* Mike Hammett:
> Netflix recommends 25 megs for Ultra HD, while only 5 megs for
> HD. That's a 5x difference in something people likely won't notice
> and would make a big difference on the additional VPN, VoIP, video
> conferencing, etc.
4K isn't supported by all devices and plans. I'm not sur
* Jason Wilson:
> This is all in conjunction with the CPUC. I believe it is also a part of a
> court order. I’ll need to find that later
>
> https://www.cpuc.ca.gov/deenergization/
I found the connection rather puzzling (that is, how switching off
power distribution prevents wildfires or at least
* John Levine:
> In article <87y2up1vc4@mid.deneb.enyo.de> you write:
>>I found the connection rather puzzling (that is, how switching off
>>power distribution prevents wildfires or at least reduces their risk).
>>I found some explanations here (downed lines, vegetation contact,
>>conductor sl
* Chris Adams:
> First, out of the box, if you use the public pool servers (default
> config), you'll typically get 4 random (more or less) servers from the
> pool. There are a bunch, so Joe Random Hacker isn't going to have a
> high chance of guessing the servers your system is using.
A determi
* Chris Knipe:
> Although a company that can't manage their book keeping properly, is IMHO
> enough reason to not use them... :-)
Ther used to be a saying that you could choose between carries with
functional billing and carriers with a functional network.
* Mel Beckman:
> If we can't police ourselves, someone we don't like will do it for us.
That hasn't happened with with IP spoofing, has it? As far as I
understand it, it is still a major contributing factor in
denial-of-service attacks. Self-regulation has been mostly
unsuccessful, and yet not
* Rich Kulawiec:
> For example: if the average number of outbound SSH connections
> established per hour per host across all hosts behind CGNAT is 3.2,
> and you see a host making 1100/hour: that's a problem. It might be
> someone who botched a Perl script; or it might be a botted host
> trying t
* Tom Beecher:
> Simon's getting screwed because he's not being given any information to try
> and solve the problem, and because his customers are likely blaming him
> because he's their ISP.
We don't know that for sure. Another potential issue is that the ISP
just cannot afford to notify its c
* Tom Beecher:
> An email to a user notifying them they're likely compromised costs
> basically nothing.
If this increases the probability that the customer contacts customer
support, in some markets, there is a risk that the account will never
turn profitable during the current contract period.
* Simon Lockhart:
> On Sun Sep 18, 2016 at 03:58:57PM +0200, Florian Weimer wrote:
>> * Tom Beecher:
>> > Simon's getting screwed because he's not being given any information to try
>> > and solve the problem, and because his customers are likely blaming him
&
* Rich Kulawiec:
> On Sun, Sep 18, 2016 at 03:56:30PM +0200, Florian Weimer wrote:
>> * Rich Kulawiec:
>>
>> > For example: if the average number of outbound SSH connections
>> > established per hour per host across all hosts behind CGNAT is 3.2,
>> > a
* Jon Lewis:
> This is kind of a funny problem though, because CDNs get paid to
> deliver data, and they get compared/graded according to who can
> deliver the bits the fastest...and here you are complaining that
> they're delivering the bits too fast (or at least faster than you'd
> like them to)
* Baldur Norddahl:
> Den 26. sep. 2016 18.02 skrev "Mike Hammett" :
>>
>> The only asymmetric routing broken is when the source isn't in public
> Internet route-able space. That just leaves those multi-ISP WAN routers
> that NAT it.
>
> Some of our IP transits implement filtering. All of our trans
* Baldur Norddahl:
> This means we can receive some packet on transit port A and then route out
>>> a ICMP response on port B using the interface address from port A. But
>>> transit B filters this ICMP packet because it has a source address
>>> belonging to transit A.
>> Interesting. But this lo
* Mark Andrews:
> Dear customer,
>we are seeing traffic coming from your network.
>
> If you need help isolating the source of the traffic here are a few
> companies in your city that can help you.
>
>
>
> This is not a exhaustive list.
