Call for Presentations: 33rd DNS-OARC Workshop, Paris, France, May 09 - 10th 2020

questions or concerns you can contact the Programme Committee: https://www.dns-oarc.net/oarc/programme via Joe Abley, for Dave Knight, for the DNS-OARC Programme Committee OARC depends on sponsorship to fund its workshops and associated social events. Please contact if your organization is

Re: BGP over TLS

On 21 Oct 2019, at 12:05, Keith Medcalf wrote: > On Monday, 21 October, 2019 09:44, Robert McKay wrote: > >> The MD5 authentication is built into TCP options.. not obvious how you >> would transport it over TLS which afaik doesn't offer similar >> functionality. > > AHA! I understand now and

OARC 31 Agenda Published ; OARC32 CfP!

Note for the record: I am not actually Keith, nor do I play Keith on TV. -- Dear colleagues, The agenda for the 31st DNS-OARC Workshop has now been published at: OARC 31 takes place at the JW Marriott Austin, in Texas, USA on October 31st and November

Re: Cost effective time servers

On 21 Jun 2019, at 10:57, Quan Zhou wrote: > Yep, went through the same route until I figured out that GPS time is a bit > ahead of UTC. The clocks on the GPS satellites are set to GPST which I think (I'm not a time geek so this is going to make someone cringe) is UTC without leap seconds or

Re: BGP person from Bell Canada/AS577

On 19 Jun 2019, at 10:27, Mike Hammett wrote: > I'm curious as to why someone would want to do this? My interest is > education, not combative. In previous lives I have had great success simply talking to people at Akamai about where my customers' traffic was landing, and where would make

Re: someone is using my AS number

On 13 Jun 2019, at 10:06, Job Snijders wrote: > 1/ We can’t really expect on the loop detection to work that way at the > “jacked” side. So if this is innocent traffic engineering, it is unreliable > at best. > > 2/ Attribution. The moment you stuff AS 2914 anywhere in the path, we may get >

Re: someone is using my AS number

Hey Joe, On 12 Jun 2019, at 12:37, Joe Provo wrote: > On Wed, Jun 12, 2019 at 04:10:00PM +, David Guo via NANOG wrote: >> Send abuse complaint to the upstreams > > ...and then name & shame publicly. AS-path forgery "for TE" was > never a good idea. Sharing the affected prefix[es]/path[s]

Re: Calgary <-> Toronto 100% Canadian Fibre Resiliency on failover

On 2 Nov 2017, at 09:25, Naslund, Steve wrote: > There are four facts to be aware of here. > > 1. Locators are not 100% especially when it comes to fiber. I remember years ago in New Zealand there was buried fibre along the railway running north-south in the North

shipping from US to Telstra (ex-Pacnet) facility, 11 Chun Kwong St, Hong Kong

Hi all, If anybody has recently managed to ship equipment from the US to the Pacnet (now Telstra) facility at 11 Chun Kwong St, Hong Kong and doesn't mind comparing notes, any chance you could drop me a line off-list? We have some shipping confusion, and it would be great to see an example of

Re: list of .org domain names?

On Dec 30, 2015, at 18:50, Ryan Finnesey wrote: > Is it possible to get a complete list of .org domain names that have been > registered? If you can satisfy the terms of the sone file access agreement, you can get a copy of the org zone which will give you a list of

Re: de-peering for security sake

On Dec 26, 2015, at 10:09, Stephen Satchell wrote: > My gauge is volume of obnoxious traffic. When I get lots of SSH probes from > a /32, I block the /32. ... without any knowledge of how many end systems are going to be affected. A significant campus or provider user base

Re: Rack Locks

On Nov 20, 2015, at 20:55, Jimmy Hess wrote: > You're not going to be able to look at a log and see Joe opened it at 2:45AM > 12 months ago, and ever since then, the servers are not quite right. And I would have got away with it to, if it wasn't for you kids and your pesky

Re: bad announcement taxonomy

On 18 Nov 2015, at 15:55, Arturo Servin wrote: > Laundered route The routes in question are not just being laundered, they're being bleached. Joe

Re: configuration sanity check

Salut Marcel, On Oct 29, 2015, at 04:16, "marcel.durega...@yahoo.fr" wrote: > Any recommendation about a software which check the live config of > cisco/juniper devices against some templates ? > > The goal is to have a template about different function device, like:

Re: *tap tap* is this thing on?

