while
ago, when some of the lessons were a little more recently-learned:
https://www.pch.net/resources/Papers/anycast/
https://www.pch.net/resources/Papers/dns-service-architecture/dns-service-architecture-v11.pdf
-Bill
> On May 15, 2018, at 8:47 AM, John Levine wrote:
> Bruce Schneier's blog entry ended by saying that
> if you care about encryption use Signal or WhatsApp.
I didn’t even.
-Bill
signature.asc
Description: Message signed with OpenPGP
ipment to support any IXP. We’re
generally giving out 100G-capable switches for IXPs now.
-Bill
signature.asc
Description: Message signed with OpenPGP
nt to give them a “why” it doesn’t work, Zhi-Li
Zhang and I wrote that up fifteen years ago, when it became evident that it
wasn’t going to happen.
https://www.pch.net/resources/Papers/multicast-billing/multicast-billing-v10.pdf
-Bill
signature.asc
Descriptio
want to give them a “why” it doesn’t work, Zhi-Li
Zhang and I wrote that up fifteen years ago, when it became evident that it
wasn’t going to happen.
https://www.pch.net/resources/Papers/multicast-billing/multicast-billing-v10.pdf
-Bill
signature.asc
Descriptio
ceasing to operation on the ability to
>> look at the data that he said was available through PREDICT?
All of the PCH data will continue to be available directly from us, despite the
PREDICT/IMPACT portal going away.
-Bill
signature.asc
Description: Message signed with OpenPGP
Received at roughly 12:15 Pacific time, AT&T / IOS / Berkeley CA.
-Bill
signature.asc
Description: Message signed with OpenPGP
n at least a year since I’ve seen a
swipe anywhere. The change happened quite quickly. It’s all been chip, or
chip-and-pin, for at least a year.
-Bill
signature.asc
Description: Message signed with OpenPGP
eir direct and indirect customers.”
Nothing to do with their peering.
-Bill
e RIRs, so we had the
ASes databased by country-code. We still have that part up-to-date.
-Bill
Introduced off-list. Thanks for getting in touch first, so we can make sure
there’s a reasonable path for the data.
-Bill
> On Dec 13, 2018, at 03:45, Lars Prehn wrote:
>
> Hi everyone,
>
> I'm planning to download a significant amount of PCH'
No _v4_ resources to speak of, but it’s a little late in the day to be worrying
about that anyway.
-Bill
> On Feb 6, 2019, at 13:05, TJ Trout wrote:
>
> You do realize that there aren't any resources available to request right?
>
>> On Wed,
Did I miss anything?
Apparently, yes.
-Bill
signature.asc
Description: Message signed with OpenPGP
issuing certs. The Let’s Encrypt guys at least seemed interested in learning
from their mistake. Can’t say as much of Comodo.
-Bill
signature.asc
Description: Message signed with OpenPGP
DNSSEC specifically, but apparently attacks bring people
with all manner of chips on their shoulders out of the woodwork). It’s a
particularly self-defeating logical fallacy, so being aware of it is the first
step to recognizing it and avoiding it.
-Bill
signature
e, and stop wasting
effort trying to keep the CA system alive with ever-hackier band-aids.
-Bill
signature.asc
Description: Message signed with OpenPGP
kingdom.
Agreed. There’s absolutely no reason for registrars to be involved with DS
records of zones they’re not signing. And, for the same reason, there’s no
reason for them to be involved with NS records, either, after an initial
bootstrap.
-Bill
signature.asc
e that, yes, DNS people believe that the
solution to insecurity in the DNS is to replace insecure portions of the DNS
with more secure improvements to the DNS.
-Bill
signature.asc
Description: Message signed with OpenPGP
own registry, at
which point you only need to worry about the security of the root zone.
-Bill
signature.asc
Description: Message signed with OpenPGP
> On Feb 26, 2019, at 1:25 PM, Nico Cartron wrote:
>
>
>
>> On 26 Feb 2019, at 21:58, Bill Woodcock wrote:
>>
>>
>>
>>> On Feb 26, 2019, at 8:12 AM, John Levine wrote:
>>>
>>> In article
>>> you
>>>
> On Feb 24, 2019, at 9:20 PM, Bill Woodcock wrote:
>
>
>
>> On Feb 24, 2019, at 7:41 PM, Montgomery, Douglas (Fed)
>> wrote:
>> In the 3rd attack noted below, do we know if the CA that issued the DV CERTS
>> does DNSSEC validation on its DNS challeng
> On Feb 26, 2019, at 1:34 PM, James Renken via NANOG wrote:
>
> On Feb 25, 2019, at 5:20 AM, Bill Woodcock wrote:
>> We know that neither Comodo nor Let's Encrypt were DNSSEC validating before
>> issuing certs.