>
> Support
We already had the problem in th
* Eliot Lear:
> As some on this thread know, I've been working with the folks who make
> light bulbs and switches. They fit a certain class of device that is
> not general purpose, but rather are specific in nature. For those
> devices it is possible for the manufacturers to inform the network w
* Jason Iannone:
> I have a question regarding language. We've seen bcp38 described as a
> forwarding filter, preventing unallocated sources from leaving the AS. I
> understand that unicast reverse path forwarding checks support bcp38, but
> urpf is an input check with significant technical diffe
* Stephen Satchell:
> Given a single local inside network with:
> * multiple uplink providers (typical multi-home situation)
> * multiple edge routers, each connected to an upstream via a public
> routeable /30, and each further connected to the downstream inside
> network
> * 50 subnets (to
* Martin T.:
> let's assume that there is an ISP "A" operating in Europe region who
> has /19 IPv4 allocation from RIPE. From this /19 they have leased /24
> to ISP "B" who is multi-homed. This means that ISP "B" would like to
> announce this /24 prefix to ISP "A" and also to ISP "C". AFAIK this
>
* Roland Dobbins:
> On 27 Sep 2016, at 12:17, Sam Silvester wrote:
>
>> or call their electricity retailer/distributer
>
> This is the problematic case that is, unfortunately, the default.
>
> People tend to view anything related to 'the Internet' as a utility,
> and for consumers and SMBs, they t
* Jay R. Ashworth:
> - Original Message -
>> From: "Florian Weimer"
>
>> * Jason Iannone:
>
>>> Are urpf and bcp38 interchangeable terms in this discussion? It seems
>>> impractical and operationally risky to implement two unique ways to
* Lyndon Nerenberg:
>> In thinking over the last DDos involving IoT devices, I think we
>> don't have a good technical solution to the problem. Cutting off
>> people with defective devices they they don't understand, and have
>> little control over, is an action that makes sense, but hurts the
>>
* Martin T.:
> Florian:
>
>> Are the autonomous systems for the /19 and /24 connected directly?
>
> Yes they are.
Then deaggregation really isn't necessary at all.
>> (1) can be better from B's perspective because it prevents certain
>> routing table optimizations (due to the lack of the coverin
* Valdis Kletnieks:
> On Wed, 05 Oct 2016 12:06:07 -0400, Eric Germann said:
>
>> Customers will connect to their respective regional sites separately.
>> Any ITAR concerns there?
>
> If there are serious concerns there, I recommend spending the coin for
> an actual ITAR expert.
Right. I *think*
* Eliot Lear:
> Not my end goal. My end goal is that consumers have a means to limit
> risk in their home environments, and service providers have a means to
> deliver that to them.
They already have, with today's technology. It's just not a
mass-market business. Consumers either have to educa
* John R. Levine:
> On Sun, 9 Oct 2016, Florian Weimer wrote:
>
>> If we want to make consumers to make informed decisions, they need to
>> learn how things work up to a certain level. And then current
>> technology already works.
>
> I think it's fair to
* Randy Bush:
> anyone who relies on a single dns provider is just asking for stuff such
> as this.
Blaming the victim isn't helpful. And without end-user-visible
changes, most of the victims would still depend on Verisign as a
single provider for a critical part of their DNS service.
* David Conrad:
> Maybe (not sure) one way would be to examine your resolver query logs
> to look for queries for names that fit domain generation algorithm
> patterns, then tracking down the customers/devices that are issuing
> those queries and politely suggest they remove the malware on their
>
* Keith Medcalf:
> On: Saturday, 22 October, 2016 17:41, Jean-Francois Mezei
> wrote:
>
>> On 2016-10-22 19:03, Keith Medcalf wrote:
>
>> > This does not follow and is not a natural consequence of sealing the
>> little buggers up so that they cannot affect the Internet
>
>> Problem is that ma
* Randy Bush:
>> What does BCP38 have to do with this?
>
> nothing technical, as these iot attacks are not spoofed.
How do you know? Has anyone disclosed specifics?
I can understand that keeping details under wraps is sometimes
required for operational security, but if the attacks are clearly
s
* Mark Tinka:
> I've given a talk about this a couple of times since 2008. But our
> reasons are to choosing IS-IS are:
Has the name been a problem for you? Asking vendors about support
must be a bit awkward these days.
* Mark Andrews:
> The DNSSEC testing is also insufficient. 9-11commission.gov shows
> green for example but if you use DNS COOKIES (which BIND 9.10.4 and
> BIND 9.11.0 do) then servers barf and return BADVERS and validation
> fails. QWEST you have been informed of this already.
