-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Nov 8, 2009 at 9:35 PM, David Conrad wrote:
> On Nov 8, 2009, at 4:59 PM, David Andersen wrote:
>> Z. M. Mao, C. D. Cranor, F. Douglis, and M. Rabinovich. A Precise and
>> Efficient Evaluation of the Proximity between Web Clients and their
>>
Kris Foster and Michael K. Smith have been chosen to fill two year
terms on the Communications Committee (formerly known as the Mailing
List Committee.)
They join Randy Epstein and Tim Yocum, who are starting the second
year of their terms, and Sue Joiner, who is the Merit appointee to the
On Nov 8, 2009, at 4:59 PM, David Andersen wrote:
> Z. M. Mao, C. D. Cranor, F. Douglis, and M. Rabinovich. A Precise and
> Efficient Evaluation of the Proximity between Web Clients and their Local DNS
> Servers. In Proc. USENIX Annual Technical Conference, Berkeley, CA, June 2002.
Given that pa
If you're a consumer broadband provider, and you use a DNS blackhole
list so that any of your subscribers who tries to reach
bigbank1.fakebanks.example.com gets redirected to
fakebankwebsitelist.sipc.gov, you might be able to claim that you
complied with the law, though the law's aggressive enough
> DNS is NOT always defined by Paul... :)
I agree Bill, but Paul is right on the money about how the DNS is being
misused and abused to create more smoke and mirrors in the domain
name biz.
I really find annoying that some ISPs (several large ones among them) are
still tampering with the DNS resp
On 2009-11-09, at 10:35, Simon Lyall wrote:
And my first question would be what would the load on the global
routing system if a couple of thousand (say) extra sites started
using anycast for their content?
Are you asking what the impact would be of a couple of thousand extra
routes in t
On Sun, 8 Nov 2009, Alex Balashov wrote:
For example, perhaps in the case of CDNs geographic optimisation should be in
the province of routing (e.g. anycast) and not DNS?
Well my first answer to that would be that GSLB scales down a lot further
than anycast.
And my first question would be wh
> Alex Balashov wrote:
> > For example, perhaps in the case of CDNs geographic optimisation
> > should be in the province of routing (e.g. anycast) and not DNS?
> >
> > -- Alex
>
> In most cases it already is. He completely fails to address the concept
> of Anycast DNS and assumes people are usi
On Nov 8, 2009, at 7:46 PM, bmann...@vacation.karoshi.com wrote:
"The paper also presents the results of trace-driven simulations that
explore the effect of varying TTLs and varying degrees of cache
sharing on DNS cache hit rates. "
I'm not debating the traces - I wonder about the simu
On Sun, Nov 08, 2009 at 07:42:18PM -0500, David Andersen wrote:
>
> On Nov 8, 2009, at 7:30 PM, bmann...@vacation.karoshi.com wrote:
>
> >On Sun, Nov 08, 2009 at 07:17:16PM -0500, David Andersen wrote:
> >>
> >>"Our trace-driven simulations yield two findings. First, reducing the
> >
> >
On Sun, Nov 8, 2009 at 6:06 PM, Dave Temkin wrote:
> In most cases it already is. He completely fails to address the concept of
> Anycast DNS and assumes people are using statically mapped resolvers.
>
> He also assumes that DNS is some great expense and that by not allowing tons
> of caching we'
On Nov 8, 2009, at 7:30 PM, bmann...@vacation.karoshi.com wrote:
On Sun, Nov 08, 2009 at 07:17:16PM -0500, David Andersen wrote:
"Our trace-driven simulations yield two findings. First, reducing the
---
-Dave
a simulation is driven from a mathmatical
On Sun, Nov 08, 2009 at 07:17:16PM -0500, David Andersen wrote:
>
> "Our trace-driven simulations yield two findings. First, reducing the
---
> -Dave
>
a simulation is driven from a mathmatical model, not real world
constructions.
--bill
On Sun, Nov 8, 2009 at 4:06 PM, Dave Temkin wrote:
> He also assumes that DNS is some great expense and that by not allowing
> tons of caching we're taking money out of peoples' wallets. This is just
> not true with the exception of very few companies whose job it is to answer
> DNS requests.
>
DNS is NOT always defined by Paul... :)
--bill
On Sun, Nov 08, 2009 at 05:39:47PM -0500, Alex Balashov wrote:
> Thought-provoking article by Paul Vixie:
>
> http://queue.acm.org/detail.cfm?id=1647302
>
> --
> Alex Balashov - Principal
> Evariste Systems
> Web : http://www.evaristesys.com
On Nov 8, 2009, at 7:06 PM, Dave Temkin wrote:
Alex Balashov wrote:
For example, perhaps in the case of CDNs geographic optimisation
should be in the province of routing (e.g. anycast) and not DNS?
