Re: Advance notice - H-root address change on December 1, 2015
Mark Andrews writes: > The [func] below are bug fixes / security fixes. Umh, using a very relaxed definition maybe... I was very happy to see this feature added in 9.9.8, and I can certainly agree that it is security related. But I hardly think it is suitable for the strict "no new features" policy that many stable distros enforce: > +3938.[func] Added quotas to be used in recursive resolvers > + that are under high query load for names in zones > + whose authoritative servers are nonresponsive or > + are experiencing a denial of service attack. > + > + - "fetches-per-server" limits the number of > + simultaneous queries that can be sent to any > + single authoritative server. The configured > + value is a starting point; it is automatically > + adjusted downward if the server is partially or > + completely non-responsive. The algorithm used to > + adjust the quota can be configured via the > + "fetch-quota-params" option. > + - "fetches-per-zone" limits the number of > + simultaneous queries that can be sent for names > + within a single domain. (Note: Unlike > + "fetches-per-server", this value is not > + self-tuning.) > + - New stats counters have been added to count > + queries spilled due to these quotas. > + > + These options are not available by default; > + use "configure --enable-fetchlimit" (or > + --enable-developer) to include them in the build. > + > + See the ARM for details of these options. [RT #37125] Yes, I know they could still upgrade to 9.9.8 without this particular feature, by simply not enabling it in the build. But the restricted feature set policy tends to be applied on a source level. Playing the devil's advocate here... As I said, I was really happy to see this feature in 9.9.8 myself. Bjørn
Dyn Internet Intelligence (Formerly, Renesys) vs Telegeography's Global Bandwidth Research Service
Hello guys, Does anyone here have any experience with Dyn's Internet Intelligence or Telegeography's Global Bandwidth Research Service? I am looking to use them to answer two questions: 1. Which is best possible path available, given the current internet infrastructure, from point A to B in terms of latency and jitter? 2. Which careers should I talk to get those paths? Just wanted to know if anyone here has any experience with them or if there are some other tools that I should be looking into before making the purchase. Regards, Arqam
Issues via HE into Chicago?
Anyone else seeing massive issues?
Re: Issues via HE into Chicago?
On Tue 2015-Nov-17 15:43:40 -0600, Josh Reynolds wrote: Anyone else seeing massive issues? To what destination? [outages] had some info re: a comcast issue in that area that has been reported as now resolved. -- Hugo h...@slabnet.com: email, xmpp/jabber PGP fingerprint (B178313E): CF18 15FA 9FE4 0CD1 2319 1D77 9AB1 0FFD B178 313E (also on Signal) signature.asc Description: Digital signature
Re: DNSSEC and ISPs faking DNS responses
On Sat, 14 Nov 2015 08:32:51 +0100, Jaap Akkerhuis said: > Most people don't need to know. They just buy a cheap (EUR 50 or > so seems to be the starting price) application (rasberry Pi or > similar stuff based) which gives them what they want. > > There is now a push to forbid the sales of these thingies. Which won't work as long as a vendor in another country is willing to accept your credit card. But actual reality rarely matters to those who feel They Must Be Seen Doing Something About It. pgpFTWbzTZlVQ.pgp Description: PGP signature
Re: DNSSEC and ISPs faking DNS responses
On 14 Nov 2015, at 14:32, Jaap Akkerhuis wrote: > There is now a push to forbid the sales of these thingies. A push to forbid the sale of Raspberry Pis, of VPNs, or of both? Where? Thanks! --- Roland Dobbins
Re: DNSSEC and ISPs faking DNS responses
On Tue, Nov 17, 2015 at 7:21 PM, Roland Dobbins wrote: > On 14 Nov 2015, at 14:32, Jaap Akkerhuis wrote: > >> There is now a push to forbid the sales of these thingies. > > A push to forbid the sale of Raspberry Pis, of VPNs, or of both? > * > Where? elbonia. > Thanks! > > --- > Roland Dobbins
Veeam Cloud Connect?
I was wondering if anyone has deployed Veeam Cloud Connect. How has Veeam been to work with? Sent from my Windows Phone
Re: Veeam Cloud Connect?
I haven't used Veeam Cloud Connect but I have used Veeam. I was pretty happy with it. Easy and fast to configure. -Mike On Tue, Nov 17, 2015 at 8:56 PM, Ryan Finnesey wrote: > I was wondering if anyone has deployed Veeam Cloud Connect. How has Veeam > been to work with? > > > Sent from my Windows Phone > -- Mike Lyon 408-621-4826 mike.l...@gmail.com http://www.linkedin.com/in/mlyon
Re: DNSSEC and ISPs faking DNS responses
"Roland Dobbins" writes: > On 14 Nov 2015, at 14:32, Jaap Akkerhuis wrote: > > > There is now a push to forbid the sales of these thingies. > > A push to forbid the sale of Raspberry Pis, of VPNs, or of both? > No, a push on devices which allow access to "illegal" material. The devives might have raspberry pies or similar stuff under the hood wjicj where very likely implementing VPNs. > Where? Last time I saw this was in the Dutch media; the c9omplains came from the Dutch versions of the copyright lobby. jaap
