Re: .bv ccTLD

[Jay Ashworth]

In general I could I understand that, but it is my understanding that the 
domain is still marked reserved at the Secretariat, which is to say they could 
not have assigned any domains in it yet, even if they were inclined to which we 
are told they are not. 

In short, I think this is a possibility not an impossibility or I wouldn't have 
asked.  

-- jra

On December 3, 2021 6:24:22 PM EST, David Conrad  wrote:
>On Dec 3, 2021, at 2:45 PM, Jay R. Ashworth  wrote:
>> So, what's the actual status of .bv?  Assigned, or reserved?
>
>Assigned: https://www.iso.org/obp/ui/#iso:code:3166:BV 
>
>
>> Anyone here got a buddy on the secretariat?  :-)
>
>Even if they did, transitioning codes is a long (99 year? I’ve forgotten) 
>process…
>
>Regards,
>-drc
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: .bv ccTLD

[Jay Ashworth]

Oh dear. They actually gave them .SS?

Wow.

On December 4, 2021 10:18:26 AM EST, "Cynthia Revström"  wrote:
>Hi,
>
>Not only is the ISO 3166-1 alpha-2 code assigned but the ccTLD is
>delegated to NORID's nameservers.
>NORID also makes it pretty clear that they are not interested in
>selling the TLD, and I suspect that might very well mirror the
>position of the Norwegian government.
>While something like another country is a different thing to just a
>company wanting to profit from a TLD, it still seems unlikely to me.
>
>Another example: back in 2011 when South Sudan gained independence,
>they got an ISO 3166-1 alpha-2 code which was "SS" which could
>understandably have some problems given historical context for that
>letter combination.[1]
>
>So not getting "BV" is a pretty minor thing in comparison to that, IMHO.
>There are many countries/geographical entities that have far from
>perfect ISO 3166-1 alpha-2 codes.
>I think pretty much all codes ending in an X is because there were no
>better ones available. (I am not certain on this part though)
>
>[1]: 
>https://www.reuters.com/article/us-sudan-independence-idUSTRE75S4A520110629
>
>-Cynthia
>
>On Sat, Dec 4, 2021 at 12:17 PM Jaap Akkerhuis  wrote:
>>
>>  "Jay R. Ashworth" writes:
>>
>>  > - Original Message -
>>  > > From: "David Conrad" 
>>  >
>>  > > Jay,
>>  > >
>>  > > On Dec 3, 2021, at 4:46 PM, Jay Ashworth  wrote:
>>  > >> In general I could I understand that, but it is my understanding that 
>> the domain
>>  > >> is still marked reserved at the Secretariat,
>>  > >
>>  > > Sorry, which secretariat?  As far as I know, the official status of ISO 
>> 3166-1
>>  > > Alpha 2 codes is specified by the ISO-3166 Maintenance Agency and 
>> listed on the
>>  > > ISO website (the “online browsing platform” output for BV being the URL 
>> I
>>  > > provided).
>>  >
>>  > The ISO 3166 secretariat, yes.
>>
>> It is no makred as reserved but assigned.
>>
>> jaap

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

[Jay Ashworth]

Sure, but you imply that the proposed alternative=-going to permanent DST--is 
only a trivial change to, and it is not. It violates the international rule 
determining what your time zone should be based on what your longitude is. 

That is not trivial.

On March 15, 2022 4:25:21 PM EDT, "james.cut...@consultant.com" 
 wrote:
>Folks, for most, this change removes the twice yearly disruption of their 
>circadian rhythm and consequent surge of accidents and injuries.
>
>My timely recommendation, which also require change to a single file, is to 
>stick to “standard” time year round making solar high noon closer to 12:00.
>
>   Jim
>
>> On Mar 15, 2022, at 4:10 PM, Dave  wrote:
>> 
>> Folks for most systems, this is a change to a single file. Not a really hard 
>> thing to accomplish
>> 
>> Dave
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

[Jay Ashworth]

It has been bubbling under for some years-there are about I think it's 10 or 11 
states which have already passed state laws changing it, pending that the 
federal law blocking those be dropped-that's the Uniform Time Act of 1966 if I 
have the title correct.

And to reply to somebody else his comment, the exceptions to the 15 degree rule 
which already exists already caused problems, so there isn't any reason to 
believe that bumping this down to the state and local level won't make things 
even more confusing. 

I wonder how big the buffers in the Timezone Library are; is ADO on this list?

On March 15, 2022 4:24:50 PM EDT, "Elmar K. Bins"  wrote:
>dedel...@iname.com (Dave) wrote:
>
>> Folks for most systems, this is a change to a single file. Not a really hard 
>> thing to accomplish
>
>Well...
>
>1 - I'm surprised anybody is running local timezones on their systems at all
>
>2 - I like how american politics is capable of creating new problems; where
>did this bill come from in the first place? And who's lobbying?
>
>Elmar.
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

[Jay Ashworth]

S.623 as amended, literally hundreds of Tweets in the last 2 hours tell me. 
Yeah, this just happened today. That would be why NPR lead with it on the 4 
p.m. newscast.

On March 15, 2022 6:07:36 PM EDT, Matthew Petach  wrote:
>Please provide a link documenting this claim.
>
>I have been reviewing the actions listed on congress.gov, and this is not
>an action listed as having taken place.
>
>https://www.congress.gov/bill/117th-congress/senate-bill/623/all-actions?overview=closed#tabs
>
>The last action shown for this bill was taken on March 9th, 2021, more than
>a year ago.
>
>Thanks!
>
>Matt
>
>On Tue, Mar 15, 2022, 12:14 Jay R. Ashworth  wrote:
>
>> In a unanimous vote today, the US Senate approved a bill which would
>>
>> 1) Cancel DST permanently, and
>> 2) Move every square inch of US territory 15 degrees to the east.
>>
>> My opinion of this ought to be obvious from my rhetoric.  Hopefully, it
>> will
>> fail, because it's likely to be the end of rational time worldwide, and
>> even
>> if you do log in UTC, it will still make your life difficult.
>>
>> I'm poleaxed; I can't even decide which grounds to scream about this on...
>>
>> Hopefully, the House or the White House will be more coherent in their
>> decision on this engineering construct.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think   RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
>> 1274
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

[Jay Ashworth]

And here's the NPR story which leads with "the Senate passed a bill":

https://www.npr.org/2022/03/15/1086773840/daylight-saving-time-permanent-senate

I really don't know why that site does not list it, because it certainly 
should. But here you are.

On March 15, 2022 6:07:36 PM EDT, Matthew Petach  wrote:
>Please provide a link documenting this claim.
>
>I have been reviewing the actions listed on congress.gov, and this is not
>an action listed as having taken place.
>
>https://www.congress.gov/bill/117th-congress/senate-bill/623/all-actions?overview=closed#tabs
>
>The last action shown for this bill was taken on March 9th, 2021, more than
>a year ago.
>
>Thanks!
>
>Matt
>
>On Tue, Mar 15, 2022, 12:14 Jay R. Ashworth  wrote:
>
>> In a unanimous vote today, the US Senate approved a bill which would
>>
>> 1) Cancel DST permanently, and
>> 2) Move every square inch of US territory 15 degrees to the east.
>>
>> My opinion of this ought to be obvious from my rhetoric.  Hopefully, it
>> will
>> fail, because it's likely to be the end of rational time worldwide, and
>> even
>> if you do log in UTC, it will still make your life difficult.
>>
>> I'm poleaxed; I can't even decide which grounds to scream about this on...
>>
>> Hopefully, the House or the White House will be more coherent in their
>> decision on this engineering construct.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think   RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
>> 1274
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

IERS ponders reverse leapsecond...

[Jay Ashworth]

General press loses its *mind*:

https://www.cbsnews.com/news/earth-spinning-faster-than-usual-shortest-day-ever/#app

Have you tested leap second handling, especially in reverse?  How do you 
simulate it? Are there existing test harnesses for simulating it?

Cheers, 
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Frontier Dark Fiber

[Jay Ashworth]

I wouldn't have thought that Frontier was able to offer dark fiber, since air 
distribution fan out is all GPON, is it not?

If their fanout was active ethernet it might be a different story but...

Cheers,
-- jra

On July 13, 2022 7:40:47 AM EDT, Mike Hammett  wrote:
>I'm looking for a contact at Frontier that can discuss dark fiber. 
>
>
>My current account exec says they don't offer it, yet prior conversations with 
>him and a previous SE revealed that they very much did (just didn't have 
>availability on the paths I wanted at the time). 
>
>
>Their web site highlights it fairly proudly. 
>
>
>
>
>I'm aware that availability varies. 
>
>
>I'm aware that they likely don't want to sell it. 
>
>
>
>- 
>Mike Hammett 
>Intelligent Computing Solutions 
>
>Midwest Internet Exchange 
>
>The Brothers WISP 
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: IERS ponders reverse leapsecond...

[Jay Ashworth]

Sure.

ALL of this has been gamed out, and I had believed, handled, by the 8601 nerds, 
and we ignore that investment of work at our peril.

On August 3, 2022 11:33:09 AM EDT, Matthew Huff  wrote:
>True, 
>
>But it's hard enough to get developers to understand the need to code for 61 
>seconds in a minute, and now they would need to code for 59 seconds as well.
>
>If time systems simply skewed the time so that 60 seconds actually just took 
>61 seconds or 59 seconds, there would be other issues, but coders wouldn't be 
>involved.
>
>
>
>-Original Message-
>From: NANOG  On Behalf Of Stephane 
>Bortzmeyer
>Sent: Wednesday, August 3, 2022 11:19 AM
>To: Jay Ashworth 
>Cc: nanog@nanog.org
>Subject: Re: IERS ponders reverse leapsecond...
>
>On Wed, Aug 03, 2022 at 11:09:25AM -0400,  Jay Ashworth  
>wrote  a message of 32 lines which said:
>
>> General press loses its *mind*:
>
>Indeed, they seem not to know what they write about. "atomic time – the 
>universal way time is measured on Earth – may have to change" They don't even 
>know the difference between TAI and UTC.
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: This DNS over HTTP thing

[Jay Ashworth]

You might recommend that to me if running DNS tunnelled through another 
protocol was a thing I wanted to do. 

But it's not. I think it's horrible Internet engineering hygiene, and I don't 
just not want to do it myself, I don't think anybody else ought to do it 
either. 

And I think that if end-users understood all of the concerns, they would agree 
with me on that - I get paid to know what end users would think.

On October 3, 2019 10:28:37 AM EDT, Curtis Maurand  wrote:
>Might I suggest using PowerDNS's dinsdist.  it's an ha proxy that you
>can
>put in front of your recursors and It implements dns over https if you
>want
>it to.  It's open sources and ensures that you're not limited to
>Google's
>or Cloudflare's servers which exist to drive advertising at you (I've
>seen
>infected ads pwn machines).  I have much more paranoid reasons for
>implementing, namely preventing 3rd parties from getting my histories.
>
>On Wed, Oct 2, 2019 at 5:28 PM Jay R. Ashworth  wrote:
>
>> - Original Message -
>> > From: "John Levine" 
>>
>> > In article
><804699748.1254612.1570037049931.javamail.zim...@baylink.com>
>> you
>> > write:
>> >>Tools. Are. Neutral.
>> >>
>> >>Any solution to a problem that involves outlawing or breaking tools
>will.
>> >>Not. Solve. Your. Problem.
>> >
>> > I think in the outside world you'll find very little support for an
>> argument
>> > that filtering DNS is fundamentally broken.
>> >
>> > Sure, you can do it in broken ways, but it's going to be really
>hard
>> > to persuade anyone that their lives are better if they have
>unfiltered
>> > access to the malware links in their spam.
>>
>> I expect I would.
>>
>> But this is not "filtering DNS".  It's "making a bodge-handed attempt
>to
>> REPLACE DNS (well, proxy it) for only one application/layer".
>>
>> My problem isn't what they're using it for; it's that they've
>implemented
>> it so poorly.
>>
>> I live down here in the trenches, John, where "it doesn't work" is
>the
>> calibre
>> of problem reports I get.  When my tools say that "yes, it does",
>*I'm*
>> the one
>> who takes it in the nads because Mozilla had a Better Fuckin' Idea.
>>
>> That it will likely cause lots of 50,000ft problems to is just a
>cherry on
>> the
>> top.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think  
>RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727
>647
>> 1274
>>
>
>
>-- 
>--Curtis

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: New ICANN registrant change process

[Jay Ashworth]

Seems to me that the proper thing to be done would have been for Registries to 
deauthorize registrars on the grounds of continuous streams of complaints.