-- Alex
In most cases it already is. He completely fails to address the
concept of Any
Alex Balashov wrote:
For example, perhaps in the case of CDNs geographic optimisation
should be in the province of routing (e.g. anycast) and not DNS?
-- Alex
In most cases it already is. He completely fails to address the concept
of Anycast DNS and assumes people are using statically ma
Dave Temkin wrote:
Alex Balashov wrote:
Thought-provoking article by Paul Vixie:
http://queue.acm.org/detail.cfm?id=1647302
I doubt Henry Ford would appreciate the Mustang.
I don't think that is a very accurate analogy, and in any case, the
argument is not that we should immediately cease
Alex Balashov wrote:
Thought-provoking article by Paul Vixie:
http://queue.acm.org/detail.cfm?id=1647302
I doubt Henry Ford would appreciate the Mustang.
-Dave
Basically the organisation that I'm working for will not have the skills in
house to support a linux or bsd box. They will have trouble
with supporting the BGP configuration, however I don't think they will be happy
with me if I leave them with a linux box when they
don't have linux/unix resourc
There are any problems with quagga+BSD/Linux that you know or something
like that?
Or in your scenario a "cisco/juniper box" is a requirement?
I'm asking this because I'm always running BGP with upstreams providers
using quagga on BSD and everything is fine until now.
--
>
>From: a...@baklawasecrets.com [a...@baklawasecrets.com]
>- BGP router capable of holding full Internet routing table. (whether I go
>for partial or full,
>I think I want something with full capability).
--Capable of holding _2_ full internet routing t
Thought-provoking article by Paul Vixie:
http://queue.acm.org/detail.cfm?id=1647302
--
Alex Balashov - Principal
Evariste Systems
Web : http://www.evaristesys.com/
Tel : (+1) (678) 954-0670
Direct : (+1) (678) 954-0671
So if my requirements are as follows:
- BGP router capable of holding full Internet routing table. (whether I go for
partial or full, I think I want something with full capability).
- Capable of pushing 100meg plus of mixed traffic.
What are my options? I want to exclude openbsd, or linux wi
So if my requirements are as follows:
- BGP router capable of holding full Internet routing table. (whether I go for
partial or full, I think I want something with full capability).
- Capable of pushing 100meg plus of mixed traffic.
What are my options? I want to exclude openbsd, or linux wi
Sean Donelan wrote:
>
> Oh, the cloud service provider won't negotiate, won't give you unlimited
> service credits, want to charge extra for that protection, don't want to
> make promises it will work, and so on :-)
>
> The same unsolved problems from the 1970's mainframe/timesharing era
> still
On Sun, 8 Nov 2009, Dobbins, Roland wrote:
if the discussion hasn't shifted from that of DDoS to EDoS, it
should.
All DDoS is 'EDoS' - it's a distinction without a difference, IMHO.
DDoS costs opex, can cost direct revenue, can induce capex spends -
it's all about economics at bottom, always
a...@baklawasecrets.com wrote:
> I think partial routes makes perfect sense, makes sense that traffic for
> customers who are connected to each of my upstreams should go out of
> the correct BGP link as long as they are up! Now I need to start thinking of
> BGP router choices, sure I have a plet
In message <75cb24520911060747x3556e01tbb80be8c9e0d5...@mail.gmail.com>, Christ
opher Morrow writes:
> On Thu, Nov 5, 2009 at 5:56 PM, wrote:
> > On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
> >> Did I miss a thread on this? Has anyone looked at this yet?
> >
> >> `(2) INTERNET SERVICE PRO
I think partial routes makes perfect sense, makes sense that traffic for
customers who are connected to each of my upstreams should go out of
the correct BGP link as long as they are up! Now I need to start thinking of
BGP router choices, sure I have a plethora of choices :-(
On Sun 10:01 P
a...@baklawasecrets.com wrote:
> Hi,
>
> Ok thanks for clearing that up. I'm getting some good feedback on applying
> for PI and ASN through Ripe LIRs over on the UKNOF so I think I have a handle
> on this.
> With regards to BGP and using separate BGP routers. I am announcing my PI
> space to
a...@baklawasecrets.com wrote:
> Hi,
>
> Thanks for the info on UKNOF. I've started a thread there with regards to
> RIPE and obtaining ASN numbers and so on., as
> this is I guess quite UK specific.
>
You will need an AS number regardless of what path you get your
addresses from to multihome
Hi,
Ok thanks for clearing that up. I'm getting some good feedback on applying for
PI and ASN through Ripe LIRs over on the UKNOF so I think I have a handle on
this.