>
> I’d like to clarify that Let’s Encrypt has
is datacenters, which
profit immensely if there’s a successful IXP in them, but can never afford to
locate themselves where IXPs would be most valuable, and don’t like to have to
provide free backhaul to better IXP locations.
-Bill
signature.asc
Description
Exactly. Speed x distance = cost. This is _exactly_ why IXPs get set up. To
avoid backhauling bandwidth from Dallas, or wherever. Loss, latency,
out-of-order delivery, and jitter. All lower when you source your bandwidth
closer.
-Bill
> On Oct 15, 2
different than this time last year, or the year before. Happy to
help however we can.
-Bill
smime.p7s
Description: S/MIME cryptographic signature
Got it, thank you.
> On Dec 19, 2023, at 15:57, Mike Hammett wrote:
>
> p { margin: 0; }
> I responded offlist.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> F
I just checked with NASA DNS ops, and they said that it was a DNSSEC issue with
the delegation from .GOV, which has since been resolved.
-Bill
> On Dec 22, 2023, at 15:43, Leato, Gary via NANOG wrote:
>
> Are there any admins on list from nasa? L
> On Jan 30, 2024, at 17:00, Dmitry Sherman wrote:
>
> ru tld down?
Not exactly down… they just busted their DNSSEC, or their domain got hijacked
or something. Bad DNSKEY records.
-Bill
signature.asc
Description: Message signed with OpenPGP
>>> On Tue, Jan 30, 2024 at 8:11 AM Bill Woodcock wrote:
>>> Not exactly down… they just busted their DNSSEC, or their domain got
>>> hijacked or something. Bad DNSKEY records.
>>
>> On Jan 31, 2024, at 06:34, Eric Kuhnke wrote:
>> Not necess
documentation stores, with servers in San Jose and Washington DC,
a couple of years later. A couple of years further on and the World Wide Web
was a thing, and everybody was doing it.
-Bill
> On Feb 24, 2024, at 7:38 AM, Ask Bjørn Hansen wrote:
>
>
>
&
u.int. Both are
pretty quiet, though both have very helpful people on them.
-Bill
signature.asc
Description: Message signed with OpenPGP
u.int. Both are
pretty quiet, though both have very helpful people on them.
-Bill
signature.asc
Description: Message signed with OpenPGP
https://pleroma.pch.net/media/59934e723985a9d0eb476eda11ca090f602091190d11d181c5d0dd7523755768.png
-Bill
signature.asc
Description: Message signed with OpenPGP
, which is attached to the loopback,
depending whether you’re ready to service traffic.
-Bill
to do that.
John is exactly correct on each of these points. And I guess I’d go a little
further and say that ICANN and IANA are separate entities, with IANA predating
ICANN by a decade.
-Bill
State and
Commerce were considering reassigning it as an apology for the Rousseff spying
incident in 2013, but they didn’t quite get it together to act.
-Bill
cations#Peering_disputes
-Bill
d, all be accessible to all networks.
-Bill
was about Cogent, which is about as clearly
in the for-profit camp as it’s possible to be.
-Bill
> On May 18, 2024, at 11:55, Saku Ytti wrote:
> On Sat, 18 May 2024 at 10:38, Bill Woodcock wrote:
>> So, yes, I think having an open peering policy should be a requirement for
>> operating a root nameserver. I don’t think there’s any defensible rationale
>>
ications, and I expect a lot of
companies to go into that with their eyes more open than last time, knowing why
they’re doing it. It’s not about brand protection, it’s about
disintermediating the root of trust and giving yourself a solid foundation for
your security architecture.
ext round. Because, you
know, inflation or something.
-Bill
signature.asc
Description: Message signed with OpenPGP
ngTLD round. At least everybody’s a lot more educated this
time around.
-Bill
signature.asc
Description: Message signed with OpenPGP
CC isn’t particularly known for looking at
costs or alternatives or the big picture.
But this isn’t _bad_ if you aren’t too concerned about fragility, and aren’t
worried about it completely distracting people from the other three quadrants
of that matrix.
