iews to any product that
doesn't work in a IPv6 only network.
> --
> Mikael Abrahamssonemail: swm...@swm.pp.se
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
cess to this, so no testing is
> being done.
IPv6 only is easy to setup if you already have dual stack.
On my Mac it is "System Preferences", "Network Preferences",
"Advanced", "TCP/IP", "IPv4 -> Off" then reboot to clear any linger
less packet that
needs to be processed by the CGN *farm*.
Split the bill so you can see the IPv4 and IPv6 traffic components
and add a CGN loading on the IPv4 traffic.
Mark
> --
> Mikael Abrahamsson email: swm...@swm.pp.se
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Va
> Mike
I've had IPv6 for nearly a decade with no help from my ISP. I
needed it to do IPv6 developement. It isn't hard to get IPv6 if
you need it.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
=
> ever network protocol and that there is no reason to upgrade ever, only =
> that it works well in datacenters.=20
>
> (Yes, I am technically trolling. But mostly because I don't have the =
> energy to fight for IPv6 any more. Maybe you do?)
Most of which
ws/learn2quote.html
> dr...@icantclick.org ascii ribbon campaign - stop html mail
> http://www.asciiribbon.org/
>
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
an
go in there and fix it if you need to.
I've coded for platforms that I have never worked on. It's a little
more difficult but not impossible. I've debugged problems on
machines that I don't have access to. Again it is more difficult
but not impossible.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <20121128041816.gf1...@dyn.com>, Andrew Sullivan writes:
> On Wed, Nov 28, 2012 at 08:41:13AM +1100, Mark Andrews wrote:
> >
> > If they are writing network based code a tunnel broker should not
> > be a issue. Tunnel brokers are not that hard to use. Th
I'm willing
> to bet that any economic analysis of that problem against CALEA reveals =
> the
> relatively swift conclusion that the fines cost less than the =
> infrastructure to preserve
> the logs.
The fine will be first then the court order to move all the customers
to IPv6.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
sary
to trouble shoot problems. We have been doing this for over a
decade. I'm sure you will find other applications that log port
number as well as the address.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
bit relative to the hoi polloi and even attempt to
> understand the constraints under which they operate.
>
> ---
> Roland Dobbins // <http://www.arbornetworks.com>
>
> Luck is the residue of opportunity and design.
>
>
who have been dragging their feet give in and add IPv6
> support.
>
> As mentioned with a shift to web applications though the browser, it's
> been a lot less work. Just throw your application on a server with
> IPv6 and it will generally work. You might need to modify a few
>
Herrin
>
>
> --
> William D. Herrin her...@dirtside.com b...@herrin.us
> 3005 Crane Dr. .. Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
IPv6 support is cheaper than adding most other
features.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
0.4.
> Escape character is '^]'.
> Connection closed by foreign host.
>
> Regards,
> Bill Herrin
>
>
> --
> William D. Herrin her...@dirtside.com b...@herrin.us
> 3005 Crane Dr. .. Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message ,
William Herrin writes:
> On Wed, Dec 5, 2012 at 5:01 PM, Mark Andrews wrote:
> > In message om>,
> > William Herrin writes:
> >> The thing is, Linux doesn't behave quite that way.
> >>
> >> If you do an anonymous connect(), that
Mark Andrews writes:
>
> In message >,
> William Herrin writes:
> > On Wed, Dec 5, 2012 at 5:01 PM, Mark Andrews wrote:
> > > In message .c
> > om>,
> > > William Herrin writes:
> > >> The thing is, Linux doesn't behave quite tha
d if you remove the bind() the connect fails
16378: 1a003ffb
16379: 1a003ffc
connect: Can't assign requested address
16380: 1a003ffd
this is with a simple loop
socket()
ioctl(FIONBIO)
bind(addr++:80)
connect()
I had a firewall dropping the connection attempts
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <20121206004909.b302f2ca2...@drugs.dv.isc.org>, Mark Andrews writes:
>
> In message <201212052325.qb5nprze005...@xs8.xs4all.nl>, "Miquel van
> Smoorenburg"
> writes:
> > In article you write:
> > >
> > >In message
> >
ught to this area.
