Forgot your password?

Comment: Re:Why not contribute to gparted? (Score 5, Informative) 170

by Burdell (#47849263) Attached to: Fedora To Get a New Partition Manager

Because (as usual) the summary got it wrong. This is not a partition manager, it is a disk/filesystem manager. Partitions make up one part of that, but it is also intended to manage LVM, RAID, btrfs filesets, etc. I believe it uses the parted library on the backend for partitions.

This is based on the years-of-development code used in the backend of anaconda, the Fedora/Red Hat installer. The code has been pulled out, split up into a library, and set up for stand-alone use (after install). I believe the intention is that anaconda keeps using the library, but now there will be the same interface during install and afterwards for managing disks and filesystems.

Comment: Re:Their implementation sucks. (Score 1) 146

by Burdell (#47526561) Attached to: Comcast Carrying 1Tbit/s of IPv6 Internet Traffic

I have no problem with Comcast's IPv6 setup, once I hacked a few things in OpenWRT that were wrong; not sending the requested prefix size was a big one (so I could only get a /64 initially). Also, if the link drops, when it comes back and dhcp6c tries to update radvd, radvd doesn't restart (so the RAs go away and IPv6 quits on all auto-configured systems). My link is generally stable enough that I haven't been bothered enough to track down this bug to get it fixed.

IIRC, the only time I've had my delegated prefix change was when I was working things out to get a /60 instead of a /64. After working with a Comcast engineer, it seems under normal conditions, the only reasons your prefix should change is if your MAC address changes or they switch you to a different headend (which should be rare).

Comment: Re:4.3 U (Score 1) 68

by Burdell (#47462103) Attached to: HP Claims Their Moonshot System is a 'New Style of IT' (Video)

It is probably either 7.5 inches (4.29 U) or 190 milimeters (4.27 U) tall. However, I don't know why you'd make something designed to be rack mounted that is not an integral multiple of U, unless you have something that needs cables attached to the front (in which case you still designed it poorly).

Comment: Re:Who owns them? (Score 1) 474

Ehh, Comcast's business practices tend to suck, but their technical people do a good job. I think they were the first large-scale residential provider in the US with DNSSEC and IPv6 for example.

In any case, they are already doing separate channels for separate services (I believe that's how they implement voice service for example), so this will just be turning up another channel.

Comment: Re:Who owns them? (Score 5, Insightful) 474

It is my understanding that this will be done only on Comcast-owned equipment, and using a separate logical connection (like a VLAN) from the local subscriber data. This won't affect any subscriber data cap one way or the other. If a subscriber cancels, they probably unplug the Comcast equipment (so the wifi goes down) because they are supposed to return it to Comcast (or get billed).

Comment: Not protocol vulnerabilities (Score 1) 62

by Burdell (#47190453) Attached to: IPMI Protocol Vulnerabilities Have Long Shelf Life

Bad subject alert: the protocol itself is not vulnerable (any more than any other protocol), the problems are in the implementations (and lack of on-going support for most).

I always set up IPMI on a private VLAN, with only a couple of "trusted" hosts having access. Most things can be done with the "ipmitool" command-line program, or I can port-forward port 80 for the BMCs with a web interface. There are a few web-based BMCs with crappy Java applets for remote KVM (they mangled the VNC protocol just enough so regular VNC clients won't work); for those, I either set up a minimal X desktop VM or use a VPN to the trusted host.

Comment: Re:Farmers grow your food (Score 1) 173

by Burdell (#47034989) Attached to: AT&T Buying DirecTV for $48.5 Billion

Okay, so let them make that part of the "cost of doing business", like other just about every other business has to do. Farmers also have to have fuel to operate and haul equipment, seed, fertilizer/herbicide/pesticide, and product to and from "civilization", and they manage to do that just fine without my fuel getting taxed extra to pay for their fuel. I'd argue that fuel is a lot more important to the process than cheap high-speed Internet.