>
> Why the hell
* Mark Andrews:
> Domain whois is absolutely useful. Try contacting a site to report
> that their nameservers are hosed without it.
A lot of WHOIS servers do not show who's running the name servers, or
who maintains the data served by them. Those that do usually provide
information which is pro
* Scott Brim:
> On Tue, Oct 16, 2018, 22:37 Michael Thomas wrote:
>
>> I believe that the IETF party line these days is that Postel was wrong
>> on this point. Security is one consideration, but there are others.
>>
>> Mike
>>
>
> I saw just a small swing of the pendulum toward the center, a nuan
* Laszlo Hanyecz:
> On 2018-10-17 02:35, Michael Thomas wrote:
>> I believe that the IETF party line these days is that Postel was wrong
>> on this point. Security is one consideration, but there are others.
>
> Postel's maxim also allowed extensibility. If our network code rejects
> (or crashe
* Baldur Norddahl:
> Why do we still have network equipment, where half the configuration
> requires netmask notation, the other half requires CIDR and to throw you
> off, they also included inverse netmasks.
Some also drop the prefix length in diagnostic output if it matches
that of the address
* Andrew Paolucci:
> Can anyone with a Cogent connection in Canada verify that they are
> impacted as well?
I think it's global. I tried sites in Canada and Germany, and the
traces look like deliberate blocking of /32s. I don't have a BGP view
for these sites, though.
Why wouldn't it be global
* Jared Mauch:
> So risk avoidance on the part of the 100k other sites hosted by CF is
> now a conspiracy?
Conspiracy is perhaps a bit too strong, but I would be annoyed if
someone took my business, but then deliberately undermined the service
they provide. Of course, if it's all part of the agr
* Todd Crane:
> I am not familiar with Cogent’s architecture but why couldn’t they
> just null route the IP address at their edge routers from within
> Spain? I am not a lawyer but from what I understand, since the Spanish
> government has zero say on what goes on outside of their borders,
Of cou
* > On Friday, 17 February, 2017 08:29, "Florian Weimer"
said:
>
>> Of course they do, see the arrest of Augusto Pinochet.
>
> Universal Jurisdiction is supposed to cover the likes of war crimes,
> torture, extrajudicial executions and genocide, that are generall
* valdis kletnieks:
> We negotiate a contract with terms favorable to you. You sign it (or more
> correctly, sign the SHA-1 hash of the document).
>
> I then take your signed copy, take out the contract, splice in a different
> version with terms favorable to me. Since the hash didn't change, yo
* Jared Mauch:
>> On Nov 19, 2016, at 9:13 PM, Frank Bulk wrote:
>>
>> My google fu is failing me, but I believe there was a NANOG posting a year
>> or two ago that mentioned that if the top x providers would
>> implement BCP 38
>> then y% of the traffic (or Internet) would be de-spoofed. The p
* Laurent Dumont:
> Wouldn't you want BCP38 policies to be as close as possible to the
> traffic sources? Instead of creating more "fake" traffic?
Maybe as close as possible, but still without sacrificing source
network attribution is sufficient.
> And at the same time, partial filtering doesn'
* Grant Taylor via NANOG:
> On 03/29/2017 04:17 AM, Mel Beckman wrote:
>> Thanks for the very clear explanation. I use DKIM and SPF, but didn't
>> know about this corner case. I'm surprised the SPF, etc architects
>> missed it, or seem to have. In any event, I seem to be getting all
>> the message
* Arnold Nipper:
> On 30.03.2017 17:50, Martin T wrote:
>
>> Is it possible to make a similar connection between AS number and
>> company name in ARIN region? In other words, how do you find out that
>> company is eligible to use AS number?
>>
>
>
> This doesn't work for you?
>
> whois -h whois.a
* Hank Nussbacher:
> Perhaps they are running all this to shake out exactly these type of
> issues? I think that is exactly why APNIC research is called for.
And return another 2**24 addresses to the global IPv4 pool eventually?
That would indeed be a loadable goal.
* Filip Hruska:
> EURID (.eu) WHOIS already works on a basis that no information about the
> registrant is available via standard WHOIS.
> In order to get any useful information you have to go to
> https://whois.eurid.eu and make a request there.
>
> Seems like a reasonable solution.
