Slashdot Mirror

Linode US West is exclusively/entirely hosted in Hurricane Electric's FMT2 (Fremont) datacenter, which has had repeated networking problems and service outages (particularly power-related) throughout the years (i.e. just like FMT1). Dig through the outages.org mailing list archive (and outages-discussion) and you can get an idea of how regular they are. Here's one story in detail.

In short: if going with Linode, pick something other than Linode US West.

Linode US West is exclusively/entirely hosted in Hurricane Electric's FMT2 (Fremont) datacenter, which has had repeated networking problems and service outages (particularly power-related) throughout the years (i.e. just like FMT1). Dig through the outages.org mailing list archive (and outages-discussion) and you can get an idea of how regular they are. Here's one story in detail.

In short: if going with Linode, pick something other than Linode US West.

Linode US West is exclusively/entirely hosted in Hurricane Electric's FMT2 (Fremont) datacenter, which has had repeated networking problems and service outages (particularly power-related) throughout the years (i.e. just like FMT1). Dig through the outages.org mailing list archive (and outages-discussion) and you can get an idea of how regular they are. Here's one story in detail.

In short: if going with Linode, pick something other than Linode US West.

Please consider hurricane electric (he.net) - they have been a great contributor to the community (with their irc.lightning.net servers and their free ipv6 tunnels, etc.) and their bandwidth is $1/megabit.

$600/mo for a full cabinet and 100 megabits/s of bandwidth. And it's not some lame fly by night ... I highly recommend them.

Wrong on so many levels. Hurricane Electric is absolutely fly-by-night. You can read about my experiences as a co-location customer if you wish. And don't try to tell me FMT2 is any better. You can review the outages.org and NANOG mailing lists for recurring problems with HE, but my first link outlines the majority of recurring items that they simply never cared to deal with. Dumping HE and going with a different co-lo provider was the best choice I ever made.

If folks considering co-location in the SF Bay Area want reliability, actual SLAs, and for less money, consider alternatives. If all you want is a 1U box in some random rack and trust other co-lo customers to never steal or fuck with your equipment, go right ahead, choose Hurricane Electric, choose Layer42, choose whoever you wish -- don't blame me when someone unplugs your Ethernet cable, steals a disk from your box, or other nonsense. If there's anything I learned from working in the co-location business over the past 20 years, it's never to trust co-lo users.

Please consider hurricane electric (he.net) - they have been a great contributor to the community (with their irc.lightning.net servers and their free ipv6 tunnels, etc.) and their bandwidth is $1/megabit.

$600/mo for a full cabinet and 100 megabits/s of bandwidth. And it's not some lame fly by night ... I highly recommend them.

Wrong on so many levels. Hurricane Electric is absolutely fly-by-night. You can read about my experiences as a co-location customer if you wish. And don't try to tell me FMT2 is any better. You can review the outages.org and NANOG mailing lists for recurring problems with HE, but my first link outlines the majority of recurring items that they simply never cared to deal with. Dumping HE and going with a different co-lo provider was the best choice I ever made.

If folks considering co-location in the SF Bay Area want reliability, actual SLAs, and for less money, consider alternatives. If all you want is a 1U box in some random rack and trust other co-lo customers to never steal or fuck with your equipment, go right ahead, choose Hurricane Electric, choose Layer42, choose whoever you wish -- don't blame me when someone unplugs your Ethernet cable, steals a disk from your box, or other nonsense. If there's anything I learned from working in the co-location business over the past 20 years, it's never to trust co-lo users.

Currently using that and these other two. But then I only ever wanted secondary service, if possible with NOTIFY support. Someday I'll mail in some cash to these fine folks, as I did with everydns before it got eaten by dyndns.

It would appear they are using the call routing/forwarding feature of Global Crossing's VoIP service, the phone number is their Harrisburg OH point of access. The clever bit is getting the phone number 614-LULZSEC, since 614-585-xxxx is a Global Crossing block.

Document everything you can.
Backup configs, make sure you save them frequently when things are working.
Get a good network management/monitoring package which uses SNMP to monitor the equipment.
Take as many classes and training sessions as you can.
Purchase vendor support for equipment. Cisco TAC is invaluable when the excrement hits the oscillating device. When the network is down, and the boss comes into the server room to ask when it's back up, it's much more comforting to hear that the vendor is helping you investigate the issue than to hear you have no idea what the problem is or when it might be fixed.
Build a lab to test/learn new protocols/ways of doing things. Have a couple servers in there, as well as the same type or smaller versions within the same family. If you're running Cisco 3945 routers in production, a lab with 1720s running 10 year old code doesn't help you troubleshoot production issues or test code upgrades.
A good podcast which covers CCNA/CCNP level topics with examples:
http://www.ciscohandsontraining.com/
How to backup your devices:
http://www.shrubbery.net/rancid/
Netdisco, good tool for network discovery and host tracking
http://www.netdisco.org/
Join and read network mailing lists. NANOG, Cisco-NSP, Juniper-NSP are a good place to start. http://puck.nether.net/mailman/listinfo/ to subscribe to several of those.
Beyond that, good luck. Speaking as someone who has been doing systems/network administration for close to 15 years, you will learn something new every day. If you don't, you're not trying hard enough.