On Oct 26, 2015, at 13:10, Brielle Bruns wrote: > This spam flood is kinda hilarious in a way. Any idea why no one with mod or > admin privs for the mailing list has bothered to step in and deal with this? I asked a similar question myself on another list. But then after a

Fw: new message

Hey! New message, please read <http://lowveld-tours.com/often.php?lcvf> Joe Abley

Re: /27 the new /24

On 12 Oct 2015, at 11:23, Todd Underwood wrote: it's also not entirely obvious what the point of having local IXes that serve these kinds of collections of people. I think that's true. But I don't think it's always the case this means there is no point. When Citylink (incubated by the

Re: /27 the new /24

On 7 Oct 2015, at 9:29, Matthew Kaufman wrote: On Oct 7, 2015, at 5:01 AM, Owen DeLong wrote: Instead, the followup question is needed… “That’s great, but how does that help me reach a web site that doesn’t have and can’t get an IPv4 address?” At the present time, a web

Re: root zone archive

Hi Alvin, On 17 Sep 2015, at 1:27, alvin nanog wrote: On 09/17/15 at 12:33am, Joe Abley wrote: ... I'm particularly interested in zone data that describes the build out of the original root zone NS set to nine servers in mid-1994, the renaming under the ROOT-SERVERS.NET domain

root zone archive

Hi all, Is anybody here aware of a complete or partial archive of root zone data that is older than the set available at DNS-OARC? OARC's archive has nothing older than July 2009. I'm particularly interested in zone data that describes the build out of the original root zone NS set to nine

Re: Updating dns glue

Hi Mike, On 5 Sep 2015, at 0:34, Mike wrote: Due to a recent fiber cut in northern california, I've stepped up my plan to have one authoritative dns and backup mail exchanger located on another network far, far away. I am sadly having immense trouble with dotster understanding that I need

Re: Exploits start against flaw that could hamstring huge swaths of Internet | Ars Technica

Hi Jared, On 4 Aug 2015, at 12:00, Jared Mauch wrote: I recommend using DNSDIST to balance traffic at a protocol level as you can have implementation diversity on the backside. I can send an example config out later for people. You can balance to bind NSD and others all at the same time :-)

Re: Exploits start against flaw that could hamstring huge swaths of

On 4 Aug 2015, at 15:54, Barry Shein wrote: Wow this thread went off-track in nanoseconds. So which bind versions are ok? 9.10.2-P3 is marked current stable, and 9.9.7-P2 is marked current-stable ESV at: https://www.isc.org/downloads/ The bind-users is probably a place where this kind

Re: Route leak in Bangladesh

On 1 Jul 2015, at 11:03, Jared Mauch wrote: On Wed, Jul 01, 2015 at 03:54:16PM +0100, Nick Hilliard wrote: On 01/07/2015 15:51, Mark Tinka wrote: I found RPSL complicated a few years ago, and sort of put that on the back-burner. you probably want to ignore more rpsl constructs and depend

Re: Route leak in Bangladesh

On 30 Jun 2015, at 9:41, Job Snijders wrote: In addition to the BGP community scheme, outbound as-path filters could help. I agree, but possibly not in the case of a redistribution loop. (We don't know that's what happened, exactly, but I thought it was worth mentioning.) Joe

Re: World's Fastest Internet™ in Canadaland

On 26 Jun 2015, at 15:04, Hank Disuko wrote: Bell Canada is apparently gearing up to provide the good people of Toronto with the World's Fastest Internet™. http://www.thestar.com/news/city_hall/2015/06/25/bell-canada-to-give-toronto-worlds-fastest-internet.html Bell Canada is in the

Re: Anycast provider for SMTP?