Why? How
* Filip Hruska:
> On 04/14/2018 07:29 PM, Florian Weimer wrote:
>> * Filip Hruska:
>>
>>> EURID (.eu) WHOIS already works on a basis that no information about the
>>> registrant is available via standard WHOIS.
>>> In order to get any usef
* Wayne E. Bouchard:
> Okay, if we go down that road, that makes Starbucks, Borders, a number
> of restaurants, and any other place that offers publically accessible
> wifi (free or otherwise) an ISP.
The funny thing is that you actually want to be recognized as an ISP
if you have transit traffic
ity from not filtering at the
/32 boundary, network operators will stop filtering at the /32
boundary. So this issue will likely go away pretty soon because you
can use our initial assignment to gain the routing flexibility you
need.
--
Florian Weimer
BFK edv-consulting GmbH
* Brandon Kim:
> Times like this, makes you curious what kind of infrastructure
> register.com has? How does one protect against DDOS?
You can outsource your DNS, but you better retain a server locally on
your network, so that you suffer less from that particular shared
toothbrush.
> Anyone else get spammed from someone at Afilias?
Yes, I think you were Cc:ed on the message sent to me.
I find it odd that this type of advertising works. I would expect
actual victims to confuse it with extortion. ("I have heard that you
were under attack and suffered an outage. For a small
* Saku Ytti:
> I think we really need community tool to test BGP implementations against
> known/past bugs and unknown (fuzzied) bugs.
Testing is the easy part. Meeting all the requirements for getting
the fix rolled out on the (relevant parts of the) Internet is
impossible because many ISPs hav
>
> But then Comcast might have to raise prices on their customers. This way
> they don't.
Level 3 could do some routing tomography and make sure that Comcast
receives the traffic in the most inconvenient way.
--
Florian Weimer
BFK edv-consulting GmbH
net.
>
> Oddly enough, cable channels like ESPN asking for a per-subscriber fee
> from cable delivery networks like Comcast has been a mostly-scalable
> model for the cable-TV arena for three or four decades now
And your TV bandwidth usage doesn't count towards your mont
through their registrar arm?
>
> They haven't had a registrar arm since they spun off Network Solutions
> in 2002.
I think Verisign DBMS acts as a registrar for ccTLDs.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 te
e which will not require proper resource
management for the forseeable future.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
* Brandon Kim:
> I know windows has bitlocker, but I don't know if that is available
> for Win2003?
I believe EFS is available in Windows XP and Windows 2003 Server, too.
Software-based solutions have the advantage that they are somewhat
more testable and reviewable. If it's all in the disk, yo
* Jay Ashworth:
> - Original Message -
>> From: "Matt Larson"
>
>> The new KSK will not be published in an authenticated manner outside
>> DNS (e.g., on an SSL-protected web page). Rather, the intended
>> mechanism for trusting the new KSK is via the signed root zone: DS
>> records corres
* John R. Levine:
> Let's hope you're right, but I note that the ITU isn't an
> inter-governmental organization,
It was able to obtain a delegation for ITU.INT, so it's
inter-governmental enough in DNS terms.
* Simon Perreault:
> Le 2014-04-18 13:25, Mike Hale a écrit :
>> I agree with Bill. You can poopoo NAT all you want, but it's a fact
>> of most networks and will continue to remain so until you can make a
>> compelling case to move away from it.
>
> Does that mean all IPv6 firewalls should suppor
* Christopher Morrow:
> I sort of wonder if this is really just yahoo trying to use a stick to
> motivate people to do the right thing?
But what is the right thing here?
Do we really want that *all* mailing lists must not provider "reply to
sender" option to all their users? Will this list make
domain names.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
* Jared Mauch:
> 2) is a mapped-v4 address a valid *source* address on the wire even if it's
> not a valid dest?
By the way, has the analogous issue involving v4 addresses from
RFC 1918 space ever been settled?
> On Fri, Jul 08, 2011 at 10:21:13PM +0200, Florian Weimer wrote:
>> * Jared Mauch:
>>
>> > 2) is a mapped-v4 address a valid *source* address on the wire
>> > even if it's not a valid dest?
>>
>> By the way, has the analogous issue involving v4
* Jared Mauch:
> Solving a local attack is something I consider different in scope
> than the current draft being discussed in 6man, v6ops, ipv6@ etc...
