Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:I get copying but... (Score 1) 96

by Burdell (#48545037) Attached to: Cisco Slaps Arista Networks With Suit For "Brazen" Patent Infringement

Most of those have cloned Cisco's IOS CLI and configuration structure, at least to some extent. Juniper's JUNOS was intentionally NOT written to clone IOS; instead they "invented" their own CLI and configuration structure from scratch. While it has its own warts, JUNOS is vastly superior to IOS ("commit confirm" FTW!).

Comment: Re:Yes it is a peering problem ... (Score 4, Informative) 243

by Burdell (#48272721) Attached to: First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix

Traffic balance is not the primary measure these days (from what I understand), it is just an economic decision. However, the Netflix case is interesting, because they were essentially used as a leverage tool by Cogent against the other carriers. Cogent has a long history of trying to get settlement-free peering, not meeting contract terms (whatever they are), getting dropped, and then blaming the other side. They have long wanted to be a settlement-free "tier 1" provider (which is a nebulous term, but go with it), but have generally not been. They sell bandwidth often at below-market rates in order to attract customers to leverage against the other "tier 1" providers. They saw Netflix on the rise and grabbed them, apparently selling bandwidth much cheaper than any other backbone (possibly at a loss even) in order to leverage settlement-free peering contracts out of other providers.

Any network engineering with a clue knows that you never buy bandwidth only from Cogent (or even Cogent and one other provider), because you _will_ get disconnected from somebody when Cogent gets in another peering dispute.

Comment: Re:Common Carrier (Score 4, Informative) 243

by Burdell (#48272669) Attached to: First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix

That would have zero impact. This is like the telephone company in city A have 96 channels to the telephone company in city B, but then 100 people try to make calls. Only some of them will go through, and that's a capacity issue, not regulated by Common Carrier status. They are not discriminating based on callers or anything, they are just "decliining" to upgrade capacity. In some cases, that could be regulated by state PUCs/PSCs, but AFAIK it is not normally. It is just up to the two carriers to reach an agreement.

This type of thing happened a lot in the early dialup ISP days, when telecom deregulation spawed a lot of CLECs that had to connect to ILECs to carry calls. The ILECs structured the contracts with settlement money for to flow to the destination of a call (thinking most of the CLEC calls would be _to_ ILEC users), but then the CLECs went and got all the dialup ISPs to move modem banks to them. Suddenly all the calls went _to_ the CLECs, and the ILECs had to pay (some did not and went to court instead).

Comment: Re:Why..... (Score 2) 259

by Burdell (#48146667) Attached to: "Double Irish" Tax Loophole Used By US Companies To Be Closed

The biggest issue with that is that most of these taxes are on profit, and profit can be shifted around pretty much at will. For example, Google(Ireland) could buy all the equipment needed for google.com, and "sell" it to Google(US), for an amount that just happens to resemble the profits of Google(US). So, Google(US) has no profit to tax, while Google(Ireland) has much profit (and little tax on it).

That's one reason some people favor sales/use/value-add taxes instead; it is harder to shift that around (although in the end, it is all shifted to the consumer).

Comment: Re:Why not contribute to gparted? (Score 5, Informative) 170

by Burdell (#47849263) Attached to: Fedora To Get a New Partition Manager

Because (as usual) the summary got it wrong. This is not a partition manager, it is a disk/filesystem manager. Partitions make up one part of that, but it is also intended to manage LVM, RAID, btrfs filesets, etc. I believe it uses the parted library on the backend for partitions.

This is based on the years-of-development code used in the backend of anaconda, the Fedora/Red Hat installer. The code has been pulled out, split up into a library, and set up for stand-alone use (after install). I believe the intention is that anaconda keeps using the library, but now there will be the same interface during install and afterwards for managing disks and filesystems.

Comment: Re:Their implementation sucks. (Score 1) 146

by Burdell (#47526561) Attached to: Comcast Carrying 1Tbit/s of IPv6 Internet Traffic

I have no problem with Comcast's IPv6 setup, once I hacked a few things in OpenWRT that were wrong; not sending the requested prefix size was a big one (so I could only get a /64 initially). Also, if the link drops, when it comes back and dhcp6c tries to update radvd, radvd doesn't restart (so the RAs go away and IPv6 quits on all auto-configured systems). My link is generally stable enough that I haven't been bothered enough to track down this bug to get it fixed.

IIRC, the only time I've had my delegated prefix change was when I was working things out to get a /60 instead of a /64. After working with a Comcast engineer, it seems under normal conditions, the only reasons your prefix should change is if your MAC address changes or they switch you to a different headend (which should be rare).