On 19 Jun 2015, at 8:12, Christopher Morrow wrote: On Fri, Jun 19, 2015 at 7:19 AM, James Hartig fastest...@gmail.com wrote: Just curious, how does DNS load balancing work if people are using 8.8.8.8/208.67.222.222 or basically any public resolvers that cache and If the client that

Re: Anycast provider for SMTP?

On 18 Jun 2015, at 7:51, Ray Soucy wrote: You can certainly do anycast with TCP, and for small stateless services it can be effective. You can't do anycast for a stateful application without taking the split-brain problem into account. It's really difficult to apply broad can or can't,

Re: Anycast provider for SMTP?

On 18 Jun 2015, at 15:43, Jonas Björk wrote: While risking being slightly off topic: Does anyone use anycast dhcp servers? Have you run into any problems considering synching the leases? Since DHCP uses broadcast and multicast addresses when a client is discovering a server, it's not

Re: Anycast provider for SMTP?

On Jun 17, 2015, at 17:15, Chuck Church chuckchu...@gmail.com wrote: As such, you typically only see it leveraged for simple services (e.g. DNS, NTP). I've been thinking about this for NTP. Wouldn't you end up with constant corrections with NTP and Anycast? I am not a time geek, but the

Re: Anycast provider for SMTP?

Hi Joe, On 15 Jun 2015, at 13:50, Joe Hamelin wrote: I have a mail system where there are two MX hosts, one in the US and one in Europe. Both have a DNS MX record metric of 10 so a bastardized round-robin takes place. This does not work so well when one site goes down. My solution will

Re: Anycast provider for SMTP?

On 15 Jun 2015, at 15:05, Dave Taht wrote: I have been using anycast at a small scale on mesh networks, for dns, primarily. Works. Many of us have been using anycast at Internet scale for DNS for a couple of decades. I would go further than works and perhaps say necessary. There were some

Re: most accurate geo-IP source to build country-based access lists

On 9 Jun 2015, at 5:11, Martin T wrote: At a brute force country level it is possible to use the Delegated ranges lists but that runs into the problem where IP ranges are subnetted and allocated to other countries. Yeah. I would say that a perfectly accurate mapping of address to anything

Re: Looking for information on IGP choices in dual-stack networks

On 9 Jun 2015, at 16:23, Christopher Morrow wrote: On Tue, Jun 9, 2015 at 3:21 PM, Randy Bush ra...@psg.com wrote: If you have a production dual-stack network, then we would like to know which IGP you use to route IPv4 and which you use to route IPv6. in one network, both ospfs. in

Re: Looking for information on IGP choices in dual-stack networks

Hi Randy, On Jun 9, 2015, at 18:08, Randy Bush ra...@psg.com wrote: Routers makes more sense to me than networks (IGP, so one network, right?) so you are thinking of a network where half the routers run is-is one quarter ospf/ospfv2 and one quarter ospf/ripv3. right. No, not at all. I

Re: gmail security is a joke

On 28 May 2015, at 22:18, Rich Kulawiec wrote: On Thu, May 28, 2015 at 03:13:37PM -0400, William Herrin wrote: My first dog's name was a random and unpronounceable 30-character string. I think this (Bill's) is a very good practice. That's what I should do. Instead, I pull down the list

Re: gmail security is a joke

On 27 May 2015, at 13:19, Owen DeLong wrote: If someone has the ability to hijack your BGP, then you’ve got bigger problems than having them take over your Gmail account. Could we perhaps summarise this entire thread with if you have tighter security requirements for your e-mail than a

Re: Measuring DNS Performance Graphing Logs

Hi Zayed, I think you're more likely to get good answers to your BIND-specific questions on the bind-users mailing list. See: https://lists.isc.org/mailman/listinfo/bind-users BIND9 has the capability to produce a vast variety and volume of logs, and dealing with logs in general is

Re: ASN Domain for rDNS

On 9 Dec 2014, at 19:30, Keefe John keefe...@ethoplex.com wrote: I've been seeing more and more carriers(and even small ISPs) using as.net as their domain for rDNS on IP space. What are the pros and cons for doing this versus using your primary business domain name? When you are

Re: Anyone running Knot?