Trail blazing is hard work but someone has to do it.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
.
SWIP for a /48 for a commercial assignment is reasonable
Note it is the type of assignment, not the size, which is determining
factor here. A /64 commercial assignment should have a SWIP entry.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <272782d1-8dea-4718-9429-8b0505dd3...@delong.com>, Owen DeLong write
s:
>
>
> Sent from my iPad
>
> On Dec 10, 2012, at 3:02 PM, Mark Andrews wrote:
>
> >=20
> > In message <50c65c84.6080...@dougbarton.us>, Doug Barton writes:
> >>
warning". This is a
HEADSUP of an upcoming change.
> I realise that keeping the old IP functional for some time is important
> for all the static configurations. But does it matter if a dynamic list
> is updated "real time" without much advance warning ?
3 weeks is not a l
In message <42515678-f2ce-48ce-a0e6-4211c5f0f...@puck.nether.net>, Jared Mauch
writes:
>
> On Dec 15, 2012, at 4:58 PM, Mark Andrews wrote:
>
> >> I realise that keeping the old IP functional for some time is =
> important
> >> for all the static con
uch a ring would illegal as it is a
potential "man trap". There are reasons hospitals have big warning
signs around similar equipment used for medical imaging.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ment in front of the server you can
set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to
have connections broken due to PMTUD.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message
,
Christopher Morrow writes:
> On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews wrote:
> >
> > In message
> > ,
> > Christopher Morrow
> > writes:
> >> On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim
> >> wrote:
> >>
In message
,
Christopher Morrow writes:
> On Tue, Dec 18, 2012 at 3:35 PM, Owen DeLong wrote:
> >
> > On Dec 18, 2012, at 12:22 , Christopher Morrow
> > wrote:
> >
> >> On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews wrote:
> >>>
>
> I though the point of doing so was to establish with some degree of
> accuracy that there were 'real people' behind the administration of said
> IP, and that there was a somewhat increased level of accountability as a
> result - which suggests there is infact a point.
--
Mark And
In message <50ee471c.7010...@utc.edu>, Jeff Kell writes:
> On 1/9/2013 11:41 PM, Mark Andrews wrote:
> > $GENERATE, as someone else pointed out, solves that problem for you?
> > (Does it scale for IPv6? I can't recall - but surely this could be
> >
Teeth will gnash at how this makes
> some hosts second class and it violates the end to end principle, but
> tough noogies.
>
> R's,
> John
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
h fits the namespace pattern.
that is the closest encloser . hash that name for the closest
encloser. hash . add/subtact one for the second half
of the noqname proof. hash *. add/subtact one for the no
wildcard proof.
> R's,
> John
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
00.64.255.254;
router 100.64.0.1;
option 6rd 10 34 2001:DB8:8000: 2001:DB8:8000:1;
}
subnet 100.64.0.0 netmask 255.240.0.0 {
range 100.64.0.2 100.64.255.254;
router 100.64.0.1;
option 6rd 10 34 2001:DB8:c000: 2001:DB8:C000:1;
}
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
cations.
> Work your way from the outside in: start with BGP, then the interior
> routers and configure the LAN last.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William D. Herrin her...@dirtside.com b...@herrin.us
> 3005 Crane Dr. .....
In message
, Harald
Koch writes:
> On 26 January 2013 17:38, Mark Andrews wrote:
> > As for "breaking" your LAN, if the applications take 60 seconds to
> > fallback to the other address they were already broken. Go complain
> > to your application vendor. Some
Reducing IPv4's capabilities creates incentives.
Being told this needs to work and be tested with IPv6 creates
incentives.
