Recently in nanog quotes Category

http://news.clnz.net/2007/10/19

Нет особого смысла развернуто перечислять, что у людей не так. Надо прочитать, ужаснуться, и больше так не делать. Но готовность детально отчитываться перед пользователями за собственные факапы заслуживает одобрения.

This entry was originally posted in my livejournal

Что-то давненько я не блогал длинной и скучной нудятины про сети. Видимо, работа удовлетворяет потребности в писательстве ;)

Мимо меня раз в несколько месяцев пробегает очередная версия любопытного драфта. Я все порываюсь поиграться и заблогать, но все как-то было не до того. Наконец, дошли руки. Драфтик этот в девичестве назывался draft-decraene-mpls-ldp-interarea, а теперь его приняли как workgroup документ в MPLS WG и теперь он называется draft-ietf-mpls-ldp-interarea.

О чем речь?

While working at a distinguished university with a religious affiliation, I
learned, as did one of the priest-biologists, not to refer to a piece of
instrumentation as possessed. While one of the priest-theologians meant
well, we learned what happened when holy water is sprinkled into the high
voltage supply of a gas chromatograph. Beckman Instruments was so amused
they didn't charge for equipment abuse not under maintenance contract.

http://article.gmane.org/gmane.org.operators.nanog/49438

This entry was originally posted in my livejournal

Many years ago I worked for a small Mom-and-Pop type ISP in New York
state (I was the only network / technical person there) -- it was a
very free wheeling place and I built the network by doing whatever
made sense at the time.

One of my "favorite" customers (Joe somebody) was somehow related to
the owner of the ISP and was a gamer. This was back in the day when
the gaming magazines would give you useful tips like "Type 'tracert
$gameserver' and make sure that there are less than N hops". Joe
would call up tech support, me, the owner, etc and complain that
there was N+3 hops and most of them were in our network. I spent much
time explaining things about packet-loss, latency, etc but couldn't
shake his belief that hop count was the only metric that mattered.

Finally, one night he called me at home well after midnight (no, I
didn't give him my home phone number, he looked me up in the
phonebook!) to complain that his gaming was suffering because it was
"too many hops to get out of your network". I finally snapped and
built a static GRE tunnel from the RAS box that he connected to all
over the network -- it was a thing of beauty, it went through almost
every device that we owned and took the most convoluted path I could
come up with. "Yay!", I figured, "now I can demonstrate that latency
is more important than hop count" and I went to bed.

The next morning I get a call from him. He is ecstatic and wildly
impressed by how well the network is working for him now and how
great his gaming performance is. "Oh well", I think, "at least he is
happy and will leave me alone now". I don't document the purpose of
this GRE anywhere and after some time forget about it.

A few months later I am doing some routine cleanup work and stumble
across a weird looking tunnel -- its bizarre, it goes all over the
place and is all kinds of crufty -- there are static routes and
policy routing and bizarre things being done on the RADIUS server to
make sure some user always gets a certain IP... I look in my pile of
notes and old configs and then decide to just yank it out.

That night I get an enraged call (at home again) from Joe *screaming*
that the network is all broken again because it is now way too many
hops to get out of the network and that people keep shooting him...

What I learnt from this:
1: Make sure you document everything (and no, the network isn't
documentation)
2: Gamers are weird.
3: Making changes to your network in anger provides short term
pleasure but long term pain.

http://article.gmane.org/gmane.org.operators.nanog/48735

This entry was originally posted in my livejournal

Выпустили традиционный первоапрельский RFC: The Transmission of IP Datagrams over the Semaphore Flag Signaling System (SFSS). Вяло и скучно: IP over this, IP over that. После RFC 1149 (Standard for the transmission of IP datagrams on Avian Carriers) уже не интересно.

Самый главный первоапрельский RFC - это, безусловно, RFC 1925 (The Twelve Networking Truths). Вечный источник сетевой мудрости, я из него черпаю ежедневно. Ежели кто не читал, очень рекомендую.

Очень хороший RFC - RFC 3251 (Electricity over IP). Замечательная пародия на терминологию, стиль, структуру и идеи большого количества RFC и ID, касающихся MPLS.

RFC 3514 (The Security Flag in the IPv4 Header) и RFC 4041 (Requirements for Morality Sections in Routing Area Drafts) - тоже неплохо. Не так хорошо, как 3251, но довольно изящно.

Пока писал, понял, что занимаюсь рассказыванием анекдотов по номерам: "Анекдот номер 777 мне очень понравился, а 122 показался пошловатым" :)

http://www.merit.edu/mail.archives/nanog/msg05264.html

No transition plan
Declared victory before the hard part even started
No real long term plan
No realistic estimation of costs
No real support for the folk on the front lines
Victory will be next month

Describes:
a - The war in Iraq
b - DNSsec
c - IPv6
d - All of the above

mcast
"When you see a bunch of engineers standing around congratulating themselves for solving some particularly ugly problem in networking, go up to them, whisper "multicast", jump back, and watch the fun begin..."
-- draft-irtf-routing-reqs-groupa

В принципе, мультикаст у нас как бы есть. Но предела совершенству не существует, и попытки улучшить жизнь не прекращаются, благо есть куда. В частности, многие хотят скрестить мультикаст с MPLS. Собственно, от такого сожительства хочется получить три вещи:

> disagreed. (because DNSSEC is coming.)

The operational question is, of course, whether we need to worry about allocating
resources for deploying DNSSEC before or after IPv6. ;)

This entry was originally posted in my livejournal

Хех, вот собственно, и wi-fi появился. Практически халявный.

Нашелся способ дать этому ADPT Telecom'у денег, который в этом отеле wi-fi занимается, без этих дурацких prepaid scratch-карточек, которых в отеле все равно нет. Собственно, все оказалось просто и цивилизованно, как во всяких Европах с Америками - по кредитке. Но тарифы, уууу. 6 евро - полчаса, 10 - час. Удавиться. Решил, что возьму полчасика почту по-человечески прочесть, а там разберемся. Разобрался.

Когда находишься в "отлогиненном" состоянии, они заворачивают 80-ый порт на свою страничку и режут все остальные SYN'ы. Ключевое слово - SYN'ы.

Для тех, кто еще не понял, TCP-соединение, которое установилось до "отлогинивания" продолжает жить. Соответственно, организовался ssh-туннельчик, на том конце дружественный прокси и т.д.

Оказалось, что 6 евро - не так уж и дорого ;)

This entry was originally posted in my livejournal

Back around 1981 I worked in a shop which had just taken delivery on an IBM 8100 system, a "mini-computer" about the size of a washing machine. We had an operator who weighed about 350lb (160Kg), and whenever this guy got within 10' (3m) of the thing it would crash. When the IBM FE came in, a circuit board was found to have a micro-fracture in it. Apparently whenever said operator got close enough, the floor would warp a bit, shifting the box enough to open a gap in the board.

This entry was originally posted in my livejournal

>>configuration known as "collapsed backbone". in this instance, both
>>pairs of fiber ride in the same conduit for some portion of the
>>distance
>
>
>... or even as two wavelengths on the same pair of fibre.
>
>It's a sick, sick, twisted world.


Come on, that is what we call lambda-diversity. In case your fiber fails
to carry, say 1550nm in the middle of the night, you are protected with
your 1590nm lambda.

I don't believe how many people engineer for physical diversity and not
lambda diversity -- and then its too late.

This entry was originally posted in my livejournal