That's not going to happen because it's a layering violation between
the IETF and IEEE. It has not been solved during thirty years of IPv4
over
* Larry Stites:
> Given what you know now, if you were 21 and just starting into
> networking / communications industry which areas of study or
> specialty would you prioritize?
Law.
_
NANOG mailing list
NANOG@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog
* Mikael Abrahamsson:
> On Sun, 17 Jul 2011, Florian Weimer wrote:
>
>> In practice, the IPv4 vs IPv6 difference is that some vendors
>> provide DHCP snooping, private VLANs and unicast flood protection in
>> IPv4 land, which seems to provide a scalable way to build E
* Mikael Abrahamsson:
> On Sun, 17 Jul 2011, Florian Weimer wrote:
>
>> Others use tunnels, PPPoE or lots of scripting, so certainly
>> something can be done about it. To my knowledge, SAVI SEND is still
>> at a similar stage. Pointers to vendor documentation would be
&
* Mikael Abrahamsson:
> On Sun, 17 Jul 2011, Florian Weimer wrote:
>
>> Interesting, thnaks. It's not the vendors I would expect, and it's
>> not based on SEND (which is not surprising at all and actually a
>> good thing).
>
> Personally I think SEND i
* PC:
> If you're just fighting IOPS, another compromise might be using a ramdisk,
> and then committing that data to storage every x seconds.
In this case, it's more straightforward to remove the fsync call from
dhcpd.
--
Florian Weimer
BFK edv-consulting
torage backing its database.
Come on, group commits are not that difficult to implement. With them,
you should be able to obtain 8 kHZ leases on a single spindle (assuming
the per-client data is just a few hundred bytes), without violating the
RFC requirement.
--
Florian Weimer
BFK
* Wayne E. Bouchard:
> the users will screw themselves by flooding their uplinks in which
> case they will know what they've done to themselves and will largely
> accept the problems for the durration
With shared media networks (or insufficient backhaul capacities),
congestion affects more than j
on for IP addresses
| from whois.arin.net. This way, whois(1) will print useful information
| and not just the useless overview.
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=174497>
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100
percentile
functional, so it doesn't matter how the quantity that comes out of that
is priced.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
less than 5% pool, the click through
> rates are around 1%
Is this with strict NXDOMAIN rewriting, or were existing names
redirected as well? (AFAIK, most platforms do the latter, hijacking
bfk.de, for example.)
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.d
* Christopher Morrow:
> On Fri, Oct 7, 2011 at 3:10 PM, Arturo Servin wrote:
>>
>> I agree with Benson.
>>
>> In fact, for this "problem" I find irrelevant that IPv4 is running
>> out. They are just looking for good reputation IP nodes.
>
> isn't this a short-lived problem then?
I
tions to use smaller
> networks per cable interfaces of CMTS.
As far as I understan the IPv6 address architecture, if the network
prefix is longer than /64, you're not running Unicast IPv6.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100
ll it result in a blackhole,
or will the entire announcement be suppressed? I suspect the latter,
given what we see and what Chris Adams has reported.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-761
* Job Snijders:
> In the meantime you could consider setting up an irrd[1], redirect
> queries to that instance instead of whois.ripe.net, and keep it kind
> of fresh by feeding it ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz on a
> daily basis.
RIPE NCC strips all contact information from the bulk e
* Andrew Sullivan:
> My impression is mostly that people are left feeling uncomfortable
> by a massive upgrade of this sort with so little communication about
> why and so on.
That's a side effect of Juniper's notification policy. Perhaps
someone should them take them by their word ("Security pa
* Constantine A. Murenin:
> And how exactly do they expect end-users "clearing the DNS cache"? Do
> I call AT&T, and ask them to clear their cache?
Sure, and also tell them to clear their BGP cache (aka "route flap
dampening"). 8-)
* Nick Hilliard:
> ripe policy 2007-01 will help with this problem by ensuring that anyone who
> has got PI address space will be traceable and will be paying for it (i.e.
> it will appear on the holder's payment radar).
I don't think there are plans to publish this information in the WHOIS
datab
quot;, how come 99.8% of the end nodes
> do just fine without it? Oh yeah..
Because there's a CPE which acts as a mediator, or the host uses some
dial-up-type protocol which takes care of the IGP interaction.
--
Florian Weimer
BFK edv-consulting GmbH http://www.bfk.