Broken networks get people to fix things. Unfortunately most
developers don't test with broken networks. If they did "Happy
Eyeballs" would not have happ
ved
over YouTube to Comcast customers was over IPv6.
http://www.comcast6.net
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <8c10ded0-0980-4c76-8307-4f4f139d6...@yahoo.com>, David Barak writes
:
>
> On Jan 30, 2013, at 7:52 PM, Mark Andrews wrote:
> > Firstly fix your mail client. What's this "'" garbage in text/plain?
> >
> That's yahoo web
gt; >
> > I would say that the Swedish model is a definite success.
> >
>
> Australia's NBN is still the planning and arguing phase.
They may still be arguing, but there are fiber and fixed wireless
customers receiving packets.
Mark
--
Mark Andrews, ISC
1 Seymour St., D
> because it is "broadband" (at least with today's access speed)
> with "fiber optic".
And by that argument pots dialup is fiber optic because the packets
went over a fiber optic link to get to the CO.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
apparently stripping
> the root domain from PTR record results; I'm separately trying to
> track down why that's occuring...
RFC 952 as modified by RFC 1123 describe the legal syntax of a hostname.
There is no trailing period.
> --
> Brian Reichert
> BSD admin/developer at large
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ink.
> com
> > Designer The Things I Think RFC 2
> 100
> > Ashworth & Associates http://baylink.pitas.com 2000 Land Rover
> DII
> > St Petersburg FL USA #natog +1 727 647 1
> 274
> >
>
> --
> Brian Reichert
> BSD admin/developer at large
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Got it. :-)
> >
> >:)
> >
> >> You saw Joe's second reply?
> >
> >Apparently, I lost track of that while writing this up. :)
> >
> >--
> >Brian Reichert
> >BSD admin/developer at large
>
> --
> Sen
ed.
> (PS: your quoting (or bulleting) protocol is non-standard and non-intuitive)
>
> Cheers,
> -- jra
>
>
> --
> Jay R. Ashworth Baylink j...@baylink.co
> m
> Designer The Things I Think
ssues. If
RFC 1535 came up today I believe that different decisions may have
been made but give the political climate at the time that was the
best I could get.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <24339470.6878.1361551954109.javamail.r...@benjamin.baylink.com>, Ja
y Ashworth writes:
> - Original Message -
> > From: "Mark Andrews"
>
> > RFC 952 as modified by RFC 1123 describe the legal syntax of a
> > hostname. There is no tr
In message <15455394.7034.1361803759023.javamail.r...@benjamin.baylink.com>, Ja
y Ashworth writes:
> - Original Message -
> > From: "Brian Reichert"
>
> > On Sun, Feb 24, 2013 at 12:10:20AM +1100, Mark Andrews wrote:
> [I believe this is Brian, then
In message <32423329.7280.1361833741738.javamail.r...@benjamin.baylink.com>, Ja
y Ashworth writes:
> - Original Message -
> > From: "Mark Andrews"
>
> > > > From what little research I've done (only OpenSSL), the SSL client
> > > &g
In message <32423329.7280.1361833741738.javamail.r...@benjamin.baylink.com>, Ja
y Ashworth writes:
> - Original Message -
> > From: "Mark Andrews"
>
> > > > From what little research I've done (only OpenSSL), the SSL client
> > > &g
In message <17812038.7306.1361835383974.javamail.r...@benjamin.baylink.com>, Ja
y Ashworth writes:
> - Original Message -
> > From: "Mark Andrews"
>
> > > > No. See RFC 952
> > >
> > > I think 952 is functionally obsolete, r
Masataka Ohta
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ell =
> me about the N% which are non-profits, despite the fact I said =
> "nearly"?)
>
> --=20
> TTFN,
> patrick
And homenet at the IETF demonstrated multi-homed residential
connections with IPv6 without NAT using multiple PA addresses. If
a upsteam goes down the connections over that upstream break. New
connection use the working upstream. It's not quite the same as
using PI but it is a 99.9% solution.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
There is no excuse for any ISP
to not have the requisite equipement to do this.
> Do the industry need to go "a la PCI-DSS" for Peers?