Hi Jay, On 6 August 2014 at 23:26:36, Jay Ashworth (j...@baylink.com) wrote: LWN this week covers the Knot DNS server, written by/for the .cz root zone ops, which can, amongst other interesting attributes, load the entire 35 million record .net zone in 10 seconds.

Re: rz.verisign-grs.com root zone ftp access

they offer it in XML too. [ Paging Joe Abley ] *twitch* Half of this thread seems to be talking about the COM/NET zones, not the root zone, but since you asked... ftp://ftp.internic.net/domain/root.zone is a service provided by ICANN. ftp://rs.internic.net/domain/root.zone is a service

Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff

On 13 May 2014, at 15:49, Paul Ferguson fergdawgs...@mykolab.com wrote: So is there just reluctant acceptance of this law, or is there push-back and plans to repeal, or...? This was news to me when I heard about it the other day (because apparently I am a bad kiwi and do not keep myself

real-world data about fragmentation

Hi all, It's common wisdom that a datagram that needs to be fragmented between endpoints (because it is bigger than the path MTU) will demonstrate less reliable delivery and reassembly than a datagram that doesn't need to be fragmented, because math, firewall, other, take your pick. Is

Re: [dns-wg] Global Vs local node data in www.root-servers.org

On 17 Mar 2014, at 7:39, John Bond john.b...@icann.org wrote: Global and Local nodes are very loosely defined terms. However general consensus of a local node is one that has a desired routing policy which does not allow the service supernets to propagate globally. As we impose no policy

Re: [dns-wg] Global Vs local node data in www.root-servers.org

On 17 Mar 2014, at 10:27, manning bill bmann...@isi.edu wrote: alas, our service predates Joe’s marvelous text. “B” provides its services locally to its upstream ISPs. We don’t play routing tricks, impose routing policy, or attempt to influence prefix announcement. In the taxonomy I just

Re: Managing IOS Configuration Snippets

On 27 Feb 2014, at 12:46, Erik Muller er...@buh.org wrote: On 2/27/14, 12:21 , Suresh Ramasubramanian wrote: This has been around for several years now - http://sourceforge.net/projects/cisco-conf-rep/ But that's just archiving, like rancid, right? This is not any kind of sensible answer

Re: Internet Routing Registries - RADb, etc

On 2014-01-16, at 18:21, Jeroen Massar jer...@massar.ch wrote: On 2014-01-16 23:11, Nick Hilliard wrote: On 16/01/2014 21:22, Jon Lewis wrote: Also, at least of the ones I've dealt with, there is no verification of records as they're entered. on the RIPE IRRDB, there is validation, so you

Re: best practice for advertising peering fabric routes

On 2014-01-15, at 12:04, Jim Shankland na...@shankland.org wrote: On 1/14/14, 8:41 PM, Patrick W. Gilmore wrote: I repeat: NEVER EVER EVER put an IX prefix into BGP, IGP, or even static route. An IXP LAN should not be reachable from any device except those directly attached to that LAN.