* Paul Vixie:
> this seems late, compared to the various commitments made to rpki in
> recent years. is anybody taking it seriously?
The idea as such isn't new, this has been floating around for four
years or more, including at least one Internet draft,
draft-donnerhacke-sidr-bgp-verification-dns
* Jeff Kell:
> And what about the millions of users unknowingly infected with
> "something else" ??
You have to start somewhere. I received a warning letter, and four or
five very organizations had to cooperate in new ways to make this
happen. This is certainly a welcome development, and hopefu
* Alex Band:
>> I don't know if we can get RPKI to deployment because RIPE and RIPE
>> NCC have rather serious issues with it. On the other hand, there
>> doesn't seem to be anything else which keeps RIRs relevant in the
>> post-scarcity world, so we'll see what happens.
>
> Could you elaborate o
* Alex Band:
> At RIPE 63, six months ago, the RIPE NCC membership got a chance to
> vote on RPKI at the general meeting. The result was that the RIPE
> NCC has the green light to continue offering the Resource
> Certification service, including all BGP Origin Validation related
> functionality.
* Alex Band:
> All in all, for an RPKI-specific court order to be effective in
> taking a network offline, the RIR would have to tamper with the
> registry, inject false data and try to make sure it's not detected
> so nobody applies a local override.
Please keep in mind that this is what's happe
[Dnschanger substitute server operations]
> One thing is clear, Paul is able to tell a great story.
PR for ISC is somewhat limited, it's often attributed to the FBI:
| The effort, scheduled to begin this afternoon, is designed to let
| those people know that their Internet connections will stop
* Barry Greene:
> FYI - Two prefixes from the DNS Changer/Rover Digital take down have
> been re-allocated. One of the prefixes - 85.255.112.0/20 - was
> advertised Friday morning. There is a blog post with some of the
> details here:
Wow, that was fast. So the police order actually made sense a
* John Levine:
> Are there DNS caches that allow you to partition the cache for
> subtrees of DNS names? That is, you can say that all entries from
> say, in-addr.arpa, are limited to 20% of the cache.
You can build something like that using forwarders and most DNS
caches. But it won't result i
Are there somewhat reputable service providers for Internet-wide TCP
port scans? What's the typical rate per TCP port? (I'm interested in
rather obscure services whose identification may need additional
probing, and this data is unlikely on file already.)
A full scan needs just 0.5 TB of data pe
* Jay Ashworth:
> It is OK for an enterprise wifi system to make this sort of attack
> *on rogue APs which are trying to pretend to be part of it (same
> ESSID).
What if the ESSID is "Free Internet", or if the network is completely
open? Does it change things if you have data that shows your
cus
* Valdis Kletnieks:
> On Mon, 22 Dec 2014 04:13:42 -0500, Javier J said:
>
>> student graduates. They are teaching classful routing and skimming over
>> CIDR. Is this indicative of the state of our education system as a whole?
>
> Did the standard packaged Cisco curriculum finally drop mention of
* Brandon Applegate:
> Otherwise - if anyone could share a way to get to clue @Cloudflare I
> would greatly appreciate it. I put a request in through the web
> support front door, but I got back about what I expected.
Did you receive a reply?
I tried to notify security@ about some issue, but ne
* William Herrin:
> On Thu, Jan 21, 2016 at 4:26 PM, c b wrote:
>> We have 4 full-peering providers between two data centers. Our
>> accounting people did some shopping and found that there was
>> a competitor who came in substantially lower this year and
>> leadership decided to swap our most ex
* Mark T. Ganzer:
> Note that I an not answering in any sort of "official" capacitybut
> I will instead ask this for your consideration: Do servers in "test,
> stage, development, or any other environment" really need to have the
> same environmental, power and connectivity requirements that
* Sean Donelan:
> When you say "data center" to an ordinary, average person or reporter;
> they think of big buildings filled with racks of computers. Not a
> lonely server sitting in a test lab or under someone's desk.
I suspect part of the initiative is to get rid of that mindset, which
leads
* Lorenzo Colitti:
> I think what I said is that supporting DHCPv6-only networks will eventually
> force OS manufacturers to implement IPv6 NAT. This is because there are
> many features inside a mobile OS that require multiple IP addresses.
On many networks, there will be fairly tight limits on
1 - 100 of 302 matches
Mail list logo