On July 4, 2016 2:35:37 PM EDT, Mel Beckman  wrote:
>I've worked behind the scenes for more than one of these outfits. I can
>tell you that domain registrars are basically printing money. On the
>other hand, I've also been the victim of domain hijacking. I can tell
>you that the domain registrars involved were less than useless in
>reversing the obviously fraudulent transactions. They basically said
>"Not our problem. Deal with it."
>
>That's on top of the other obviously unethical practices by registrars,
>such as seizing nonexistent domain names following a prospective
>buyer's whois search, sluggardly unlocking of domains, etc.
>
>Something had to be done. Now it has been.   
>
>To the registers whining about this change: 
>
>   Not my problem. Deal with it. 
>
> -mel beckman
>
>> On Jul 4, 2016, at 10:55 AM, Jay R. Ashworth  wrote:
>> 
>> I'll go ahead and assume I wasn't the last person to get this memo
>(courtesy
>> Lauren Weinstein's PRIVACY Digest):
>> 
>>
>https://opensrs.com/blog/2016/06/icanns-new-transfer-policy-will-impact-business-customers/
>> 
>> It does seem that this is going to make life difficult for a bunch of
>pretty
>> normal business processes.
>> 
>> If you didn't know about it either... ask yourself why not.
>> 
>> Cheers,
>> -- jra
>> 
>> -- 
>> Jay R. Ashworth  Baylink  
>j...@baylink.com
>> Designer The Things I Think  
>RFC 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727
>647 1274

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: I recommend dslreports.com/speedtest these days (was Speedtest.net not accessible in Chrome due to deceptive ads)

[Jay Ashworth]

Just a quick clarifying reply, I have had DSL test give me an A for bufferbloat 
and a C for Speed on a 75 Meg line.

On July 22, 2016 3:23:00 PM EDT, Jim Gettys  wrote:
>I don't read this list continually, but do archive it; your note was
>flagged for me to comment on.
>
>On Thu, Jul 21, 2016 at 8:11 PM, Eric Tykwinski 
>wrote:
>
>> This is probably for Jim Gettys directly, but I’m sure most others
>have
>> input.  I could of sworn that that there was some test made to detect
>it
>> directly on switches and routers?  Sort of like iperf, but to test
>> bufferbloat specifically given the OS stack which is going to have
>issues
>> as well, as shown on bufferbloat.net .
>>
>>
>​We recommend Toke Høiland-Jørgensen's
>​
> "flent" ​
>
>​https://flent.org/ for testing connections/devices/gear. It uses
>"netperf"
>transfers to load the link (by default with 4 simultaneous TCP
>connections
>in both directions, IIRC), and then runs another test (by default
>"ping")
>at the same time to test the connection under load.
>Turning on a netperf server is just as easy as turning on an iperf
>server
>(and the results are better, and netperf's maintainer responsive).​
>
>See the documentation/paper on Toke's web site.  The "RRUL" test
>("Real-Time Response Under Load") is the one we use most/is best shaken
>down.   I'm sure Toke would love help with other tests.
>​
>
>Gives you lots of useful graphs, will do diffserv marking, etc...​
>​
>
>> > On Jul 21, 2016, at 6:36 PM, Donn Lasher via NANOG
>
>> wrote:
>> >
>> > On 7/21/16, 2:19 PM, "NANOG on behalf of Jay R. Ashworth" <
>> nanog-boun...@nanog.org on behalf of j...@baylink.com> wrote:
>> >
>> >
>> >
>> >> - Original Message -
>> >>> From: "Janusz Jezowicz" 
>> >>
>> >>> Since this morning Speedtest.net is not accessible in Chrome
>> >>> Reason:
>> >>>
>>
>https://www.google.com/transparencyreport/safebrowsing/diagnostic/#url=c.speedtest.net
>> >>>
>> >>> For any ISPs/content providers linking to speedtest.net you may
>want
>> to
>> >>> swap links to a different website or host your own speed test.
>> >>
>> >> So far, I am very pleased with how it works, though I think it's
>letter
>> >> grades on speed are a bit pessimistic (65Mbps is a "C").
>>
>
>​
>Most applications are as sensitive/more sensitive to latency than to
>bandwidth
>​; see the research in the field, for example, for web browsing.  For
>web
>browsing, you are at the point of diminishing returns on bandwidth
>after a
>few megabits/second, for most use​
>.
>​  For telephony, the metric is always the lower the better, and not
>more
>than 100ms or so (continental delay).​
>
>So it is entirely appropriate in my view to give even "high speed"
>connections low grades; it's telling you that they suck under load
>​, like when your kid is downloading a video (or uploading one for
>their
>friends); your performance (e.g. web surfing) can go to hell in a
>hand-basket despite having a lot of bandwidth on the
>connection. For most use, I'll take a 20Mbps link without bloat to a
>200Mbps one with a half second of bloat any
>​ ​
>day.
>​ It will work reliably, I'll be able to make my phone calls without
>problems, I'll be able to frag my friends with the best of them, etc...
>Even video playback gets wonky with bad bufferbloat: the player's
>control
>loop is interacting with the (wildly excessive due to bloat) TCP
>control
>loop and can't find a good playback point; seeking also becomes slow,
>etc.
>
>Activities such as web browsing can/does cause transient latency on a
>link,
>since most links are not doing decent scheduling; the damage is done
>anytime the link gets used by anyone, for anything, including web
>surfing
>as well as background activities such as backup or system update.
>
>So no, I don't think dslreports grades pessimistically: it's just that
>bad
>bufferbloat is so *blinking* common and bad.  And I had nothing to do
>with
>setting the scoring system: that's the opinion of the dslreports test's
>author; but I think Justin has done a good job choosing the grades to
>boil
>down the quality of a connection to something mere mortals (your
>customer's) will understand.  So my hat is off to Justin for doing a
>great
>job.
>​
>
>
>> >>
>> >> Specifically, it measures bufferbloat, with both a realtime graph
>and a
>> >
>> >
>> > Are you talking about the dslreports speedtest? I like that one,
>very
>> detailed results.
>> >
>> > http://speedtest.dslreports.com/
>> >
>> >
>> > I’d agree with the pessimistic scoring.. 160Mbit was given a “B”
>grade.
>> >
>> >
>> >
>> >
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RIP Dave Mills

[Jay Ashworth]

The inventor of NTP, in the late 1970s, and recipient of the 2013 IEEE Internet 
Award “for significant leadership and sustained contributions in the research, 
development, standardization, and deployment of quality time synchronization 
capabilities for the Internet”, Dr. David Lennox Mills died in Delaware on 
January 17, at 85.

Rarely have I more wanted to say "perhaps we'll see him again later".

Cheerss,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Meta outage

[Jay Ashworth]

It's making the general press this hour so of course you already know about it 
but my question is this: who peers with meta and have you seen BGP sessions 
drop or the like? Do you operate meta CDN nodes in your network? Are they 
screaming for help? 

This doesn't sound like it's a network layer problem but I'm curious.

Cheers,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: Meta outage

[Jay Ashworth]

Yes: metastatus.com

It isn't happy.

On March 5, 2024 11:23:42 AM EST, "Kain, Becki (.)"  wrote:
>Does meta keep a board somewhere to tell the world it’s down?
>
>From: NANOG  On Behalf Of Jay Ashworth
>Sent: Tuesday, March 05, 2024 11:06 AM
>To: nanog@nanog.org
>Subject: Meta outage
>
>WARNING: This message originated outside of Ford Motor Company. Use caution 
>when opening attachments, clicking links, or responding.
>
>It's making the general press this hour so of course you already know about it 
>but my question is this: who peers with meta and have you seen BGP sessions 
>drop or the like? Do you operate meta CDN nodes in your network? Are they 
>screaming for help?
>
>This doesn't sound like it's a network layer problem but I'm curious.
>
>Cheers,
>-- jra
>--
>Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Steve Bellovin retires

[Jay Ashworth]

Steve Bellovin retires:

https://mastodon.lawprofs.org/@SteveBellovin/112362015712050310
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

HE.net problem

[Jay Ashworth]

We have a report on outages that he.net has been placed in ICANN client hold, 
and people's DNS service is falling over on this Independence day. If you work 
in DNS for HE, you might want to look into this.

I have double checked the report, and I am seeing the status as well.

Hurricane serves lots of dns, I would classify this as a P1 ticket.

Cheers,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: HE.net problem

[Jay Ashworth]

Cool, thanks. We had a couple of other reports of people making support calls 
and being asked to reboot their modems, so I wanted to make sure tier 3 had 
gotten it. 

And I figured tier 3 would be here. :-)

Cheers,
-- jra

On July 4, 2024 3:00:12 PM EDT, Ryan Hamel  wrote:
>I called their support when that outage thread came in, they're already aware 
>and taking a look now.
>
>Ryan Hamel
>
>
>From: NANOG  on behalf of Jay 
>Ashworth 
>Sent: Thursday, July 4, 2024 11:55 AM
>To: nanog@nanog.org 
>Subject: HE.net problem
>
>Caution: This is an external email and may be malicious. Please take care when 
>clicking links or opening attachments.
>
>We have a report on outages that he.net has been placed in ICANN client hold, 
>and people's DNS service is falling over on this Independence day. If you work 
>in DNS for HE, you might want to look into this.
>
>I have double checked the report, and I am seeing the status as well.
>
>Hurricane serves lots of dns, I would classify this as a P1 ticket.
>
>Cheers,
>-- jra
>--
>Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: HE.net problem

[Jay Ashworth]

I've been informed that the CEO of HE is on this as of 1512EDT.