Did you read Cisco's list of vulnerable hardware? It certainly takes a long time to test all of your currently supported hardware, test and release updates for all of them, many of which have multiple supported trains of software support that the fix needs to be rolled in to.

This was recently discussed at the Outages list:

http://64.233.167.104/search?q=cache:gjmRbu02vRUJ:isotf.org/pipermail/outages/2008-June/000754.html+%22Outages+have+an+Outage%3F%22&hl=en&ct=clnk&cd=3&gl=ca&client=firefox-a

They're in the middle of migrating servers or something, so outages.org seems to be down at the moment:

https://puck.nether.net/pipermail/outages/2008-July/000084.html

To be fair, there IS a story here, which is that Cisco only just acknowledged this officially.

Service Provider types (the operators of routers whose successful attack would actually affect anyone in the real world) have been well aware of this. But as others have pointed out, if you don't trust your admins, and you're not running proper logging and a proper audit trail of admin sessions already, you've got bigger problems than this.

(Slashdot's in AS3561)

8 t2c1-p9-0.uk-eal.eu.bt.net (166.49.208.209) 16.189 ms 16.802 ms 15.068 ms
9 t2c1-p5-0-0.us-ash.eu.bt.net (166.49.164.65) 103.232 ms 102.751 ms 102.493 ms
10 cpr2-pos-0-0.VirginiaEquinix.savvis.net (208.173.10.133) 104.467 ms 103.687 ms 105.351 ms
11 er2-tengig2-1.virginiaequinix.savvis.net (204.70.193.102) 104.207 ms 104.050 ms 103.280 ms
12 hr1-tengig8-1.sterling2dc3.savvis.net (204.70.197.81) 108.874 ms 108.533 ms 109.409 ms
MPLS Label 652 TTL=1
13 * * *
14 204.70.196.125 (204.70.196.125) 196.968 ms 264.934 ms 232.841 ms
MPLS Label 16659 TTL=255
15 cr2-loopback.sfo.savvis.net (206.24.210.71) 199.031 ms 345.420 ms 311.107 ms
16 bhr1-pos-0-0.SantaClarasc8.savvis.net (208.172.156.198) 197.105 ms 345.628 ms 311.031 ms
17 csr1-ve240.santaclarasc8.savvis.net (66.35.194.34) 196.651 ms 2413.625 ms 2378.773 ms
18 66.35.212.174 (66.35.212.174) 197.395 ms 341.213 ms 306.301 ms
19 slashdot.org (66.35.250.150) 197.697 ms !5 612.455 ms !5 578.147 ms !5

http://puck.nether.net/rss-0.9.dtd and http://puck.nether.net/rss-0.91.dtd

http://puck.nether.net/rss-0.9.dtd and http://puck.nether.net/rss-0.91.dtd

here

I think you mean Hypnotoad

You must've never seen this

my usual fast Mirror

I have a quick & ugly Solar page with links to the build-it-yourself charge coltroller ($55) and places that have generally reasonable prices on the batteries & panels. Then you can take the voltage and step it to what you need, either up or down. Then you also have a built-in UPS system :)

If you're in Asia use this link.

If you're in Asia use this link.

Yes, folks should feel free to use this (fast host, and i've survivded slashdotting before, easily). Mirror of mp4: Nerd TV MP4 Episode 1

Video and PDF on fast link based in the US. I've survived slashdotting before, go for it ;-)

Video and PDF on fast link based in the US. I've survived slashdotting before, go for it ;-)

An npa/nxx lookup will show where that phone number leads, and it leads to Salinas, California, a city south about 40 miles south of San Jose, which is probably where you should start looking for these folks. Not in Missouri.

I have a open-loop geothermal system at my home. It's used for heating and cooling of the air. It takes water out of my well, which is a moderated temp year round and uses it to transfer the heat into it during the summer, and takes the heat out of the water in the winter.

You can do the same thing with a closed-loop system (you just pump the water in a big circuit of underground pipes). In a closed-loop system you can even use antifreeze (that stuff that transfers the heat out of your engine block and through the heaters in your car) and the system works simiarly to that.

I'm slowly working on converting some of my more sustained power requirements to a solar/battery powered system. I have a simple parts page online that will allow you to start building a small system to operate lighting or other must-need devices (basically, build your own UPS and charge off of solar/wind/whatever DC voltage source you want).