-Bill
signature.asc
Description: Message signed with OpenPGP
% correlation, and you’d be at 911 out
of a million. So, how much better than that are we talking about?
-Bill
signature.asc
Description: Message signed with OpenPGP
for IXP use.
Notably only four of the six 100G ports on the 92160YCX will run at 100G,
leaving two at 40G.
Anybody had any luck sourcing 2x25G NICs for Cisco UCS servers?
-Bill
signature.asc
Description: Message signed with OpenPGP
th rate, and
behind the U.S. growth rate, which is why the problem is getting worse.
Bandwidth costs are falling faster elsewhere, so they’re importing more foreign
bandwidth.
-Bill
signature.asc
Description: Message signed with OpenPGP
> On Aug 8, 2017, at 5:19 PM, TR Shaw wrote:
>
> Bill,
>
> What does Bell buying MTS do? Does it change your statement or will the MTS
> portion of Bell still peer locally?
I’d have to go back and look at the actual ASNs in our analysis. I think what
we called “MTS Allst
major
> Canadian peering points, such as NYC, Chicago or LA.
To be fair, Rogers does peer in Toronto. Along with New York, Chicago,
Seattle, and Ashburn.
-Bill
signature.asc
Description: Message signed with OpenPGP
traffic goes through
Canada.
-Bill
signature.asc
Description: Message signed with OpenPGP
Why don't we just swap out your 40g switch for a 100g switch? You've had the
40g one for a while, and we anticipate upgrades every 18-24 months.
-Bill
> On Aug 20, 2017, at 08:46, Mike Hammett wrote:
>
> I first sent to an IX-specific mailing list, b
ly, it was awkward and off-putting.
Probably a safe bet that it was mostly aspirant juniors. To my occasional
observation, the cool seniors don't attend anymore. Unless Stephen Stuart or
Sean Doran or John Hawkinson showed up. Which would surprise me very much.
-Bill
>> freshman being told who all the "cool seniors" were.
>> Frankly, it was awkward and off-putting.
>
> On Sep 11, 2017, at 12:32 AM, Bill Woodcock wrote:
> Probably a safe bet that it was mostly aspirant juniors.
Patrick has pointed out to me that my offhand d
admittedly very lengthy process to make your life easier.
https://www.surveymonkey.com/r/criticalinfrastructure
Much appreciated,
-Bill
Links in case you want to pursue further reading on the things I’ve mentioned
above:
https://en.wikipedia.org/wiki
m governing their behavior when they’re not at war, and have less excuse or
leeway or whatever.
-Bill
signature.asc
Description: Message signed with OpenPGP
I know, it's a big place. I'd like to talk about something I'm seeing from
your networks and see if you agree on what it could be. This includes
legacy Qwest, CenturyTel, etc. I could list ASNs but it's kind of a long
list, as you'd expect :)
Thank you, and sorry for the noise.
--
Bill Weiss
> On Mar 28, 2018, at 11:14 AM, Payam Poursaied wrote:
>
> dig google.com @1.1.1.1
> Cloudflare?
Yeah, Cloudflare did a deal with Geoff Huston to use it. It’s reserved for
“experimental use."
-Bill
signature.asc
Description: Message signed with OpenPGP
ing in
this space for years, and hardly anyone’s heard of it, for instance. I believe
even Neustar does. And they’re all DNS specialists, rather than web-content
specialists.
-Bill
signature.asc
Description: Message signed with OpenPGP
d who try
to do the same with 9.9.9.9. Which is why it’s so important to do
cryptographic validation of the server and encryption of the transport, as well
as DNSSEC validation.
-Bill
signature.asc
Description: Message signed with OpenPGP
at information, but they're in less
> of a position to insert ads than my cableco is.
The only queries for which the query string is collected are those which match
the malware block-lists.
IP addresses are not collected for any queries, not even for ones which match
the malwar
ime
hunting for someone to update the web site. :-)
-Bill
signature.asc
Description: Message signed with OpenPGP
> On Apr 2, 2018, at 11:28 PM, Robert Mathews (OSIA) wrote:
>
> On 4/3/2018 1:04 AM, Bill Woodcock wrote:
>>> On Apr 2, 2018, at 7:24 PM, Robert Mathews (OSIA)
>>> wrote: *Group Co-founded by City of London
>>> Police promises 'no snooping on your re
that which what you have.