I approve of the scale of this response. :-)

Cheers,
-- jra

On July 4, 2024 2:55:34 PM EDT, Jay Ashworth  wrote:
>We have a report on outages that he.net has been placed in ICANN client hold, 
>and people's DNS service is falling over on this Independence day. If you work 
>in DNS for HE, you might want to look into this.
>
>I have double checked the report, and I am seeing the status as well.
>
>Hurricane serves lots of dns, I would classify this as a P1 ticket.
>
>Cheers,
>-- jra
>-- 
>Sent from my Android device with K-9 Mail. Please excuse my brevity.
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: getting the memo, Out-of-Bailiwick DNS? (Was: HE.net problem)

[Jay Ashworth]

See how little it has been necessary for me to pay attention to them since my 
net handle was assigned back in the early 90s or maybe late 80s?  ;-)

Cheers,
-- jra3

On July 6, 2024 11:11:50 AM EDT, John Levine  wrote:
>According to Jay R. Ashworth :
>>data I heard that that *was* a registry-side hold (and hence it didn't matter
>>that it was NetSol).  Or perhaps that NetSol was still the registry for .net 
>>--
>>that's out of date now, isn't it?
>
>Uh, yeah, Verisign spun off the NetSol registrar over 20 years ago in late 
>2003.
>
>In early 2003 Verisign turned .ORG over to PIR, but they kept .NET and
>.COM which they stil have. They are also the registry for a bunch of
>small ccTLDs and new gTLDs. They paid $135 million in the auction for
>.WEB which they may eventually run once the legal challenges are
>settled.
>
>NetSol was bought and sold and merged several times and since 2011 has been
>part of web.com.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: RFC 1918 network range choices

[Jay Ashworth]

I have seen a number of versions of that in reading things people sent me and 
things I found myself, and all of them seem to depend on ASICs that didn't 
exist at the time the ranges were chosen, and probably also CIDR which also 
didn't exist. They sound good, but I'm not buying em. :-)

On October 5, 2017 1:32:19 PM EDT, Jerry Cloe  wrote:
>Several years ago I remember seeing a mathematical justification for
>it, and I remember thinking at the time it made a lot of sense, but now
>I can't find it.
>
> 
>I think the goal was to make it easier for routers to dump private
>ranges based on simple binary math, but not sure that concept ever got
>widely used.
>
> 
>Time to start writing  out all the binary.
>
>
> 
>-Original message-
>From:Jay R. Ashworth 
>Sent:Thu 10-05-2017 09:41 am
>Subject:RFC 1918 network range choices
>To:North American Network Operators‘ Group ; 
>Does anyone have a pointer to an *authoritative* source on why
>
>10/8
>172.16/12 and
>192.168/16 
>
>were the ranges chosen to enshrine in the RFC?  Came up elsewhere, and
>I can't 
>find a good citation either.
>
>To list or I'll summarize.
>
>Cheers,
>-- jra
>
> 

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Want to move to all 208V for server racks

[Jay Ashworth]

No, I'm pretty sure he means "across the 2 high legs of a 120/208 3ph
Wye service", and I'd never heard that idea suggested before.  I can see 
why it reduces the amount of copper you need to run, but it seems as if
it would have compensating disadvantages, though I can't think precisely
what they might be at the moment.
-- jra

- Original Message -
> From: "Ingo Flaschberger" 
> To: "Jay Nakamura" 
> Cc: "NANOG" 
> Sent: Thursday, December 2, 2010 11:22:32 AM
> Subject: Re: Want to move to all 208V for server racks
> Dear Jay,
> 
> 
> > I really want to move all newly installed internal and customer
> > racks
> > over to all 208v power instead of 120v. As far as I can remember, I
> > can't remember any server/switch/router or any other equipment that
> > didn't run on 208v AC. (Other than you may need a different cable)
> > Anyone have any experience where some oddball equipment that
> > couldn't
> > do 208v and regret going 208v? We won't have any TDM or SONET
> > equipment, all Ethernet switches, routers and servers. I have
> > control
> > over internal equipment but sometimes customers surprises you.
> 
> you mean 240V AC 50HZ and move from 120V 60Hz? (or also 50Hz)
> 
> you will need to check each device if it supports 240V, commonly the
> specified power ratings are printed at a stricker on the device
> itself.
> 
> Kind regards,
> Ingo Flaschberger

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Kevin Day" 
>
> On Dec 2, 2010, at 11:06 AM, Owen DeLong wrote:
> > It is not uncommon for three-phase panels to be different and have
> > all three phases in the panel each phase feeding every third breaker
> > slot.
> 
> I was just recently trying to explain this to a European friend who
> thought I was hallucinating this system, so I took a picture.
> 
> http://dl.dropbox.com/u/230717/temp/208YPanel.jpg

Precisely the same panel layout I had in my last facility, though we didn't
use any 208V branch circuits; thanks for the pic, Kevin.

Cheers,
-- jra

Re: The scale of streaming video on the Internet.

[Jay Ashworth]

- Original Message -
> From: "Leo Bicknell" 
>[...] 
> That's an interesting number, but let's run back the other way.
> Consider what happens if folks cut the cord, and watch Internet
> only TV. I went and found some TV ratings:
> 
> http://tvbythenumbers.zap2it.com/2010/11/30/tv-ratings-broadcast-top-25-sunday-night-football-dancing-with-the-stars-finale-two-and-a-half-men-ncis-top-week-10-viewing/73784
> 
> Sunday Night Football at the top last week, with 7.1% of US homes
> watching. That's over 23 times as many folks watching as the 0.3% in
> our previous math! Ok, 23 times 150Gbps.
> 
> 3.45Tb/s.
> 
> Yowzer. That's a lot of data. 345 10GE ports for a SINGLE TV show.
> 
> But that's 7.1% of homes, so scale up to 100% of homes and you get
> 48Tb/sec, that's right 4830 simultaneous 10GE's if all of Comcast's
> existing high speed subs dropped cable and watched the same shows over
> the Internet.
> 
> I think we all know that streaming video is large. Putting the real
> numbers to it shows the real engineering challenges on both sides,
> generating and sinking the content, and why companies are fighting so
> much over it.

It also proves, though I doubt anyone important is listening, *why the
network broadcast architecture is shaped the way it is*, and it implies,
*to* anyone important who is listening, just how bad a fit that is for
a point- or even multi-point server to viewers environment.

Oh: and all the extra servers and switches necessary to set that up?

*Way* more power than the equivalent transmitters and TV sets.  Even if 
you add in the cable headends, I suspect.

In other news: viewers will tolerate Buffering... to watch last night's
daily show.  They will *not* tolerate it while they're waiting to see if
the winning hit in Game 7 is fair or foul -- which means that it will 
not be possible to replace that architecture until you can do it at 
technical parity... and that's not to mention the emergency communications
uses of "real" broadcasting, which will become untenable if enough 
critical mass is drained off of said "real broadcasting" by other 
services which are only Good Enough.

The Law of Unexpected Consequences is a *bitch*.  Just ask the NCS people;
I'm sure they have some interesting 40,000ft stories to tell about the
changes in the telco networks since 1983.

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Ingo Flaschberger" 
>
> in europe GFIs are always needed for prection and by law.
> to avoid the cascading effects the GFCIs are better.
> break current ranges from 10mA (bath) up to 300mA; for servers I use
> the 30mA with pulse protection (internal delay) to avoid the server
> powersupply capacitor loading GFCIs "flip".

And that, indeed, is one of the circumstances in which Chris Lewis and
Steve Bellovin's Wiring FAQ suggests that you should *not* use a GFCI:
in places where the inevitable "nuisance trip" is troublesome, like
powering servers. 

That FAQ is a bit dated, of course.

And indeed, I never liked GFCI breakers for the usages for which they're
mandated in the US, cause the milliamp currents they're supposed to trip
on are no match for all that copper resistance...

Cheers,
-- jra

CAP / WARN / iPAWS

[Jay Ashworth]

- Original Message -
> From: "Jack Bates" 
>
> What would be really awesome (unless I've missed it) is Internet
> access to the emergency broadcast system and local weather services; all
> easily handled with multicast.

Ah, something I know something about for a change.  :-)

In fact, there's some work in progress on this topic, Jack; FEMA is working
on replacing the EAS -- which itself replaced EBS, and earlier, Conelrad --
with a new system called iPAWS: The Integrated Public Alert and Warning 
System.

At the moment, they're working on the "replace the EAS backbone" part of it,
which work is about a year behind schedule, and everyone wants an extension,
but there are other useful places to apply some effort.  I'm a designer, not
a coder, so I've been piddling around in the part I'm good at; thinking about
design.

Some of the results are here:

http://www.incident.com/cookbook/index.php/Rough_consensus_and_running_code

and  

http://www.incident.com/cookbook/index.php/Alerting_And_Readiness_Framework

and I invite off-list email from anyone who has suggestions to toss in the 
pot.

Cheers,
-- jra
(I would like to subject-unthread this, but my mailer is too stupid.  Sorry)

Re: The scale of streaming video on the Internet.

[Jay Ashworth]

- Original Message -
> From: "Antonio Querubin" 
>
> On Thu, 2 Dec 2010, Jay Ashworth wrote:
> > Oh: and all the extra servers and switches necessary to set that up?
> 
> > *Way* more power than the equivalent transmitters and TV sets. Even
> > if you add in the cable headends, I suspect.
> 
> Have you heard of multicast? :)

Yes, Tony, but they can't *count the connected users that way*, you see.

For my part, as someone who used to run a small edge network, what I wonder 
is this: is there a multicast repeater daemon of some sort, where I can put
it on my edge, and have it catch any source requested by an inside user and
re-multicast it to my LAN, so that my uplink isn't loaded by multiple 
connections?

Or do I need to take the Multicast class again? :-)

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Antonio Querubin" 
>
> Yep I just did the same check. I think the delisting may have applied
> to specific models from specific manufacturers. I just don't see UL
> delisting all GFCI breakers.

Clearly, some intermediate gateway set the evil bit on Steven's message.

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Ricky Beam" 
>
> Just because someone is selling them doesn't mean they meet building
> codes. (esp. for residential use.) None of the dozen or so licensed
> electricians I've ever talked to will use them.

The breakers, I assume you mean.

> None of my local Lowes stock anything you'd use in a home. (60A
> breakers?) [of course, their website does lie.] And some of those available
> online are not UL listed.
> 
> I know the one's I've seen installed (circa 1980) were delisted -- GE
> sent notice to the electricians that installed them.

This page: http://www.hilo-electric.com/blank?pageid=63 suggests that 2008
code still *permits* them, but neither it nor the concurring Wikipedia 
article mentions then category having been delisted or manufacture-decontinued.

And indeed, I had little luck with Google trying to find evidence of mass
delistings of GFCI breakers.

Cheers,
-- jr 'are we off-topic enough, now? :-)' a

OT: how smart cable TV works

[Jay Ashworth]

- Original Message -
> From: "Ryan Finnesey" 
>
> I have TWC in NYC. I see now I can restart most of the shows I watch.
> How is this done?

On digital cable systems, it's because your cable box is now really a
GoogleTV/Rokubox like thing that only looks like a "cable converter".

You tell it to pause, it allocates a channel for you, and -- courtesy of
a Supreme Court decision last year -- turns into a remote node for a massive
DVR in the headend.  Same way they do all the on-demand stuff.

Is it the same MPEG encoding that came out of the station/network's MPEG 
encoder?  Almost certainly not.

Is it the same bitrate?  Hell^no.

Cheers,
-- jra

Re: The scale of streaming video on the Internet.

[Jay Ashworth]

- Original Message -
> From: "Paul Ferguson" 
>
> >>> As to the emergency broadcast system, yeah, that's going to lose.
> >>
> >> Didn't we already replace that with twitter?
> >
> > quake/tsunami warnings flow via email rather quickly.
> 
> Old skool.
> 
> Twitter is much faster:
> 
> http://www.thejakartaglobe.com/home/government-disaster-advisors-twitter-ha
> cked-used-to-send-tsunami-warning/408447

Ok, let's go here.

The problem, as a few seconds thought would reveal, is one of *provenance*.

You could call it authentication if you wanted to, but to the *end-user*,
what the authentication *authenticates* is the provenance.  And anti-spoofing
is pretty important, when the message might be "run for the hills; the 
bombers is comin'!"

Well, ok, more to the point: "This is the Pinellas County Emergency Manager;
I'm declaring an official Level 3 evacuation ahead of Hurricane Guillermo."

You can put it on Twitter... but you can't *only* put it on Twitter.

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

 Original Message -
> From: "Gary Buhrmaster" 
>
>  A protective trip is better than the alternative.

This depends on what you're optimising for; google "battle short" for 
more on that.

