Actually yes, I am suggesting that. The part of MCI that handled Internet routing was not huge. UUnet was not part of Worldcom, etc. I imagine that the tier 1 NSPs are a lot more bogged down with politics today than they ever were 5 years ago and therefore much less able to force a new and likely largely untested protocol through.
Right. I know the order of BGP selection. I was saying that you can (because I have) use the manipulation of your own AS path length to load balance inbound traffic when you are multihomed. So if you announced only/20s out all of your links, you could still load balance inbound traffic using AS path prepending.
By the way, weight is a Cisco proprietary knob. Other vendors obviously don't use it for their BGP selection routines.
I can see BGP being a limiting factor. There are already things about BGP that annoy me because of the simple fact that it is a distance vector protocol. However, I don't share your optimism that things would or could change quickly. The tier 1 NSPs are huge lumbering corporations that probably wouldn't give in to change very easily. Politics often trumps technical recommendations in the corporate world.
If everything was aggregated into/20 or
larger blocks, there would be no practical way to load balance traffic in a multihomed environment (when you have transit through more than one ISP).
How about manipulating AS path lengths via AS prepending? I've had a pretty good amount of experience with this, and though it is not the easiest thing in the world, it works.
BGP isn't working. Well, fortunately, there are a lot of other protocols out there to choose from. When it becomes too costly for everyone to have routers using BGP, people will negotiate the use of other
protocols.
What other routing protocol do you suggest? Frankly I can't think of another routing protocol that is supported by the tier 1 NSPs (UUnet, Sprint, etc) that is meant to be used between two networks when one of them is a tier 1 NSP. Or are you suggesting that the tier 1 NSPs would have to start supporting another protocol? Possible, but not likely for a long while.
DISCLAIMER: If you are planning to vote for Al Gore in November, good for you. Don't let what I'm about to say change your mind because I've been told by all the experts that if you do change your mind based
on what I'm about to say, George W. Bush might win the election...
And why is this again?
It really doesn't matter if I vote for Nader, Gore, Bush, or even Scooby because the electoral votes in my region will vote only one way, often against the public (or at least mine) stance. We can't truly expect our votes to count until the electoral college is dismantled.
Contrary to popular opinion, ADSL also has the "shared-bandwidth" problem, it's just that the bottleneck lies in a different place.
If you're going to extend this argument this far up the stream, then it should be noted that ALL network connections share bandwidth with other users at some point. With any decent ISP, by the time you reach the sharing point with xDSL, the capacity is usually significantly higher than where the sharing point occurs with Cable modems. Cable customers also have to share again with each other at the same point xDSL customers share the first time.
So the central server will act as a relay then? Sounds like they are sacrificing performance for anonymity. Also, if the central server really is relaying the download, doesn't that make the central server liable in some way for transmitting potentially pirated files?
As IRC has already demonstrated time and again, relay systems like that just don't scale.
The obvious answer is to use freenet, which is being built so that even the file TRANSFER is anonymous. You can't see who's downloading from your box. They can't see whose box they're downloading from. With any luck, features like this will work their way into gnutella and mabye even napster in the future.
So is the IP address anonymized as well, so that you can't find the source IP at all (like via netstat or sniffing)? The only way I can see doing this is to force all transfers to go through a central server that would act as a relay and replace the real source IP address with it's own IP address. I'll leave the exerciese as to why that's a bad idea up to the reader.
And if the IP address is not anonymized, then what's the point of anonymizing napster-like nicknames?
I hope this goes to court. It would be a huge victory to open standards.
Only if Andover won. Remember that the US courts are still not very tech savvy and often don't understand the real issues involved, hence we get things like the DMCA.
Ipfilter (ipf on the command line, not ipfw -- although new versions of ipfw are now statefull I'm told) is a statefull firewall because it actually keeps state of TCP connections. Most firewalls will looks at the flags on a TCP connection to see what state they are in (SYN, SYN+ACK, etc) and blindly trust the packet. There are various ways to get around normal firewall rules by exploiting this "feature". Most rules to block access to a certain port will only block TCP connections that have the SYN bit set. What happens if I send a TCP packet to the port without a SYN bit being set in the entire stream? The non-statefull firewall will not block it.
Ipf on the other hand, will keep track of all TCP streams so it knows what state the streams are really in. Yes, it's more overhead, but it's way more accurate, which is arguably more important.
My telco (USWest) spams me all the time via the phone. They're always calling me wanting to sell me caller id, or call waiting caller id when I don't even have call waiting. One time, I got called 4 times within 20 minutes about the exact same offer, and told them "no" every time.