Re: BGP neighbor/configuration testing

On 2013-11-20, at 14:53, Eric A Louie elo...@yahoo.com wrote: Scenario: a regional ISP preparing to cutover to a new upstream BGP provider at one of my POPs. Want minimal or no network disruption, and want to ensure everything is ready to go prior to the cutover. I'm planning to use

Re: Cogent IPV6 connectivity to fireball.acr.fi

On Nov 3, 2013, at 15:38, Clinton Work clin...@scripty.com wrote: I can reach fireball.acr.fi on TCP port 80 so it looks like Cogent is just filtering or dropping IPV6 traceroute packets. Traceroute packets is extremely vague. As a general rule, if you want to discover a complete path between

Re: Reverse DNS RFCs and Recommendations

On Oct 30, 2013, at 17:34, Nolan Rollo nro...@kw-corp.com wrote: So in the four examples below, 3 of them preface the IP with an alpha character. Charter however, starts the rDNS off with a number. I'm not arguing with anyone but what potential problems could that cause with DNS? None.

Re: ipv6 and geolocation

On 2013-10-22, at 15:16, Blair Trosper blair.tros...@gmail.com wrote: Everyone loves IPv6, and it's a fantastic technology. However, I've been pondering a few quirks of v6, including the low priority of PTR, Not sure what that means, but... but I have a question I want to throw out there:

Re: Need understand...

On 2013-10-21, at 10:31, Randy Bush ra...@psg.com wrote: feeling a little st00pid here. The crsnic servers return hostname matches as well as domain matches, an enduring source of confusion for many years. You can make the server show all records that match using =. There's other stuff,

Re: clear forwarding route

On 2013-10-18, at 11:40, Manav Bhatia manavbha...@gmail.com wrote: I would like understand the circumstances under which an operator may want to clear all (or a subset of) the routes programmed in the forwarding table (FIB). Because of bugs which have led to the FIB containing data that

Re: comcast ipv6 PTR

On 2013-10-09, at 10:10, Chris Adams c...@cmadams.net wrote: Once upon a time, Blair Trosper blair.tros...@gmail.com said: True, but the location information, at least the state, is quasi-helpful. That's another good reason to have reverse records for defined router interfaces.

Re: NANOG 59 - Monday presentations on YouTube

On 2013-10-09, at 18:04, Mehmet Akcin meh...@akcin.net wrote: On Oct 9, 2013, at 3:03 PM, Martin Hannigan hanni...@gmail.com wrote: Yes, very awesome! Wanted to take a quick moment to thank Sylvie, Betty and rest of the outgoing (past included) Board members for a job well done. So far

Re: NANOG 59 - Monday presentations on YouTube

On 2013-10-09, at 18:35, Shrdlu shr...@deaddrop.org wrote: On 10/9/2013 6:14 PM, Joe Abley wrote: I'd also like to thank the members for voting in much greater numbers than are normally seen, and for having the good sense to elect three new board members that I'm sure will do a better job

Re: minimum IPv6 announcement size

On 2013-09-27, at 10:40, Brandon Ross br...@pobox.com wrote: On Fri, 27 Sep 2013, Ryan McIntosh wrote: It's a waste, even if we're planning for the future, no one house needs a /64 sitting on their lan.. or at least none I can sensibly think of o_O. Okay, I'm just curious, what size do

Re: iOS 7 update traffic

On 2013-09-23, at 09:10, Simon Leinen simon.lei...@switch.ch wrote: Glen Kent writes: One of the earlier posts seems to suggest that if iOS updates were cached on the ISPs CDN server then the traffic would have been manageable since everybody would only contact the local sever to get the

Re: iOS 7 update traffic

On 2013-09-23, at 09:41, Glen Kent glen.k...@gmail.com wrote: BTW Linux distributions are available to download via bittorrent, so we dont really need Akamai/Limelight here. Is there a reason why Apple has not adopted bit-torrent for distribution? Are there legal/commercial implications

Re: iOS 7 update traffic

On 2013-09-19, at 13:58, Paul Ferguson fergdawgs...@mykolab.com wrote: Can someone please explain to a non-Apple person what the hell happened that started generating so much traffic? Perhaps I missed it in this thread, but I would be curious to know what iOS 7 implemented that caused

Re: iOS 7 update traffic

On 2013-09-19, at 14:11, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: I don't see how operators could tolerate this, honestly. I can't think of a single provider who does not oversubscribe their access platform... Which leads me to this question : Why does apple feel it