Cheers,
-- jra

"Unlimited" wireless data...

[Jay Ashworth]

This came up in another thread yesterday or today, and I just got the 
solicitation mailer for Clearwire's WiMAX service in Tampa Bay, which they
call "4G", though the ITU disagrees.

The AUP is here: http://www.clear.com/legal/aup

and while it really doesn't have any hidden limits (which is good, because
as someone pointed out on Slashdot today, you can use up a 5GB limit in
about an hour and a half at 21MB/s), it *does* have several limits on content
beyond "must not be illegal" and "must not harm our network"... which limits
I though were verboten to a "common carrier".  

Do the high-speed wireless services *not* claim to be common carriers,
as that term is understood in telecommunications law?

In other news, the words "voice" and "VoIP" do not appear in the Clear AUP.

So, presumably, it would be acceptable to throw their portable access point 
in your backpack, and carry around a WiFi VoIP phone with you...  I don't
seem to be able to locate the AUP that Sprint imposes on 4G customers, so 
I can't tell if it differs.  I can't locate the VZW LTE700 AUP either.

==

In other news (cause it's thread-crossing-weekend on NANOG); Comcast 
announces 250GB residential cablemodem caps -- 2 years ago:

http://gizmodo.com/5043253/comcasts-250gb-data-caps-now-official-starting-in-october

Cheers,
-- jra

Earthlink MX from *Earthlink* dynamic IPs blocked?

[Jay Ashworth]

I'm trying to get my sister's MythTV DVR to send her a daily email with its
recording schedule.  Earthlink is apparently blocking the email because it's
coming from a dynamic address -- even though that address *is an Earthlink
cablemodem*.

Is there anyone from Earthlink email ops around who can confirm that's 
actually the proper interpretation of your policy?

Cheers,
-- jra

Re: Earthlink MX from *Earthlink* dynamic IPs blocked?

[Jay Ashworth]

- Original Message -
> From: "Blake Dunlap" 
>
> > I don't know why this should be especially surprising. They probably
> > use RBL's, etc, just like everybody else and I doubt the RBL cares
> > whether the source is earthlink vs. earthlink's address space.
> >
> > Wouldn't it be easier to just set your linux box to use submission
> > and one of earthlink's mail servers, just like any other client
> > ought to be doing these days?
> 
> We do the same thing, if you aren't an authenticated client, you're
> just another unknown mail server on the internet, so the same
> deliverability rules apply with DNS etc. You do not get special treatment just
> because you are on one of our ip blocks as far as inbound MX submission via 
> SMTP.

Got it; yeah, maybe that shouldn't have been a surprise.  I guess I'll have 
to smart host her to their internal outbound server; that workaround works 
for me with RoadRunner, it ought to work on EL as well.

Nothing to see here; move along.  

Thanks,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Kevin Stange" 
>
> > People are still feeding their gear with AC? Save on PS inefficiency,
> > and feed direct 12/5vDC to the servers. Save space, save power,
> > save cooling.
> 
> If you're already in a datacenter, getting 208V AC from an existing AC
> infrastructure is a lot easier, cheaper, and sometimes more plausible
> than building a DC plant. If you have your own facility, it's a
> different story, but if you do colo, you probably have more customers
> expecting AC than DC, so you'll at least need to maintain both
> infrastructure.

It *is* Friday night, Kevin.  :-)

He said 12/5VDC, not -48.  

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Jima" 
>
> On 12/3/2010 9:25 PM, Matthew Petach wrote:
> > (OK, so it's not as practical when you have other customers to worry
> > about... but it might not be so crazy when you're looking at the
> > efficiency numbers for 100,000 small 1u power supplies vs a set
> > of much larger ones.)
> 
> Particularly if you're running your AC power through UPSes --
> especially online ones (where there's a constant AC-DC-AC conversion
> happening). Go to DC for the batteries, never come back. It's a
> tempting notion.

And in fact, much carrier class equipment can be had with -48V power, there 
are ATX and similar power supplies for PCs that are -48, and I *think* I've 
commercial small UPSs (<3kVa) that give with -48 as well... using 48V 
battery strings, obviously.

Cheers,
-- jra

Re: Want to move to all 208V for server racks

[Jay Ashworth]

- Original Message -
> From: "Michael Loftis" 
> 
> On Fri, Dec 3, 2010 at 10:33 PM, Jay Ashworth  wrote:
> > And in fact, much carrier class equipment can be had with -48V
> > power, there are ATX and similar power supplies for PCs that are -48, and I
> > *think* I've seen commercial small UPSs (<3kVa) that give with -48 
> > as well... using 48V battery strings, obviously.
> 
> Take a look at the Solar/Renewable energy systems, Xantrex (Schneider
> actually) makes the XW series inverter/chargers which use 48V battery
> strings and can be paralleled up to a rated total of about
> 1...@120/240. This is done by paralleling 3x 6kW inverter/chargers.
> They've an integrated transfer switch, load shaving/sharing (IE if
> you've got say 6kW of generator, but 12kW of Inverter, the system
> capacity is up to 12kW, with battery assist).
> 
> And that's just one option, Magnasine makes parallel inverter/charger
> and inverter systems up to around 12kW, also using 48VDC (or 24VDC)
> strings.
> 
> Both of these are sinewave inverters.
> 
> There's also a telco oriented 48V inverter rack system thats escaping
> my mind at the moment. It can be setup with A/B 48V strings, and you
> plug in inverter modules up to IIRC around 8kW. Not parallel capable
> between racks AFAIK.

I phrased my comment poorly, which mislead you.  I was suggesting a UPS which 
took 208VAC on on the charge side, and charged 48VDC batteries with it,
providing -48 to a rack full of equipment which took that.

People actually call those "48VDC UPSs", though in fact they're just
Little Teeny Battery Plants.  :-)

Cheers,
-- jra

Re: The scale of streaming video on the Internet.

[Jay Ashworth]

- Original Message -
> Level 3 is functioning not only as a transport provider for smaller
> content providers, but also as an aggregated negotiation service,
> though in this case the content provider, Netflix, is big enough to
> matter. (Some years ago, when they were DVDs by mail only, it was
> estimated that they had a bandwidth about 1/3 that of the total (US?)
> internet, just with slightly higher latency) (or significantly lower
> latency, if you were still on modems.)

A station wagon full of magtape, yes.  Henry Spencer?

I recently calculated the capacity of a 747F full of LTO-4 tapes; it's
about 8.7 exabytes.  I *think* it's within weight and balance for the
airframe.

Cheers,
-- jra

Re: U.S. officials deny technical takedown of WikiLeaks

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 
>
> On Sat, 04 Dec 2010 19:24:46 EST, Bret Clark said:
> > On 12/04/2010 06:03 PM, Ken Gilmour wrote:
> > > Now Sarah Palin is suggesting Wikileaks are terrorists and should
> > > be taken offline with technical capabilities
> 
> > Enough already...this is not a political list!
> 
> However, given the political climate and general network cluelessness
> in the government sector, it probably wouldn't be a bad idea to spend an hour
> or so thinking what you'd do if the humorless guys in dark suits and
> sunglasses showed up with a court order to cut off your customer's access to
> Wikilieaks, even if you aren't their upstream.

And enumerating some of those thoughts is Lauren Weinstein of Privacy Forum:

http://lauren.vortex.com/archive/000788.html

I don't always agree with everything Lauren says, but it seems to me he
has this one taped pretty well.

Cheers,
-- jra

Avoiding problems with National Security Letters and such...

[Jay Ashworth]

 Original Message -
> From: "Adrian Chadd" 
> 
> On Sat, Dec 04, 2010, Ken Chase wrote:
> > And if they come and ask the same but without a court order is a bit
> > trickier and more confusing, and this list is a good place to track the
> > frequency of and responce to that kind of request.
> 
> Except of course when you're "asked" not to share what has occured
> with anyone. I hear that kind of thing happens today.

It does.  Hence, the Warrant Canary:

http://blog.kozubik.com/john_kozubik/2010/08/the-warrant-canary-in-2010-and-beyond.html

Cheers,
-- jra

Re: How do you do rDNS for IPv6 ?

[Jay Ashworth]

 Original Message -
> From: "Jared Mauch" 

> Anyone done this dynamic synthesis w/ bind? dnssec thoughts as well? i
> know this isn't namedroppers, but perhaps someone can post some code
> or examples, or a link to a webpage with them?

Earthlink, I believe; DENTS has a module for doing this for reverse DNS.

I think it was called DENTS; there's a white paper on it, but it's pretty
rough to Google, as you might expect.

So far as I can see, they still use it; my sis is an EL cablemodem customer,
and her rDNS is algorithmically generated.

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "George Bonser" 
> If monopolies are needed in order to get service to an area, make them
> "last mile" wire monopolies that provide no content of their own and
> allow the content providers (Comcast, Verizon, AT&T, etc.) provide
> service over the infrastructure on a competitive basis. Content
> monopolies tied to the infrastructure are bad for everyone and as
> existing monopoly agreements expire, more competition is entering the
> market. I would possibly compromise by saying a company willing to
> install the infrastructure could get a one-time monopoly for some
> period of time, after which the infrastructure is spun off as a separate
> company and opened up to competitive access.

That's the magic answer, right there, yes: fiber last-mile is a natural 
monopoly, for a whole host of practicality reasons.

So, if we could repeal all the laws Verizon's FiOS division has gotten 
passed forbidding municipalities from building last mile fiber, and renting
it to all comers on non-discriminatory terms, as you suggest, and encourage 
them to do so -- as I strongly suspect is Google's planned end-game -- 
then we might see some more sanity in the IAP business.

I'd like to see a Jesus-load and a half more geographic locality of reference
on the backbone too -- my RoadRunner Tampa packets to FiOS Tampa
really ought not to have to go via *Dallas* on a regular basis -- but
I guess that part's a lost cause.

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "Alex Rubenstein" 
> -- Alex, remembering the days of 8000 ISP's with substantially better
> customer service than is available today

In 1995, when I was the chief engineer for a teeny little ISP called
Centurion Technologies, in Largo FL (we had 40 modems here and 20 in
Tampa on a 256kb/s frame relay backhaul to the home office in Texas,
which itself only uplinked to it's backbone provider via a T-1)...

and I *went to several customers' houses* to get their connections up
and running for them.  These were the Win3/Trumpet days, of course; it was
a bunch harder then than it is today...

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "JC Dill" 
> If I drive from SF to LA for business or for personal purposes, my costs
> for the drive are the same. But the economy of doing it for business
> depends on what the client is willing to pay me. If they want me to
> drive to LA but only pay $10, it's not economical (from a business
> perspective) for me to do it. Right now, Comcast is carrying content
> to their customers "for free" and they want to be paid by the content
> providers (thru paid transit connections) to cover the cost of
> carrying that content traffic across their network to the end customer.

Comcast is acting, collectively, as the agent of their customers,
who I'm sure would tell you if you asked them that they believe the
contract is "I pay you, and you carry my packets back and forth as I 
direct, as long as I follow your TOS" -- which pulling movies from 
Netflix does not presently violate, AFAICT.

> Sure, Comcast's customers are also paying Comcast. But Comcast wants
> to get paid from the content provider. I think they are betting that in
> the long run it's easier to make money from content providers (and
> have the content providers charge customers or advertisers as necessary to
> make a profit) than to make money from the end consumer. And I think
> they are right about this "easier" part. I think that they will succeed
> at pressuring big content providers to play by Comcast's rules and
> shift the cost of running Comcast's network from consumers to content
> providers.