>
> PS: My pico ISP is s on your list Jared =D Not for long hopefully.
>
> -
> Alain Hebertaheb...@pubnix.net
> PubNIX Inc.
> 50 boul. St-Charles
> P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
> Tel: 514-990-5911 http://www.pubnix.netFax: 514-990-9443
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ISP still need to check this part of the
picture. Old PPP implementations may be IPv4 only.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
er standards to us than they do to Joe Blogs. We know
machines get compromised. We know how to block spoofed traffic
from compromised machines.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <10071844.11080.1364348618832.javamail.r...@benjamin.baylink.com>, J
ay Ashworth writes:
> - Original Message -
> > From: "Mark Andrews"
>
> > If you are with a ISP that does not practice BCP 38 are you willing
> > to risk your neck th
ursive server behind a NAT.
Neither of these assumptions in true in practice and with the
deployment of CGNs these will become less true.
I have two recursive server at home behind a NAT today. Both do
DNSSEC.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <8277.1364350...@turing-police.cc.vt.edu>, valdis.kletni...@vt.edu w
rites:
>
> On Wed, 27 Mar 2013 12:01:25 +1100, Mark Andrews said:
> >
> > If you are with a ISP that does not practice BCP 38 are you willing
> > to risk your neck that you won't b
bused.
Rate limiting itself causes operational problems for legitimate
users of authoritative servers and will only have a limited effect
for a limited time. It is a stop gap measure.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742
n.
>
> Please correct me if someone has this working out of the box.
>
> Frank
The defaults depend apon the framing protocol.
PPP defaults to 1500
SLIP defaults to 1006
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9
has latency, load, and connection limitations. It is just too
> expensive.
>
> The second would stop amplification, however, it will not stop botnets
> using them in attempts to hide the bot nodes in a very effective manner.
> It's also unlikely that we'd ever see it i
ring. This doesn't
> generally work well when doing transit services of any size due to the
> number of egress filter updates you'd have to issue, but it is great for
> the small/medium ISP.
EGRESS filters are just INGRESS filters applied a couple of hops later.
approach is that having dozens
> of countries all developing their own specific technical best practices
> is most likely to cumulatively interact in ways impossible to comply
> with... Hence, the need for clear global technical best practices,
> through which countries with a particular desire to "improve the
> state of the Internet" can channel their legislative desires...)
>
> FYI,
> /John
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
tick!'
> - but this has got to stop..
>
> OK, back to my hole watching all the presumably spoofed incoming traffic
> that happens to be on udp/53 and looking for ANY? isc.org :-)
Which you can chase back to offending sources and complain to them about.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
d you need to learn that normal clients *do* issue type any
queries. Blocking any queries would be easy if normal clients
didn't issue any queries. You would have need controls added to
nameserver to block them if there wern't normal clients issuing any
queries.
Mark
--
Mark Andrews, I
ress range of outbound packets to the configured NAT outside
> address range.
>
> Regards, K.
It depends on how the nat is configured.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
lly a lot don't have such a line. Such lines are tantamount
to extortion especially if the ISP supplies commercial grade lines.
That said blocking by default with the option to open it up on
request, the same as smtp is opened on request, might be viable.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message , "Dobbins, Roland"
writes:
>
> On Apr 2, 2013, at 7:53 AM, Mark Andrews wrote:
>
> > Such lines are tantamount to extortion especially if the ISP supplies
> commercial grade lines.
>
> Patrick's talking about consumer broadband access. Su
e behind listing servers not providing recursion on
> a list of open resolvers?
>
> As far as I know, responding either NOERROR or REFUSED produces packets
> of the same size.
>
> Tom
NOERROR can be a referral.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
nderstanding. If it's not, I would love to know
> >> if there is a reason for this, and if they have a timeline for
> >> supporting 's.
> >>=20
> >> It's ok to contact me privately.