Comment: Re:It's not arrogant, it's correct. (Score 5, Insightful) 466

by Burdell (#46567605) Attached to: AT&T Exec Calls Netflix "Arrogant" For Expecting Net Neutrality

Netflix pays for their bandwidth

Well, but they don't always, at least not as much as anybody else. Several times in recent years, Netflix has switched bandwidth providers to "wanna-be tier 1" networks; that is, networks that are not as well-connected as they'd like to be because they don't really meet anybody's requirements for settlement-free peering. These providers see Netflix as leverage against their bigger competitors and appear to have sold Netflix bandwidth at well market prices in order to strong-arm competitors to provide new network interconnects.

Large networks don't just peer with anybody. There are costs involved in each additional turn-up, both for hardware ports and for the management side. They also don't just peer at a single or few locations (since that can allow outsider actors to cause drastic changes in internal network bandwidth utilization); they require other large networks to peer in a bunch of different places. Some of the smaller networks can't afford to do that, and want to dump large traffic hogs like Netflix at already congested peering points, and then complain that the big guys didn't bend over backwards to help them.

I've worked for small to very-small ISPs for over 18 years, and I definately don't hold Netflix blameless in this. They do things they know will impact their customers and then blame the other networks for all problems (and they aren't the only one, just one of the biggest in recent years).

Comment: Re:Possible botnet C&C related (Score 2) 349

by Burdell (#46458751) Attached to: Crowdsourcing Confirms: Websites Inaccessible on Comcast

CNAME on the root record of a zone is not allowed. .org servers delegate to ns1/ with NS records, so ns1/ must supply an SOA and one or more NS records for Instead they provide an out-of-scope SOA, valid-looking A, MX, and CNAME (which is also a bogus combination) but return NXDOMAIN for NS.

The real answer is that ns1/ have a wildcard for * with A, MX, and CNAME records. Somehow they also respond to any SOA request with an SOA for, and have no NS records.

I still suspect a botnet C&C DNS server is running, with probably a rapidly-changing set of domains delegated to it. Comcast is probably blocking delegations to those servers, and the only real choice (that isn't a lie) for DNS responses would be SERVFAIL (in this case due to policy). NOERROR+no ANSWER records or NXDOMAIN would not really be true.

Comment: Possible botnet C&C related (Score 3, Informative) 349

by Burdell (#46457025) Attached to: Crowdsourcing Confirms: Websites Inaccessible on Comcast

The DNS for is rather fishy looking. The .org servers have NS records pointing to and, which have a 20 second time to live (vs. a normal 1 day TTL), which is common in botnet command & control networks. Also, the ns1/ servers give answers to A lookups, but return NXDOMAIN for NS lookups (which is completely bogus; NXDOMAIN means that does not exist, not that it doesn't have NS records, which would still be bogus).

The NXDOMAIN for NS records would cause many caching servers to cache NXDOMAIN for all records (not just NS), which would cause the domain to not resolve (depending on the order things were looked up). Basically, I don't see this as a Comcast problem, but rather a problem with the DNS servers for This may be accidental (although AFAIK no normal DNS server would reply with A records but return NXDOMAIN for NS records), but looks possibly like it is intentional and possibly part of a botnet C&C. There's a lot of that going on lately.

Comment: Re:Other options? (Score 1) 247

by Burdell (#46364173) Attached to: The Rescue Plan That Could Have Saved Space Shuttle <em>Columbia</em>

Oops, yeah, I forgot Apollo 7. They probably would have been able to survive, although it might have been rough. The biggest problem probably would have been that they would not have had much choice in where they landed (could have ended up in a location where recovery was effectively impossible or would take too long, could have hit land instead of water, etc.).

Comment: Re:Other options? (Score 1) 247

by Burdell (#46352489) Attached to: The Rescue Plan That Could Have Saved Space Shuttle <em>Columbia</em>

There are risks in spaceflight that just can't really be overcome, except in hindsight. If what happened to Apollo 13 had happened to Apollo 8, the result would have been very different. Apollo 8 had no LM that could have been used as a "lifeboat", and it is unlikely that there would have been any other way to keep the astronauts alive. There's a good chance the Apollo program would have ended if NASA had two consecutive crews killed.

However, one thing from Apollo 8 helped Apollo 13: on Apollo 8, Jim Lovell accidentally erased the flight computer's memory and had to re-figure the position from start sightings. He had to do a similar task during Apollo 13 after the computer was powered down and restarted.

Somebody ought to cross ball point pens with coat hangers so that the pens will multiply instead of disappear.