not have been
On Thu, Dec 04, 2008 at 08:48:27AM -0600, Chris Adams wrote:
Once upon a time, Paul Ferguson [EMAIL PROTECTED] said:
I deliberated for a while on whether to send this, or not, but I figure it
might be of interest to this community:
http://techliberation.com/2008/12/04/telecom-collapse/
75 matches
Mail list logo