Comment: Re:4.3 U (Score 1) 68

by Burdell (#47462103) Attached to: HP Claims Their Moonshot System is a 'New Style of IT' (Video)

It is probably either 7.5 inches (4.29 U) or 190 milimeters (4.27 U) tall. However, I don't know why you'd make something designed to be rack mounted that is not an integral multiple of U, unless you have something that needs cables attached to the front (in which case you still designed it poorly).

Comment: Re:Who owns them? (Score 1) 474

Ehh, Comcast's business practices tend to suck, but their technical people do a good job. I think they were the first large-scale residential provider in the US with DNSSEC and IPv6 for example.

In any case, they are already doing separate channels for separate services (I believe that's how they implement voice service for example), so this will just be turning up another channel.

Comment: Re:Who owns them? (Score 5, Insightful) 474

It is my understanding that this will be done only on Comcast-owned equipment, and using a separate logical connection (like a VLAN) from the local subscriber data. This won't affect any subscriber data cap one way or the other. If a subscriber cancels, they probably unplug the Comcast equipment (so the wifi goes down) because they are supposed to return it to Comcast (or get billed).

Comment: Not protocol vulnerabilities (Score 1) 62

by Burdell (#47190453) Attached to: IPMI Protocol Vulnerabilities Have Long Shelf Life

Bad subject alert: the protocol itself is not vulnerable (any more than any other protocol), the problems are in the implementations (and lack of on-going support for most).

I always set up IPMI on a private VLAN, with only a couple of "trusted" hosts having access. Most things can be done with the "ipmitool" command-line program, or I can port-forward port 80 for the BMCs with a web interface. There are a few web-based BMCs with crappy Java applets for remote KVM (they mangled the VNC protocol just enough so regular VNC clients won't work); for those, I either set up a minimal X desktop VM or use a VPN to the trusted host.

Comment: Re:Farmers grow your food (Score 1) 173

by Burdell (#47034989) Attached to: AT&T Buying DirecTV for $48.5 Billion

Okay, so let them make that part of the "cost of doing business", like other just about every other business has to do. Farmers also have to have fuel to operate and haul equipment, seed, fertilizer/herbicide/pesticide, and product to and from "civilization", and they manage to do that just fine without my fuel getting taxed extra to pay for their fuel. I'd argue that fuel is a lot more important to the process than cheap high-speed Internet.

Comment: Re:It's not arrogant, it's correct. (Score 5, Insightful) 466

by Burdell (#46567605) Attached to: AT&T Exec Calls Netflix "Arrogant" For Expecting Net Neutrality

Netflix pays for their bandwidth

Well, but they don't always, at least not as much as anybody else. Several times in recent years, Netflix has switched bandwidth providers to "wanna-be tier 1" networks; that is, networks that are not as well-connected as they'd like to be because they don't really meet anybody's requirements for settlement-free peering. These providers see Netflix as leverage against their bigger competitors and appear to have sold Netflix bandwidth at well market prices in order to strong-arm competitors to provide new network interconnects.

Large networks don't just peer with anybody. There are costs involved in each additional turn-up, both for hardware ports and for the management side. They also don't just peer at a single or few locations (since that can allow outsider actors to cause drastic changes in internal network bandwidth utilization); they require other large networks to peer in a bunch of different places. Some of the smaller networks can't afford to do that, and want to dump large traffic hogs like Netflix at already congested peering points, and then complain that the big guys didn't bend over backwards to help them.

I've worked for small to very-small ISPs for over 18 years, and I definately don't hold Netflix blameless in this. They do things they know will impact their customers and then blame the other networks for all problems (and they aren't the only one, just one of the biggest in recent years).

Comment: Re:Possible botnet C&C related (Score 2) 349

by Burdell (#46458751) Attached to: Crowdsourcing Confirms: Websites Inaccessible on Comcast

CNAME on the root record of a zone is not allowed. .org servers delegate 021yy.org to ns1/2.booen.com with NS records, so ns1/2.booen.com must supply an SOA and one or more NS records for 021yy.org. Instead they provide an out-of-scope SOA, valid-looking A, MX, and CNAME (which is also a bogus combination) but return NXDOMAIN for NS.

The real answer is that ns1/2.booen.com have a wildcard for * with A, MX, and CNAME records. Somehow they also respond to any SOA request with an SOA for booen.com, and have no NS records.

I still suspect a botnet C&C DNS server is running, with probably a rapidly-changing set of domains delegated to it. Comcast is probably blocking delegations to those servers, and the only real choice (that isn't a lie) for DNS responses would be SERVFAIL (in this case due to policy). NOERROR+no ANSWER records or NXDOMAIN would not really be true.

MSDOS is not dead, it just smells that way. -- Henry Spencer

Working...