Hi Sean,
from thursday, we have copied some ~300 GB packages from Prague to San
Diego (~200 ms delay, 10 GE flat ethernet end machines connected via
1GE) files using RBUDP which worked great.
Each scenario needs some planning. You have to answer several questions:
1) What is the performance
On 12 Jun 2008, at 20:55, Raymond L. Corbin wrote:
Something going on with SpamHaus site/ dnsbl servers?
spamhaus.org1 SOA
server: need.to.know.only 259200s
email: [EMAIL PROTECTED]
serial: 2008060901
refresh:
BGP Update Report
Interval: 12-May-08 -to- 12-Jun-08 (32 days)
Observation Point: BGP Peering with AS2.0
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS15169 301131 4.1%2264.1 -- GOOGLE - Google Inc.
2 - AS4538 120238 1.6%
This report has been generated at Fri Jun 13 21:14:59 2008 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
On Fri, 13 Jun 2008 08:02:58 +
Steve Linford [EMAIL PROTECTED] wrote:
On 12 Jun 2008, at 20:55, Raymond L. Corbin wrote:
Something going on with SpamHaus site/ dnsbl servers?
We get a spamhaus data feed of PBL, SBL, and XBL
and have not seen any problems recently.
matthew black
hi,
I'm looking for tools which could backup BRAS and router configuration
automatically, while monitoring special configuration changes.
RANCID seems to be able to backup whold configuration, but it seems it could
not monitor special feature configuration segment changes ( e.g. changes
On 13 Jun 2008, at 16:35, Matthew Black wrote:
On Fri, 13 Jun 2008 08:02:58 +
Steve Linford [EMAIL PROTECTED] wrote:
On 12 Jun 2008, at 20:55, Raymond L. Corbin wrote:
Something going on with SpamHaus site/ dnsbl servers?
We get a spamhaus data feed of PBL, SBL, and XBL
and have not
We're using Cirrus from Solarwinds for this works pretty good (at least
since they brough out the latest patch a few months ago)
It does full config backup but will only backup changed configs - also sends a
daily email to us with any changes made to routers etc also daily report
Kevin Oberman [EMAIL PROTECTED] writes:
From: Robert E. Seastrom [EMAIL PROTECTED]
Date: Thu, 12 Jun 2008 21:15:49 -0400
Randy Bush [EMAIL PROTECTED] writes:
and for those of us who are addicted to simple rsync, or whatever over
ssh, you should be aware of the really bad openssh
Date: Thu, 12 Jun 2008 19:26:56 -0400
From: Robert Boyle [EMAIL PROTECTED]
At 06:37 PM 6/12/2008, you wrote:
I'm looking for input on the best practices for sending large files
over a long fat pipe between facilities (gigabit private circuit, ~20ms RTT).
I'd like to avoid modifying TCP
Many thanks for great replies on and off-list.
The suggestions basically ranged from these options:
1. tune TCP on all hosts you wish to transfer between
2. create tuned TCP proxies and transfer through those hosts
3. setup a socat (netcat++) proxy and send through this host
4. use an
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith [EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Price wrote:
SNIP
From what I have read, public DNS servers should support both UDP and
TCP queries. TCP queries are often used when a UDP query fails, or if
the answer is over a certain length.
UDP is used for queries.
TCP is used for
On Fri, 13 Jun 2008 14:14:55 EDT, Jon Kibler said:
UDP is used for queries.
TCP is used for zone transfers.
It's also sometimes used if a reply doesn't fit in the 512 bytes for a
UDP answer and EDNS0 isn't in effect. You get a truncated UDP packet back
and re-ask the query over TCP.
Date: Fri, 13 Jun 2008 14:14:55 -0400
From: Jon Kibler [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Price wrote:
SNIP
From what I have read, public DNS servers should support both UDP and
TCP queries. TCP queries are often used when a UDP query fails, or if
Date: Fri, 13 Jun 2008 12:40:48 -0400
From: Robert Boyle [EMAIL PROTECTED]
At 12:01 PM 6/13/2008, Kevin Oberman wrote:
Clearly you have failed to try very hard or to check into what others
have done. We routinely move data at MUCH higher rates over TCP at
latencies over 50 ms. one way (100
On Fri, Jun 13, 2008 at 02:14:55PM -0400, Jon Kibler wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Price wrote:
SNIP
From what I have read, public DNS servers should support both UDP and
TCP queries. TCP queries are often used when a UDP query fails, or if
the answer is
Sorry to abuse the list, but aset.com seems to have some mail blocking
issues:
[EMAIL PROTECTED]
(reason: 551 5.7.1 Message undeliverable. Please see:
http://bounce.trustem.net/edu.php?id=m5DIJA6U012003.0.1... not accept email
from DHCP connections with an academic institution supplied
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kevin Oberman wrote:
If it does not, you should be very concerned. The RFCs (several, but
I'll point first to good old 1122) allow either TCP or UDP to be used
for any operation that will fit in a 512 byte transfer. (EDNS0 allows
larger UDP.)