I'm sure that Comcast does think it's easier.  But that doesn't mean it's
a valid legal interpretation of their contracts with their direct customers,
and I smell a class-action lawsuit brewing in the mind of some tort-king
on just that point.

The underlying problem, of course, is lack of usable last-mile competition;
see also my running rant about Verizon-inspired state laws *forbidding*
municipalities to charter monopoly transport-only fiber providers, renting
to all comers on non-discriminatory terms, which is the only practical
way I can see to fix any of this.

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "JC Dill" 
> > see also my running rant about Verizon-inspired state laws
> > *forbidding*
> > municipalities to charter monopoly transport-only fiber providers,
> > renting
> > to all comers on non-discriminatory terms, which is the only
> > practical
> > way I can see to fix any of this.
> 
> The problem is that this should have been addressed 5-10 years ago,
> when
> there *were* alternative ISPs who could have provided competition. Now
> that Comcast has a monopoly on cable, and fiber is so bleeping
> expensive
> to install, at best we might get *one* alternative to Comcast, and a
> duopoly is really no better (for consumers, for the marketplace) than
> a monopoly.

I believe you misunderstood my assertion.

Many local municipalities are doing the trenching themselves (well, generally,
subbing it out to a contractor), and then offering the customers out to
all IAP comers -- you meet-me in my fibernoc, and we'll cross connect every
customer you sell to you.

Lots of *other* municipalities would dearly love to do this, but state laws 
(lobbied for, in many places, by Verizontal) make this *illegal*.  Wonder
why Verizon would want to do *that*...

See 
http://money.cnn.com/video/technology/2010/03/15/tech_tt_fiber_fios.cnnmoney/ 

and also http://www.freepress.net/files/mb_telco_lies.pdf

And ORA's Mike Loukides:

  http://radar.oreilly.com/2010/03/google-fiber-and-the-fcc-natio.html

and a whole lot more here:

  http://www.ftthcouncil.org/en

Those links from the consumer-level piece I wrote on this earlier this year:

  http://baylink.pitas.com/#LASTMILE

Cheers,
-- jra

Alacarte Cable and Geeks

[Jay Ashworth]

- Original Message -
> From: "Brian Rettke" 

> Interesting point. I'd also like to point out that putting the cost on
> the content providers rather than the network may raise the cost of
> the content service, but only to those that want that service. In
> effect, if the transport provider is paying for the bandwidth
> generated by a content provider, in effect we have another service
> bundled to all services offered, which increases the cost to people
> using Internet service but not necessarily accessing that content.
> Kind of the same reason TV channels aren't a la carte.

Having worked for a small cable TV network in the 90s, I have some insights
into why cable systems don't sell most channels alacarte.

1) The accounting goes pear-shaped pretty quickly, or at least, it did in
the 80s when that practice got started -- having to account for each 
individual subscriber pushed the complexity up, in much the same way
that flat rate telecom services are popular equally because customers
prefer them, and because the *cost of keeping track* becomes >delta.

2) New networks prefer it, and the fact that it happens makes the 
creation of new cable networks practical -- you don't have to go around
and sell your idea to people retail; you sell it to CATV systems (well,
really, multi-system operators) *once* -- generally at something like
the Western Show -- and they buy it and give it to *all* of their
subs as part of a tier.  Makes it much easier to achieve critical mass.

And finally, 3) the increased complexity of having *everything* alacarte
increases the cognitive load on new subscribers to the point where they
probably will consider other alternatives -- it's just too many decisions
to make when you're trying to sign up.  Additionally, it makes marketing
harder: there isn't a real "base price, nicely equipped" to point to.

In the current tiered approach, a very small group of people inside the
cable system is charged with picking the channels, and putting them in
the tiers, and they're the only ones who ought to have to care about that,
in my mostly humble opinion.  The percentage of people who want channel
by channel control over their cable service, I think, is roughly akin
to the percentage of people who root their Android phone so they can
play with the apps and the controls that you can't get without doing that;
ie: minuscule.  (I actually mistyped "minusclue", but that's what those 
people are *not*; our only real blindspot as geeks is realizing that we're
exceptional -- that most people really couldn't give a damn.)

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "JC Dill" 

> What customers *really* want, and what they gladly accept as long as
> it saves them a few pennies, are miles apart. (Which is why so many
> people blindly give their data to Facebook etc.) This is why I think the
> direction Comcast is going is ultimately going to win in the
> marketplace. Do I *want* to see Comcast win? No! But I think it's an
> inevitable trend. Customers are lazy. Customers are cheap. They will
> - en masse - support the lowest cost solution that *appears* to give
> them something of value, even when it's really not in their best
> interest.

Unless smart people like us *illustrate for them* why in the long run,
it's not really in their best interest.  That is our job, at layers 8 and 9,
right?

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "George Bonser" 

> Turn the question around. What would any provider think if a city said
> "sure, you can have access to our residents' eyeballs. It will cost
> you $5 per subscriber per month". Would Comcast or anyone go for that?
> That is a real question, by the way. For all I know some municipality
> might already do that. But say one with something between 100,000 and
> 1,000,000 potential subscribers did that. Would any of the providers
> think that is "fair"? Particularly *after* the provider is already
> providing services to those subscribers and then has the rules changed
> on them after they already have contracts in place with the
> subscribers?

I believe you're looking for Rose.net/CNS in Thomasville GA:

http://www.cns-internet.com/aboutcns.shtml

Why not go *ask* competing providers what they think?

> It just seems to me to be an evil Pandora's box that once opened,
> there is no potential end to. What if several cities ganged up and
> together decided to charge a last mile provider access to eyeballs?

What about it?

> Better in my opinion to let the end user pay for what they use. It

That's orthogonal to who should be providing it, so the rest of your graf:

> doesn't have to be strictly metered per meg but can be put into tiers
> (as most providers already do anyway). Sort of like "smart meters"
> they are doing with electricity. People will modify their usage
> according to what they can afford. Pricing bandwidth according to
> basic principles of supply and demand would probably work better.
> Those that use more would pay more, those that use less would pay
> less.

is a strawman.

And note that I don't *care* whether commercial entities think a given
approach is "fair" or not: they sure don't care whether *we* think their
practices are "fair".

No one is entitled to continue to make a living in any particular way,
by law or any other facility.  I thought that was attributable to 
Judge Learned Hand, but as it turns out, I stole it from Robert Heinlein,
who used it in a speech from a judge in his very first published story,
Lifeline.

Perhaps Bill Patterson, his biographer, knows where he stole it from.

It's still an excellent thing to remember.

Lots of companies have sprung up to fulfill a niche -- full motion NTSC
video processing in PCs, frex -- and then had to find something else to
do when the pendulum swung from hardware back to software.

Cheers,
-- jra

Re: OT - NO (Non-Operational) Question

[Jay Ashworth]

- Original Message -
> From: "Andrew Haninger" 
> To: "Joe Blanchard" 
> Cc: nanog@nanog.org
> Sent: Friday, December 17, 2010 1:28:47 AM
> Subject: Re: OT - NO (Non-Operational) Question
> On Fri, Dec 17, 2010 at 12:22 AM, Joe Blanchard 
> wrote:
> 
> > It appears there's really no easy way to determine the origin of a
> > text sent to a cell...
> >
> For shortcodes, Neustar provided a list:
> 
> https://www.usshortcodes.com/csc/directory/directoryList.do?method=showDirectory&group=all
> 
> For regular cellular numbers, the Wireless Amber Alert site is popular
> amongst MVNO (e.g. prepaid) users to find out so they can use the
> email-to-text gateways:
> 
> http://www.wirelessamberalerts.com/
> 
> (You don't actually sign up, just enter the number and then it will
> tell you
> the carrier.)
> 
> For landlines/VoIP/etc. Google should be able to tell you at least the
> city/state. Though it's rare that you will get a text from a landline,
> it is possible.

I could be wrong, but I think the actual question was "is it realistic
to assume a text to a cellphone came from the number it *says* it came
from?" and I think the answer is "no, there are a few ways to spoof it".

Received SMS messages are probably not evidentiary, absent a report from
the receiving carrier of the message traffic log involved, which would
itself be hearsay unless someone testified about it.

Cheers,
-- jra

Re: Alacarte Cable and Geeks

[Jay Ashworth]

 Original Message -
> From: "JC Dill" 

> On 17/12/10 4:54 AM, Carlos Martinez-Cagnazzo wrote:
> > I do believe that video over the Internet is about to change the
> > cable business in a very deep and possibly traumatic way.
> 
> +1
> 
> It's clear that this is a major driving factor in the Comcast/L3/Netflix
> peering/transit issue. Comcast is obviously looking for ways to fill
> the looming hole in their revenue chart as consumers turn off Cable
> and get their TV/video entertainment delivered via the internet.

The more I look at this, the more it looks like "pharmaceuticals bought
from Canada are cheaper than ones purchased in America -- and they will be 
*just as long* as only a minority of Americans buy them there.  As soon as
*everyone* in America is buying their drugs cross-border, the prices will
go right back up to what they were paying here."

This is what's gonna happen with Comcast, too; if their customers drop
CATV, then they're going to have to raise their prices -- and the cable 
networks themselves will have *no* way to collect revenue; the cable
systems being their collection agent network.

This Can't End Well.

Cheers,
-- jra

Google/Deja backup

[Jay Ashworth]

This is entirely off topic, except that this is the audience who will know
off hand.

Now that 2TB costs $100, has anyone solicited Google for a copy of the 
Historical Usenet Archives that were assembled by they and Dejanews,
such that this history lives in someplace... less commercial?  Like
the IA, perhaps?  I'm pretty certain that entire archive fits on one 
drive now.

I would set reply-to to me, but Zimbra is even less manageable than 
GGroups' interface.

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "Leo Bicknell" 

> After looking at many models I think Australia might be on to
> something. The model is that a quasi-government monopoly provides
> the last mile physical wire, but is unable to sell services on it.
> Basically they only provide UNE's. Then, at the switching center
> any ISP can pick up those UNE's and provide services. Competition
> to the end user, while the last mile is always a single povider
> limiting the issues above. Many cities are trying the same with
> electric service, one companie provides the transport infrastructure
> and when you select a generation provider.

That's what I've been advocating, what Verizon *really* *REALLY* doesn't 
want to happen (to the point that they've been agitating -- successfully
in some cases -- for state laws to forbid it), and what I think, based on
not a lot of evidence, Google is quietly encouraging with their Big Secret
Project.

Last mile fiber *really is* a Natural Monopoly.

And yeah, that's roughly how power competition was handled as well.

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "JC Dill" 

> On 19/12/10 8:31 PM, Chris Adams wrote:
> > Look up pictures of New York City in the early days of electricty.
> > There were streets where you couldn't hardly see the sky because of
> > all
> > the wires on the poles.
> >
> Can you provide a link to a photo of this situation?

Sure, though they're a bit harder to find on the web than you'd
think; it took me almost 20 minutes to find this one when I 
wrote the piece:

http://baylink.pitas.com/#LASTMILE

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "Robert Bonomi" 

> "Overbuild" is practical *ONLY* where: (a) the population density is
> high,lowering 'per customer' costs, and (b) service 'penetration' is high
> enough that the active subscriber base (as distinct from 'potential'
> subscribers) sufficient to support the 'overhead' of two complete, parallel,
> physical plants. This tends to be 'self-limiting', to up-scale, high-density
> housing, neighborhoods. The 'raw economics' of the situation may well be
> distorted by local government 'intrference' -- e.g., requiring a provider 
> serve
> _all_ households within arbitrary boundaries, rather than just 'low hanging
> fruit' areas.

Yup.