Ok, sorry if I was being overly persnickety. My apologies. I’ve been spending
too much time answering questions on “social media” and it’s making me
antisocial.
-Bill
signature.asc
Description: Message signed with OpenPGP
+1
I don't think anyone is going to take your side after that maneuver, Todd.
-Bill
On Tue, Oct 12, 2010 at 09:22, Jeffrey Lyon wrote:
>
> They should shut down your power again for that one.
>
> Regards, Jeff
>
taken seriously. (It already is by
> anyone with a large network running IPv6.)
And none of the listed IETF "full standards" are IPv6 related. That
seems a little bit odd to me given that everyone is supposed to have
implemented them by now.
Bill Bogstad
On Sat, Oct 16, 2010 at 7:57 PM, Mark Smith
wrote:
> On Sat, 16 Oct 2010 19:52:31 -0400
> Bill Bogstad wrote:
>
>> On Sat, Oct 16, 2010 at 6:26 PM, Kevin Oberman wrote:
>> >> Date: Sun, 17 Oct 2010 00:40:41 +1030
>> >> From: Mark Smith
>> >&
in advance for any input
--
Bill Blackford
Network Engineer
Logged into reality and abusing my sudo privileges.
visibility purposes, I'm making other choices.
-b
--
Bill Blackford
Network Engineer
Logged into reality and abusing my sudo privileges.
an their purple color
> and that I don't really know their IOS that well. But to be fair, they have
> worked just fine.
>
> In
Sounds like you need to use the 64 bit templates as your data may be
"rolling over".
-b
--
Bill Blackford
Network Engineer
Logged into reality and abusing my sudo privileges.
things stand. There's a very long tail to the IXP curve, but nearly all of
the traffic volume in North America is going through Equinix-operated
facilities, at this point. RAS has mentioned the main other ones, and I'd
probably only add Toronto and CoreSite to the list.
96 days left Martin? Don't think we'll make it past January?
--bill
Begin forwarded message:
> From: Leo Vegoda
> Date: November 30, 2010 12:27:11 PST
> To: Leo Vegoda
> Subject: [janog:10168] Four additional /8s allocated in November 2010
> Reply-To: ja...@jano
nows what we
need the vending machines stocked with is the sticking point, since the market
is too small to separate those roles, I think. At least to bootstrap. Of
course, if the economy continues downward, maybe there will be more clueful
people who figure stocking vending machines is better
ly higher latency) (or significantly lower
latency, if you were still on modems.)
--
Thanks; Bill
Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.
e prevents the end user from tampering with any part of the RIP
configuration, but the point is that RIP actually is used at a large
scale for this purpose.
-Bill
ing to cook up
some whole new single-purpose protocol from scratch. That was the essence of
the interview I gave, and I don't think that message made it through into the
finished article very obviously.
-Bill
PGP.sig
Description: This is a digitally signed message part
Butlerian Jihad.
-Bill
On Dec 9, 2010, at 19:02, "Robert E. Seastrom" wrote:
>
> mikea writes:
>
>> On Thu, Dec 09, 2010 at 06:26:30PM +, Dobbins, Roland wrote:
>>
>>> On Dec 10, 2010, at 1:19 AM, Michael Smith wrote:
http://tech.slashdot.org/submission/1416250/68-of-US-broadband-connections-arent-broadband
-Bill
PGP.sig
Description: This is a digitally signed message part
five retailers initiated
from distributed IP addresses out of Thailand, Mexico, Philippines,
and Brazil and reached peeks of up to 14 Gbps, with some websites
experiencing up to 10,000 times above normal daily traffic. "
Bill Bogstad
are y'all ready for this gift?
--bill
Begin forwarded message:
> From: "Ernest - (AfriNIC)"
> Date: December 20, 2010 3:16:42 PST
> To: annou...@afrinic.net
> Subject: [AfriNIC-announce] AfriNIC to assign AS Numbers from a common 32-bit
> pool.
>
> De
, don't have time for anything home grown or unsupported /
community based.
Thanks,
Bill Lewis
Hot Topic
t needs to be
> configured.
Err, almost everything falls apart once you allow a
compromised/malicious host on the local LAN. If you have
circumstances where this may happen on anything like a regular basis,
you really need all kinds of control/monitoring of traffic that go far
beyond any local NDP overflow issues.
Bill Bogstad
Subway subs started offering toasted as an option in response to the
success of Quiznos Subs.