> >>=20
> >> regards
> >>=20
> >> Carlos
> >=20
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
07mar13-en.pdf
there is nothing which requires registrars to support on the web
pages when A records are supported on web pages.
and DS updates currently often required registrants to jump through
all sorts of hoops compared to adding A and NS records.
Maintenance of A, , NS and DS records are core functionality and
need to be treated as such.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
like
> that yet.
I saw adds for such a device a couple of years ago.
> The majority of what I think of when you say "control systems"
> shouldn't be directly connected to the internet anyway, even with ACLs
> -- or so I gleaned from the nice folks from DHS.
tion, but `ipv6 install` is
> still an easier sell than "replace your computer.")
> >
> > Jima
>
> This will work until you no longer have an IPv4 resolver available for
> DNS. After that, XP fails miserably.
No. You just need to install a caching nameserver or
419 . IN ANY +E
> 95.211.209.182
> 1520 . IN ANY +E
> 80.192.224.22
> 1430 . IN ANY +E
> 24.244.248.8
> 1414 . IN ANY +E
> 79.71.69.165
> 1090 . IN ANY +E
> 24.244.248.57
> 1364 . IN ANY +E
> 82.132.226.216
> 1079 . IN
roblem only started occurring within the last week or so.
>
> Thanks for your indulgence,
> --
> Stephen Clark
> *NetWolves*
> Sr. Software Engineer III
> Phone: 813-579-3200
> Fax: 813-882-0209
> Email: steve.cl...@netwolves.com
> http://www.netwolves.com
n...@he.net h
ultad de Ciencias Astron=F3micas y Geof=EDsicas - UNLP
> FCAG: (0221)-4236593 int. 172/Cel: (0221)-15-4557542/Casa: (0221)-4526589
>
>
>
> This message was sent using IMP, the Internet Messaging Program.
>
>
--
to plug in the cable router and the DSL
router at home and have it all just work. Just because it is 0.2%
today doesn't mean that it will be 0.2% in the future. As home
users get more and more dependent on the internet working having
diverse, independent network connectivity will become more
In message <69748.1325208...@turing-police.cc.vt.edu>, valdis.kletni...@vt.edu
writes:
> On Fri, 30 Dec 2011 12:12:43 +1100, Mark Andrews said:
>
> > Well I'd like to be able to plug in the cable router and the DSL
> > router at home and have it all just work. Just
sts.org/nanog/2011/Nov/920, which sounds like the exact
> thing I am seeing.
>
> Thanks
Most of the time you will be being used as a amplifier and the
source traffic is spoofed. The short periods are so that it is
harder to trace the compromised machines.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
copyrighted content there without
the permission of the copyright holder. It's that they, allegedly,
failed to remove such content when explictly notified of it which
put them outside the safe harbour provision of DMCA.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley,
to end users in a generic device-agnostic fashion, I am wondering why i
> t is so difficult to find a working solution.
> >
> > thanks,
> > -Randy
> >
> > --
> > | Randy Carpenter
> > | Vice President - IT Services
> > | Red Hat Certified Engineer
lso make note of my last response to the thread on logging and MAC
> awareness, as it may also be worth consideration.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
:" $3 $4 ":" $5 $6 }'
If you don't want to use /dev/random
(ifconfig -a ; date ; netstat -na) | md5 |
sed 's/\(..\)\(\)\(\).*/f8\1:\2:\3/'
There are lots of ways to generate a suitable prefix.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Name: VOLUNTEER.GOV
Status: ACTIVE
>>> Last update of whois database: Thu, 26 Jan 2012 17:05:19 UTC <<<
Please be advised that this whois server only contains information pertaining
to the .GOV domain. For information for other domains please use the whois
server at RS.INTERNIC
o poor application
> compatibilty with address scopes.
Link local is a right royal pain for applications. The DNS does
not support it. It requires passing arount 150 bits of address
information instead of 128.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
27;s customer =
> should resolve this issue with our customer."
>
> It as an eye-opening experience.