With regards to BGP and using separate BGP routers. I am announcing my PI
space to my upstreams, but I don't need to carry a f
Don't think I sent the below to the list, so resending:
Thanks Seth and James,
Things are getting a lot clearer. The BGP multihoming solution sounds like
exactly what I want. I have more questions :-)
Now I suppose I would get my allocation from RIPE as I am UK based?
Do I also need to appl
Hi,
Thanks for the info on UKNOF. I've started a thread there with regards to RIPE
and obtaining ASN numbers and so on., as
this is I guess quite UK specific.
Adel
On Sun 8:40 PM , Arnold Nipper wrote:
> Hi Adel,
>
> On 08.11.2009 21:24 Ken Gilmour wrote
>
> > There are companies like
Hi Adel
There are companies like packet exchange (www.packetexchange.net)
(whom i have personally used) who will do all of the legwork for you,
such as applying for the ASN, address space, transit agreements, and
get the tail connections directly to your building. You just need to
pay them and buy
Thanks Seth and James,
Things are getting a lot clearer. The BGP multihoming solution sounds like
exactly what I want. I have more questions :-)
Now I suppose I would get my allocation from RIPE as I am UK based?
Do I also need to apply for an AS number?
As the IP block is "mine", it is ISP
Kanak,
We're not a Staminus reseller. Please do your homework:
http://webtrace.info/asn/32421 .
I'm not going to hold court on whether or not you or your resellers
are DDoSing competitor's customers, I was merely stating my opinion.
The reader can draw their own conclusion. I think your network i
On Sun, 08 Nov 2009 08:23:41 MST, Blake Pfankuch said:
> I wouldn't sway from the big names for your primary connections either.
This is, of course, dependent on the OP's location and budget. I know when we
were getting our NLR connection set up, there was a fair amount of "You want
40G worth o
a...@baklawasecrets.com wrote:
> Thanks for all your comments guys. With regards to bgp I did
> think about placing two bgp routers in front of the ssg's. However
> my limited understanding makes me think that if I had two bgp
> connections from different providers I would still have issues. So
Seth Mattinen [se...@rollernet.us] said:
>Forget all of that and just multihome to two separate providers with BGP
--Assuming that you're advertising PI space or can work around that
appropriately with your providers, I agree, that's the ideal situation.
>Having multiple circuits to one provider
Thanks for all your comments guys. With regards to bgp I did
think about placing two bgp routers in front of the ssg's. However
my limited understanding makes me think that if I had two bgp
connections from different providers I would still have issues. So
I guess that if my primary Internet go
On 2009-11-08-10:23:41, Blake Pfankuch wrote:
> Make sure they operate their own network for last mile
[...]
> I wouldn't sway from the big names for your primary connections
> either.
Because ownership of the provider/subsidiary delivering the last mile
means one hand is talking to the other, an
a...@baklawasecrets.com wrote:
> HI,
>
> I was recently brought onto a project where some failover is desired, but I
> think that the number of connections provisioned is excessive. Also hoping
> to get some guidance with regards to how well I can get the failover to
> actually work. So curre
Anton Kapela wrote:
What curve must we shift to get routers with hardware and software
that's both a) fast b) reliable and c) cheap -- in the hopes that the
only problems left to solve indeed are human ones?
Fast, Reliable, Cheap - pick any two. No, you can't have all three.
The fastest(best
Owen,
> We could learn a lot about this from Aviation. Nowhere in human history has
> more research, care, training, and discipline been applied to accident
> prevention,
> mitigation, and analysis as in aviation. A few examples:
Others later in this thread duly noted a definite relationship of
a...@baklawasecrets.com wrote:
HI,
Now I couldn't get any good answers as to why Internet connections 1 and 2 need
to be separate. I think the idea was to make sure that there was enough
bandwidth for the third party support VPN. I feel that I can consolidate this
into one connection and
>> -Original Message-
>> From: a...@baklawasecrets.com [mailto:a...@baklawasecrets.com]
>> Sent: Sunday, November 08, 2009 4:52 AM
>> To: nanog@nanog.org
>> Subject: Failover how much complexity will it add?
>>
>> HI,
>>
>> I was recently brought onto a project where some failover is desire
HI,
I was recently brought onto a project where some failover is desired, but I
think that the number of connections provisioned is excessive. Also hoping to
get some guidance with regards to how well I can get the failover to actually
work. So currently 4 X 100Mb/s Internet connections have
2009/11/6 Jeffrey Lyon
> The primary issue is that we receive a fair
> deal of customers who end up with wide scale DDoS attacks followed by
> an offer for "protection" to move to your network. In almost every
> case the attacks cease once the customer has agreed to pay this
> "protection" fee.
50 matches
Mail list logo