Re: iOS 7 update traffic

On 2013-09-19, at 18:08, Jared Mauch ja...@puck.nether.net wrote: I think there's a lot that could be done when looking at how to shift this. But likely not before the first iOS 7 patch release. http://appleinsider.com/articles/13/09/19/apples-control-center-used-to-bypass-ios-7-passcode-lock

Re: DNS Reliability

On 2013-09-13, at 16:01, Jean-Francois Mezei jfmezei_na...@vaxination.ca wrote: On 13-09-12 21:53, Larry Sheldon wrote: I expect 100.000% I'll accept 99.999% or better. At these numbers, one has to start to count failover time. Before really any part of this thread makes sense, you

Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty

On 2013-09-09, at 14:29, joel jaeggli joe...@bogus.com wrote: On 9/9/13 7:43 AM, Jason Lixfeld wrote: That notwithstanding, it's stupid to send traffic to/from one of the large $your_region/country incumbents via $not_your_region/country. It's just not good Internet. yyz-yvr is faster

Re: Evaluating Tier 1 Internet providers

On 2013-08-27, at 15:02, Eric Louie elo...@yahoo.com wrote: Based on various conversation threads on Nanog I've come up with a few criteria for evaluating Tier 1 providers. I'm open to add other criteria - what would you add to this list? And how would I get a quantitative or qualitative

Re: Vancouver IXP - VanTX - BCNet

On 2013-08-21, at 6:40, Christopher Morrell christopher.morrell.na...@gmail.com wrote: I think CANIX in Toronto has been dead for years. I used to operate the switch for it in my days at UUNET in the 90s. Yes, very dead. In Montreal, is anyone at the Peer1 exchange other than Peer1? Peer1

Re: Vancouver IXP - VanTX - BCNet

Hi Randy, On 2013-08-20, at 01:05, Randy Bush ra...@psg.com wrote: As you may know CIRA has been working with groups across Canada to establish new IXPs. wow! i thought there were a lot of ixps, torix, vantx, ... The TorIX has been the most significant exchange point with growth and

Re: How big is the Internet?

On 2013-08-15, at 16:18, Larry Sheldon larryshel...@cox.net wrote: Isn't that like excluding city streets from the How many miles of roads? question--likely to be the bigger fraction of the whole-as-a-traveler-sees-it? At last! A car analogy. I was beginning to think this was some other

Re: .nyc - here we go...

On 2013-07-03, at 01:04, Paul Ferguson fergdawgs...@gmail.com wrote: Why does this discussion have to always be one or the other? We have multiple problems here, friends. Focus. I think you mean de-focus. :-) Joe

Re: Paetec PI space?

On 2013-06-26, at 13:52, Adam Greene maill...@webjogger.net wrote: We have a customer who was assigned some PI IPv4 space by Paetec back in mid-90's I think it's correct to say that the only entities that can assign PI IPv4 space are RIRs and the IANA. If I'm right, what you're talking about

Re: How ISP's in ARIN region create automatic prefix-filters?

On 2013-06-12, at 13:38, Martin T m4rtn...@gmail.com wrote: as I understand, ARIN whois database does not contain route objects, which are used for example in RIPE region for automatic BGP prefix filter generation. whois.arin.net:43 is for assignment/allocation information. Does not use

Re: PGP/SSL/TLS really as secure as one thinks?