On Fri, 13 Jun 2008 14:14:55 -0400
Jon Kibler [EMAIL PROTECTED] wrote:
TCP is used for zone transfers.
If my server responded to TCP queries from anyone other than a secondary
server, I would be VERY concerned.
I wouldn't be unless it looked like a DDoS - and it might for some that
are seeing
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it fine, so I just thought I'd try it out for kicks
today. From two of four ISP's it worked fine, from Verizon
FIOS and
First: if you don't allow TCP queries, then you're going to break lots
of recent applications for DNS.
Second: unless your server and resolver support EDNS0, there is no way
to increase the size of a UDP response, and even then, it's not large
enough for many applications (ENUM, TXT, APL, etc.).
On Fri, 13 Jun 2008 15:08:47 EDT, David Hubbard said:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it fine, so I just thought I'd try it out for kicks
today.
Jon Kibler wrote:
Various hardening documents for Cisco routers specify the best practices
are to only allow 53/tcp connections to/from secondary name servers.
Plus, from all I can tell, Cisco's 'ip inspect dns' CBAC appears to only
handle UDP data connections and anything TCP would be denied.
Justin Shore wrote:
Jon Kibler wrote:
Various hardening documents for Cisco routers specify the best practices
are to only allow 53/tcp connections to/from secondary name servers.
Plus, from all I can tell, Cisco's 'ip inspect dns' CBAC appears to only
handle UDP data connections and anything
On Fri, Jun 13, 2008 at 3:16 PM, [EMAIL PROTECTED] wrote:
On Fri, 13 Jun 2008 15:08:47 EDT, David Hubbard said:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it
On Jun 13, 2008, at 4:11 PM, Christopher Morrow wrote:
On Fri, Jun 13, 2008 at 3:16 PM, [EMAIL PROTECTED] wrote:
On Fri, 13 Jun 2008 15:08:47 EDT, David Hubbard said:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for
Christopher Morrow wrote:
go-go-actiontec (vol sends those out, god do they suck...)
Crappy CPE's are exactly why we don't hand out .0 and .255 addresses in
our DHCP pools. :(
--
Kameron Gasso | Senior Systems Administrator | visp.net
Direct: 541-955-6903 | Fax: 541-471-0821
On 2008-06-12, Kevin Oberman [EMAIL PROTECTED] wrote:
The idea is to use tuned proxies that are close to the source and
destination and are optimized for the delay.
OpenBSD has relayd(8), a versatile tool which can be used here.
There is support for proxying TCP connections. These can be
I have had a look into the manuals of my ISP's routers.
Those boxes can think in /24 only. The split whatever you
have down to several /24 and reserve both .0 and .255 in
each of them.
I have seen both .0 and .255 in the WLAN behind NAT working
but you have to ifconfig the interface via telnet.
David Hubbard wrote:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it fine, so I just thought I'd try it out for kicks
today. From two of four ISP's it worked fine,
Mike Lewinski wrote:
The TCP/IP stack in Windows XP is broken in this regard, possibly in
Vista as well, though I've yet to have the displeasure of finding out.
A co-worker confirms that his Vista SP1 can access our .255 router via SSH.
Mike Lewinski wrote:
The TCP/IP stack in Windows XP is broken in this regard, possibly in
Vista as well, though I've yet to have the displeasure of finding out.
A co-worker confirms that his Vista SP1 can access our .255 router via SSH.
Aww, that's too bad. I've long enjoyed setting
Mike Lewinski wrote:
David Hubbard wrote:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it fine, so I just thought I'd try it out for kicks
today. From two of four
On Fri, 13 Jun 2008 13:43:36 -0700
Kameron Gasso [EMAIL PROTECTED] wrote:
Christopher Morrow wrote:
go-go-actiontec (vol sends those out, god do they suck...)
Crappy CPE's are exactly why we don't hand out .0 and .255 addresses in
our DHCP pools. :(
--
Kameron Gasso | Senior Systems
Funny this discussion surfaced now - I got bitten by this recently.
Was using .255 for NAT on a secondary firewall. When the primary
failed over, parts of the Internet became unreachable...
Tim:
On Fri, Jun 13, 2008 at 9:51 PM, Mark Smith
[EMAIL PROTECTED] wrote:
On Fri, 13 Jun 2008 13:43:36
[EMAIL PROTECTED] wrote on 2008-06-14:
RFC1519 is 15 years old now. I *still* heard a trainer (in a Cisco
class no less) mention class A/B/C in the last few months. Some evil
will obviously take generations to fully stamp out.
We've faced two issues with .255 and .0:
- Using /31 links
On Fri, Jun 13, 2008 at 03:08:47PM -0400, David Hubbard wrote:
I remember back in the day of old hardware and operating
systems we'd intentionally avoid using .255 IP addresses
for anything even when the netmask on our side would have
made it fine, so I just thought I'd try it out for kicks
38 matches
Mail list logo