And that's just another argument in favor of muni fiber -- since it's municipal,
it will by definition serve every address, and since it's monopoly, it will
enable competition by making it practical for competitors to start up, since
they'll have trival access to all comers.

And since D-CATV is pretty much delivered over IP these days *anyway*,
it won't even be technically difficult for cable providers to hook up
customers over such a backbone.

Gee... I wonder if the teeny little town I live in wants to be the first
in our county to do that.  :-)

Cheers,
-- jra

Muni Fiber Last Mile - a contrary opinion

[Jay Ashworth]

I was poking around to see what the current received wisdom was as to 
average install cost per building for suburban municipal home-run fiber,
and ran across this article, which discusses the topic, and itemizes 
several large such deployments that "failed" or had to be sold private.

I'd be interested to see what comments nanogers have on this piece. I'm 
not well enough read to critically evaluate the guy's assertions.

http://www.digitalsociety.org/2010/03/why-municipal-fiber-has-not-succeeded/

Cheers,
-- jra

Re: .gov DNSSEC operational message

[Jay Ashworth]

- Original Message -
> From: "Matt Larson" 

> The new KSK will not be published in an authenticated manner outside
> DNS (e.g., on an SSL-protected web page). Rather, the intended
> mechanism for trusting the new KSK is via the signed root zone: DS
> records corresponding to the new KSK are already present in the root
> zone.

That sounds like a policy decision... and I'm not sure I think it sounds
like a *good* policy decision, but since no reasons were provided, it's 
difficult to tell.

Why was that decision taken, Matt?

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "John Osmon" 

> On Thu, Dec 23, 2010 at 10:17:46AM -0800, Joel Jaeggli wrote:
> [...]
> > The fact that I can get a wavelength to county dump in Eugene OR the
> > composting facility in Palo Alto doesn't really do anything for the
> > residential access market.
> 
> Why not?
> 
> You have to start with connectivity *somewhere*. If the economics work
> out, *someone* will build the residential access market from those
> access points.

Well, I think Joel's real point was that it's not necessarily a given that
just because fiber's being installed by (or under contract to) a city or
other municipality, that it will necessarily be run to *every single premise*
in that municipality.

And of course he's right, but there are lots of good reasons to do it that
way; buildings often change occupancy and purpose, and the dump, of course,
is *run* by the municipality very often, and you want all your official
facilities connected up anyway.  And doing it all as one build probably
makes it easier to finance.

My personal favorite reason to do this is that it *increases the 
property values in the municipality*, an assertion for which I have
no documentary evidence or studies.  :-)  (To clarify there, by "this" 
I mean muni fiber in general, not necessarily passing every premise,
though Metcalfe's Law probably applies here as well...)

Cheers,
-- jra

Re: Muni Fiber Last Mile - a contrary opinion

[Jay Ashworth]

- Original Message -
> From: "Nathan Eisenberg" 

> I got a chuckle out of this:
> "Provo County’s iProvo was hoping for 10,000 subscribers by July 2006
> with the assumption that 75% of those customers would subscribe to
> lucrative triple play services, but the reality was 10,000 customers
> in late 2007 with only 17% of those customers subscribing to triple
> play"
> 
> A 75% upsell rate to triple play packages seems ludicrous. I can't
> think of any industry that sees an upsell rate of 75% - can you (hell,
> I sold running shoes in high school, and the -target- upsell rate on
> shoestrings/socks/whatever-else was 15%).

Indeed.  And it seems worth noting that, unless I'm missing something, 
iProvo specifically violated the condition we all seem to agree is most
important in such a build: they were not only the fiber op, but the content
transport provider (ie, cable company/IAP).

Cheers,
-- jra

Re: Some truth about Comcast - WikiLeaks style

[Jay Ashworth]

- Original Message -
> From: "Frank Bulk - iName.com" 

> Uhm, D-CATV is not IP just quite yet. Sometimes I wish that's the
> case, but it's still very much RF.
> 
> There are several vendors that sell GPON solutions that support RF
> over fiber, and there's always IP TV.

Hmm.  I had acquired the idea, from looking at the setup screens on the
latest gen SciAt converters that it was, at very least, FDM IP multicast;
that is, MPEG2 over IP multicast, and then multiplexed 4:1 or so into 
multiple broadband carriers, but sent as IP multicast streams and 
decoded that way.  No?

Cheers,
-- jra

Re: .gov DNSSEC operational message

[Jay Ashworth]

- Original Message -
> From: "Matt Larson" 

> On Thu, 23 Dec 2010, Jay Ashworth wrote:
> > > From: "Matt Larson" 
> >
> > > The new KSK will not be published in an authenticated manner
> > > outside DNS (e.g., on an SSL-protected web page). Rather, the intended
> > > mechanism for trusting the new KSK is via the signed root zone: DS
> > > records corresponding to the new KSK are already present in the
> > > root zone.
> >
> > That sounds like a policy decision... and I'm not sure I think it
> > sounds like a *good* policy decision, but since no reasons were provided,
> > it's difficult to tell.
> >
> > Why was that decision taken, Matt?
> 
> Having a zone's KSK statically configured on validators as a trust
> anchor can lead to a world of hurt: when rolling the KSK, the zone
> owner has to get everyone to update their trust anchor configuration.
> In theory, the protocol described in RFC 5011 allows an operator to
> signal a roll and validators will do the right thing. In practice, in
> these early days, you can't count on much 5011 deployment because
> implementations haven't been available for that long.

Yes, I'd gathered that.

> This situation puts the operator of a popular signed zone, such as a
> TLD, in a difficult position and makes KSK rolls difficult--but only
> if the KSK is statically configured. Meanwhile, we now have a
> perfectly good signed root zone that can vouch for any TLD's KSK. As
> a result, as the impending registry operator for .gov, VeriSign
> doesn't want to encourage static configuration of the .gov KSK as a
> trust anchor. Such static configuration would be made easier and
> implicitly condoned if the .gov KSK were published and authenticatable
> outside of DNS.

Ok, having re-read this a third time, now on a full sized screen, I guess
I see what you're driving at: you don't *want* an out-of-band auth channel,
*because people will use it*.

> Note that the situation is the same today with the signed .net zone
> (and will be the same for the .com zone when it is signed in Q1 of
> 2011): the .net KSK is intentionally not published outside DNS. The
> path to trusting that key is via the signed DS record corresponding to
> it in the root zone.

Just remember what Lazarus Long said: "put all your eggs in one basket,
certainly.  But make sure it's a *very good*  basket."

Cheers,
-- jr 'where am I going?  And why am I in this handbasket?' a

Re: .gov DNSSEC operational message

[Jay Ashworth]

- Original Message -
> From: "Florian Weimer" 
> > That sounds like a policy decision... and I'm not sure I think it sounds
> > like a *good* policy decision, but since no reasons were provided, it's
> > difficult to tell.
> 
> I don't know if it influenced the policy decision, but as it is
> currently specified, the protocol ensures that configuring an
> additional trust anchor never decreases availability when you've also
> got the root trust anchor configured, it can only increase it. This
> means that there is little reason to configure such a trust anchor,
> especially in the present scenario.

Not being a DNSSEC maven, the idea that there was no out-of-band way to 
confirm what the in-band method was telling you seemed bad to me; Matt's 
explanation, OTOH, seems sensible.

Cheers,
-- jra

Re: Muni Fiber Last Mile - a contrary opinion

[Jay Ashworth]

- Original Message -
> From: "Jared Mauch" 

> During the northeast power outage the biggest local problem was
> inability to pump gas out of underground tanks. The margin at the
> stations is low enough it's not worth it to have generators. Best off
> having the pipeline next to you and to use natural gas/propane if your
> needs can be easily met by it.

Note that the state of Florida has mandated gensets for petroleum sellers.

Cheers,
-- jra

Re: .gov DNSSEC operational message

[Jay Ashworth]

- Original Message -
> From: "Doug Barton" 

> Now OTOH if someone wants to demonstrate the value in having a
> publication channel for TLD DNSKEYs outside of the root zone, I'm
> certainly willing to listen. Just be forewarned that you will have an
> uphill battle in trying to prove your case. :)

If you do not, then your clients have little hope of spotting insider 
malfeasance changes, no?

Or aren't such changes practical for other reasons which I don't
understand, not being a DNSSEC maven?

Cheers,
-- jra

Re: .gov DNSSEC operational message

[Jay Ashworth]

 Original Message -
> From: "Kevin Oberman" 

> There is no reason that you could not do OOB transfers of keys, but it
> would be so cumbersome with the need to maintain keys for every TLD
> (and, for that matter, every zone under them) and deal with key rolls
> at random intervals and confirm that the new keys you were getting were,
> in fact legitimate would be more than overwhelming. It just does not
> scale.

I apologize; I was not clear.

I was not suggesting OOB *production transfer of keying information*.

I was rather suggesting that an additional publication of the keys, in
an authenticatable manner, which could be used by anyone who believed
that Something Hincky might be going on to confirm or deny, might be
useful.

Cheers,
-- jra

Re: .gov DNSSEC operational message

[Jay Ashworth]

Bill Manning saith:
> who intimated that the OOB channel would be http? since that is based
> on the DNS, i'd like to think it was suspect as well. :)

No it's not, Bill, not *necessarily*; you know better than that.  :-)

Cheers,
-- jra

Happy New Year: Crazy Wiring

[Jay Ashworth]

Here, for those who were involved in the "is that a picture of Manhattan 
with multiple phone companies" debate last week, is a link to the first
of a series of linked blog posts, which contain a lot of those pics, 
somewhat better cited than I've seen before, along with a large collection
of "thank ghod I don't have to deal with that" pictures of wiring 
catastrophes.

  http://www.darkroastedblend.com/2007/03/really-bad-wiring-jobs_20.html

Happy Gregorian New Year!

Cheers,
-- jra

nanog@nanog.org

[Jay Ashworth]

- Original Message -
> From: "Jo Rhett" 

> On Nov 25, 2010, at 2:11 PM, Kevin Oberman wrote:
> > Have you tried 611 (from an AT&T land-line phone)?
> 
> Many people don't have one. I haven't had one for over 12 years now,
> nor have any of my employers for the last 8 years.

For what its worth, I *have* tried reporting outside plant damage in GTE
FL to Verizon; it's impossible to find anyone who has any clue WTF you're 
talking about.

I call my ex-boss's son, who works there, and ask him to pass it along
to his dispatcher as something *he's* seen.

Cheers,
-- jr 'I realize this doesn't scale' a

Satellite IP

[Jay Ashworth]

This is admittedly a touch end-usery, my apologies...

I'm looking into satellite-based 2-way IP transport, on the scale of
SCPC DVB-RCS or iDirect, as an adjunct to the already installed 
"traditional" one-way satellite gear installed in the Frontline DSNG
truck owned by my new employer, both for MPEG streaming for broadcast,
and possibly for emergency-response support, if I can sell that idea.

Has anyone on NANOG any personal experience with that, from either end?

Almost all of what I'll need to do will be what the satellite guys call
"occasional use", ie: "I need a six hour block Thursday night, starting
at 7pm", as opposed to the "monthly service with an FAP" that most 
people seem to sell.  LBiSat is one company that understands occasional,
I'm wondering if there are others (and if their IP jocks hang out here).

Cheers,
-- jra

Re: Satellite IP

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 

> On Mon, 10 Jan 2011 11:06:32 EST, Kelly Olsen said:
> > That would only happen with an outrageously over-subscribed
> > provider.
> 
> OK - I'll feed the troll. What's the proper amount of unused and therefor
> non-revenue-generating capacity the operator is supposed to reserve in
> order to *guarantee* that bandwidth will be available?