The latest call from them was them wanting to sell me privacy products to screen out unsolicited phone calls. I asked them if it would screen USWest out too, but I guess I was a bit too optomistic.
So while this box does route -- and probably pretty fast -- the 6.4 Tbps number they quote is in fact for switching between interfaces across the backplane. Putting layer3 intelligence on top of this will (most likely) slow things down.
The Lucent NX64000 can route up to 6.4 terabytes per second. IBM and Lucent, together, have achieved over 3 terabytes per fibre.
Since the link you gave is broken, I can't verify this but I believe that the Lucent NX64000 can switch at this speed, not route. There is a huge difference. Try applying an access list to 6.4 terabits (not bytes) per second and process switch it. It doesn't sound too likely to me
but I seem to recall that a couple of years ago PUblic enemy posted their new album in mp3 format on their website for download something like a month before it actually went to stores.
Yeah, and if I recall correctly, their record label eventually forced them to take the mp3s off their web page. Chuck D was not happy about that.
OK, but it's 1 000 times faster than my 1 Mhz C=64 !
Not really. I'd be willing to bet it was more than 1000 times faster than your 1MHz C64. You see, you can't really compare MHz ratings to fairly compare two processers of different architecture in terms of speed. Hz is just the number of clock cycles per second. What really counts is what gets done in each clock cycle. A 500 MHz Alpha will not be the same "speed" as an 500 MHz Pentium III as an 500 MHz G4.
In fact, it is not even really fair to compare the Athlon to the Pentium III in the MHz game to be able to say one is faster, even though they are both x86, because the Athlon can do much more (on average) per clock cycle than the Pentium III, making it an overall faster processer clock per clock.
Recall that Office for the Macintosh is almost always at least one major version behind Office for Windows, and is missing the newest whizbang features that certain people desire.
If this is done intentionally or not, I cannot say, but it is a second rate produce compared to Office for Windows.
Who said I was happy about it? In fact, I'm just the opposite.... I was simply trying to point out that $150,000 houses do not automatically signal a wealthy neighborhood for all.
Slashdot Mirror
Actually yes, I am suggesting that. The part of MCI that handled Internet routing was not huge. UUnet was not part of Worldcom, etc. I imagine that the tier 1 NSPs are a lot more bogged down with politics today than they ever were 5 years ago and therefore much less able to force a new and likely largely untested protocol through.
-B
The tier 1 NSPs weren't huge corporations 5 years ago...at least not on the same scale they are at now.
-B
Right. I know the order of BGP selection. I was saying that you can (because I have) use the manipulation of your own AS path length to load balance inbound traffic when you are multihomed. So if you announced only /20s out all of your links, you could still load balance inbound traffic using AS path prepending.
By the way, weight is a Cisco proprietary knob. Other vendors obviously don't use it for their BGP selection routines.
-BI can see BGP being a limiting factor. There are already things about BGP that annoy me because of the simple fact that it is a distance vector protocol. However, I don't share your optimism that things would or could change quickly. The tier 1 NSPs are huge lumbering corporations that probably wouldn't give in to change very easily. Politics often trumps technical recommendations in the corporate world.
-BIf everything was aggregated into /20 or
larger blocks, there would be no practical way to load balance traffic in a multihomed environment (when you have transit through more than one ISP).
How about manipulating AS path lengths via AS prepending? I've had a pretty good amount of experience with this, and though it is not the easiest thing in the world, it works.
-BBGP isn't working. Well, fortunately, there are a lot of other protocols out there to choose from. When it becomes too costly for everyone to have routers using BGP, people will negotiate the use of other protocols.
What other routing protocol do you suggest? Frankly I can't think of another routing protocol that is supported by the tier 1 NSPs (UUnet, Sprint, etc) that is meant to be used between two networks when one of them is a tier 1 NSP. Or are you suggesting that the tier 1 NSPs would have to start supporting another protocol? Possible, but not likely for a long while.
-BDISCLAIMER: If you are planning to vote for Al Gore in November, good for you. Don't let what I'm about to say change your mind because I've been told by all the experts that if you do change your mind based on what I'm about to say, George W. Bush might win the election...
And why is this again?
It really doesn't matter if I vote for Nader, Gore, Bush, or even Scooby because the electoral votes in my region will vote only one way, often against the public (or at least mine) stance. We can't truly expect our votes to count until the electoral college is dismantled.