On 2013-06-07, at 11:14, Jeroen Massar jer...@massar.ch wrote: On 2013-06-07 06:50, Dan White wrote: [..] A nice 'it is Friday' kind of thought OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities. If you can't trust the entities

Re: Single AS multiple Dirverse Providers

On 2013-06-10, at 18:36, Dennis Burgess dmburg...@linktechs.net wrote: I have a network that has three peers, two are at one site and the third is geographically diverse, and there is NO connection between the two separate networks. Currently we are announcing several /24s out one

Re: Single AS multiple Dirverse Providers

On 2013-06-10, at 18:43, Joe Abley jab...@hopcount.ca wrote: [...] neigh x.x.x.x allowas-in on JunOS. Actually, I think that's JunOSe. Or however you capitalise it. Joe

Re: Canadian Hosting Providers - how do you handle copyright and trademark complaints

Hi Landon, On 2013-06-04, at 19:44, Landon landonstew...@gmail.com wrote: I'm wondering how other Canadian Hosting Providers handle copyright and trademark complaints about customers on their network. This is perhaps not directly related to your question (it concerns the application of

Re: NANOG58 - link to OpenFlow session slides

On 2013-06-03, at 11:14, Phil Fagan philfa...@gmail.com wrote: Stupid questionthere's not a live stream for 58 is there? There's a grey icon in the agenda for sessions that are being streamed, looks like. Click grey icon, video appears. Joe

Re: Geoip lookup

On 2013-05-23, at 15:47, shawn wilson ag4ve...@gmail.com wrote: What's the best way to find the networks in a country? I was thinking of writing some perl with Net::Whois::ARIN or some such module and loop through the block. But I think I'll have to be smarter than just a simple loop not to

Re: Geoip lookup

On 2013-05-23, at 16:56, shawn wilson ag4ve...@gmail.com wrote: It looks you're right and everyone does have the same data in historical format. Looks like RIPE has everything compiled into what is current. So if a block hasn't changed for 10 years, it'll be in the RIPE dataset vs with the

Re: Dear NANOG Gods

Hi Warren, On 2013-05-21, at 14:48, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: I need to ship some Dell servers, and my google skills have gotten me nowhere. Is there a decent place to find standard server size shipping boxes? Located in Socal if anyone has an extra or

Re: Dear NANOG Gods

before and also servers as joe mentioned below let me know how we can help mehmet On May 21, 2013, at 12:27 PM, Joe Abley joe.ab...@icann.org wrote: Hey, Do you remember where you bought those flight cases we used to ship Dell 1Us around the place? People on NANOG want to know

Re: Could not send email to office 365

On 2013-05-02, at 02:42, Cathy Almond cat...@isc.org wrote: This may be a red herring, but I've heard of some dropping of DNS queries for the names within outlook.com domains where the queries are all coming from source port 53 (i.e. your recursive server doesn't use query source port

Re: Google Public DNS Problems?

On 2013-05-02, at 11:51, Jay Ashworth j...@baylink.com wrote: But since Perry's problem is *inability to resolve names in google's public zones*, the *path to the ZONE servers* is the thing diagnostics would require a trace to, no? Blair's problem, I think. Perry was just being helpful.

Re: Google Public DNS Problems?

On 2013-05-02, at 11:59, Charles Gucker cguc...@onesc.net wrote: That's not entirely true.You can easily do lookup for whoami.akamai.net and it will return the unicast address for the node in question (provided the local resolver is able to do the resolution).This is a frequent

Re: Google Public DNS Problems?

On 2013-05-02, at 12:10, Joe Abley jab...@hopcount.ca wrote: On 2013-05-02, at 11:59, Charles Gucker cguc...@onesc.net wrote: That's not entirely true.You can easily do lookup for whoami.akamai.net and it will return the unicast address for the node in question (provided the local

Re: Andros Island Connectivity?

On 2013-05-01, at 01:23, joseph.sny...@gmail.com wrote: Doesn't cable Bahamas sell in andros BaTelCo has five retail stores on Andros too, which suggests they offer some kind of service there (whether wireline or wireless). For a list whose subscribers have generally more experience on the

Re: Google Public DNS Problems?

On 2013-05-01, at 12:09, Blair Trosper blair.tros...@gmail.com wrote: Is anyone else seeing this? From Santa Clara, CA, on Comcast Business...I'm getting SERVFAIL for any query I throw at 8.8.8.8 and 8.8.4.4... Level 3's own public resolvers are fine for me, as are OpenDNS's resolvers.