> (Hint - the provider doesn't have to be "outrageously" oversubscribed
> - by definition, if you're oversubscribed *at all*, it's possible for
> somebody to lose out. It's easy for the provider to be 98% sure that they'll 
> be
> able to satisfy all the requests. But guaranteeing 100% is a whole nother
> story...)

Ok, I'll feed the troll.  :-)

Those who want to *guarantee* that they will never lose out -- people
like network news organizations -- *lease entire transponders by the year,
or for the projected lifetime of the satellite*, after which those 36MHz 
are yours to do with as you like; here's a list of the current *dedicated*
ABC transponder avails:

   http://www.abcnewsabsat.com/files/frequencies_nac_041510%5B2%5D.pdf

There's really a *lot* of space-segment available, Valdis.  A lot.

And if you buy a transponder for the entire projected 15-year lifetime
of the bird, I hear you get a pretty hefty discount over the hourly
rack rate. ;-)

Now, in my particular case, the secondary usage I was talking about
wasn't so much first-line municipal support per se, but backup to that,
in the way that hams have always provided that sort of support, just fancier;
in that case, it's practical for me to utilize contended, and therefore 
substantially cheaper, occasional time (LBiSat, for example, has quoted 
me $179/hr for 3MHz, and $250/hr for 4.5MHz as a rack rate, which is
acceptable for my primary use, as long as the uncontended-service 
packet-loss and jitter numbers are low enough; contended time should be 
much cheaper than that), and in either use case, since there are at least 
3 providers, with a total of something like 12 full transponders, who 
provide occasional iDirect connectivity, I shouldbe able to book the 
time *somewhere*, just as "traditional" DSNG operators
(using DVB-S MPEG2, mostly) always have.

Thanks to Kelly, I'd seen Skycasters, but didn't get the impression from 
the website that they did anything other than monthly service; to James,
I'll check out Trustcomm; and to Ryan: yeah, there are Video-to-MPEG-to-
IP-Ethernet encoders off the rack; for that use-case, I mostly need to find
a matched pair that's efficient; the primary use of the truck will *not*
be sports.  :-)

And I'll be leaving in the DVB-S modulator that's there, so if the truck 
is suitable to someone for rental, they'll be able to use it in the traditional
fashion as well.

My motivation for asking the question *here* was of course to get the operator
perspective on the actual transport, if anyone had any.  

Cheers,
-- jra

Re: Satellite IP

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 

> So what you're saying is that after a Kyoto/Chile sized quake, or a
> Katrina, or a Quebec 1990 ice storm, you can *guarantee* that you can 
> still fill all requests for transponder space, and *still* satisfy every
> single customer who wants to book 4 hours on Thursday on short notice.
> 
> Like I said - 98% is easy. 100% is hard.

Sure.

But 100% is also your strawman, I believe; no?

Particularly in the specific space we're presently talking about: 
iDirect Satellite IP service over transponders dedicated to the 
hub operator, the service is a bit more elastic than I believe you 
imagine.

*Most* iDirect customers are sharing a carrier; it's a TDMA service.

It's only the fairly rare ones, like I may be, who actually want a
"1:1" or uncontended carrier all to ourselves.  Depending on your
spectrum management practices as a hub operator, if you have an entire 
36MHz Ku band transponder -- or better, 2 on the same bird -- with which 
to play, you may be able to carve out 3MHz worth of free space, without
*anyone* getting knocked off line.

The 1000 other clients who are contending for that 72MHz of space merely
have to contend a very small amount harder.

So in actual fact, it may be possible to both meet your SLA's to the 
contention customers and *still* give an occasional customer 100%
uncontended bandwidth for a short period of time; it's one of the 
reasons I propose to go that way: it *increases* my odds of getting
a clean slot from at least one of 3 hub providers at any given 
hour.

Cheers,
-- jra

Re: Satellite IP

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 

> > Why the hostility, Valdis?
> 
> As I said several times - it's not hard to be 98% or 99% sure you can make
> all your commitments. However, since predicting the future is an inexact
> science,
> it's really hard to provide a *100% guarantee* that you'll have enough
> contended capacity to make all the performance targets even if every
> single occasional customer shows up at once. As Jay pointed out in his
> follow-up note, his backup strategy is "scramble around and hope another
> provider can
> come through in time", which is OK if you *know* that's your strategy
> and are OK on it. However, blindly going along with "my usual provider
> guaranteed 100% availability" is a bad idea.

I don't think Kelly is on his first rodeo, and I know I'm not.

"scramble around" is a bit pejorative as descriptions for my booking 
strategy go, but everyone has a cranky day every so often, not least me.

:-)

And note that I *also* pointed out that carrier statmuxing on the 
transport is a valid strategy for capacity elasticity, in that particular
environment.

> Remember, we're coming out of a solar minimum. ;)

Are we in fact coming out of it yet?  I heard it was getting deeper,
and that we were looking at a Dalton, if not another Maunder.

Cheers,
-- jra

National Squirrel Appreciation Day

[Jay Ashworth]

The holiday is today, according to holidayinsights.com

http://www.holidayinsights.com/moreholidays/January/squirrelappreciation.htm

Did anyone ever do the scope-sight T-shirt?  No, wait; that was a backhoe.

Cheers,
-- jra

Re: anyone running GPS clocks in Southeastern Georgia?

[Jay Ashworth]

- Original Message -
> From: "Gary Buhrmaster" 
> 
> Most of the "brand name" GPS NTP solutions have a clock
> with is more than stable enough to survive without GPS
> lock for 45 minutes(*). Some of the more expensive units with
> temperature controlled oscillators have hold times in the
> many weeks. My guess is that the NTP ripples will be
> limited to those NTP servers just (or recently) booted
> which have not yet achieved a stable clock state.

Do such clocks reduce their advertised stratum when doing so? 

Or are they always considered "GPS-steered", and therefore there's no
meaningful change short-term?
-- jra

Re: Found: Who is responsible for no more IP addresses

[Jay Ashworth]

- Original Message -
> From: "Brian Johnson" 

> I really wish people would keep their personal/political bias outside
> the list unless it is specific and relevant. What other "main-stream"
> news organization has made any reports on this issue?
> 
> To be clear, FOX screwed this up big time, but that doesn't mean we
> all need to get out our personal/political pitchforks and run them out
> of town. Take your Ritalin.  :-)

Fox didn't screw up, for a change, and Vint's quote appears in many 
other news sources.  Apparently, I'm the only one on Nanog who knows
about this new thing called The Google.  :-)

Thinking that Fox "News" is not a reputable news source is not, indeed,
an opinion attributable *solely* to non-Republicans, and indeed, it's easy
to prove in a documentary, non-partisan fashion.

Cheers,
-- jra

Re: Found: Who is responsible for no more IP addresses

[Jay Ashworth]

[ Sorry; forgot to address this to the list, earlier. ]

- Original Message -
> From: "Brian Johnson" 

> I'm a bit torn on this issue. I haven't even heard any other
> "main-stream" sources say anything on this topic. But Incorrect info
> is bad too.
> 
> I hope the viewers who watched this are getting the gist that
> "Something wicked this way comes". :)

Vint was quoted as saying this some months ago, I believe in a story linked
from Slashdot on a reputable news outlet.

Sure enough:

https://encrypted.google.com/search?q=vint+cerf+IP+address

Cheers,
-- jra

Re: Found: Who is responsible for no more IP addresses

[Jay Ashworth]

Let me clarify:

The original question was (so far as I could see): "Was Fox making up the
quote where Vint took the blame for IPv4 exhaustion?"

The answer, of course, was "no, they didn't; lots of people have the quote".

I wasn't speaking to the technical details of the actual piece, which,
clearly, I didn't read.  :-)

Cheers
-- jra

Re: [dnsext] Historical root keys: The Large Router Vendor Speaks

[Jay Ashworth]

- Original Message -
> From: "John Bashinski" 

> Well, this has generated some interesting messages, and apparently
> some people think that the "large router vendor" in question should
> speak for itself.

Yay!

> Realities
> =
> 5. Some of the people installing these products (frankly including some
> of the professional network gear) will have no clue what DNSSEC is
> or what cryptography is.
> 
> 6. In the case of the consumer gear, the cost to us of helping the
> customer deal with any DNSSEC failure will be greater than the entire profit
> we make on the device.
> 
> 7. Even for professional gear, customers don't want to pay their staff
> to mess with this, and we don't want to pay our staff to support
> them.
> 
> 8. Lots of our products get drop-shipped to people's field offices,
> get plugged in by a wire-plugger-inner who basically just checks
> that the lights are on and goes on to the next task, and then
> have to fend for themselves, at least enough to be able to talk
> to the NOC and await further instructions.
> 
> Implication B: As much as it possibly can, anything we do must work
> without human intervention, and especially without very skilled
> intervention. We know there will be problems, but we MUST minimize
> them and minimize the amount of "touch" required to fix them.
> 
> Implication C: Social engineering is almost always a bigger risk than
> cryptographic failure, especially at the device end of the
> communication chain.

That block of (correct) observations, coupled with later ones which I've
elided for space, suggests to me the following observation:

  There is a limit to the maximum practical security and trust which 
  can be engineered into the Internet at Large, absent some investment by
  specific users/network operators who require more.

That observation shouldn't apply to the people who actually have
a reason to be on this list -- backbone operators and professional
DNS zone server operators *should* make that investment, as a contribution
to the Public Good...

but you can't necessarily expect it at the edge.

My experience, and the integration of all the things I've learned in 
doing this for 25 years, is that complexity reaches a tipping point; 
there's only so much of it you can allow and still have a stable 
system -- and the complexity "attack surface" is at least proportional
to the size of the system itself; something the size of The Entire 
Internet has even more stringent limits in that regard than, say,
an enterprise LAN/WAN.

So while I applaud Cisco's (or, more properly, John's) evaluation of
the situation, and statement of goals -- and I agree with nearly 
everything he says -- my personal opinion is that there's a practical
limit as to how close to the edge you can push the event horizon
without the whole thing falling over... and I don't think that 
number's 100%.

Cheers,
-- jra

Re: Found: Who is responsible for no more IP addresses

[Jay Ashworth]

- Original Message -
> From: "Owen DeLong" 

> > Fox didn't screw up, for a change, and Vint's quote appears in many
> > other news sources. Apparently, I'm the only one on Nanog who knows
> > about this new thing called The Google. :-)
> >
> I don't think Vint's quote was the part where we thought Fox screwed
> up.

Yes; that was cleared up for me.  :-)
-- jra

Re: BCP38.info

[Jay Ashworth]

- Original Message -
> From: "Chris Grundemann" 

> Perhaps instead of trying to do this as a new independent activity
> (with
> all of the difficulties that entails), the community would be better
> served
> by documenting this information as a BCOP or two or three???
> 
> >>> http://bcop.nanog.org/ <<<

Answering this on my phone last night, I didn't see Chris had carboned
the group, so I will repeat on-list my observation that I stood up

  http://bestpractices.wikia.com

something like 6 years ago, and couldn't get any traction on it then; 
I'm not sure I think much has changed -- apparently, extracting your
BP thoughts from mailing list postings and putting them into a wiki is
more effort than most NANOGers are up to.

So no, perhaps attempting to load a rifle will be easier than a shotgun[1].