-BIf you're going to extend this argument this far up the stream, then it should be noted that ALL network connections share bandwidth with other users at some point. With any decent ISP, by the time you reach the sharing point with xDSL, the capacity is usually significantly higher than where the sharing point occurs with Cable modems. Cable customers also have to share again with each other at the same point xDSL customers share the first time.
-BIn some of the books that are supposed to take place after RotJ, Boba Fett returns. Apparently he found a way out of the Sarlac Pit.
-B
So the central server will act as a relay then? Sounds like they are sacrificing performance for anonymity. Also, if the central server really is relaying the download, doesn't that make the central server liable in some way for transmitting potentially pirated files?
As IRC has already demonstrated time and again, relay systems like that just don't scale.
-B
So is the IP address anonymized as well, so that you can't find the source IP at all (like via netstat or sniffing)? The only way I can see doing this is to force all transfers to go through a central server that would act as a relay and replace the real source IP address with it's own IP address. I'll leave the exerciese as to why that's a bad idea up to the reader.
And if the IP address is not anonymized, then what's the point of anonymizing napster-like nicknames?
-BOnly if Andover won. Remember that the US courts are still not very tech savvy and often don't understand the real issues involved, hence we get things like the DMCA.
-BIpfilter (ipf on the command line, not ipfw -- although new versions of ipfw are now statefull I'm told) is a statefull firewall because it actually keeps state of TCP connections. Most firewalls will looks at the flags on a TCP connection to see what state they are in (SYN, SYN+ACK, etc) and blindly trust the packet. There are various ways to get around normal firewall rules by exploiting this "feature". Most rules to block access to a certain port will only block TCP connections that have the SYN bit set. What happens if I send a TCP packet to the port without a SYN bit being set in the entire stream? The non-statefull firewall will not block it.
Ipf on the other hand, will keep track of all TCP streams so it knows what state the streams are really in. Yes, it's more overhead, but it's way more accurate, which is arguably more important.
-B
My telco (USWest) spams me all the time via the phone. They're always calling me wanting to sell me caller id, or call waiting caller id when I don't even have call waiting. One time, I got called 4 times within 20 minutes about the exact same offer, and told them "no" every time.
The latest call from them was them wanting to sell me privacy products to screen out unsolicited phone calls. I asked them if it would screen USWest out too, but I guess I was a bit too optomistic.
-BThanks for the updated link. It looks like an impressive device, however, the web page states:
The NX64000 innovative switch fabric delivers 6.4 Tbps switch capacity per-chassisSo while this box does route -- and probably pretty fast -- the 6.4 Tbps number they quote is in fact for switching between interfaces across the backplane. Putting layer3 intelligence on top of this will (most likely) slow things down.
-BSince the link you gave is broken, I can't verify this but I believe that the Lucent NX64000 can switch at this speed, not route. There is a huge difference. Try applying an access list to 6.4 terabits (not bytes) per second and process switch it. It doesn't sound too likely to me
-BYeah, and if I recall correctly, their record label eventually forced them to take the mp3s off their web page. Chuck D was not happy about that.
-B-B
(go sour apple!)
This is why win98 only lasted a few days on my computer before I upgraded back to win95.
-BNot really. I'd be willing to bet it was more than 1000 times faster than your 1MHz C64. You see, you can't really compare MHz ratings to fairly compare two processers of different architecture in terms of speed. Hz is just the number of clock cycles per second. What really counts is what gets done in each clock cycle. A 500 MHz Alpha will not be the same "speed" as an 500 MHz Pentium III as an 500 MHz G4.
In fact, it is not even really fair to compare the Athlon to the Pentium III in the MHz game to be able to say one is faster, even though they are both x86, because the Athlon can do much more (on average) per clock cycle than the Pentium III, making it an overall faster processer clock per clock.
-BFor those of you who have no idea what this is about, go here .
And just for fun, also go check this out.
-B
Recall that Office for the Macintosh is almost always at least one major version behind Office for Windows, and is missing the newest whizbang features that certain people desire.
If this is done intentionally or not, I cannot say, but it is a second rate produce compared to Office for Windows.
-B
Not only is the US big brother to the world, it is also the strong arm of the UN.
-B
Who said I was happy about it? In fact, I'm just the opposite.... I was simply trying to point out that $150,000 houses do not automatically signal a wealthy neighborhood for all.
-B
You could just telnet to the nntp port and speak nttp by hand
BTW, doing this effectively turns telnet into your news client, so either way, you're still using one.
-B