>
> Regards,
> -drc
And if I have a contract to commit murder that doesn't mean that
it is right nor legal. A contract can't get you out of dealing
with the law of t
In message , David Conrad
writes:
> On Jan 31, 2012, at 5:52 PM, Mark Andrews wrote:
> >> "We have a contractual relationship with our customer to announce =
> that =3D
> >> space. We have neither a contractual relationship (in this context) =
> =3D
> >
There are enough analogs in common law to almost everything that
happens on the Internet for there to no be the need for specific
"Internet" laws. It's just that having a "Internet" law makes it
easier to prosecute.
Mark
> --
> Chris Adams
> Systems and
available outside (at least what
> > somebody thinks is outside) the US.
> >
> > jaap
> Just tested:
> Lebanon, Greece, Saudi Arabia, Netherlands, Germany - all is fine
As is Australia. I suspect it is just a "normal" snafu.
> ---
> System administrator
es developed a=
> nd applied by the community. =20
And with cryptographically signed assignments this can be completely
automated. Tie the DHCPv6 server into the RPKI system and DHCPv6
PD can do the right stuff so that the other ISP serving the customer
can know that these address are legal f
tpa-smtpin02.mail.rr.com.
>
> I'd appreciate if someone could help me find a clueful contact at
> TW/RoadRunner/Adelphia/Comcast/whoever they are now. I've tried all
> the contacts in WHOIS for adelphia.net, the IP block, and ASN. I've
> tried the NOC List on puck.nether.net--no matches.
>
> Thanks,
> Chuck
>
Sounds like a bad "bogus" acl.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
s resolution is eight bit clear.
It may be 8 bit clear but only 0-127 have defined meaning.
128-255 may be UTF-8 but they could equally be ISO-LATIN-*.
> randy
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
ted.
DNS labels are length tagged binary blobs with case folding of the
7 bit ascii values 'a'-'z' when performing lookups. If a server
is fully compliant (and I don't think any is) answers should be
returned in a case preserving manner, including owner names. The
intent of RFC 1035 was to be able to use the DNS to store and
retrieve binary data using binary keys.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
or any one
wanting to lookup the hijacked address.
One can use static-stub in named and simlar mechanisms in other
nameservers to send root zone traffic to a local instance.
On can use multiple views, match-recursive and forwarder zones in
forward first mode to validate answer from the other view using
ts
In message <4f3c2e47.80...@dougbarton.us>, Doug Barton writes:
>
> DNS only uses UDP
> DNS only uses 512 byte UDP packets
>
> or maybe just..
>
> DNS is easy
Or that it is correct/does no harm to filter fragmented packet / icmp.
--
Mark Andrews, ISC
1 Seymour S
supports 4096 EDNS UDP messages the following query will tell you.
dig edns-v6-ok.isc.org txt
Similarly for IPv4.
dig edns-v4-ok.isc.org txt
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
In message <4f3c76d5.9040...@necom830.hpcl.titech.ac.jp>, Masataka Ohta writes:
> Mark Andrews wrote:
>
> > This doesn't prove that IPv6 is not operational. All it proves is
> > people can misconfigure things.
>
> How do operators configure their equipm
amed to test their firewall configuration
to ensure that it will let through any EDNS UDP reply, size wise,
that can occur. As IPv4 and IPv6 are often configured independently
we provide a way to test each independently.
> Steinar Haug, Nethelp consulting, sth...@nethelp.no
--
In message <20120216134437.gb65...@macbook.bluepipe.net>, Phil Regnauld writes:
> Mark Andrews (marka) writes:
> > If you want to know if your resolver talks IPv6 to the world and
> > supports 4096 EDNS UDP messages the following query will tell you.
> >
> >
In message <4f3d0c45.9020...@unfix.org>, Jeroen Massar writes:
> On 2012-02-16 14:51 , Mark Andrews wrote:
> [..]
> > that can occur. As IPv4 and IPv6 are often configured independently
> > we provide a way to test each independently.
>
> Could you make that label
501 - 600 of 1172 matches
Mail list logo