So many vendors have been chasing the "me too" feature match behind
Cisco for so many years it interesting to see Cisco doing the same
behind Juniper.
-b
--
Bill Blackford
Network Engine
.
I have a document that describes the convention of every field of
every type in order to maintain consistency.
What I struggle with is trying to find a consistent naming convention
for gear behind the firewall vs. on the outside that is publicly
visible.
-b
--
Bill Blackford
Network E
on an E1 line that announces routes for the entire country is
going to have his router overheat and the blue smoke get out If
we're lucky, the Army won't damage too much as they either win or
lose.
--
Thanks; Bill
Note that this isn't my regul
er.geolocator-example.com" and
"ipv6tracker.geolocator-example.com" on the same web pages to try to
start building correlation information, and if course you need your
application that uses the information to speak IPv6 and handle 128-bit
records and not just 32-bit.
--
s.
(Admittedly, having dealt with ZA's dominant player in a previous job,
I'd rather use anybody else also...)
--
Thanks; Bill
Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.
039/8 APNIC 2011-01 whois.apnic.net ALLOCATED
106/8 APNIC 2011-01 whois.apnic.net ALLOCATED
... whimper ...
thing.
If your ISP is only assigning you a /64 of GUA, that's another story.
--
----
Thanks; Bill
Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.
alas, our service predates Joe’s marvelous text.
“B” provides its services locally to its upstream ISPs.
We don’t play routing tricks, impose routing policy, or attempt to
influence prefix announcement.
/bill
Neca eos omnes. Deus suos agnoscet.
On 17March2014Monday, at 7:17, Joe Abley wrote
: DANE certificates for TLS/SSL connections.
-Bill
signature.asc
Description: Message signed with OpenPGP using GPGMail
ble amount of good on the
Internet, the version of events described by the 3.5 release song does not
match my personal experiences.
Bill
If you wouldn’t mind a quick tracerooute - Can you confirm reachability to the
following:
2001:500:84::b
Thanks in advance.
/bill
Neca eos omnes. Deus suos agnoscet.
Thanks All for taking the time to prod 2001:500:84::b
Looks like it is reachable from many places… enough that we will proceed to
augment the “B” root server with perhaps the last in a long line of IPv6
addresses that it has had over the last 15 years.
Splay will increase over time.
/bill
did you ask Jared?
/bill
Neca eos omnes. Deus suos agnoscet.
On 4June2014Wednesday, at 12:15, Warren Kumari wrote:
> Yup, I did think it was worth asking the entire list.
>
> W
well then. you could just use that date then and it should be alright…
/bill
Neca eos omnes. Deus suos agnoscet.
On 4June2014Wednesday, at 12:24, Warren Kumari wrote:
>
>
> On Wednesday, June 4, 2014, manning bill wrote:
> did you ask Jared?
>
>
> Yup.
>
> An
er… this is no longer news… back in -MAY-… it was:
http://www.ntia.doc.gov/press-release/2014/ntia-announces-intent-transition-key-internet-domain-name-functions
/bill
Neca eos omnes. Deus suos agnoscet.
On 6June2014Friday, at 14:31, Jay Ashworth wrote:
> In one of the worst writ
announce them so folks can use the space as darknets…
/bill
PO Box 12317
Marina del Rey, CA 90295
310.322.8102
On 17June2014Tuesday, at 15:39, John Levine wrote:
> In article
> you
> write:
>> +1+1+1 re living room
>
> My cable company assigns my home network a /50.
to “tap” the Internet and
load/fill/examine DNS caches of Internet DNS traffic. NSA and its industrial
partners (like Farsight Security)
do this for a living. there are many corporations that have built/use
enclaved or walled garden networks for internal use that have no visibility to
the Int
ually clueless
interpretation of the court decision. In any event, even if the court was as
clueless as this implies, it won’t go anywhere.
-Bill
signature.asc
Description: Message signed with OpenPGP using GPGMail
gt; Seth Charles Ben HAIM, et al., Plaintiffs, v. The ISLAMIC REPUBLIC OF IRAN,
> et al., Defendants. Civil Action No. 02-1811 (RCL)
http://freebeacon.com/wp-content/uploads/2014/06/Subpoena-Ben-Haim-02-1611-with-Schedule-A.pdf
-Bill
signature.asc
Description: Message signed with OpenPGP using GPGMail
101 - 200 of 587 matches
Mail list logo