I just got a 700W inverter on sale recently, and have some older car/boat batteries that the previous owner left here. I just ordered a solar charge controller kit, and am going to borrow some 12-24V solar cells from a friend to do some testing.. If it works well, i'm going to expand my cells and get some good batteries to operate some of my necessary devices.

mirror here. The full file is 2,068,115 bytes. It's over half done, and should be finished fairly quickly. I've mirrored other content in the past, so if anyone wants me to host stuff, let me know.. i've been fairly reliable :)

I also have a mirror i'm putting up right now. The file will be here

• UDP Kernel bug that breaks SNMP (eg: mrtg) inside a jail
• ICMP inside jail needs to be split out better to prevent ugly hacks/kernel patches being required
• PostgreSQL needs sysvipc

  /sbin/sysctl -w jail.sysvipc_allowed=1

It lets me and others share a single host that is very beefy (2x2.8G Xeon, 4g ram, 315g raid-5 ultra-320 disk, etc..) on a fast link. The FreeBSD-5 jail subsystem is a bit more refined than that in FreeBSD-4... I'm pondering upgrading the system, but haven't done so yet.. You can also put a small bit of effort into the system and use rsync to keep various (important) system binaries (eg: sshd, sendmail) in-sync across all the systems so they're bug-free if an advisory comes out.. but that's basic sysadmin/patching stuff, not anything jail specific.. but if their jail is r00ted, i don't need to worry about my own files being compromised, unless they get at the 'host' system.. (which runs no services to speak of)...

high speed mirror

I don't have my hands on a 7920 (feel free to send me one ;-) ).

Most do actually. They generally configure themselves via autoconf. Here's an example from one of my systems:
ifconfig -a
vx0: flags=8843 mtu 1500
inet 204.42.254.5 netmask 0xffffffc0 broadcast 204.42.254.63
inet6 fe80::2a0:24ff:fe83:53d8%vx0 prefixlen 64 scopeid 0x1
inet6 2001:418:3f4:0:2a0:24ff:fe83:53d8 prefixlen 64 autoconf
It even has a v6 web server (apache) running on it. (go ahead, try to /. it ;-)

This requires a router that sends autoconf messages (eg: a cisco or juniper router will do) as well as the various autoconf features (router discovery, using a /64 mask, etc..) unless you wish to statically configure your IPv6.

It removes DHCP from the equation. Of course if you're like me and swap out ethernet cards periodically (assuming you're not using the privacy extensions available for starters) you do see your address shift as it's based on the hardware address.

With posts yesterday about IPv6 being enabled by default in longhorn, and me seeing more people starting to ask for IPv6 connectivity (eg: DoD) as well as service offerings picking up, I expect it to become a bit more commonplace.

There are a few issues. Some providers for load balancers have had troubles with dns queries. I've seen my own bank as well as some major router vendors (that have IPv6 offerings) break their servers (ftp, web) periodically for those people who are running dual-stack IPv6 and v4. They just don't understand what this IN AAAA query is, and respond with the wrong error code, or just time out.

This tells me that we're quite some distance away from being able to see IPv6 as truly viable. I also don't see 6to4 tunneling as being viable in the long term either. We're going to see a dual-stack internet and those providers that have been reluctant to enable new technologies are going to continue on their paths until there is a compelling reason to provide the service (eg: lost sales/business, or a marketing reason "don't use XXX's internet service, you won't get access to the FULL [v4 & v6] internet".

Mostly today it's for the (never seen here) geek factor, but in my job at a major ISP, we're seeing increased customer demand for our IPv6 service offering not only here in the US but in Europe and Asia as well.

Vonage also makes the issue very complex. For $ (N*5) I can get a telephone number that is local to N cities where they offer service. Should those telephone numbers be subject to such 911 fees in each locality, or should you only pay once per telephone number? What if you add a vonage fax line, it's never used for voice, are you required to pay for 911 fees on that as well?

I don't see that the PUCs are out to squash VoIP as a threat, just something that will require some rules to be made regarding 911 service availability, and perhaps some far more interesting things to happen, including giving locations of specific IP addresses to emergency responders. If I know that MIT has 18.0.0.0/8, and each subnet is a /16 (for example) and they have the addresses of these buildings available, why not have a registry (oh wait, there is, whois/rwhois.. but) of these available, so vonage can say "here's where that ip is". Obviously a very thorny privacy issue as well, because if everyones favorite 4 leter ?IAA org had access as well, you'd keep your file trading down quite a bit i'm sure :).

Back on topic:
No easy solution here, the PUC's don't care how the telephone service works behind the scenes, be it via POTS, VoIP, just that it works and that the required things are done (eg: 911 service in Minnesota). Vonage can always lobby there that they should be exempt and that whomever they're using (Probally focal, as you can see here: npa nxx lookup) to get their blocks of DIDs from should or is already paying such fees. Hopefully they're paying them to focal, the issue is should it be one fee per DS1 (DID) service, or one fee per number assigned to that T1 trunk.

It's really not that hard to find info. Get Halabi's Internet Routing Architectures book to start with the fundamentals. Then find LISTSERVs for your local IPSs. They're out there, you just have to look. Here are some generic vendor-specific Provider lists: http://puck.nether.net/lists/

To start with, I'd connect with UUNET, as they're everywhere worldwide, easy to work with, and very professional. Once you've been through the process one time, you can work your way through less helpful ISPs.

You might want to look at this. It's a list of NOC contacts for many major providers.

I don't know how up-to-date it is, though.

--