Re: KVM

On 2013-04-23, at 17:36, shawn wilson ag4ve...@gmail.com wrote: I'm looking at an IP-KVM. I have heard only good things about opengear. Joe

Re: What do people use public suffix for?

On 2013-04-19, at 14:17, Bjørn Mork bj...@mork.no wrote: It is already, isn't it? The NS and SOA records will tell you all there is to know about zone splits and cross zone relations. Not really. In general, just because a zone is served by the same nameservers as another zone doesn't mean

Re: What do people use public suffix for?

On 2013-04-15, at 12:00, Jay Ashworth j...@baylink.com wrote: Seems to me that it's a crock because *it should be in the DNS*. I should be able to retrieve the AS (administrative split) record for .co.uk, and there should be one that says, yup, there's an administrative split below me;

Re: Quad-A records in Network Solutions ?

You have a choice of registrars. If you don't like the one you are using right now, choose a different one. There are lots to choose from. http://www.icann.org/registrar-reports/accredited-list.html Joe Sent from my Ono-Sendai Cyberspace 7 On 2013-04-10, at 2:42, Alejandro Acosta

Re: route for linx.net in Level3?

On 2013-04-04, at 15:53, Brian Dickson brian.peter.dick...@gmail.com wrote: Leo Bicknell wrote: Even if the exchange does not advertise the exchange LAN, it's probably the case that it is in the IGP (or at least IBGP) of everyone connected to it, I have experience of several networks

public consultation on root zone KSK rollover

Hi all, As advised a month or so ago, the following public comment period is open: http://www.icann.org/en/news/public-comment/root-zone-consultation-08mar13-en.htm We have received a small number of responses which are accessible from that page. The topic at hand and the specific

Re: Open Resolver Problems

On 2013-04-03, at 11:25, Jerry Dent effinjd...@gmail.com wrote: I think that is .2% - .3%, no? Oh, you're right -- it does seem substantially closer to zero when you put the decimal point in the right place :-) Joe

Re: Open Resolver Problems

On 2013-04-03, at 12:52, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Joe Abley jab...@hopcount.ca On 2013-04-03, at 11:25, Jerry Dent effinjd...@gmail.com wrote: I think that is .2% - .3%, no? Oh, you're right -- it does seem substantially closer to zero

Re: Open Resolver Problems

On 2013-04-02, at 18:18, John Kristoff j...@cymru.com wrote: I would expect from stubs this will be close enough to zero to be effectively zero. At least I would hope so. This (below) is one of four resolvers, together providing service for two recursive DNS servers used by residential DSL

Re: Open Resolver Problems

On 2013-04-01, at 14:19, Jay Ashworth j...@baylink.com wrote: From: Roland Dobbins rdobb...@arbor.net On Apr 1, 2013, at 11:18 PM, Patrick W. Gilmore wrote: Of course, since users shouldn't be using off-net name servers anyway, this isn't really a problem! :) ; It's easy enough to

Re: Open Resolver Problems

On 2013-03-27, at 09:47, William Herrin b...@herrin.us wrote: On Tue, Mar 26, 2013 at 10:07 PM, Tom Paseka t...@cloudflare.com wrote: Authoritative DNS servers need to implement rate limiting. (a client shouldn't query you twice for the same thing within its TTL). Right now that's a

Re: Open Resolver Problems

On 2013-03-27, at 14:52, Jared Mauch ja...@puck.nether.net wrote: I am very concerned about examples such as this possibly being implemented by a well intentioned sysadmin or neteng type without understanding their query load and patterns. bind with the rrl patch does log when things are

Re: Open Resolver Problems

On 2013-03-27, at 17:59, Jack Bates jba...@brightok.net wrote: DNS is UDP for a reason. Not a great reason, as it turns out. But hindsight is 20/20. The infrastructure to switch it to TCP is prohibitive and completely destroys the anycast mechanisms. No. Joe

  1   2   3   4   >