Cheers,
-- jra

[1] Firearms analogy not intended to encourage gun violence[2].
[2] Duh.
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Neighborhood mesh statistical multiplexing

[Jay Ashworth]

I wonder if they'll break BCP 38... or vice-versa...

http://arstechnica.com/business/2014/01/bewifi-lets-you-steal-your-neighbors-bandwidth-when-theyre-not-using-it/
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: Neighborhood mesh statistical multiplexing

[Jay Ashworth]

- Original Message -
> From: "Patrick W. Gilmore" 

> On Jan 26, 2014, at 16:04 , Jay Ashworth  wrote:
> 
> > I wonder if they'll break BCP 38... or vice-versa...
> >
> > http://arstechnica.com/business/2014/01/bewifi-lets-you-steal-your-neighbors-bandwidth-when-theyre-not-using-it/
> 
> As long as Telefonica customers only use other Telefonica links within
> WiFi range, Telefonica can ensure it will have no effect on BCP38.
> Worst case, I can "ddos" the guy in the next apartment by spoofing his
> address. Best case, they ensure the BeWifi software disallows such
> things.
> 
> And I don't see other broadband networks allowing Telefonica customers
> to ride their links.
> 
> I also wonder why Telefonica would do this as opposed to telling
> people to upgrade their DSL?

Unless I misread the piece, Pat, they *do* intend for customers to 
mesh non-Telefonica links, which is half of your answer.

"All our customers are at max rate for their distance" is probably the
other half.

I was making the former assumption in my musing.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Will a single /27 get fully routed these days?

[Jay Ashworth]

- Original Message -
> From: "John R. Levine" 

> The customer continues to whine about performance. Our ISP says, ah, you
> need our Preferred Thoughput Upgrade Innovation (PTUI), available at
> modest extra cost. The extra cost, of course, it what it costs to buy
> a /24 and get the customer into the real routing table.

And John wins the Internet for today.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Neighborhood mesh statistical multiplexing

[Jay Ashworth]

- Original Message -
> From: "Patrick W. Gilmore" 

> > Unless I misread the piece, Pat, they *do* intend for customers to
> > mesh non-Telefonica links, which is half of your answer.
> 
> I guess we read it differently.
> 
> They even mention "Telefonica is currently looking towards developing
> economies and its huge customer base".
> 
> Finally, assuming they ask someone else to do this, can you imagine
> another network saying "sure, use my DSL link to make your customer
> happier..."?

Nope, sure can't.

> > "All our customers are at max rate for their distance" is probably
> > the other half.
> 
> Thought about that, but they discuss customers on different tariffs.
> 
> It might be useful when everyone is limited to 128 Kbps or something.
> 
> 
> > I was making the former assumption in my musing.
> 
> You know what you do when you make an assumption, right? You make an
> ASS out of U and MPTION. :)

Thank you, Tony Randall.  :-)

(You know, I can't find an earlier citation for that riff than the Odd
Couple episode...)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Neighborhood mesh statistical multiplexing

[Jay Ashworth]

- Original Message -
> From: "Patrick W. Gilmore" 

> I guess we read it differently.

[ rereads ]

I'm wrong; you win; shut up.  :-)

I did find *this* amusing, though:

"""
Another unexpected finding was that people do not use the Internet heavily all 
at exactly the same time—a concern at the beginning of the trial—but in 
sporadic bursts. This means there is nearly always some spare bandwidth 
available to be recycled.
"""

It was unexpected, to them?  Really?  Has streaming widened out the
end-user consumption so much that statmuxing isn't thought to be useful
anymore?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

From Outages - AT&T outage in Maryland area

[Jay Ashworth]

Tracking a really world-class AT&T fiber outage in MD:

> >  Our AT&T service delivery manager just updated the list for us:
> >
> > · 7 OC192s
> > · 7 OC48
> > · 22 Core T3/DS3s
> > · 8 additional T3/DS3s

[ Apologies for the lack of attribution; they fell apart while I was 
trying to clip the quote. ]

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Twinax trivia check (was Re: Is there such a thing as a 10GBase-T SFP+ transciever)

[Jay Ashworth]

- Original Message -
> From: "joel jaeggli" 

> > I thought "Twinax" was an IBMish MILSPEC term.
> 
> twinax could refer to a specific technology or to the presence of dual
> inner conductors e.g. in contrast to coax or triax.

Rather specifically, Twinax refers to cable with 2 center conductors in
it's foam or plastic insulator *both within the same shield* -- generally,
I think always, a balanced pair.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

[Jay Ashworth]

- Original Message -
> From: "Cb B" 

> I completely agree. My sphere of influence is bcp38 compliant. And,
> networks that fail to support some form of bcp38 are nothing short of
> negligent.
> 
> That said, i spend too much time taking defensive action against ipv4 amp
> udp attacks. And wishing others would deploy bcp38 does not solve today's
> ddos attacks.

Nope.  But providing a bigger, better tuned hammer to apply to people's 
heads may.  So any contributions you can make to 

  http://www.bcp38.info 

will be cheerfully accepted.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: TWC (AS11351) blocking all NTP?

[Jay Ashworth]

- Original Message -
> From: "Glen Turner" 

> On 4 Feb 2014, at 9:28 am, Christopher Morrow
>  wrote:
> 
> > wait, so the whole of the thread is about stopping participants in
> > the attack, and you're suggesting that removing/changing end-system
> > switch/routing gear and doing something more complex than:
> >  deny udp any 123 any
> >  deny udp any 123 any 123
> >  permit ip any any
> 
> Which just pushes NTP to some other port, making control harder. We’ve
> already pushed all ‘interesting' traffic to port 80 on TCP, which has
> made traffic control very expensive. Let’s not repeat that history.

"Those who do not understand the Internet are condemned to reinvent it.
 Poorly."

-- after henry@utzoo, though he was talking about Unix, and I am generally
looking at Tapatalk and talking about Usenet.

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: TWC (AS11351) blocking all NTP?

[Jay Ashworth]

- Original Message -
> From: "Jared Mauch" 

> Ask your vendors for these features. Ask them to fix the bugs. The
> ball rolls uphill here and it's in their lap. Blaming the carriers is
> wrongheaded and putting it where it doesn't belong in many cases.
> Happy to discuss offline.

I phrased that a bit more stridently here:

  http://www.bcp38.info/index.php/Information_for_equipment_manufacturers

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 

> Can somebody explain to me why those who run eyeball networks are able
> to block outbound packets when the customer hasn't paid their bill,
> but can't seem to block packets that shouldn't be coming from that
> cablemodem?

The purported argument is "our edge concentrators don't have that knob/
enough horsepower to do it manually and stay on the line card".

I'm not sure how accurate that argument is any more and (as I noted in
another reply just now[1]), I'm officially not buying it anymore.

Cheers,
-- jra
[1] http://www.bcp38.info/index.php/Information_for_equipment_manufacturers
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Why won't providers source-filter attacks? Simple.

[Jay Ashworth]

- Original Message -
> From: "Paul Ferguson" 

> > (And yes, I know that in the first case, it urges the customer to
> > cough up the bucks, and in the second case, it's usually not a
> > revenue generator)
> 
> It's a dichotomy that is... unexplainable for me personally.

Nope: it's easy to explain; you merely have to be a cynical bastard:

Attack traffic takes up bandwidth.

Providers sell bandwidth.

It *is in their commercial best interest (read: maximizing shareholder
value) *NOT* to filter out DOS, DDOS, and spam traffic until their hand is 
forced -- it's actually their fiduciary duty not to.

*THIS* is the problem we have to fix.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: BCP38 is hard, was TWC (AS11351) blocking all NTP?

[Jay Ashworth]

- Original Message -
> From: "John Levine" 

> Subject: Re: BCP38 is hard, was TWC (AS11351) blocking all NTP?
> >Why does it have to be hard? Restricting the filter to addresses
> >which
> >(A) the customer asserts are theirs
> 
> How does the customer do that in a way that scales?
> 
> I don't think any of this is rocket science, but it apparently is a
> real block to BCP38/84 implementatin.

Well, there are two issues: how many exceptions at the transit layer will 
actually be needed, in practice...

and how much trouble will there still be there if we can get appreciable
uptake at the edge?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Done a physical security audit lately?

[Jay Ashworth]

http://www.npr.org/blogs/thetwo-way/2014/02/05/272015606/sniper-attack-on-calif-power-station-raises-terrorism-fears
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

[Jay Ashworth]

- Original Message -
> From: "Octavio Alvarez" 

> Maybe I'm oversimplifying things but I'm really curious to know why
> can't the nearest-to-end-user ACL-enabled router simply have an ACL to
> only allows packets from end-users that has a valid source-address
> from the network segment they provide service to.

The common answer, Octavio, at least *used to* be "our line cards aren't 
smart enough to implement strict-unicast-RPF, and our boxes don't have 
enough horsepower to handle every packet through the CPU".

As I've noted, I'm not sure I believe that's true of current generation
gear, and if it *is*, then it should cost manufacturers business.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

POLL: BCP38 Name And Shame

[Jay Ashworth]

- Original Message -
> From: "Valdis Kletnieks" 

> Time to name-and-shame. It's 2014. Who's still shipping gear that
> can't manage eyeball-facing BCP38?

It sure is.



POLL: If you run "eyeball" equipment -- edge concentrators/routers/CMTSen,
would you please post, without employer attribution, what make & model it
is, and which firmware rev it's running, and whether it has a knob for
unicast-strict-RPF or an equivalent automatic filtering method which is
compatible with "flip the switch" BCP38 deployment, and preferably runs 
on the relevant line cards, not CPU.

At your option, you can mention whether it's already on, whether you 
had to look it up, and which network it is.  :-)

PLEASE RESPOND to jra+bc...@baylink.com, not the list; I will aggregate.

I do not plan to mention any people in the results, but if I'm told the
names of networks in sufficient specificity to avoid confusion, I will
include those.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: BCP38

[Jay Ashworth]

- Original Message -
> From: "Frank Bulk" 

> Here's such a report:
> 
> http://spoofer.cmand.org/summary.php

And those results aren't bad; they amount to between 2/3 and 3/4 of 
real source address space already having something implemented, if I'm
reading them correctly.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

BCP38 is hard; let's go shopping!

[Jay Ashworth]

- Original Message -
> From: "joel jaeggli" 

> > As I've noted, I'm not sure I believe that's true of current generation
> > gear, and if it *is*, then it should cost manufacturers business.
> 
> There are boxes that haven't aged out of the network yet where that's an
> issue, some are more datacenter-centric than others. force10 e1200 was
> one platform that had this limitation for example.

So making sure manufacturers are producing gear that's BCP38-compliant,
and buyers have it on their tick-list, is still a productive goal, too.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

[Jay Ashworth]

Sure.  Part of the data collection task.  Making sure all the current new gear 
knows how, still a good idea.

On February 5, 2014 11:32:26 PM EST, Mark Tinka  wrote:
>On Wednesday, February 05, 2014 11:24:42 PM Jay Ashworth 
>wrote:
>
>> As I've noted, I'm not sure I believe that's true of
>> current generation gear, and if it *is*, then it should
>> cost manufacturers business.
>
>But only matters if you're refreshing or just starting out.
>
>A lot of operators have a large installed base of such kit, 
>and given horsepower is still plenty, getting that swapped 
>out is a tall ask.
>
>Mark.

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

[Jay Ashworth]

I'm going to be somewhat of a pain in everybody's ass this year, pounding on 
the drum whenever the topic pops up. :-)

On February 5, 2014 11:38:08 PM EST, Mark Tinka  wrote:
>On Thursday, February 06, 2014 06:34:16 AM Jay Ashworth 
>wrote:
>
>> Sure.  Part of the data collection task.  Making sure all
>> the current new gear knows how, still a good idea.
>
>Yep - like Joel said; current kit supports it (well, the 
>ones I buy, anyway), and certainly a good idea for operators 
>to make sure their favorite vendor can support this when 
>they run their next purchase cycle.
>
>Mark.

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.